On Thu, 2025-10-23 at 09:24 -0500, Andrew Davis wrote: > On 10/23/25 4:46 AM, Philippe Schenker wrote: > > From: Philippe Schenker <[email protected]> > > > > The ti_secure_image_check() function may relocate the image during > > authentication, updating image_addr to point to the verified > > location. > > The caller was not updated with this new address, causing it to > > reference the original unverified location. > > > > Update p_image with the verified image address after authentication > > to ensure subsequent operations use the correct location. > > > > Signed-off-by: Philippe Schenker <[email protected]> > > --- > > Seems reasonable, > > Acked-by: Andrew Davis <[email protected]> > > BTW, did you actually run into an issue with having a binary moved > by the authentication, or was this found some other way? Normally > binaries don't move (but they can, so this is still valid). Thanks for your acked-by's! Sorry forgot to answer and just now saw it again. Yes I ran into an issue where I have a signed elf file. The step of loading the elf file was failing because the pointer still pointing to the signature. Philippe > > > > > arch/arm/mach-k3/security.c | 2 ++ > > 1 file changed, 2 insertions(+) > > > > diff --git a/arch/arm/mach-k3/security.c b/arch/arm/mach- > > k3/security.c > > index 3468a370a455..9255505a7944 100644 > > --- a/arch/arm/mach-k3/security.c > > +++ b/arch/arm/mach-k3/security.c > > @@ -119,6 +119,8 @@ void ti_secure_image_post_process(void > > **p_image, size_t *p_size) > > */ > > *p_size = image_size; > > > > + *p_image = (void *)image_addr; > > + > > /* > > * Output notification of successful authentication to re-assure > > the > > * user that the secure code is being processed as expected. > > However
