diff options
Diffstat (limited to 'firmware/lib21/misc.c')
-rw-r--r-- | firmware/lib21/misc.c | 29 |
1 files changed, 20 insertions, 9 deletions
diff --git a/firmware/lib21/misc.c b/firmware/lib21/misc.c index f29b6e42..92322a9c 100644 --- a/firmware/lib21/misc.c +++ b/firmware/lib21/misc.c @@ -104,8 +104,10 @@ int vb2_load_fw_keyblock(struct vb2_context *ctx) /* Verify the keyblock */ rv = vb2_verify_keyblock(kb, kb->c.total_size, &root_key, &wb); - if (rv) + if (rv) { + vb2_fail(ctx, VB2_RECOVERY_FW_KEYBLOCK, rv); return rv; + } /* Preamble follows the keyblock in the vblock */ sd->vblock_preamble_offset = kb->c.total_size; @@ -114,9 +116,13 @@ int vb2_load_fw_keyblock(struct vb2_context *ctx) /* Key version is the upper 16 bits of the composite firmware version */ if (packed_key->key_version > 0xffff) - return VB2_ERROR_FW_KEYBLOCK_VERSION_RANGE; - if (packed_key->key_version < (sd->fw_version_secdata >> 16)) - return VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK; + rv = VB2_ERROR_FW_KEYBLOCK_VERSION_RANGE; + if (!rv && packed_key->key_version < (sd->fw_version_secdata >> 16)) + rv = VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK; + if (rv) { + vb2_fail(ctx, VB2_RECOVERY_FW_KEY_ROLLBACK, rv); + return rv; + } sd->fw_version = packed_key->key_version << 16; @@ -179,8 +185,10 @@ int vb2_load_fw_preamble(struct vb2_context *ctx) /* Verify the preamble */ rv = vb2_verify_fw_preamble(pre, pre->c.total_size, &data_key, &wb); - if (rv) + if (rv) { + vb2_fail(ctx, VB2_RECOVERY_FW_PREAMBLE, rv); return rv; + } /* Move the preamble down now that the data key is no longer used */ memmove(key_data, pre, pre->c.total_size); @@ -194,12 +202,15 @@ int vb2_load_fw_preamble(struct vb2_context *ctx) * version. */ if (pre->fw_version > 0xffff) - return VB2_ERROR_FW_PREAMBLE_VERSION_RANGE; - + rv = VB2_ERROR_FW_PREAMBLE_VERSION_RANGE; /* Combine with the key version from vb2_load_fw_keyblock() */ sd->fw_version |= pre->fw_version; - if (sd->fw_version < sd->fw_version_secdata) - return VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK; + if (!rv && sd->fw_version < sd->fw_version_secdata) + rv = VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK; + if (rv) { + vb2_fail(ctx, VB2_RECOVERY_FW_ROLLBACK, rv); + return rv; + } /* * If this is a newer version than in secure storage, and we |