diff options
Diffstat (limited to 'firmware/2lib/2api.c')
-rw-r--r-- | firmware/2lib/2api.c | 63 |
1 files changed, 17 insertions, 46 deletions
diff --git a/firmware/2lib/2api.c b/firmware/2lib/2api.c index 0f57d78b..4492cf93 100644 --- a/firmware/2lib/2api.c +++ b/firmware/2lib/2api.c @@ -107,8 +107,6 @@ vb2_error_t vb2api_fw_phase1(struct vb2_context *ctx) vb2_error_t vb2api_fw_phase2(struct vb2_context *ctx) { - vb2_error_t rv; - /* * Use the slot from the last boot if this is a resume. Do not set * VB2_SD_STATUS_CHOSE_SLOT so the try counter is not decremented on @@ -132,18 +130,10 @@ vb2_error_t vb2api_fw_phase2(struct vb2_context *ctx) ctx->flags |= VB2_CONTEXT_CLEAR_RAM; /* Check for explicit request to clear TPM */ - rv = vb2_check_tpm_clear(ctx); - if (rv) { - vb2api_fail(ctx, VB2_RECOVERY_TPM_CLEAR_OWNER, rv); - return rv; - } + VB2_TRY(vb2_check_tpm_clear(ctx), ctx, VB2_RECOVERY_TPM_CLEAR_OWNER); /* Decide which firmware slot to try this boot */ - rv = vb2_select_fw_slot(ctx); - if (rv) { - vb2api_fail(ctx, VB2_RECOVERY_FW_SLOT, rv); - return rv; - } + VB2_TRY(vb2_select_fw_slot(ctx), ctx, VB2_RECOVERY_FW_SLOT); return VB2_SUCCESS; } @@ -207,21 +197,11 @@ vb2_error_t vb2api_get_pcr_digest(struct vb2_context *ctx, vb2_error_t vb2api_fw_phase3(struct vb2_context *ctx) { - vb2_error_t rv; - /* Verify firmware keyblock */ - rv = vb2_load_fw_keyblock(ctx); - if (rv) { - vb2api_fail(ctx, VB2_RECOVERY_RO_INVALID_RW, rv); - return rv; - } + VB2_TRY(vb2_load_fw_keyblock(ctx), ctx, VB2_RECOVERY_RO_INVALID_RW); /* Verify firmware preamble */ - rv = vb2_load_fw_preamble(ctx); - if (rv) { - vb2api_fail(ctx, VB2_RECOVERY_RO_INVALID_RW, rv); - return rv; - } + VB2_TRY(vb2_load_fw_preamble(ctx), ctx, VB2_RECOVERY_RO_INVALID_RW); return VB2_SUCCESS; } @@ -233,7 +213,6 @@ vb2_error_t vb2api_init_hash(struct vb2_context *ctx, uint32_t tag) struct vb2_digest_context *dc; struct vb2_public_key key; struct vb2_workbuf wb; - vb2_error_t rv; vb2_workbuf_from_ctx(ctx, &wb); @@ -286,18 +265,16 @@ vb2_error_t vb2api_init_hash(struct vb2_context *ctx, uint32_t tag) if (!sd->data_key_size) return VB2_ERROR_API_INIT_HASH_DATA_KEY; - rv = vb2_unpack_key_buffer(&key, - vb2_member_of(sd, sd->data_key_offset), - sd->data_key_size); - if (rv) - return rv; + VB2_TRY(vb2_unpack_key_buffer(&key, + vb2_member_of(sd, sd->data_key_offset), + sd->data_key_size)); sd->hash_tag = tag; sd->hash_remaining_size = pre->body_signature.data_size; if (!(pre->flags & VB2_FIRMWARE_PREAMBLE_DISALLOW_HWCRYPTO)) { - rv = vb2ex_hwcrypto_digest_init(key.hash_alg, - pre->body_signature.data_size); + vb2_error_t rv = vb2ex_hwcrypto_digest_init( + key.hash_alg, pre->body_signature.data_size); if (!rv) { VB2_DEBUG("Using HW crypto engine for hash_alg %d\n", key.hash_alg); @@ -330,7 +307,6 @@ vb2_error_t vb2api_check_hash_get_digest(struct vb2_context *ctx, struct vb2_fw_preamble *pre; struct vb2_public_key key; - vb2_error_t rv; vb2_workbuf_from_ctx(ctx, &wb); @@ -354,11 +330,9 @@ vb2_error_t vb2api_check_hash_get_digest(struct vb2_context *ctx, /* Finalize the digest */ if (dc->using_hwcrypto) - rv = vb2ex_hwcrypto_digest_finalize(digest, digest_size); + VB2_TRY(vb2ex_hwcrypto_digest_finalize(digest, digest_size)); else - rv = vb2_digest_finalize(dc, digest, digest_size); - if (rv) - return rv; + VB2_TRY(vb2_digest_finalize(dc, digest, digest_size)); /* The code below is specific to the body signature */ if (sd->hash_tag != VB2_HASH_TAG_FW_BODY) @@ -373,19 +347,16 @@ vb2_error_t vb2api_check_hash_get_digest(struct vb2_context *ctx, if (!sd->data_key_size) return VB2_ERROR_API_CHECK_HASH_DATA_KEY; - rv = vb2_unpack_key_buffer(&key, - vb2_member_of(sd, sd->data_key_offset), - sd->data_key_size); - if (rv) - return rv; + VB2_TRY(vb2_unpack_key_buffer(&key, + vb2_member_of(sd, sd->data_key_offset), + sd->data_key_size)); /* * Check digest vs. signature. Note that this destroys the signature. * That's ok, because we only check each signature once per boot. */ - rv = vb2_verify_digest(&key, &pre->body_signature, digest, &wb); - if (rv) - vb2api_fail(ctx, VB2_RECOVERY_FW_BODY, rv); + VB2_TRY(vb2_verify_digest(&key, &pre->body_signature, digest, &wb), + ctx, VB2_RECOVERY_FW_BODY); if (digest_out != NULL) { if (digest_out_size < digest_size) @@ -393,7 +364,7 @@ vb2_error_t vb2api_check_hash_get_digest(struct vb2_context *ctx, memcpy(digest_out, digest, digest_size); } - return rv; + return VB2_SUCCESS; } int vb2api_check_hash(struct vb2_context *ctx) |