vboot/vboot_kernel: remove unused VbSharedDataKernelPart

This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.

BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none

Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Iab177cce688425c3cfd051e5d211c64cc60a4e4c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2759817
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>

2 files changed, 5 insertions, 99 deletions

diff --git a/firmware/lib/include/vboot_kernel.h b/firmware/lib/include/vboot_kernel.h
index ea4c1b24..2d3ebad9 100644
--- a/firmware/lib/include/vboot_kernel.h
+++ b/firmware/lib/include/vboot_kernel.h
@@ -16,49 +16,6 @@
 
 struct vb2_context;
 
-/* Flags for VbSharedDataKernelPart.flags */
-#define VBSD_LKP_FLAG_KEYBLOCK_VALID   0x01
-
-/* Result codes for VbSharedDataKernelPart.check_result */
-#define VBSD_LKP_CHECK_NOT_DONE           0
-#define VBSD_LKP_CHECK_TOO_SMALL          1
-#define VBSD_LKP_CHECK_READ_START         2
-#define VBSD_LKP_CHECK_KEYBLOCK_SIG      3
-#define VBSD_LKP_CHECK_KEYBLOCK_HASH     4
-#define VBSD_LKP_CHECK_DEV_MISMATCH       5
-#define VBSD_LKP_CHECK_REC_MISMATCH       6
-#define VBSD_LKP_CHECK_KEY_ROLLBACK       7
-#define VBSD_LKP_CHECK_DATA_KEY_PARSE     8
-#define VBSD_LKP_CHECK_VERIFY_PREAMBLE    9
-#define VBSD_LKP_CHECK_KERNEL_ROLLBACK    10
-#define VBSD_LKP_CHECK_PREAMBLE_VALID     11
-/*
- * Body load address check is omitted; this result code is deprecated and not
- * used anywhere in the codebase.
- */
-#define VBSD_LKP_CHECK_BODY_ADDRESS       12
-#define VBSD_LKP_CHECK_BODY_OFFSET        13
-#define VBSD_LKP_CHECK_SELF_SIGNED        14
-#define VBSD_LKP_CHECK_BODY_EXCEEDS_MEM   15
-#define VBSD_LKP_CHECK_BODY_EXCEEDS_PART  16
-#define VBSD_LKP_CHECK_READ_DATA          17
-#define VBSD_LKP_CHECK_VERIFY_DATA        18
-#define VBSD_LKP_CHECK_KERNEL_GOOD        19
-
-/* Information about a single kernel partition check in LoadKernel() */
-typedef struct VbSharedDataKernelPart {
-	uint64_t sector_start;     /* Start sector of partition */
-	uint64_t sector_count;     /* Sector count of partition */
-	uint32_t combined_version; /* Combined key+kernel version */
-	uint8_t gpt_index;         /* Index of partition in GPT */
-	uint8_t check_result;      /* Check result; see VBSD_LKP_CHECK_* */
-	uint8_t flags;             /* Flags (see VBSD_LKP_FLAG_* */
-	uint8_t reserved0;         /* Reserved for padding */
-} VbSharedDataKernelPart;
-
-/* Number of kernel partitions to track per call.  Must be power of 2. */
-#define VBSD_MAX_KERNEL_PARTS 8
-
 /* Result codes for VbSharedDataKernelCall.check_result */
 #define VBSD_LKC_CHECK_NOT_DONE            0
 #define VBSD_LKC_CHECK_DEV_SWITCH_MISMATCH 1
@@ -87,9 +44,7 @@ typedef struct VbSharedDataKernelCall {
 	/* Number of kernel partitions found */
 	uint8_t kernel_parts_found;
 	/* Reserved for padding */
-	uint8_t reserved0[7];
-	/* Data on kernels */
-	VbSharedDataKernelPart parts[VBSD_MAX_KERNEL_PARTS];
+	uint8_t reserved0[199];
 } VbSharedDataKernelCall;
 
 /**
diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c
index d4204078..34898706 100644
--- a/firmware/lib/vboot_kernel.c
+++ b/firmware/lib/vboot_kernel.c
@@ -125,7 +125,6 @@ static uint32_t get_body_offset(uint8_t *kbuf)
  * @param kbuf		Buffer containing the vblock
  * @param kbuf_size	Size of the buffer in bytes
  * @param kernel_subkey	Packed kernel subkey to use in validating keyblock
- * @param shpart	Destination for verification results
  * @param wb		Work buffer.  Must be at least
  *			VB2_VERIFY_KERNEL_PREAMBLE_WORKBUF_BYTES bytes.
  * @return VB2_SUCCESS, or non-zero error code.
@@ -133,7 +132,7 @@ static uint32_t get_body_offset(uint8_t *kbuf)
 static vb2_error_t vb2_verify_kernel_vblock(
 	struct vb2_context *ctx, uint8_t *kbuf, uint32_t kbuf_size,
 	const struct vb2_packed_key *kernel_subkey,
-	VbSharedDataKernelPart *shpart, struct vb2_workbuf *wb)
+	struct vb2_workbuf *wb)
 {
 	struct vb2_shared_data *sd = vb2_get_sd(ctx);
 
@@ -164,13 +163,11 @@ static vb2_error_t vb2_verify_kernel_vblock(
 	rv = vb2_verify_keyblock(keyblock, kbuf_size, &kernel_subkey2, wb);
 	if (rv) {
 		VB2_DEBUG("Verifying keyblock signature failed.\n");
-		shpart->check_result = VBSD_LKP_CHECK_KEYBLOCK_SIG;
 		keyblock_valid = 0;
 
 		/* Check if we must have an officially signed kernel */
 		if (need_keyblock_valid) {
 			VB2_DEBUG("Self-signed kernels not enabled.\n");
-			shpart->check_result = VBSD_LKP_CHECK_SELF_SIGNED;
 			return rv;
 		}
 
@@ -178,7 +175,6 @@ static vb2_error_t vb2_verify_kernel_vblock(
 		rv = vb2_verify_keyblock_hash(keyblock, kbuf_size, wb);
 		if (rv) {
 			VB2_DEBUG("Verifying keyblock hash failed.\n");
-			shpart->check_result = VBSD_LKP_CHECK_KEYBLOCK_HASH;
 			return rv;
 		}
 	}
@@ -189,7 +185,6 @@ static vb2_error_t vb2_verify_kernel_vblock(
 	       VB2_KEYBLOCK_FLAG_DEVELOPER_1 :
 	       VB2_KEYBLOCK_FLAG_DEVELOPER_0))) {
 		VB2_DEBUG("Keyblock developer flag mismatch.\n");
-		shpart->check_result = VBSD_LKP_CHECK_DEV_MISMATCH;
 		keyblock_valid = 0;
 		if (need_keyblock_valid)
 			return VB2_ERROR_KERNEL_KEYBLOCK_DEV_FLAG;
@@ -199,7 +194,6 @@ static vb2_error_t vb2_verify_kernel_vblock(
 	       VB2_KEYBLOCK_FLAG_RECOVERY_1 :
 	       VB2_KEYBLOCK_FLAG_RECOVERY_0))) {
 		VB2_DEBUG("Keyblock recovery flag mismatch.\n");
-		shpart->check_result = VBSD_LKP_CHECK_REC_MISMATCH;
 		keyblock_valid = 0;
 		if (need_keyblock_valid)
 			return VB2_ERROR_KERNEL_KEYBLOCK_REC_FLAG;
@@ -211,7 +205,6 @@ static vb2_error_t vb2_verify_kernel_vblock(
 	if (boot_mode != VB2_BOOT_MODE_RECOVERY) {
 		if (key_version < (sd->kernel_version_secdata >> 16)) {
 			VB2_DEBUG("Key version too old.\n");
-			shpart->check_result = VBSD_LKP_CHECK_KEY_ROLLBACK;
 			keyblock_valid = 0;
 			if (need_keyblock_valid)
 				return VB2_ERROR_KERNEL_KEYBLOCK_VERSION_ROLLBACK;
@@ -223,7 +216,6 @@ static vb2_error_t vb2_verify_kernel_vblock(
 			 * properly.
 			 */
 			VB2_DEBUG("Key version > 0xFFFF.\n");
-			shpart->check_result = VBSD_LKP_CHECK_KEY_ROLLBACK;
 			keyblock_valid = 0;
 			if (need_keyblock_valid)
 				return VB2_ERROR_KERNEL_KEYBLOCK_VERSION_RANGE;
@@ -280,7 +272,6 @@ static vb2_error_t vb2_verify_kernel_vblock(
 	rv = vb2_unpack_key(&data_key, &keyblock->data_key);
 	if (rv) {
 		VB2_DEBUG("Unable to unpack kernel data key\n");
-		shpart->check_result = VBSD_LKP_CHECK_DATA_KEY_PARSE;
 		return rv;
 	}
 
@@ -292,7 +283,6 @@ static vb2_error_t vb2_verify_kernel_vblock(
 					wb);
 	if (rv) {
 		VB2_DEBUG("Preamble verification failed.\n");
-		shpart->check_result = VBSD_LKP_CHECK_VERIFY_PREAMBLE;
 		return rv;
 	}
 
@@ -305,22 +295,16 @@ static vb2_error_t vb2_verify_kernel_vblock(
 
 	/* Combine with the key version. */
 	sd->kernel_version = key_version << 16 | preamble->kernel_version;
-	shpart->combined_version = sd->kernel_version;
 
 	/* If not in recovery mode, check for rollback of the kernel version. */
 	if (need_keyblock_valid &&
 	    boot_mode != VB2_BOOT_MODE_RECOVERY &&
 	    sd->kernel_version < sd->kernel_version_secdata) {
 		VB2_DEBUG("Kernel version too low.\n");
-		shpart->check_result = VBSD_LKP_CHECK_KERNEL_ROLLBACK;
 		return VB2_ERROR_KERNEL_PREAMBLE_VERSION_ROLLBACK;
 	}
 
 	VB2_DEBUG("Kernel preamble is good.\n");
-	shpart->check_result = VBSD_LKP_CHECK_PREAMBLE_VALID;
-	if (keyblock_valid)
-		shpart->flags |= VBSD_LKP_FLAG_KEYBLOCK_VALID;
-
 	return VB2_SUCCESS;
 }
 
@@ -343,7 +327,6 @@ enum vb2_load_partition_flags {
  * @param kernel_subkey	Key to use to verify vblock
  * @param flags		Flags (one or more of vb2_load_partition_flags)
  * @param params	Load-kernel parameters
- * @param shpart	Destination for verification results
  * @param wb            Workbuf for data storage
  * @return VB2_SUCCESS, or non-zero error code.
  */
@@ -351,7 +334,7 @@ static vb2_error_t vb2_load_partition(
 	struct vb2_context *ctx, VbExStream_t stream,
 	const struct vb2_packed_key *kernel_subkey, uint32_t flags,
 	LoadKernelParams *params,
-	VbSharedDataKernelPart *shpart, struct vb2_workbuf *wb)
+	struct vb2_workbuf *wb)
 {
 	uint32_t read_ms = 0, start_ts;
 	struct vb2_workbuf wblocal = *wb;
@@ -364,14 +347,13 @@ static vb2_error_t vb2_load_partition(
 	start_ts = vb2ex_mtime();
 	if (VbExStreamRead(stream, KBUF_SIZE, kbuf)) {
 		VB2_DEBUG("Unable to read start of partition.\n");
-		shpart->check_result = VBSD_LKP_CHECK_READ_START;
 		return VB2_ERROR_LOAD_PARTITION_READ_VBLOCK;
 	}
 	read_ms += vb2ex_mtime() - start_ts;
 
 	if (VB2_SUCCESS !=
 	    vb2_verify_kernel_vblock(ctx, kbuf, KBUF_SIZE, kernel_subkey,
-				     shpart, &wblocal)) {
+				     &wblocal)) {
 		return VB2_ERROR_LOAD_PARTITION_VERIFY_VBLOCK;
 	}
 
@@ -390,7 +372,6 @@ static vb2_error_t vb2_load_partition(
 	 */
 	uint32_t body_offset = get_body_offset(kbuf);
 	if (body_offset > KBUF_SIZE) {
-		shpart->check_result = VBSD_LKP_CHECK_BODY_OFFSET;
 		VB2_DEBUG("Kernel body offset is %u > 64KB.\n", body_offset);
 		return VB2_ERROR_LOAD_PARTITION_BODY_OFFSET;
 	}
@@ -403,7 +384,6 @@ static vb2_error_t vb2_load_partition(
 		kernbuf_size = preamble->body_signature.data_size;
 	} else if (preamble->body_signature.data_size > kernbuf_size) {
 		VB2_DEBUG("Kernel body doesn't fit in memory.\n");
-		shpart->check_result = VBSD_LKP_CHECK_BODY_EXCEEDS_MEM;
 		return 	VB2_ERROR_LOAD_PARTITION_BODY_SIZE;
 	}
 
@@ -425,7 +405,6 @@ static vb2_error_t vb2_load_partition(
 	start_ts = vb2ex_mtime();
 	if (body_toread && VbExStreamRead(stream, body_toread, body_readptr)) {
 		VB2_DEBUG("Unable to read kernel data.\n");
-		shpart->check_result = VBSD_LKP_CHECK_READ_DATA;
 		return VB2_ERROR_LOAD_PARTITION_READ_BODY;
 	}
 	read_ms += vb2ex_mtime() - start_ts;
@@ -440,7 +419,6 @@ static vb2_error_t vb2_load_partition(
 	struct vb2_public_key data_key;
 	if (VB2_SUCCESS != vb2_unpack_key(&data_key, &keyblock->data_key)) {
 		VB2_DEBUG("Unable to unpack kernel data key\n");
-		shpart->check_result = VBSD_LKP_CHECK_DATA_KEY_PARSE;
 		return VB2_ERROR_LOAD_PARTITION_DATA_KEY;
 	}
 
@@ -452,13 +430,11 @@ static vb2_error_t vb2_load_partition(
 					   &preamble->body_signature,
 					   &data_key, &wblocal)) {
 		VB2_DEBUG("Kernel data verification failed.\n");
-		shpart->check_result = VBSD_LKP_CHECK_VERIFY_DATA;
 		return VB2_ERROR_LOAD_PARTITION_VERIFY_BODY;
 	}
 
 	/* If we're still here, the kernel is valid */
 	VB2_DEBUG("Partition is good.\n");
-	shpart->check_result = VBSD_LKP_CHECK_KERNEL_GOOD;
 
 	/* Save kernel data back to parameters */
 	params->bootloader_address = preamble->bootloader_address;
@@ -496,7 +472,6 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params)
 	memset(&shcall, 0, sizeof(shcall));
 	shcall.boot_flags = (uint32_t)params->boot_flags;
 	shcall.sector_size = (uint32_t)params->bytes_per_lba;
-	shcall.sector_count = params->streaming_lba_count;
 
 	/* Locate key to verify kernel.  This will either be a recovery key, or
 	   a kernel subkey passed from firmware verification. */
@@ -512,14 +487,12 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params)
 			? GPT_FLAG_EXTERNAL : 0;
 	if (0 != AllocAndReadGptData(params->disk_handle, &gpt)) {
 		VB2_DEBUG("Unable to read GPT data\n");
-		shcall.check_result = VBSD_LKC_CHECK_GPT_READ_ERROR;
 		goto gpt_done;
 	}
 
 	/* Initialize GPT library */
 	if (GPT_SUCCESS != GptInit(&gpt)) {
 		VB2_DEBUG("Error parsing GPT\n");
-		shcall.check_result = VBSD_LKC_CHECK_GPT_PARSE_ERROR;
 		goto gpt_done;
 	}
 
@@ -532,25 +505,8 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params)
 			  PRIu64 " size %" PRIu64 "\n",
 			  part_start, part_size);
 
-		/*
-		 * Set up tracking for this partition.  This wraps around if
-		 * called many times, so initialize the partition entry each
-		 * time.
-		 */
-		VbSharedDataKernelPart *shpart =
-				shcall.parts + (shcall.kernel_parts_found
-				& (VBSD_MAX_KERNEL_PARTS - 1));
-		memset(shpart, 0, sizeof(VbSharedDataKernelPart));
-		shpart->sector_start = part_start;
-		shpart->sector_count = part_size;
-		/*
-		 * TODO: GPT partitions start at 1, but cgptlib starts them at
-		 * 0.  Adjust here, until cgptlib is fixed.
-		 */
-		shpart->gpt_index = (uint8_t)(gpt.current_kernel + 1);
-		shcall.kernel_parts_found++;
-
 		/* Found at least one kernel partition. */
+		shcall.kernel_parts_found++;
 		found_partitions++;
 
 		/* Set up the stream */
@@ -558,7 +514,6 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params)
 		if (VbExStreamOpen(params->disk_handle,
 				   part_start, part_size, &stream)) {
 			VB2_DEBUG("Partition error getting stream.\n");
-			shpart->check_result = VBSD_LKP_CHECK_TOO_SMALL;
 			VB2_DEBUG("Marking kernel as invalid.\n");
 			GptUpdateKernelEntry(&gpt, GPT_UPDATE_ENTRY_BAD);
 			continue;
@@ -578,7 +533,6 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params)
 					kernel_subkey,
 					lpflags,
 					params,
-					shpart,
 					&wb);
 		VbExStreamClose(stream);
 
@@ -656,7 +610,6 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params)
 	/* Handle finding a good partition */
 	if (params->partition_number > 0) {
 		VB2_DEBUG("Good partition %d\n", params->partition_number);
-		shcall.check_result = VBSD_LKC_CHECK_GOOD_PARTITION;
 		/*
 		 * Validity check - only store a new TPM version if we found
 		 * one. If lowest_version is still at its initial value, we
@@ -670,10 +623,8 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params)
 		/* Success! */
 		rv = VB2_SUCCESS;
 	} else if (found_partitions > 0) {
-		shcall.check_result = VBSD_LKC_CHECK_INVALID_PARTITIONS;
 		rv = VB2_ERROR_LK_INVALID_KERNEL_FOUND;
 	} else {
-		shcall.check_result = VBSD_LKC_CHECK_NO_PARTITIONS;
 		rv = VB2_ERROR_LK_NO_KERNEL_FOUND;
 	}