diff options
author | Joel Kitching <kitching@google.com> | 2019-10-07 16:42:29 +0800 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2019-12-21 01:04:47 +0000 |
commit | 568b7b0d8abab0706b1b1a020747961f1ce09cc5 (patch) | |
tree | 821521a76b0c49bf965087f7edbc4143e5168b47 | |
parent | 7af82fb3b4f5a0afd080b9bc9e5002884ac26808 (diff) | |
download | vboot-568b7b0d8abab0706b1b1a020747961f1ce09cc5.tar.gz |
vboot: remove VerifyVmlinuzInsideKBlob function
Replace the use of VerifyVmlinuzInsideKBlob with vboot2-style
vb2_verify_member_inside.
BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none
Change-Id: I2ffb52a4e7d7b93b2512923145db5f6ff4f3dfd5
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1844599
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
-rw-r--r-- | firmware/lib/include/vboot_common.h | 8 | ||||
-rw-r--r-- | firmware/lib/vboot_common.c | 14 | ||||
-rw-r--r-- | futility/cmd_vbutil_kernel.c | 9 |
3 files changed, 5 insertions, 26 deletions
diff --git a/firmware/lib/include/vboot_common.h b/firmware/lib/include/vboot_common.h index 6851f2f0..944ce352 100644 --- a/firmware/lib/include/vboot_common.h +++ b/firmware/lib/include/vboot_common.h @@ -26,12 +26,4 @@ void PublicKeyInit(struct vb2_packed_key *key, int PublicKeyCopy(struct vb2_packed_key *dest, const struct vb2_packed_key *src); -/** - * Verify that the Vmlinuz Header is contained inside of the kernel blob. - * - * Returns VB2_SUCCESS or VBOOT_PREAMBLE_INVALID on error - */ -vb2_error_t VerifyVmlinuzInsideKBlob(uint64_t kblob, uint64_t kblob_size, - uint64_t header, uint64_t header_size); - #endif /* VBOOT_REFERENCE_VBOOT_COMMON_H_ */ diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c index f7e83803..ee2c9134 100644 --- a/firmware/lib/vboot_common.c +++ b/firmware/lib/vboot_common.c @@ -37,17 +37,3 @@ int PublicKeyCopy(struct vb2_packed_key *dest, const struct vb2_packed_key *src) src->key_size); return 0; } - -vb2_error_t VerifyVmlinuzInsideKBlob(uint64_t kblob, uint64_t kblob_size, - uint64_t header, uint64_t header_size) -{ - uint64_t end = header-kblob; - if (end > kblob_size) - return VBOOT_PREAMBLE_INVALID; - if (UINT64_MAX - end < header_size) - return VBOOT_PREAMBLE_INVALID; - if (end + header_size > kblob_size) - return VBOOT_PREAMBLE_INVALID; - - return VB2_SUCCESS; -} diff --git a/futility/cmd_vbutil_kernel.c b/futility/cmd_vbutil_kernel.c index aeb6da61..a0c001ac 100644 --- a/futility/cmd_vbutil_kernel.c +++ b/futility/cmd_vbutil_kernel.c @@ -604,10 +604,11 @@ static int do_vbutil_kernel(int argc, char *argv[]) // verify that the 16-bit header is included in the // kblob (to make sure that it's included in the // signature) - if (VerifyVmlinuzInsideKBlob(preamble->body_load_address, - kblob_size, - vmlinuz_header_address, - vmlinuz_header_size)) { + if (vb2_verify_member_inside( + (void *)preamble->body_load_address, + kblob_size, + (void *)vmlinuz_header_address, + vmlinuz_header_size, 0, 0)) { fclose(f); unlink(vmlinuz_out_file); FATAL("Vmlinuz header not signed!\n"); |