diff options
author | Hsuan Ting Chen <roccochen@chromium.org> | 2021-10-07 03:53:35 +0000 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-10-07 20:50:29 +0000 |
commit | f0ba3fe277fdc623565eab0725aed743e24a1a44 (patch) | |
tree | cb0b30bd96e247746282a4f8b0cc0ef3f5afe933 | |
parent | edcc9cd30731fafc410675ac90e3b90f822e1d9f (diff) | |
download | vboot-f0ba3fe277fdc623565eab0725aed743e24a1a44.tar.gz |
Revert "2api: Add vb2_boot_mode in vb2_context denoted the current boot mode"
This reverts commit 2cf76574dbf57c70da3a835f2a45d5619dc058f5.
Reason for revert: b:202258389
Original change's description:
> 2api: Add vb2_boot_mode in vb2_context denoted the current boot mode
>
> Add enum vb2_boot_mode which denotes the most relevant boot mode between
> normal, manual recovery, broken recovery, diagnostic, and developer.
>
> The boot mode constant stores in vb2_context, is exposed externally, and
> decided in vb2api_fw_phase1.
>
> Split out the logic of manual recovery and broken screen. (The broken
> recovery is a recovery boot with !vb2api_allow_recovery)
>
> Add the fifth boot mode, diagnostic boot mode
>
> A boot could match more the one boot mode, this api will pick the most
> relevant boot mode based on the following order:
> 1. Manual recovery boot
> 2. Broken recovery boot
> 3. Diagnostics boot
> 4. Developer boot
> 5. Normal boot
>
> This constant is used in:
> * lib/vboot_api_kernel.c: VbSelectAndLoadKernel()
> * lib/vboot_kernel.c: replace the original vb2_boot_mode
> * coreboot/bootmode for adding elogs
>
> Also bump the vb2sd minor version from 0 to 1.
>
> BUG=b:185551931, b:177196147, b:181931817
> BRANCH=none
> TEST=CC=x86_64-pc-linux-gnu-clang;
> make clean && make runtests
> TEST=emerge coreboot vboot_reference depthcharge
>
> Signed-off-by: Hsuan Ting Chen <roccochen@chromium.org>
> Change-Id: I421e4d51c261ba2bdec996a5fb2ebccb33513fa4
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2944250
> Reviewed-by: Yu-Ping Wu <yupingso@chromium.org>
Bug: b:185551931, b:177196147, b:181931817
Change-Id: Ic184a24f5b580bcaf40d75045476ae77c674dd3d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3209725
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Bhanu Prakash Maiya <bhanumaiya@google.com>
-rw-r--r-- | firmware/2lib/2api.c | 3 | ||||
-rw-r--r-- | firmware/2lib/2misc.c | 21 | ||||
-rw-r--r-- | firmware/2lib/include/2api.h | 62 | ||||
-rw-r--r-- | firmware/2lib/include/2misc.h | 15 | ||||
-rw-r--r-- | firmware/2lib/include/2struct.h | 2 | ||||
-rw-r--r-- | firmware/lib/vboot_api_kernel.c | 20 | ||||
-rw-r--r-- | firmware/lib/vboot_kernel.c | 40 | ||||
-rw-r--r-- | tests/vboot_api_kernel4_tests.c | 3 | ||||
-rw-r--r-- | tests/vboot_kernel2_tests.c | 4 | ||||
-rw-r--r-- | tests/vboot_kernel_tests.c | 35 |
10 files changed, 52 insertions, 153 deletions
diff --git a/firmware/2lib/2api.c b/firmware/2lib/2api.c index 53e8e98e..593a12cf 100644 --- a/firmware/2lib/2api.c +++ b/firmware/2lib/2api.c @@ -89,9 +89,6 @@ vb2_error_t vb2api_fw_phase1(struct vb2_context *ctx) if (ctx->flags & VB2_CONTEXT_DISPLAY_INIT) sd->flags |= VB2_SD_FLAG_DISPLAY_AVAILABLE; - /* Decide the boot mode */ - vb2_set_boot_mode(ctx); - /* Return error if recovery is needed */ if (ctx->flags & VB2_CONTEXT_RECOVERY_MODE) { /* Always clear RAM when entering recovery mode */ diff --git a/firmware/2lib/2misc.c b/firmware/2lib/2misc.c index bd9ea8ad..54150446 100644 --- a/firmware/2lib/2misc.c +++ b/firmware/2lib/2misc.c @@ -734,24 +734,3 @@ char *vb2api_get_debug_info(struct vb2_context *ctx) buf[DEBUG_INFO_MAX_LENGTH] = '\0'; return buf; } - -void vb2_set_boot_mode(struct vb2_context *ctx) -{ - struct vb2_shared_data *sd = vb2_get_sd(ctx); - - /* Cast boot mode to non-constant and assign */ - enum vb2_boot_mode *boot_mode = (enum vb2_boot_mode *)&ctx->boot_mode; - *boot_mode = VB2_BOOT_MODE_NORMAL; - - if (sd->recovery_reason) { - if (vb2api_allow_recovery(ctx)) - *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; - else - *boot_mode = VB2_BOOT_MODE_BROKEN_SCREEN; - } else if (vb2api_diagnostic_ui_enabled(ctx) && - vb2_nv_get(ctx, VB2_NV_DIAG_REQUEST)) { - *boot_mode = VB2_BOOT_MODE_DIAGNOSTICS; - } else if (ctx->flags & VB2_CONTEXT_DEVELOPER_MODE) { - *boot_mode = VB2_BOOT_MODE_DEVELOPER; - } -} diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h index 19cbdb52..8cc9a923 100644 --- a/firmware/2lib/include/2api.h +++ b/firmware/2lib/include/2api.h @@ -259,58 +259,6 @@ enum vb2_context_flags { VB2_CONTEXT_DEV_BOOT_ALTFW_ALLOWED = (1 << 27), }; -/* Boot mode decided in vb2api_fw_phase1. - * - * Boot mode is a constant set by verified boot and may be read (but should not - * be set or cleared) by the caller. - * The boot modes are mutually exclusive. If a boot fulfill more than one - * constraints of the listing boot modes, it will be set to the most important - * one. The priority is the same as the listing order. - */ -enum vb2_boot_mode { - /* Undefined, The boot mode is not set. */ - VB2_BOOT_MODE_UNDEFINED = 0, - - /* - * Manual recovery boot, regardless of dev mode state. - * - * VB2_CONTEXT_RECOVERY_MODE is set and the recovery is physically - * requested (a.k.a. Manual recovery). All other recovery requests - * including manual recovery requested by a (compromised) host will end - * up with a broken screen. - */ - VB2_BOOT_MODE_MANUAL_RECOVERY = 1, - - /* - * Broken screen. - * - * If a recovery boot is not a manual recovery (a.k.a. not requested - * physically), the recovery is not allowed and will end up with - * broken screen. - */ - VB2_BOOT_MODE_BROKEN_SCREEN = 2, - - /* - * Diagnostic boot. - * - * If diagnostic boot is enabled (a.k.a. vb2api_diagnostic_ui_enabled) - * and the nvdata contains VB2_NV_DIAG_REQUEST from previous boot, it - * will boot to diagnostic mode. - */ - VB2_BOOT_MODE_DIAGNOSTICS = 3, - - /* - * Developer boot: self-signed kernel okay. - * - * The developer mode switch is set (a.k.a. VB2_CONTEXT_DEVELOPER_MODE) - * and we are in the developer boot mode. - */ - VB2_BOOT_MODE_DEVELOPER = 4, - - /* Normal boot: kernel must be verified. */ - VB2_BOOT_MODE_NORMAL = 5, -}; - /* Helper for aligning fields in vb2_context. */ #define VB2_PAD_STRUCT3(size, align, count) \ uint8_t _pad##count[align - (((size - 1) % align) + 1)] @@ -385,16 +333,6 @@ struct vb2_context { */ uint8_t secdata_fwmp[VB2_SECDATA_FWMP_MAX_SIZE]; VB2_PAD_STRUCT(VB2_SECDATA_FWMP_MAX_SIZE, 8); - - /********************************************************************** - * Fields below added in struct version 3.1. - */ - - /* - * Mutually exclusive boot mode. - * This constant is initialized after calling vb2api_fw_phase1(). - */ - const enum vb2_boot_mode boot_mode; }; /* Resource index for vb2ex_read_resource() */ diff --git a/firmware/2lib/include/2misc.h b/firmware/2lib/include/2misc.h index 3d292872..b36e1270 100644 --- a/firmware/2lib/include/2misc.h +++ b/firmware/2lib/include/2misc.h @@ -191,19 +191,4 @@ void vb2_clear_recovery(struct vb2_context *ctx); */ void vb2_fill_dev_boot_flags(struct vb2_context *ctx); -/** - * Determine and set a mutually exclusive boot mode in the vboot context. - * - * Determine the most relevant boot mode for current boot, store into - * ctx->boot_mode, which is a ctx field introduced in struct version 3.1. - * - * This function should be only called by vb2api_fw_phase1. - * The vb2api_fw_phase1 should call this function at its end phase once and all - * the following steps should directly access ctx->boot_mode to retrieve the - * most relevant boot mode. - * - * @param ctx Vboot context. - */ -void vb2_set_boot_mode(struct vb2_context *ctx); - #endif /* VBOOT_REFERENCE_2MISC_H_ */ diff --git a/firmware/2lib/include/2struct.h b/firmware/2lib/include/2struct.h index f442b61f..ea193d74 100644 --- a/firmware/2lib/include/2struct.h +++ b/firmware/2lib/include/2struct.h @@ -92,7 +92,7 @@ enum vb2_shared_data_status { /* Current version of vb2_shared_data struct */ #define VB2_SHARED_DATA_VERSION_MAJOR 3 -#define VB2_SHARED_DATA_VERSION_MINOR 1 +#define VB2_SHARED_DATA_VERSION_MINOR 0 /* MAX_SIZE should not be changed without bumping up DATA_VERSION_MAJOR. */ #define VB2_CONTEXT_MAX_SIZE 384 diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c index 13e2a6a1..2abd57eb 100644 --- a/firmware/lib/vboot_api_kernel.c +++ b/firmware/lib/vboot_api_kernel.c @@ -180,15 +180,13 @@ vb2_error_t VbSelectAndLoadKernel(struct vb2_context *ctx, } /* - * If in the broken screen, save the recovery reason as subcode. + * If in non-manual recovery mode, save the recovery reason as subcode. * Otherwise, clear any leftover recovery requests or subcodes. */ vb2_clear_recovery(ctx); /* Select boot path */ - switch (ctx->boot_mode) { - case VB2_BOOT_MODE_MANUAL_RECOVERY: - case VB2_BOOT_MODE_BROKEN_SCREEN: + if (ctx->flags & VB2_CONTEXT_RECOVERY_MODE) { /* If we're in recovery mode just to do memory retraining, all we need to do is reboot. */ if (sd->recovery_reason == VB2_RECOVERY_TRAIN_AND_REBOOT) { @@ -213,12 +211,12 @@ vb2_error_t VbSelectAndLoadKernel(struct vb2_context *ctx, VB2_DEBUG("NO_BOOT in RECOVERY mode\n"); /* Recovery boot. This has UI. */ - if (ctx->boot_mode == VB2_BOOT_MODE_MANUAL_RECOVERY) + if (vb2api_allow_recovery(ctx)) VB2_TRY(vb2ex_manual_recovery_ui(ctx)); else VB2_TRY(vb2ex_broken_screen_ui(ctx)); - break; - case VB2_BOOT_MODE_DIAGNOSTICS: + } else if (vb2api_diagnostic_ui_enabled(ctx) && + vb2_nv_get(ctx, VB2_NV_DIAG_REQUEST)) { /* * Need to clear the request flag and commit nvdata changes * immediately to avoid booting back into diagnostic tool when a @@ -234,16 +232,12 @@ vb2_error_t VbSelectAndLoadKernel(struct vb2_context *ctx, * return either of reboot or shutdown. */ return VB2_REQUEST_REBOOT; - case VB2_BOOT_MODE_DEVELOPER: + } else if (ctx->flags & VB2_CONTEXT_DEVELOPER_MODE) { /* Developer boot. This has UI. */ VB2_TRY(vb2ex_developer_ui(ctx)); - break; - case VB2_BOOT_MODE_NORMAL: + } else { /* Normal boot */ VB2_TRY(vb2_normal_boot(ctx)); - break; - default: - return VB2_ERROR_ESCAPE_NO_BOOT; } /* diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c index 2c71d163..34a8a426 100644 --- a/firmware/lib/vboot_kernel.c +++ b/firmware/lib/vboot_kernel.c @@ -6,7 +6,6 @@ * (Firmware portion) */ -#include "2api.h" #include "2common.h" #include "2misc.h" #include "2nvstorage.h" @@ -32,6 +31,34 @@ enum vb2_load_partition_flags { #define LOWEST_TPM_VERSION 0xffffffff +enum vb2_boot_mode { + /* Normal boot: kernel must be verified. */ + VB2_BOOT_MODE_NORMAL = 0, + + /* Recovery boot, regardless of dev mode state. */ + VB2_BOOT_MODE_RECOVERY = 1, + + /* Developer boot: self-signed kernel okay. */ + VB2_BOOT_MODE_DEVELOPER = 2, +}; + +/** + * Return the current boot mode (normal, recovery, or dev). + * + * @param ctx Vboot context + * @return Current boot mode (see vb2_boot_mode enum). + */ +static enum vb2_boot_mode get_boot_mode(struct vb2_context *ctx) +{ + if (ctx->flags & VB2_CONTEXT_RECOVERY_MODE) + return VB2_BOOT_MODE_RECOVERY; + + if (ctx->flags & VB2_CONTEXT_DEVELOPER_MODE) + return VB2_BOOT_MODE_DEVELOPER; + + return VB2_BOOT_MODE_NORMAL; +} + /** * Check if a valid keyblock is required. * @@ -42,7 +69,7 @@ enum vb2_load_partition_flags { static int need_valid_keyblock(struct vb2_context *ctx) { /* Normal and recovery modes always require official OS */ - if (ctx->boot_mode != VB2_BOOT_MODE_DEVELOPER) + if (get_boot_mode(ctx) != VB2_BOOT_MODE_DEVELOPER) return 1; /* FWMP can require developer mode to use signed kernels */ @@ -237,8 +264,9 @@ static vb2_error_t vb2_verify_kernel_vblock( } /* Check for rollback of key version except in recovery mode. */ + enum vb2_boot_mode boot_mode = get_boot_mode(ctx); uint32_t key_version = keyblock->data_key.key_version; - if (ctx->boot_mode != VB2_BOOT_MODE_MANUAL_RECOVERY) { + if (boot_mode != VB2_BOOT_MODE_RECOVERY) { if (key_version < (sd->kernel_version_secdata >> 16)) { keyblock_valid = 0; if (need_keyblock_valid) { @@ -260,7 +288,7 @@ static vb2_error_t vb2_verify_kernel_vblock( } /* If in developer mode and using key hash, check it. */ - if (ctx->boot_mode == VB2_BOOT_MODE_DEVELOPER && + if (boot_mode == VB2_BOOT_MODE_DEVELOPER && vb2_secdata_fwmp_get_flag(ctx, VB2_SECDATA_FWMP_DEV_USE_KEY_HASH)) { VB2_TRY(vb2_verify_kernel_dev_key_hash(ctx, keyblock)); } @@ -328,7 +356,7 @@ static vb2_error_t vb2_verify_kernel_vblock( /* If not in recovery mode, check for rollback of the kernel version. */ if (need_keyblock_valid && - ctx->boot_mode != VB2_BOOT_MODE_MANUAL_RECOVERY && + boot_mode != VB2_BOOT_MODE_RECOVERY && sd->kernel_version < sd->kernel_version_secdata) { VB2_DEBUG("Kernel version too low.\n"); return VB2_ERROR_KERNEL_PREAMBLE_VERSION_ROLLBACK; @@ -711,7 +739,7 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, * non-officially-signed kernel, there's no rollback * protection, so we can stop at the first valid kernel. */ - if (ctx->boot_mode == VB2_BOOT_MODE_MANUAL_RECOVERY || + if (get_boot_mode(ctx) == VB2_BOOT_MODE_RECOVERY || !keyblock_valid) { VB2_DEBUG("In recovery mode or dev-signed kernel\n"); break; diff --git a/tests/vboot_api_kernel4_tests.c b/tests/vboot_api_kernel4_tests.c index c1e71afa..f122eb38 100644 --- a/tests/vboot_api_kernel4_tests.c +++ b/tests/vboot_api_kernel4_tests.c @@ -80,9 +80,6 @@ static void test_slk(vb2_error_t retval, int recovery_reason, const char *desc) ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; expected_recovery_reason = recovery_reason; - /* The VbSelectAndLoadKernel directly leverages the value at - ctx->boot_mode, so we have to call vb2_set_boot_mode first. */ - vb2_set_boot_mode(ctx); TEST_EQ(VbSelectAndLoadKernel(ctx, &kparams), retval, desc); TEST_EQ(vb2_nv_get(ctx, VB2_NV_RECOVERY_REQUEST), recovery_reason, " recovery reason"); diff --git a/tests/vboot_kernel2_tests.c b/tests/vboot_kernel2_tests.c index 30bef640..5424e86c 100644 --- a/tests/vboot_kernel2_tests.c +++ b/tests/vboot_kernel2_tests.c @@ -47,7 +47,6 @@ static struct vb2_shared_data *sd; static struct vb2_workbuf wb; static uint8_t workbuf[VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE] __attribute__((aligned(VB2_WORKBUF_ALIGN))); -static enum vb2_boot_mode *boot_mode; static VbSelectAndLoadKernelParams lkp; static VbDiskInfo disk_info; @@ -83,9 +82,6 @@ static void reset_common_data(void) vb2_secdata_kernel_init(ctx); ctx->flags = VB2_CONTEXT_RECOVERY_MODE; - boot_mode = (enum vb2_boot_mode *)&ctx->boot_mode; - *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; - sd = vb2_get_sd(ctx); sd->kernel_version_secdata = 0xabcdef | (1 << 24); diff --git a/tests/vboot_kernel_tests.c b/tests/vboot_kernel_tests.c index 1f77cc5c..14e7e1f2 100644 --- a/tests/vboot_kernel_tests.c +++ b/tests/vboot_kernel_tests.c @@ -51,7 +51,6 @@ static uint8_t workbuf[VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE] static struct vb2_context *ctx; static struct vb2_shared_data *sd; static struct vb2_packed_key mock_key; -static enum vb2_boot_mode *boot_mode; /** * Reset mock data (for use before each test) @@ -115,9 +114,6 @@ static void ResetMocks(void) fwmp = (struct vb2_secdata_fwmp *)ctx->secdata_fwmp; memcpy(&fwmp->dev_key_hash, mock_digest, sizeof(fwmp->dev_key_hash)); - boot_mode = (enum vb2_boot_mode *)&ctx->boot_mode; - *boot_mode = VB2_BOOT_MODE_NORMAL; - // TODO: more workbuf fields - flags, secdata_firmware vb2api_secdata_kernel_create(ctx); @@ -341,7 +337,6 @@ static void LoadKernelTest(void) /* In dev mode, fail if hash is bad too */ ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; - *boot_mode = VB2_BOOT_MODE_DEVELOPER; keyblock_verify_fail = 2; TestLoadKernel(VB2_ERROR_LK_INVALID_KERNEL_FOUND, "Fail key block dev hash"); @@ -349,7 +344,6 @@ static void LoadKernelTest(void) /* But just bad sig is ok */ ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; - *boot_mode = VB2_BOOT_MODE_DEVELOPER; keyblock_verify_fail = 1; TestLoadKernel(0, "Succeed keyblock dev sig"); TEST_EQ(sd->flags & VB2_SD_FLAG_KERNEL_SIGNED, 0, " use hash"); @@ -357,7 +351,6 @@ static void LoadKernelTest(void) /* In dev mode and requiring signed kernel, fail if sig is bad */ ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; - *boot_mode = VB2_BOOT_MODE_DEVELOPER; vb2_nv_set(ctx, VB2_NV_DEV_BOOT_SIGNED_ONLY, 1); keyblock_verify_fail = 1; TestLoadKernel(VB2_ERROR_LK_INVALID_KERNEL_FOUND, @@ -365,7 +358,6 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; - *boot_mode = VB2_BOOT_MODE_DEVELOPER; fwmp->flags |= VB2_SECDATA_FWMP_DEV_ENABLE_OFFICIAL_ONLY; keyblock_verify_fail = 1; TestLoadKernel(VB2_ERROR_LK_INVALID_KERNEL_FOUND, @@ -395,7 +387,6 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; - *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_1 | VB2_KEYBLOCK_FLAG_DEVELOPER_1 | VB2_KEYBLOCK_FLAG_MINIOS_0; @@ -404,7 +395,6 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; - *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_1 | VB2_KEYBLOCK_FLAG_DEVELOPER_0 | VB2_KEYBLOCK_FLAG_MINIOS_0; @@ -412,7 +402,6 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_RECOVERY_MODE | VB2_CONTEXT_DEVELOPER_MODE; - *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_1 | VB2_KEYBLOCK_FLAG_DEVELOPER_0 | VB2_KEYBLOCK_FLAG_MINIOS_0; @@ -421,7 +410,6 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_RECOVERY_MODE | VB2_CONTEXT_DEVELOPER_MODE; - *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_1 | VB2_KEYBLOCK_FLAG_DEVELOPER_1 | VB2_KEYBLOCK_FLAG_MINIOS_0; @@ -430,7 +418,6 @@ static void LoadKernelTest(void) /* Check keyblock flags (dev mode + signed kernel required) */ ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; - *boot_mode = VB2_BOOT_MODE_DEVELOPER; vb2_nv_set(ctx, VB2_NV_DEV_BOOT_SIGNED_ONLY, 1); kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_1 | VB2_KEYBLOCK_FLAG_DEVELOPER_0 @@ -440,7 +427,6 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; - *boot_mode = VB2_BOOT_MODE_DEVELOPER; fwmp->flags |= VB2_SECDATA_FWMP_DEV_ENABLE_OFFICIAL_ONLY; kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_1 | VB2_KEYBLOCK_FLAG_DEVELOPER_0 @@ -450,7 +436,6 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; - *boot_mode = VB2_BOOT_MODE_DEVELOPER; fwmp->flags |= VB2_SECDATA_FWMP_DEV_ENABLE_OFFICIAL_ONLY; kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_0 | VB2_KEYBLOCK_FLAG_DEVELOPER_0 @@ -460,7 +445,6 @@ static void LoadKernelTest(void) ResetMocks(); ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; - *boot_mode = VB2_BOOT_MODE_DEVELOPER; vb2_nv_set(ctx, VB2_NV_DEV_BOOT_SIGNED_ONLY, 1); kbh.keyblock_flags = VB2_KEYBLOCK_FLAG_RECOVERY_0 | VB2_KEYBLOCK_FLAG_DEVELOPER_1 @@ -493,12 +477,12 @@ static void LoadKernelTest(void) ResetMocks(); kbh.data_key.key_version = 1; - *boot_mode = VB2_BOOT_MODE_DEVELOPER; + ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; TestLoadKernel(0, "Key version ignored in dev mode"); ResetMocks(); kbh.data_key.key_version = 1; - *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; + ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; TestLoadKernel(0, "Key version ignored in rec mode"); ResetMocks(); @@ -516,18 +500,18 @@ static void LoadKernelTest(void) ResetMocks(); kph.kernel_version = 0; - *boot_mode = VB2_BOOT_MODE_DEVELOPER; + ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; TestLoadKernel(0, "Kernel version ignored in dev mode"); ResetMocks(); kph.kernel_version = 0; - *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; + ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; TestLoadKernel(0, "Kernel version ignored in rec mode"); /* Check kernel version (dev mode + signed kernel required) */ ResetMocks(); kbh.data_key.key_version = 0; - *boot_mode = VB2_BOOT_MODE_DEVELOPER; + ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; vb2_nv_set(ctx, VB2_NV_DEV_BOOT_SIGNED_ONLY, 1); TestLoadKernel(VB2_ERROR_LK_INVALID_KERNEL_FOUND, "Keyblock key version checked in dev mode " @@ -535,7 +519,7 @@ static void LoadKernelTest(void) ResetMocks(); kbh.data_key.key_version = 0; - *boot_mode = VB2_BOOT_MODE_DEVELOPER; + ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; fwmp->flags |= VB2_SECDATA_FWMP_DEV_ENABLE_OFFICIAL_ONLY; TestLoadKernel(VB2_ERROR_LK_INVALID_KERNEL_FOUND, "Keyblock key version checked in dev mode " @@ -543,7 +527,7 @@ static void LoadKernelTest(void) /* Check developer key hash - bad */ ResetMocks(); - *boot_mode = VB2_BOOT_MODE_DEVELOPER; + ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; fwmp->flags |= VB2_SECDATA_FWMP_DEV_USE_KEY_HASH; fwmp->dev_key_hash[0]++; TestLoadKernel(VB2_ERROR_LK_INVALID_KERNEL_FOUND, @@ -551,14 +535,15 @@ static void LoadKernelTest(void) /* Check developer key hash - bad (recovery mode) */ ResetMocks(); - *boot_mode = VB2_BOOT_MODE_MANUAL_RECOVERY; + ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; + ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; fwmp->flags |= VB2_SECDATA_FWMP_DEV_USE_KEY_HASH; fwmp->dev_key_hash[0]++; TestLoadKernel(0, "Bad keyblock dev fwmp hash ignored in rec mode"); /* Check developer key hash - good */ ResetMocks(); - *boot_mode = VB2_BOOT_MODE_DEVELOPER; + ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; fwmp->flags |= VB2_SECDATA_FWMP_DEV_USE_KEY_HASH; TestLoadKernel(0, "Good keyblock dev fwmp hash"); |