diff options
| author | dnojiri <dnojiri@chromium.org> | 2020-04-16 17:11:52 -0700 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2020-04-18 02:51:10 +0000 |
| commit | 7ea99225b562b49b30fc374065f9dd48ed52f70d (patch) | |
| tree | e995046a1e1085aada7155d3d7cb9f5c59a512c1 | |
| parent | fdd5d7a00496eff6c413fab5cd538f71e1470af1 (diff) | |
| download | vboot-7ea99225b562b49b30fc374065f9dd48ed52f70d.tar.gz | |
secdata: Initialize secdata kernel in vb2api_fw_phase1
Currently, secdata kernel is initialized in vb2api_kernel_phase1.
Since we'll be using secdata kernel in romstage for EFS2, it
needs to be initialized earlier.
This patch makes vb2api_fw_phase1 call vb2_secdata_kernel_init.
Signed-off-by: dnojiri <dnojiri@chromium.org>
BUG=b:147298634, chromium:1045217, b:148259137
BRANCH=none
TEST=Verify Hmir is updated in romstage on Puff.
Cq-Depend: chromium:2155377
Change-Id: I8a537126a952ecccc9cc496ce60fc6dc81541a8f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2153852
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Daisuke Nojiri <dnojiri@chromium.org>
Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
Auto-Submit: Daisuke Nojiri <dnojiri@chromium.org>
| -rw-r--r-- | firmware/2lib/2api.c | 6 | ||||
| -rw-r--r-- | firmware/2lib/2kernel.c | 10 | ||||
| -rw-r--r-- | tests/vb20_verify_fw.c | 1 | ||||
| -rw-r--r-- | tests/vb2_api_tests.c | 17 | ||||
| -rw-r--r-- | tests/vb2_kernel_tests.c | 21 | ||||
| -rw-r--r-- | tests/vboot_api_kernel4_tests.c | 5 |
6 files changed, 24 insertions, 36 deletions
diff --git a/firmware/2lib/2api.c b/firmware/2lib/2api.c index 4492cf93..d49b8d31 100644 --- a/firmware/2lib/2api.c +++ b/firmware/2lib/2api.c @@ -46,11 +46,15 @@ vb2_error_t vb2api_fw_phase1(struct vb2_context *ctx) return VB2_ERROR_API_PHASE1_SECDATA_REBOOT; } - /* Initialize firmware secure data */ + /* Initialize firmware & kernel secure data */ rv = vb2_secdata_firmware_init(ctx); if (rv) vb2api_fail(ctx, VB2_RECOVERY_SECDATA_FIRMWARE_INIT, rv); + rv = vb2_secdata_kernel_init(ctx); + if (rv) + vb2api_fail(ctx, VB2_RECOVERY_SECDATA_KERNEL_INIT, rv); + /* Load and parse the GBB header */ rv = vb2_fw_init_gbb(ctx); if (rv) diff --git a/firmware/2lib/2kernel.c b/firmware/2lib/2kernel.c index f49b6dea..84c90d70 100644 --- a/firmware/2lib/2kernel.c +++ b/firmware/2lib/2kernel.c @@ -131,16 +131,10 @@ vb2_error_t vb2api_kernel_phase1(struct vb2_context *ctx) vb2_workbuf_from_ctx(ctx, &wb); /* - * Init secdata_kernel and secdata_fwmp spaces. No need to init - * secdata_firmware, since it was already read during firmware + * Init secdata_fwmp spaces. No need to init secdata_firmware or + * secdata_kernel, since they were already read during firmware * verification. Ignore errors in recovery mode. */ - rv = vb2_secdata_kernel_init(ctx); - if (rv && !(ctx->flags & VB2_CONTEXT_RECOVERY_MODE)) { - VB2_DEBUG("TPM: init secdata_kernel returned %#x\n", rv); - vb2api_fail(ctx, VB2_RECOVERY_SECDATA_KERNEL_INIT, rv); - return rv; - } rv = vb2_secdata_fwmp_init(ctx); if (rv && !(ctx->flags & VB2_CONTEXT_RECOVERY_MODE)) { VB2_DEBUG("TPM: init secdata_fwmp returned %#x\n", rv); diff --git a/tests/vb20_verify_fw.c b/tests/vb20_verify_fw.c index e2a54718..f732b8b2 100644 --- a/tests/vb20_verify_fw.c +++ b/tests/vb20_verify_fw.c @@ -176,6 +176,7 @@ int main(int argc, char *argv[]) /* Initialize secure context */ vb2api_secdata_firmware_create(ctx); + vb2api_secdata_kernel_create(ctx); // TODO: optional args to set contents for nvdata, secdata? diff --git a/tests/vb2_api_tests.c b/tests/vb2_api_tests.c index 50bdf742..a03a0041 100644 --- a/tests/vb2_api_tests.c +++ b/tests/vb2_api_tests.c @@ -79,7 +79,8 @@ static void reset_common_data(enum reset_type t) vb2_nv_init(ctx); vb2api_secdata_firmware_create(ctx); - vb2_secdata_firmware_init(ctx); + + vb2api_secdata_kernel_create(ctx); force_dev_mode = 0; retval_vb2_fw_init_gbb = VB2_SUCCESS; @@ -352,6 +353,10 @@ static void phase1_tests(void) 0, " display init context flag"); TEST_EQ(sd->flags & VB2_SD_FLAG_DISPLAY_AVAILABLE, 0, " display available SD flag"); + TEST_NEQ(sd->status & VB2_SD_STATUS_SECDATA_FIRMWARE_INIT, + 0, " secdata firmware initialized"); + TEST_NEQ(sd->status & VB2_SD_STATUS_SECDATA_KERNEL_INIT, + 0, " secdata kernel initialized"); reset_common_data(FOR_MISC); retval_vb2_fw_init_gbb = VB2_ERROR_GBB_MAGIC; @@ -392,6 +397,16 @@ static void phase1_tests(void) TEST_NEQ(ctx->flags & VB2_CONTEXT_RECOVERY_MODE, 0, " recovery flag"); TEST_NEQ(ctx->flags & VB2_CONTEXT_CLEAR_RAM, 0, " clear ram flag"); + /* Bad secdata_kernel causes recovery mode */ + reset_common_data(FOR_MISC); + ctx->secdata_kernel[2] ^= 0x42; /* 3rd byte is CRC */ + TEST_EQ(vb2api_fw_phase1(ctx), VB2_ERROR_API_PHASE1_RECOVERY, + "phase1 bad secdata_kernel"); + TEST_EQ(sd->recovery_reason, VB2_RECOVERY_SECDATA_KERNEL_INIT, + " recovery reason"); + TEST_NEQ(ctx->flags & VB2_CONTEXT_RECOVERY_MODE, 0, " recovery flag"); + TEST_NEQ(ctx->flags & VB2_CONTEXT_CLEAR_RAM, 0, " clear ram flag"); + /* Test secdata_firmware-requested reboot */ reset_common_data(FOR_MISC); ctx->flags |= VB2_CONTEXT_SECDATA_WANTS_REBOOT; diff --git a/tests/vb2_kernel_tests.c b/tests/vb2_kernel_tests.c index 0117f97c..d92f1591 100644 --- a/tests/vb2_kernel_tests.c +++ b/tests/vb2_kernel_tests.c @@ -99,11 +99,6 @@ static void reset_common_data(enum reset_type t) sd->preamble_size = sizeof(*fwpre) + k->key_size; vb2_set_workbuf_used(ctx, sd->preamble_offset + sd->preamble_size); - - /* Needed to check that secdata_kernel initialization is - performed by phase1 function. */ - sd->status &= ~VB2_SD_STATUS_SECDATA_KERNEL_INIT; - } }; @@ -219,22 +214,6 @@ static void phase1_tests(void) TEST_EQ(sd->kernel_version_secdata, 0x20002, " secdata_kernel version"); - /* Bad secdata_kernel causes failure in normal mode only */ - reset_common_data(FOR_PHASE1); - ctx->secdata_kernel[2] ^= 0x33; /* 3rd byte is CRC */ - TEST_EQ(vb2api_kernel_phase1(ctx), VB2_ERROR_SECDATA_KERNEL_CRC, - "phase1 bad secdata_kernel"); - TEST_EQ(vb2_nv_get(ctx, VB2_NV_RECOVERY_REQUEST), - VB2_RECOVERY_SECDATA_KERNEL_INIT, " recovery reason"); - - reset_common_data(FOR_PHASE1); - ctx->secdata_kernel[0] ^= 0x33; - ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; - TEST_SUCC(vb2api_kernel_phase1(ctx), "phase1 bad secdata_kernel rec"); - TEST_EQ(sd->kernel_version_secdata, 0, " secdata_kernel version"); - TEST_EQ(vb2_nv_get(ctx, VB2_NV_RECOVERY_REQUEST), - VB2_RECOVERY_NOT_REQUESTED, " no recovery"); - /* Bad secdata_fwmp causes failure in normal mode only */ reset_common_data(FOR_PHASE1); mock_secdata_fwmp_check_retval = VB2_ERROR_SECDATA_FWMP_CRC; diff --git a/tests/vboot_api_kernel4_tests.c b/tests/vboot_api_kernel4_tests.c index de4688b0..12a89af4 100644 --- a/tests/vboot_api_kernel4_tests.c +++ b/tests/vboot_api_kernel4_tests.c @@ -109,11 +109,6 @@ vb2_error_t vb2ex_commit_data(struct vb2_context *c) return VB2_SUCCESS; } -vb2_error_t vb2_secdata_kernel_init(struct vb2_context *c) -{ - return secdata_kernel_init_retval; -} - vb2_error_t vb2_secdata_fwmp_init(struct vb2_context *c) { return secdata_fwmp_init_retval; |