On 10/23/25 4:46 AM, Philippe Schenker wrote:
From: Philippe Schenker <[email protected]>
The ti_secure_image_check() function may relocate the image during
authentication, updating image_addr to point to the verified location.
The caller was not updated with this new address, causing it to
reference the original unverified location.
Update p_image with the verified image address after authentication
to ensure subsequent operations use the correct location.
Signed-off-by: Philippe Schenker <[email protected]>
---
Seems reasonable,
Acked-by: Andrew Davis <[email protected]>
BTW, did you actually run into an issue with having a binary moved
by the authentication, or was this found some other way? Normally
binaries don't move (but they can, so this is still valid).
arch/arm/mach-k3/security.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/arm/mach-k3/security.c b/arch/arm/mach-k3/security.c
index 3468a370a455..9255505a7944 100644
--- a/arch/arm/mach-k3/security.c
+++ b/arch/arm/mach-k3/security.c
@@ -119,6 +119,8 @@ void ti_secure_image_post_process(void **p_image, size_t
*p_size)
*/
*p_size = image_size;
+ *p_image = (void *)image_addr;
+
/*
* Output notification of successful authentication to re-assure the
* user that the secure code is being processed as expected. However
