FWU: Fix secure memory check in image auth

The implementation of FWU_SMC_IMAGE_AUTH performs a number of pre-condition checks before authenticating the image. One of these checks calls `bl1_plat_mem_check()` to ensure the image source is mapped in when authenticating an image in place. The framework incorrectly passes the security state of the caller into this function instead of the security state of the source image. This patch corrects the defect. The defect would only manifest itself for secure world callers authenticating non-secure images in place, which is not done by current upstream platforms. Change-Id: I617c7b43e02ac7149f266aeaf3874316e62f3003
author: Dan Handley <dan.handley@arm.com> 2015-12-14 16:26:43 +0000
committer: Dan Handley <dan.handley@arm.com> 2015-12-14 16:26:43 +0000
commit: 03131c85ada8a0956f91bb2fc6851666e3996797 (patch)
tree: a300ef95cb7c4324861874edf6a00c0c4a69eded /bl1
parent: a84deb9c3fe5396d580b695acc09a75d67332559 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/bl1/bl1_fwu.c b/bl1/bl1_fwu.c
index f8b414e3..05759212 100644
--- a/bl1/bl1_fwu.c
+++ b/bl1/bl1_fwu.c
@@ -298,7 +298,8 @@ static int bl1_fwu_image_auth(unsigned int image_id,
 		 * Image is in RESET state.
 		 * Check the parameters and authenticate the source image in place.
 		 */
-		if (bl1_plat_mem_check(image_src, image_size, flags)) {
+		if (bl1_plat_mem_check(image_src, image_size,	\
+					image_desc->ep_info.h.attr)) {
 			WARN("BL1-FWU: Authentication arguments source/size not mapped\n");
 			return -ENOMEM;
 		}
author	Dan Handley <dan.handley@arm.com>	2015-12-14 16:26:43 +0000
committer	Dan Handley <dan.handley@arm.com>	2015-12-14 16:26:43 +0000
commit	03131c85ada8a0956f91bb2fc6851666e3996797 (patch)
tree	a300ef95cb7c4324861874edf6a00c0c4a69eded /bl1
parent	a84deb9c3fe5396d580b695acc09a75d67332559 (diff)