diff options
| author | Joel Kitching <kitching@google.com> | 2019-08-20 15:25:22 +0800 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2019-08-28 07:32:04 +0000 |
| commit | a762fa782793e7b13ba13ceed474f20c54afbdd3 (patch) | |
| tree | 8a087540d5970493cd51f1601fea3f03e7d565f3 | |
| parent | 0ff87642e865fca49fa9584cffa1b0c4810adced (diff) | |
| download | vboot-a762fa782793e7b13ba13ceed474f20c54afbdd3.tar.gz | |
vboot/secdata: remove VbUnlockDevice function
VbUnlockDevice is only used in fastboot. Currently fastboot
"unlocking" is disabled (see CL:1757973).
BUG=b:124141368, chromium:972956
TEST=make clean && make runtests
BRANCH=none
Change-Id: I0de44c2bb8d8150dafb0b73e7a0be6e63564a26b
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1758150
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | firmware/include/vboot_api.h | 15 | ||||
| -rw-r--r-- | firmware/lib/rollback_index.c | 4 | ||||
| -rw-r--r-- | firmware/lib/vboot_api_kernel.c | 10 | ||||
| -rw-r--r-- | tests/vboot_api_kernel6_tests.c | 53 |
5 files changed, 4 insertions, 80 deletions
@@ -700,7 +700,6 @@ TEST_NAMES = \ tests/vboot_api_kernel2_tests \ tests/vboot_api_kernel4_tests \ tests/vboot_api_kernel5_tests \ - tests/vboot_api_kernel6_tests \ tests/vboot_detach_menu_tests \ tests/vboot_common_tests \ tests/vboot_display_tests \ @@ -1313,7 +1312,6 @@ endif ${RUNTEST} ${BUILD_RUN}/tests/vboot_api_kernel2_tests ${RUNTEST} ${BUILD_RUN}/tests/vboot_api_kernel4_tests ${RUNTEST} ${BUILD_RUN}/tests/vboot_api_kernel5_tests - ${RUNTEST} ${BUILD_RUN}/tests/vboot_api_kernel6_tests ${RUNTEST} ${BUILD_RUN}/tests/vboot_detach_menu_tests ${RUNTEST} ${BUILD_RUN}/tests/vboot_common_tests ${RUNTEST} ${BUILD_RUN}/tests/vboot_display_tests diff --git a/firmware/include/vboot_api.h b/firmware/include/vboot_api.h index 7f00ddc6..a1825952 100644 --- a/firmware/include/vboot_api.h +++ b/firmware/include/vboot_api.h @@ -172,21 +172,6 @@ vb2_error_t VbVerifyMemoryBootImage(struct vb2_context *ctx, VbSelectAndLoadKernelParams *kparams, void *boot_image, size_t image_size); -/** - * Fastboot API to enter dev mode. - * - * This routine is used by fastboot oem unlock command to switch the device into - * dev mode. - * - * NOTE: The caller MUST be in read-only firmware, and MUST have just obtained - * explicit physical confirmation from the user via a trusted input method - * before calling this function! Also, on successful return from this function, - * the caller needs to reboot the device immediately for changes to take effect. - * - * @return VBERROR_... error, VB2_SUCCESS on success. - */ -vb2_error_t VbUnlockDevice(void); - /*****************************************************************************/ /* Timer and delay (first two from utility.h) */ diff --git a/firmware/lib/rollback_index.c b/firmware/lib/rollback_index.c index b0d4eb58..b4b49fab 100644 --- a/firmware/lib/rollback_index.c +++ b/firmware/lib/rollback_index.c @@ -119,6 +119,8 @@ vb2_error_t SetVirtualDevMode(int val) { RollbackSpaceFirmware rsf; + VB2_DEBUG("Enabling developer mode...\n"); + if (TPM_SUCCESS != ReadSpaceFirmware(&rsf)) return VBERROR_TPM_FIRMWARE_SETUP; @@ -136,6 +138,8 @@ vb2_error_t SetVirtualDevMode(int val) if (TPM_SUCCESS != WriteSpaceFirmware(&rsf)) return VBERROR_TPM_SET_BOOT_MODE_STATE; + VB2_DEBUG("Mode change will take effect on next reboot\n"); + return VB2_SUCCESS; } diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c index ec9aaa14..ae1df41e 100644 --- a/firmware/lib/vboot_api_kernel.c +++ b/firmware/lib/vboot_api_kernel.c @@ -611,13 +611,3 @@ vb2_error_t VbVerifyMemoryBootImage(struct vb2_context *ctx, vb2_kernel_cleanup(ctx); return retval; } - -vb2_error_t VbUnlockDevice(void) -{ - VB2_DEBUG("Enabling dev-mode...\n"); - if (VB2_SUCCESS != SetVirtualDevMode(1)) - return VBERROR_TPM_SET_BOOT_MODE_STATE; - - VB2_DEBUG("Mode change will take effect on next reboot.\n"); - return VB2_SUCCESS; -} diff --git a/tests/vboot_api_kernel6_tests.c b/tests/vboot_api_kernel6_tests.c deleted file mode 100644 index 63aff75d..00000000 --- a/tests/vboot_api_kernel6_tests.c +++ /dev/null @@ -1,53 +0,0 @@ -/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Tests for vboot_api_kernel.c - */ - -#include <stdint.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -#include "2common.h" -#include "rollback_index.h" -#include "test_common.h" -#include "vboot_api.h" - -/* Mock data */ -static uint32_t virtual_dev_mode_fail; - -/** - * Reset mock data (for use before each test) - */ -static void ResetMocks(void) -{ - virtual_dev_mode_fail = 0; -} - -/* Mocks */ -vb2_error_t SetVirtualDevMode(int val) -{ - if (virtual_dev_mode_fail) - return VB2_ERROR_MOCK; - return VB2_SUCCESS; -} - -static void VbUnlockDeviceTest(void) -{ - ResetMocks(); - TEST_EQ(VbUnlockDevice(), 0, "unlock success"); - - ResetMocks(); - virtual_dev_mode_fail = 1; - TEST_EQ(VbUnlockDevice(), VBERROR_TPM_SET_BOOT_MODE_STATE, - "set dev fail"); -} - -int main(void) -{ - VbUnlockDeviceTest(); - - return gTestSuccess ? 0 : 255; -} |