summaryrefslogtreecommitdiff
path: root/lib/efi_loader
diff options
context:
space:
mode:
authorSimon Glass <sjg@chromium.org>2021-02-15 17:08:10 -0700
committerTom Rini <trini@konsulko.com>2021-02-15 22:31:53 -0500
commit6f3c2d8aa5e6cbd80b5e869bbbddecb66c329d01 (patch)
tree44a5f450549070b7b1929380202f61c852ad54d1 /lib/efi_loader
parentc5819701a3de61e2ba2ef7ad0b616565b32305e5 (diff)
image: Add an option to do a full check of the FIT
Some strange modifications of the FIT can introduce security risks. Add an option to check it thoroughly, using libfdt's fdt_check_full() function. Enable this by default if signature verification is enabled. CVE-2021-27097 Signed-off-by: Simon Glass <sjg@chromium.org> Reported-by: Bruce Monroe <bruce.monroe@intel.com> Reported-by: Arie Haenel <arie.haenel@intel.com> Reported-by: Julien Lenoir <julien.lenoir@intel.com>
Diffstat (limited to 'lib/efi_loader')
0 files changed, 0 insertions, 0 deletions