summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoel Kitching <kitching@google.com>2020-02-13 17:13:04 +0800
committerCommit Bot <commit-bot@chromium.org>2020-02-19 10:29:53 +0000
commit83ab1908e8173cddc8405a341fe1dc79a2c8d911 (patch)
tree3bafb48b6bfd0ee691d5b28f80894b7ea2e61f0f
parent414f0078d2c57eb0bf6334d0b7486e1ebb36a499 (diff)
downloadvboot-83ab1908e8173cddc8405a341fe1dc79a2c8d911.tar.gz
vboot: use vboot2 for storing kernel rollback versions
Migrate to using vboot2 shared data fields for storing kernel rollback versions: kernel_version_tpm_start(1) --> kernel_version_secdata(2) kernel_version_tpm(1) --> kernel_version(2) kernel_version_lowest(1) --> [removed] Also remove VBSD from tests which no longer need it. BUG=b:124141368, chromium:1038260 TEST=make clean && make runtests BRANCH=none Change-Id: I26c2ccede5fba52e1477b625ef5fc6181f60aadf Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2053179 Tested-by: Joel Kitching <kitching@chromium.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Commit-Queue: Joel Kitching <kitching@chromium.org>
-rw-r--r--firmware/lib/vboot_api_kernel.c17
-rw-r--r--firmware/lib/vboot_kernel.c10
-rw-r--r--firmware/lib20/api_kernel.c3
-rw-r--r--tests/vb20_api_kernel_tests.c17
-rw-r--r--tests/vboot_api_kernel4_tests.c9
-rw-r--r--tests/vboot_kernel_tests.c15
-rw-r--r--tests/vboot_legacy_clamshell_tests.c5
-rw-r--r--tests/vboot_legacy_menu_tests.c5
-rw-r--r--tests/verify_kernel.c6
-rw-r--r--utility/load_kernel_test.c6
10 files changed, 21 insertions, 72 deletions
diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c
index e2c1a6c1..72224e19 100644
--- a/firmware/lib/vboot_api_kernel.c
+++ b/firmware/lib/vboot_api_kernel.c
@@ -168,7 +168,6 @@ static int vb2_reset_nv_requests(struct vb2_context *ctx)
vb2_error_t VbBootNormal(struct vb2_context *ctx)
{
struct vb2_shared_data *sd = vb2_get_sd(ctx);
- VbSharedDataHeader *shared = sd->vbsd;
uint32_t max_rollforward = vb2_nv_get(ctx,
VB2_NV_KERNEL_MAX_ROLLFORWARD);
@@ -203,20 +202,20 @@ vb2_error_t VbBootNormal(struct vb2_context *ctx)
* version to less than the version currently in the TPM. That is,
* we're limiting rollforward, not allowing rollback.
*/
- if (max_rollforward < shared->kernel_version_tpm_start)
- max_rollforward = shared->kernel_version_tpm_start;
+ if (max_rollforward < sd->kernel_version_secdata)
+ max_rollforward = sd->kernel_version_secdata;
- if (shared->kernel_version_tpm > max_rollforward) {
+ if (sd->kernel_version > max_rollforward) {
VB2_DEBUG("Limiting TPM kernel version roll-forward "
"to %#x < %#x\n",
- max_rollforward, shared->kernel_version_tpm);
+ max_rollforward, sd->kernel_version);
- shared->kernel_version_tpm = max_rollforward;
+ sd->kernel_version = max_rollforward;
}
- if (shared->kernel_version_tpm > shared->kernel_version_tpm_start) {
+ if (sd->kernel_version > sd->kernel_version_secdata) {
vb2_secdata_kernel_set(ctx, VB2_SECDATA_KERNEL_VERSIONS,
- shared->kernel_version_tpm);
+ sd->kernel_version);
}
return rv;
@@ -381,6 +380,8 @@ vb2_error_t VbSelectAndLoadKernel(struct vb2_context *ctx,
/* Translate vboot2 flags and fields into vboot1. */
if (sd->flags & VB2_SD_FLAG_KERNEL_SIGNED)
sd->vbsd->flags |= VBSD_KERNEL_KEY_VERIFIED;
+ sd->vbsd->kernel_version_tpm_start = sd->kernel_version_secdata;
+ sd->vbsd->kernel_version_tpm = sd->kernel_version;
return rv;
}
diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c
index 722b74de..8118599d 100644
--- a/firmware/lib/vboot_kernel.c
+++ b/firmware/lib/vboot_kernel.c
@@ -439,7 +439,6 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params)
{
struct vb2_shared_data *sd = vb2_get_sd(ctx);
struct vb2_workbuf wb;
- VbSharedDataHeader *shared = sd->vbsd;
VbSharedDataKernelCall shcall;
int found_partitions = 0;
uint32_t lowest_version = LOWEST_TPM_VERSION;
@@ -543,7 +542,7 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params)
kernel_subkey,
lpflags,
params,
- shared->kernel_version_tpm,
+ sd->kernel_version,
shpart,
&wb);
VbExStreamClose(stream);
@@ -611,7 +610,7 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params)
* Otherwise, we'll check all the other headers to see if they
* contain a newer key.
*/
- if (shpart->combined_version == shared->kernel_version_tpm) {
+ if (shpart->combined_version == sd->kernel_version) {
VB2_DEBUG("Same kernel version\n");
break;
}
@@ -625,7 +624,6 @@ gpt_done:
if (params->partition_number > 0) {
VB2_DEBUG("Good partition %d\n", params->partition_number);
shcall.check_result = VBSD_LKC_CHECK_GOOD_PARTITION;
- shared->kernel_version_lowest = lowest_version;
/*
* Sanity check - only store a new TPM version if we found one.
* If lowest_version is still at its initial value, we didn't
@@ -633,8 +631,8 @@ gpt_done:
* didn't look.
*/
if (lowest_version != LOWEST_TPM_VERSION &&
- lowest_version > shared->kernel_version_tpm)
- shared->kernel_version_tpm = lowest_version;
+ lowest_version > sd->kernel_version)
+ sd->kernel_version = lowest_version;
/* Success! */
rv = VB2_SUCCESS;
diff --git a/firmware/lib20/api_kernel.c b/firmware/lib20/api_kernel.c
index 1e96f281..8b146093 100644
--- a/firmware/lib20/api_kernel.c
+++ b/firmware/lib20/api_kernel.c
@@ -72,8 +72,7 @@ vb2_error_t vb2api_kernel_phase1(struct vb2_context *ctx)
/* Read kernel version from secdata. */
sd->kernel_version_secdata =
vb2_secdata_kernel_get(ctx, VB2_SECDATA_KERNEL_VERSIONS);
- sd->vbsd->kernel_version_tpm = sd->kernel_version_secdata;
- sd->vbsd->kernel_version_tpm_start = sd->kernel_version_secdata;
+ sd->kernel_version = sd->kernel_version_secdata;
/* Find the key to use to verify the kernel keyblock */
if ((ctx->flags & VB2_CONTEXT_RECOVERY_MODE)) {
diff --git a/tests/vb20_api_kernel_tests.c b/tests/vb20_api_kernel_tests.c
index 5fba07e4..11f58817 100644
--- a/tests/vb20_api_kernel_tests.c
+++ b/tests/vb20_api_kernel_tests.c
@@ -23,8 +23,6 @@ static uint8_t workbuf[VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE]
__attribute__((aligned(VB2_WORKBUF_ALIGN)));
static struct vb2_context *ctx;
static struct vb2_shared_data *sd;
-static uint8_t shared_data[VB_SHARED_DATA_MIN_SIZE];
-static VbSharedDataHeader *shared = (VbSharedDataHeader *)shared_data;
static struct vb2_fw_preamble *fwpre;
static struct vb2_kernel_preamble *kpre;
static struct vb2_packed_key *kdkey;
@@ -62,9 +60,6 @@ static void reset_common_data(enum reset_type t)
"vb2api_init failed");
sd = vb2_get_sd(ctx);
- memset(&shared_data, 0, sizeof(shared_data));
- sd->vbsd = shared;
-
vb2_nv_init(ctx);
vb2api_secdata_kernel_create(ctx);
@@ -253,10 +248,6 @@ static void phase1_tests(void)
k->key_size), 0, " key data");
TEST_EQ(sd->kernel_version_secdata, 0x20002,
" secdata_kernel version");
- TEST_EQ(sd->vbsd->kernel_version_tpm, 0x20002,
- " secdata_kernel version (vboot1)");
- TEST_EQ(sd->vbsd->kernel_version_tpm_start, 0x20002,
- " secdata_kernel version (vboot1)");
/* Test successful call in recovery mode */
reset_common_data(FOR_PHASE1);
@@ -283,10 +274,6 @@ static void phase1_tests(void)
" key data");
TEST_EQ(sd->kernel_version_secdata, 0x20002,
" secdata_kernel version");
- TEST_EQ(sd->vbsd->kernel_version_tpm, 0x20002,
- " secdata_kernel version (vboot1)");
- TEST_EQ(sd->vbsd->kernel_version_tpm_start, 0x20002,
- " secdata_kernel version (vboot1)");
/* Bad secdata_kernel causes failure in normal mode only */
reset_common_data(FOR_PHASE1);
@@ -301,10 +288,6 @@ static void phase1_tests(void)
ctx->flags |= VB2_CONTEXT_RECOVERY_MODE;
TEST_SUCC(vb2api_kernel_phase1(ctx), "phase1 bad secdata_kernel rec");
TEST_EQ(sd->kernel_version_secdata, 0, " secdata_kernel version");
- TEST_EQ(sd->vbsd->kernel_version_tpm, 0,
- " secdata_kernel version (vboot1)");
- TEST_EQ(sd->vbsd->kernel_version_tpm_start, 0,
- " secdata_kernel version (vboot1)");
TEST_EQ(vb2_nv_get(ctx, VB2_NV_RECOVERY_REQUEST),
VB2_RECOVERY_NOT_REQUESTED, " no recovery");
diff --git a/tests/vboot_api_kernel4_tests.c b/tests/vboot_api_kernel4_tests.c
index 7c314d0f..dd08c2fa 100644
--- a/tests/vboot_api_kernel4_tests.c
+++ b/tests/vboot_api_kernel4_tests.c
@@ -102,8 +102,7 @@ struct vb2_gbb_header *vb2_get_gbb(struct vb2_context *c)
vb2_error_t vb2api_kernel_phase1(struct vb2_context *c)
{
sd->kernel_version_secdata = kernel_version;
- shared->kernel_version_tpm_start = kernel_version;
- shared->kernel_version_tpm = kernel_version;
+ sd->kernel_version = kernel_version;
return kernel_phase1_retval;
}
@@ -133,7 +132,7 @@ void vb2_secdata_kernel_set(struct vb2_context *c,
vb2_error_t VbTryLoadKernel(struct vb2_context *c, uint32_t get_info_flags)
{
- shared->kernel_version_tpm = new_version;
+ sd->kernel_version = new_version;
if (vbboot_retval == -1)
return VB2_ERROR_MOCK;
@@ -143,8 +142,6 @@ vb2_error_t VbTryLoadKernel(struct vb2_context *c, uint32_t get_info_flags)
vb2_error_t VbBootDeveloperLegacyClamshell(struct vb2_context *c)
{
- shared->kernel_version_tpm = new_version;
-
if (vbboot_retval == -2)
return VB2_ERROR_MOCK;
@@ -157,8 +154,6 @@ vb2_error_t VbBootRecoveryLegacyClamshell(struct vb2_context *c)
" recovery reason");
TEST_TRUE(commit_data_called, " commit data");
- shared->kernel_version_tpm = new_version;
-
if (vbboot_retval == -3)
return VB2_ERROR_MOCK;
diff --git a/tests/vboot_kernel_tests.c b/tests/vboot_kernel_tests.c
index 7a2c2699..87056ad2 100644
--- a/tests/vboot_kernel_tests.c
+++ b/tests/vboot_kernel_tests.c
@@ -55,8 +55,6 @@ static int gpt_flag_external;
static struct vb2_gbb_header gbb;
static VbExDiskHandle_t handle;
-static uint8_t shared_data[VB_SHARED_DATA_MIN_SIZE];
-static VbSharedDataHeader *shared = (VbSharedDataHeader *)shared_data;
static LoadKernelParams lkp;
static struct vb2_keyblock kbh;
static struct vb2_kernel_preamble kph;
@@ -138,9 +136,6 @@ static void ResetMocks(void)
gbb.minor_version = VB2_GBB_MINOR_VER;
gbb.flags = 0;
- memset(&shared_data, 0, sizeof(shared_data));
- shared->kernel_version_tpm = 0x20001;
-
memset(&lkp, 0, sizeof(lkp));
lkp.bytes_per_lba = 512;
lkp.streaming_lba_count = 1024;
@@ -166,14 +161,14 @@ static void ResetMocks(void)
mock_parts[0].size = 150; /* 75 KB */
mock_part_next = 0;
+ memset(&mock_key, 0, sizeof(mock_key));
+
TEST_SUCC(vb2api_init(workbuf, sizeof(workbuf), &ctx),
"vb2api_init failed");
vb2_nv_init(ctx);
- memset(&mock_key, 0, sizeof(mock_key));
-
sd = vb2_get_sd(ctx);
- sd->vbsd = shared;
+ sd->kernel_version = 0x20001;
/* CRC will be invalid after here, but nobody's checking */
sd->status |= VB2_SD_STATUS_SECDATA_FWMP_INIT;
@@ -718,7 +713,7 @@ static void LoadKernelTest(void)
ResetMocks();
kbh.data_key.key_version = 3;
TestLoadKernel(0, "Keyblock version roll forward");
- TEST_EQ(shared->kernel_version_tpm, 0x30001, " shared version");
+ TEST_EQ(sd->kernel_version, 0x30001, " SD version");
ResetMocks();
kbh.data_key.key_version = 3;
@@ -726,7 +721,7 @@ static void LoadKernelTest(void)
mock_parts[1].size = 150;
TestLoadKernel(0, "Two kernels roll forward");
TEST_EQ(mock_part_next, 2, " read both");
- TEST_EQ(shared->kernel_version_tpm, 0x30001, " shared version");
+ TEST_EQ(sd->kernel_version, 0x30001, " SD version");
ResetMocks();
kbh.data_key.key_version = 1;
diff --git a/tests/vboot_legacy_clamshell_tests.c b/tests/vboot_legacy_clamshell_tests.c
index baf60827..f31adcd3 100644
--- a/tests/vboot_legacy_clamshell_tests.c
+++ b/tests/vboot_legacy_clamshell_tests.c
@@ -22,8 +22,6 @@
#include "vboot_ui_legacy_common.h"
/* Mock data */
-static uint8_t shared_data[VB_SHARED_DATA_MIN_SIZE];
-static VbSharedDataHeader *shared = (VbSharedDataHeader *)shared_data;
static LoadKernelParams lkp;
static uint8_t workbuf[VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE]
__attribute__((aligned(VB2_WORKBUF_ALIGN)));
@@ -86,8 +84,6 @@ static void ResetMocks(void)
{
vb2_reset_power_button();
- memset(&shared_data, 0, sizeof(shared_data));
-
memset(&lkp, 0, sizeof(lkp));
TEST_SUCC(vb2api_init(workbuf, sizeof(workbuf), &ctx),
@@ -95,7 +91,6 @@ static void ResetMocks(void)
vb2_nv_init(ctx);
sd = vb2_get_sd(ctx);
- sd->vbsd = shared;
sd->flags |= VB2_SD_FLAG_DISPLAY_AVAILABLE;
/* CRC will be invalid after here, but nobody's checking */
diff --git a/tests/vboot_legacy_menu_tests.c b/tests/vboot_legacy_menu_tests.c
index dfcaaedd..a6f10568 100644
--- a/tests/vboot_legacy_menu_tests.c
+++ b/tests/vboot_legacy_menu_tests.c
@@ -23,8 +23,6 @@
#include "vboot_ui_legacy_menu_private.h"
/* Mock data */
-static uint8_t shared_data[VB_SHARED_DATA_MIN_SIZE];
-static VbSharedDataHeader *shared = (VbSharedDataHeader *)shared_data;
static LoadKernelParams lkp;
static uint8_t workbuf[VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE]
__attribute__((aligned(VB2_WORKBUF_ALIGN)));
@@ -61,8 +59,6 @@ static int vbexaltfwmask_called;
/* Reset mock data (for use before each test) */
static void ResetMocks(void)
{
- memset(&shared_data, 0, sizeof(shared_data));
-
memset(&lkp, 0, sizeof(lkp));
TEST_SUCC(vb2api_init(workbuf, sizeof(workbuf), &ctx),
@@ -70,7 +66,6 @@ static void ResetMocks(void)
vb2_nv_init(ctx);
sd = vb2_get_sd(ctx);
- sd->vbsd = shared;
/* CRC will be invalid after here, but nobody's checking */
sd->status |= VB2_SD_STATUS_SECDATA_FWMP_INIT;
diff --git a/tests/verify_kernel.c b/tests/verify_kernel.c
index ac4b45e6..28813c40 100644
--- a/tests/verify_kernel.c
+++ b/tests/verify_kernel.c
@@ -25,10 +25,6 @@ static struct vb2_shared_data *sd;
static uint8_t *diskbuf;
-static uint8_t shared_data[VB_SHARED_DATA_MIN_SIZE]
- __attribute__((aligned(VB2_WORKBUF_ALIGN)));
-static VbSharedDataHeader *shared = (VbSharedDataHeader *)shared_data;
-
static LoadKernelParams params;
vb2_error_t VbExDiskRead(VbExDiskHandle_t handle, uint64_t lba_start,
@@ -111,9 +107,7 @@ int main(int argc, char *argv[])
fprintf(stderr, "Can't initialize workbuf\n");
return 1;
}
- memset(&shared_data, 0, sizeof(shared_data));
sd = vb2_get_sd(ctx);
- sd->vbsd = shared;
/* Copy kernel subkey to workbuf */
{
diff --git a/utility/load_kernel_test.c b/utility/load_kernel_test.c
index 14e4e613..609a9a3a 100644
--- a/utility/load_kernel_test.c
+++ b/utility/load_kernel_test.c
@@ -24,10 +24,6 @@ static uint8_t workbuf[VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE];
static struct vb2_context *ctx;
static struct vb2_shared_data *sd;
-static uint8_t shared_data[VB_SHARED_DATA_MIN_SIZE]
- __attribute__((aligned(VB2_WORKBUF_ALIGN)));
-static VbSharedDataHeader *shared = (VbSharedDataHeader *)shared_data;
-
/* Global variables for stub functions */
static LoadKernelParams lkp;
static FILE *image_file = NULL;
@@ -217,9 +213,7 @@ int main(int argc, char* argv[])
fprintf(stderr, "Can't initialize workbuf\n");
return 1;
}
- memset(&shared_data, 0, sizeof(shared_data));
sd = vb2_get_sd(ctx);
- sd->vbsd = shared;
/* Copy kernel subkey to workbuf, if any */
if (key_blob) {