android_ab: Fixes: Fix backup offset calculation

The backup offset is in bytes, but was incorrectly be interpreted as
blocks, leading to it being written to the wrong location. Fix the
calculation, clarify that ANDROID_AB_BACKUP_OFFSET is in bytes and must
be a multiple of the block size, and add a runtime check to validate the
offset.

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Reviewed-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Fixes: 3430f24bc69d ("android_ab: Try backup booloader_message")
Link: https://lore.kernel.org/r/20240828143924.3987331-1-JPEWhacker@gmail.com
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
diff --git a/boot/android_ab.c b/boot/android_ab.c
index 143f373..1196a18 100644
--- a/boot/android_ab.c
+++ b/boot/android_ab.c
@@ -139,8 +139,13 @@
 {
 	ulong abc_offset, abc_blocks, ret;
 
-	abc_offset = offset +
-		     offsetof(struct bootloader_message_ab, slot_suffix) /
+	if (offset % part_info->blksz) {
+		log_err("ANDROID: offset not block aligned\n");
+		return -EINVAL;
+	}
+
+	abc_offset = (offset +
+		      offsetof(struct bootloader_message_ab, slot_suffix)) /
 		     part_info->blksz;
 	abc_blocks = DIV_ROUND_UP(sizeof(struct bootloader_control),
 				  part_info->blksz);
diff --git a/common/Kconfig b/common/Kconfig
index 83c81ed..e1b8557 100644
--- a/common/Kconfig
+++ b/common/Kconfig
@@ -986,7 +986,8 @@
 	help
 	  If non-zero, a backup bootloader message starting at this offset in
 	  the partition will tried in the event that the primary one (starting
-	  at offset 0) fails its checksum.
+	  at offset 0) fails its checksum. The offset is in bytes and must be
+	  multiple of the block size.
 
 endmenu