diff options
author | Joel Kitching <kitching@google.com> | 2021-02-12 11:13:33 +0800 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-03-30 07:18:26 +0000 |
commit | 21655916f255ed92ad27110f0a65d392f18f6280 (patch) | |
tree | 83ba6a9cf18687378a1777f1fa65fc7c6dc09471 /firmware | |
parent | 230d9688b9498518774096109a5c31639f5f6cc0 (diff) | |
download | vboot-21655916f255ed92ad27110f0a65d392f18f6280.tar.gz |
vboot/vboot_kernel: return value from failed functions
Instead of just checking for failure/success on functions
returning vb2_error_t and mapping to a completely different
return value, pass that value directly back to the caller.
Also, create VB2_ERROR_KEYBLOCK_HASH_INVALID_IN_DEV_MODE to
replace uses of VB2_ERROR_KEYBLOCK_SIG_INVALID when keyblock
hash is invalid (dev mode, using self-signed kernels).
This CL is part of a series to merge vboot1 and vboot2.0
kernel verification code; see b/181739551.
BUG=b:181739551
TEST=make clean && make runtests
BRANCH=none
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: Iefc00ccee6b6d29fb94e4acd652c033321f2d8af
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2772138
Reviewed-by: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Diffstat (limited to 'firmware')
-rw-r--r-- | firmware/2lib/include/2return_codes.h | 13 | ||||
-rw-r--r-- | firmware/lib/vboot_kernel.c | 31 | ||||
-rw-r--r-- | firmware/lib20/kernel.c | 2 |
3 files changed, 27 insertions, 19 deletions
diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h index c795a342..44d0c28f 100644 --- a/firmware/2lib/include/2return_codes.h +++ b/firmware/2lib/include/2return_codes.h @@ -398,6 +398,9 @@ enum vb2_return_code { /* No signature matching key ID */ VB2_ERROR_KEYBLOCK_SIG_ID, + /* Invalid keyblock hash in dev mode (self-signed kernel) */ + VB2_ERROR_KEYBLOCK_HASH_INVALID_IN_DEV_MODE, + /********************************************************************** * Preamble verification errors (all in vb2_verify_preamble()) */ @@ -546,12 +549,14 @@ enum vb2_return_code { /* * Got a self-signed kernel in vb2_verify_vblock(), but need an - * officially signed one. + * officially signed one; deprecated and replaced with + * VB2_ERROR_KERNEL_KEYBLOCK_*. */ - VB2_ERROR_VBLOCK_SELF_SIGNED, + VB2_ERROR_DEPRECATED_VBLOCK_SELF_SIGNED, - /* Invalid keyblock hash in vb2_verify_vblock() */ - VB2_ERROR_VBLOCK_KEYBLOCK_HASH, + /* Invalid keyblock hash in vb2_verify_vblock(); + * deprecated and replaced with VB2_ERROR_KERNEL_KEYBLOCK_* */ + VB2_ERROR_DEPRECATED_VBLOCK_KEYBLOCK_HASH, /* Invalid keyblock in vb2_verify_vblock(); * deprecated and replaced with VB2_ERROR_KERNEL_KEYBLOCK_* */ diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c index 858c8637..a1a336a3 100644 --- a/firmware/lib/vboot_kernel.c +++ b/firmware/lib/vboot_kernel.c @@ -139,6 +139,8 @@ static vb2_error_t vb2_verify_kernel_vblock( int need_keyblock_valid = need_valid_keyblock(ctx); int keyblock_valid = 1; /* Assume valid */ + vb2_error_t rv; + /* Unpack kernel subkey */ struct vb2_public_key kernel_subkey2; if (VB2_SUCCESS != vb2_unpack_key(&kernel_subkey2, kernel_subkey)) { @@ -151,8 +153,8 @@ static vb2_error_t vb2_verify_kernel_vblock( /* Verify the keyblock. */ struct vb2_keyblock *keyblock = get_keyblock(kbuf); - if (VB2_SUCCESS != vb2_verify_keyblock(keyblock, kbuf_size, - &kernel_subkey2, wb)) { + rv = vb2_verify_keyblock(keyblock, kbuf_size, &kernel_subkey2, wb); + if (rv) { VB2_DEBUG("Verifying keyblock signature failed.\n"); shpart->check_result = VBSD_LKP_CHECK_KEYBLOCK_SIG; keyblock_valid = 0; @@ -161,15 +163,15 @@ static vb2_error_t vb2_verify_kernel_vblock( if (need_keyblock_valid) { VB2_DEBUG("Self-signed kernels not enabled.\n"); shpart->check_result = VBSD_LKP_CHECK_SELF_SIGNED; - return VB2_ERROR_VBLOCK_SELF_SIGNED; + return rv; } /* Otherwise, allow the kernel if the keyblock hash is valid */ - if (VB2_SUCCESS != - vb2_verify_keyblock_hash(keyblock, kbuf_size, wb)) { + rv = vb2_verify_keyblock_hash(keyblock, kbuf_size, wb); + if (rv) { VB2_DEBUG("Verifying keyblock hash failed.\n"); shpart->check_result = VBSD_LKP_CHECK_KEYBLOCK_HASH; - return VB2_ERROR_VBLOCK_KEYBLOCK_HASH; + return rv; } } @@ -258,22 +260,23 @@ static vb2_error_t vb2_verify_kernel_vblock( /* Get key for preamble verification from the keyblock. */ struct vb2_public_key data_key; - if (VB2_SUCCESS != vb2_unpack_key(&data_key, &keyblock->data_key)) { + rv = vb2_unpack_key(&data_key, &keyblock->data_key); + if (rv) { VB2_DEBUG("Unable to unpack kernel data key\n"); shpart->check_result = VBSD_LKP_CHECK_DATA_KEY_PARSE; - return VB2_ERROR_UNKNOWN; + return rv; } /* Verify the preamble, which follows the keyblock */ struct vb2_kernel_preamble *preamble = get_preamble(kbuf); - if (VB2_SUCCESS != - vb2_verify_kernel_preamble(preamble, - kbuf_size - keyblock->keyblock_size, - &data_key, - wb)) { + rv = vb2_verify_kernel_preamble(preamble, + kbuf_size - keyblock->keyblock_size, + &data_key, + wb); + if (rv) { VB2_DEBUG("Preamble verification failed.\n"); shpart->check_result = VBSD_LKP_CHECK_VERIFY_PREAMBLE; - return VB2_ERROR_UNKNOWN; + return rv; } /* diff --git a/firmware/lib20/kernel.c b/firmware/lib20/kernel.c index 298b14fa..b3a24367 100644 --- a/firmware/lib20/kernel.c +++ b/firmware/lib20/kernel.c @@ -71,7 +71,7 @@ vb2_error_t vb2_verify_keyblock_hash(const struct vb2_keyblock *block, if (vb2_safe_memcmp(vb2_signature_data(sig), digest, digest_size) != 0) { VB2_DEBUG("Invalid keyblock hash.\n"); - return VB2_ERROR_KEYBLOCK_SIG_INVALID; + return VB2_ERROR_KEYBLOCK_HASH_INVALID_IN_DEV_MODE; } /* Success */ |