diff options
| author | Taylor Hutt <thutt@chromium.org> | 2012-08-13 11:31:07 -0700 |
|---|---|---|
| committer | Gerrit <chrome-bot@google.com> | 2012-08-15 11:10:37 -0700 |
| commit | 59576e11e5120513f37658628b2b3bbf9827d471 (patch) | |
| tree | c1197748b156955cffd480ea6e733f9c12a6e3c9 | |
| parent | b321dbb6bc819d4b7b5a2831dbda0816d3f772d8 (diff) | |
| download | vboot-59576e11e5120513f37658628b2b3bbf9827d471.tar.gz | |
twostop: Skip kernel verification when built for U-Boot sandbox
It's not yet possible to verify the kernel in an Chromium OS image
with the Sandbox Version of U-Boot due to the lack of keys. For now,
stub out the verification process and behave as if everything is ok:
Sandbox U-Boot is only interested in the selected kernel and boot mode
at this point.
BUG=chromium-os:32603
TEST=With this change, it's possible to get valid answers from
vboot_twostop command with Sanbox U-Boot.
Change-Id: I3b1142889657315675eacd3a1d1448aeee7ccb62
Signed-off-by: Taylor Hutt <thutt@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/30256
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
| -rw-r--r-- | firmware/lib/vboot_kernel.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c index cf97bee5..d1f261d7 100644 --- a/firmware/lib/vboot_kernel.c +++ b/firmware/lib/vboot_kernel.c @@ -265,6 +265,17 @@ VbError_t LoadKernel(LoadKernelParams* params) { goto bad_kernel; } +#if defined(CONFIG_SANDBOX) + /* Silence compiler warnings */ + combined_version = 0; + body_offset = body_offset; + body_offset_sectors = body_offset_sectors; + body_sectors = body_sectors; + kernel_subkey = kernel_subkey; + key_block = key_block; + key_version = key_version; + preamble = preamble; +#else /* Verify the key block. */ key_block = (VbKeyBlockHeader*)kbuf; if (0 != KeyBlockVerify(key_block, KBUF_SIZE, kernel_subkey, 0)) { @@ -435,6 +446,7 @@ VbError_t LoadKernel(LoadKernelParams* params) { /* Done with the kernel signing key, so can free it now */ RSAPublicKeyFree(data_key); data_key = NULL; +#endif /* If we're still here, the kernel is valid. */ /* Save the first good partition we find; that's the one we'll boot */ @@ -451,8 +463,13 @@ VbError_t LoadKernel(LoadKernelParams* params) { GetCurrentKernelUniqueGuid(&gpt, ¶ms->partition_guid); /* TODO: GetCurrentKernelUniqueGuid() should take a destination size, or * the dest should be a struct, so we know it's big enough. */ +#if defined(CONFIG_SANDBOX) + params->bootloader_address = 0; + params->bootloader_size = 0; +#else params->bootloader_address = preamble->bootloader_address; params->bootloader_size = preamble->bootloader_size; +#endif /* Update GPT to note this is the kernel we're trying */ GptUpdateKernelEntry(&gpt, GPT_UPDATE_ENTRY_TRY); |