diff options
| author | Joel Kitching <kitching@google.com> | 2019-05-21 12:20:38 +0800 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2019-05-28 21:10:45 -0700 |
| commit | de2cae6b4d6ae864f2c90e6be73f683bad5f2f2f (patch) | |
| tree | 023d1581f9054c6a54b9631be45f5277b721a23c /firmware/lib21/misc.c | |
| parent | 236bfb0bc3bd0aa37bd06702c25993446f9b6dba (diff) | |
| download | vboot-de2cae6b4d6ae864f2c90e6be73f683bad5f2f2f.tar.gz | |
vboot: save GBB header in workbuf during firmware verification
Since GBB header will be needed for subsequent GBB reads later on
(in kernel verification stage), and since GBB header is
relatively small (128 bytes), save the full GBB header onto
workbuf during firmware verification stage, and store an offset
pointer to it in vb2_shared_data. vb2_gbb_header object may be
accessed via the vb2_get_gbb function.
Additionally, update functions in firmware/lib/region-init.c to
read GBB data from flash, rather than using cparams passed in by
depthcharge, which is slated for deprecation.
BUG=b:124141368, chromium:954774
TEST=make clean && make runtests
BRANCH=none
Change-Id: I6e6218231299ce3a5b383663bc3480b20f929840
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1585500
Reviewed-on: https://chromium-review.googlesource.com/1627430
Commit-Ready: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Joel Kitching <kitching@chromium.org>
Diffstat (limited to 'firmware/lib21/misc.c')
| -rw-r--r-- | firmware/lib21/misc.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/firmware/lib21/misc.c b/firmware/lib21/misc.c index 361d6eda..c1d0169c 100644 --- a/firmware/lib21/misc.c +++ b/firmware/lib21/misc.c @@ -65,6 +65,7 @@ static int vb21_read_resource_object(struct vb2_context *ctx, int vb21_load_fw_keyblock(struct vb2_context *ctx) { struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); struct vb2_workbuf wb; uint8_t *key_data; @@ -78,12 +79,12 @@ int vb21_load_fw_keyblock(struct vb2_context *ctx) vb2_workbuf_from_ctx(ctx, &wb); /* Read the root key */ - key_size = sd->gbb_rootkey_size; + key_size = gbb->rootkey_size; key_data = vb2_workbuf_alloc(&wb, key_size); if (!key_data) return VB2_ERROR_FW_KEYBLOCK_WORKBUF_ROOT_KEY; - rv = vb2ex_read_resource(ctx, VB2_RES_GBB, sd->gbb_rootkey_offset, + rv = vb2ex_read_resource(ctx, VB2_RES_GBB, gbb->rootkey_offset, key_data, key_size); if (rv) return rv; @@ -118,7 +119,7 @@ int vb21_load_fw_keyblock(struct vb2_context *ctx) if (packed_key->key_version > 0xffff) rv = VB2_ERROR_FW_KEYBLOCK_VERSION_RANGE; if (!rv && packed_key->key_version < (sd->fw_version_secdata >> 16)) { - if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK) + if (gbb->flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK) VB2_DEBUG("Ignoring FW key rollback due to GBB flag\n"); else rv = VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK; @@ -157,6 +158,7 @@ int vb21_load_fw_keyblock(struct vb2_context *ctx) int vb21_load_fw_preamble(struct vb2_context *ctx) { struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); struct vb2_workbuf wb; uint8_t *key_data = ctx->workbuf + sd->workbuf_data_key_offset; @@ -210,7 +212,7 @@ int vb21_load_fw_preamble(struct vb2_context *ctx) /* Combine with the key version from vb2_load_fw_keyblock() */ sd->fw_version |= pre->fw_version; if (!rv && sd->fw_version < sd->fw_version_secdata) { - if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK) + if (gbb->flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK) VB2_DEBUG("Ignoring FW rollback due to GBB flag\n"); else rv = VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK; |