diff options
Diffstat (limited to 'firmware')
-rw-r--r-- | firmware/2lib/2api.c | 2 | ||||
-rw-r--r-- | firmware/2lib/2misc.c | 21 | ||||
-rw-r--r-- | firmware/2lib/include/2misc.h | 12 | ||||
-rw-r--r-- | firmware/2lib/include/2struct.h | 19 | ||||
-rw-r--r-- | firmware/lib/ec_sync.c | 16 | ||||
-rw-r--r-- | firmware/lib/region-init.c | 28 | ||||
-rw-r--r-- | firmware/lib/vboot_api_kernel.c | 11 | ||||
-rw-r--r-- | firmware/lib/vboot_audio.c | 4 | ||||
-rw-r--r-- | firmware/lib/vboot_common.c | 5 | ||||
-rw-r--r-- | firmware/lib/vboot_display.c | 3 | ||||
-rw-r--r-- | firmware/lib/vboot_ui.c | 18 | ||||
-rw-r--r-- | firmware/lib/vboot_ui_menu.c | 16 | ||||
-rw-r--r-- | firmware/lib20/kernel.c | 1 | ||||
-rw-r--r-- | firmware/lib20/misc.c | 11 | ||||
-rw-r--r-- | firmware/lib21/misc.c | 10 |
15 files changed, 90 insertions, 87 deletions
diff --git a/firmware/2lib/2api.c b/firmware/2lib/2api.c index f10a1e69..008282b6 100644 --- a/firmware/2lib/2api.c +++ b/firmware/2lib/2api.c @@ -205,7 +205,7 @@ int vb2api_get_pcr_digest(struct vb2_context *ctx, digest_size = VB2_SHA1_DIGEST_SIZE; break; case HWID_DIGEST_PCR: - digest = vb2_get_sd(ctx)->gbb_hwid_digest; + digest = vb2_get_gbb(ctx)->hwid_digest; digest_size = VB2_GBB_HWID_DIGEST_SIZE; break; default: diff --git a/firmware/2lib/2misc.c b/firmware/2lib/2misc.c index 8b6a19f8..03e0353a 100644 --- a/firmware/2lib/2misc.c +++ b/firmware/2lib/2misc.c @@ -14,7 +14,8 @@ #include "2sha.h" #include "2rsa.h" -int vb2_validate_gbb_signature(uint8_t *sig) { +int vb2_validate_gbb_signature(uint8_t *sig) +{ const static uint8_t sig_xor[VB2_GBB_SIGNATURE_SIZE] = VB2_GBB_XOR_SIGNATURE; int i; @@ -25,6 +26,13 @@ int vb2_validate_gbb_signature(uint8_t *sig) { return VB2_SUCCESS; } +test_mockable +struct vb2_gbb_header *vb2_get_gbb(struct vb2_context *ctx) +{ + return (struct vb2_gbb_header *) + ((void *)vb2_get_sd(ctx) + vb2_get_sd(ctx)->gbb_offset); +} + void vb2_workbuf_from_ctx(struct vb2_context *ctx, struct vb2_workbuf *wb) { vb2_workbuf_init(wb, ctx->workbuf + ctx->workbuf_used, @@ -218,11 +226,9 @@ int vb2_fw_parse_gbb(struct vb2_context *ctx) if (rv) return rv; - /* Extract the only things we care about at firmware time */ - sd->gbb_flags = gbb->flags; - sd->gbb_rootkey_offset = gbb->rootkey_offset; - sd->gbb_rootkey_size = gbb->rootkey_size; - memcpy(sd->gbb_hwid_digest, gbb->hwid_digest, VB2_GBB_HWID_DIGEST_SIZE); + /* Keep on the work buffer permanently */ + sd->gbb_offset = vb2_offset_of(sd, gbb); + ctx->workbuf_used = vb2_offset_of(ctx->workbuf, wb.buf); return VB2_SUCCESS; } @@ -230,6 +236,7 @@ int vb2_fw_parse_gbb(struct vb2_context *ctx) int vb2_check_dev_switch(struct vb2_context *ctx) { struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); uint32_t flags = 0; uint32_t old_flags; int is_dev = 0; @@ -275,7 +282,7 @@ int vb2_check_dev_switch(struct vb2_context *ctx) is_dev = 1; /* Check if GBB is forcing dev mode */ - if (sd->gbb_flags & VB2_GBB_FLAG_FORCE_DEV_SWITCH_ON) + if (gbb->flags & VB2_GBB_FLAG_FORCE_DEV_SWITCH_ON) is_dev = 1; /* Handle whichever mode we end up in */ diff --git a/firmware/2lib/include/2misc.h b/firmware/2lib/include/2misc.h index 853a1b40..3e1f1000 100644 --- a/firmware/2lib/include/2misc.h +++ b/firmware/2lib/include/2misc.h @@ -9,6 +9,7 @@ #define VBOOT_REFERENCE_VBOOT_2MISC_H_ #include "2api.h" +#include "2struct.h" struct vb2_gbb_header; struct vb2_workbuf; @@ -19,11 +20,20 @@ struct vb2_workbuf; * @param ctx Vboot context * @return The shared data pointer. */ -static __inline struct vb2_shared_data *vb2_get_sd(struct vb2_context *ctx) { +static __inline struct vb2_shared_data *vb2_get_sd(struct vb2_context *ctx) +{ return (struct vb2_shared_data *)ctx->workbuf; } /** + * Get the GBB header pointer from a vboot context's shared data + * + * @param ctx Vboot context + * @return The GBB header pointer. + */ +struct vb2_gbb_header *vb2_get_gbb(struct vb2_context *ctx); + +/** * Validate gbb signature (the magic number) * * @param sig Pointer to the signature bytes to validate diff --git a/firmware/2lib/include/2struct.h b/firmware/2lib/include/2struct.h index a1f11a18..0b94c20a 100644 --- a/firmware/2lib/include/2struct.h +++ b/firmware/2lib/include/2struct.h @@ -95,9 +95,6 @@ struct vb2_shared_data { /* Flags; see enum vb2_shared_data_flags */ uint32_t flags; - /* Flags from GBB header */ - uint32_t gbb_flags; - /* * Reason we are in recovery mode this boot (enum vb2_nv_recovery), or * 0 if we aren't. @@ -130,6 +127,9 @@ struct vb2_shared_data { */ uint32_t status; + /* Offset from start of this struct to GBB header */ + uint32_t gbb_offset; + /********************************************************************** * Data from kernel verification stage. * @@ -155,13 +155,6 @@ struct vb2_shared_data { * we can put them. */ - /* Root key offset and size from GBB header */ - uint32_t gbb_rootkey_offset; - uint32_t gbb_rootkey_size; - - /* HWID digest from GBB header */ - uint8_t gbb_hwid_digest[VB2_GBB_HWID_DIGEST_SIZE]; - /* Offset of preamble from start of vblock */ uint32_t vblock_preamble_offset; @@ -224,12 +217,6 @@ struct vb2_shared_data { */ uint32_t workbuf_kernel_key_offset; uint32_t workbuf_kernel_key_size; - - /* GBB data and size */ - struct vb2_gbb_header *gbb; - uint32_t gbb_size; - - } __attribute__((packed)); /****************************************************************************/ diff --git a/firmware/lib/ec_sync.c b/firmware/lib/ec_sync.c index c8491551..bcd10e71 100644 --- a/firmware/lib/ec_sync.c +++ b/firmware/lib/ec_sync.c @@ -341,15 +341,16 @@ static VbError_t sync_one_ec(struct vb2_context *ctx, int devidx) VbError_t ec_sync_phase1(struct vb2_context *ctx) { struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); /* Reasons not to do sync at all */ if (!(ctx->flags & VB2_CONTEXT_EC_SYNC_SUPPORTED)) return VBERROR_SUCCESS; - if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC) + if (gbb->flags & VB2_GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC) return VBERROR_SUCCESS; #ifdef PD_SYNC - const int do_pd_sync = !(sd->gbb_flags & + const int do_pd_sync = !(gbb->flags & VB2_GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC); #else const int do_pd_sync = 0; @@ -412,11 +413,12 @@ int ec_will_update_slowly(struct vb2_context *ctx) static int ec_sync_allowed(struct vb2_context *ctx) { struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); /* Reasons not to do sync at all */ if (!(ctx->flags & VB2_CONTEXT_EC_SYNC_SUPPORTED)) return 0; - if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC) + if (gbb->flags & VB2_GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC) return 0; if (sd->recovery_reason) return 0; @@ -426,11 +428,11 @@ static int ec_sync_allowed(struct vb2_context *ctx) VbError_t ec_sync_check_aux_fw(struct vb2_context *ctx, VbAuxFwUpdateSeverity_t *severity) { - struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); /* If we're not updating the EC, skip aux fw syncs as well */ if (!ec_sync_allowed(ctx) || - (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC)) { + (gbb->flags & VB2_GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC)) { *severity = VB_AUX_FW_NO_UPDATE; return VBERROR_SUCCESS; } @@ -463,8 +465,8 @@ VbError_t ec_sync_phase2(struct vb2_context *ctx) #ifdef PD_SYNC /* Handle updates and jumps for PD */ - struct vb2_shared_data *sd = vb2_get_sd(ctx); - if (!(sd->gbb_flags & VB2_GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC)) { + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); + if (!(gbb->flags & VB2_GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC)) { retval = sync_one_ec(ctx, 1); if (retval != VBERROR_SUCCESS) return retval; diff --git a/firmware/lib/region-init.c b/firmware/lib/region-init.c index e34a3d15..9e3c2bc3 100644 --- a/firmware/lib/region-init.c +++ b/firmware/lib/region-init.c @@ -20,22 +20,14 @@ static VbError_t VbGbbReadData(struct vb2_context *ctx, uint32_t offset, uint32_t size, void *buf) { - struct vb2_shared_data *sd = vb2_get_sd(ctx); - - /* This is the old API, for backwards compatibility */ - if (!sd->gbb) - return VBERROR_INVALID_GBB; - - if (offset + size > sd->gbb_size) + if (vb2ex_read_resource(ctx, VB2_RES_GBB, offset, buf, size)) return VBERROR_INVALID_GBB; - - memcpy(buf, ((uint8_t *)sd->gbb) + offset, size); return VBERROR_SUCCESS; } VbError_t VbGbbReadHWID(struct vb2_context *ctx, char *hwid, uint32_t max_size) { - struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); if (!max_size) return VBERROR_INVALID_PARAMETER; @@ -44,18 +36,18 @@ VbError_t VbGbbReadHWID(struct vb2_context *ctx, char *hwid, uint32_t max_size) if (!ctx) return VBERROR_INVALID_GBB; - if (0 == sd->gbb->hwid_size) { + if (0 == gbb->hwid_size) { VB2_DEBUG("VbHWID(): invalid hwid size\n"); return VBERROR_SUCCESS; /* oddly enough! */ } - if (sd->gbb->hwid_size > max_size) { + if (gbb->hwid_size > max_size) { VB2_DEBUG("VbDisplayDebugInfo(): invalid hwid offset/size\n"); return VBERROR_INVALID_PARAMETER; } - return VbGbbReadData(ctx, sd->gbb->hwid_offset, - sd->gbb->hwid_size, hwid); + return VbGbbReadData(ctx, gbb->hwid_offset, + gbb->hwid_size, hwid); } static VbError_t VbGbbReadKey(struct vb2_context *ctx, uint32_t offset, @@ -86,14 +78,14 @@ static VbError_t VbGbbReadKey(struct vb2_context *ctx, uint32_t offset, VbError_t VbGbbReadRootKey(struct vb2_context *ctx, VbPublicKey **keyp) { - struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); - return VbGbbReadKey(ctx, sd->gbb->rootkey_offset, keyp); + return VbGbbReadKey(ctx, gbb->rootkey_offset, keyp); } VbError_t VbGbbReadRecoveryKey(struct vb2_context *ctx, VbPublicKey **keyp) { - struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); - return VbGbbReadKey(ctx, sd->gbb->recovery_key_offset, keyp); + return VbGbbReadKey(ctx, gbb->recovery_key_offset, keyp); } diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c index 2be3e938..5d4c7c09 100644 --- a/firmware/lib/vboot_api_kernel.c +++ b/firmware/lib/vboot_api_kernel.c @@ -261,6 +261,7 @@ static VbError_t vb2_kernel_setup(struct vb2_context *ctx, vb2_nv_init(ctx); struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); sd->recovery_reason = shared->recovery_reason; /* @@ -294,11 +295,6 @@ static VbError_t vb2_kernel_setup(struct vb2_context *ctx, kparams->flags = 0; memset(kparams->partition_guid, 0, sizeof(kparams->partition_guid)); - /* Point to GBB data from cparams */ - sd->gbb = cparams->gbb_data; - sd->gbb_size = cparams->gbb_size; - sd->gbb_flags = sd->gbb->flags; - /* Read kernel version from the TPM. Ignore errors in recovery mode. */ if (RollbackKernelRead(&shared->kernel_version_tpm)) { VB2_DEBUG("Unable to get kernel versions from TPM\n"); @@ -311,7 +307,7 @@ static VbError_t vb2_kernel_setup(struct vb2_context *ctx, shared->kernel_version_tpm_start = shared->kernel_version_tpm; /* Read FWMP. Ignore errors in recovery mode. */ - if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_FWMP) { + if (gbb->flags & VB2_GBB_FLAG_DISABLE_FWMP) { memset(&fwmp, 0, sizeof(fwmp)); } else if (RollbackFwmpRead(&fwmp)) { VB2_DEBUG("Unable to get FWMP from TPM\n"); @@ -473,6 +469,7 @@ VbError_t VbVerifyMemoryBootImage( goto fail; struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); VbSharedDataHeader *shared = sd->vbsd; if ((boot_image == NULL) || (image_size == 0)) { @@ -495,7 +492,7 @@ VbError_t VbVerifyMemoryBootImage( vb2_nv_get(ctx, VB2_NV_DEV_BOOT_FASTBOOT_FULL_CAP); if (0 == allow_fastboot_full_cap) { - allow_fastboot_full_cap = !!(sd->gbb_flags & + allow_fastboot_full_cap = !!(gbb->flags & VB2_GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP); } diff --git a/firmware/lib/vboot_audio.c b/firmware/lib/vboot_audio.c index e2a2655e..ba0f98c2 100644 --- a/firmware/lib/vboot_audio.c +++ b/firmware/lib/vboot_audio.c @@ -25,7 +25,7 @@ static int beep_count; /* Number of beeps so far */ */ void vb2_audio_start(struct vb2_context *ctx) { - struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); open_time = VbExGetTimer(); /* "zero" starts now */ beep_count = 0; @@ -34,7 +34,7 @@ void vb2_audio_start(struct vb2_context *ctx) * Use a short developer screen delay on the first audio if indicated * by GBB flags. */ - if ((sd->gbb_flags & VB2_GBB_FLAG_DEV_SCREEN_SHORT_DELAY) && + if ((gbb->flags & VB2_GBB_FLAG_DEV_SCREEN_SHORT_DELAY) && (audio_open_count++ == 0)) { VB2_DEBUG("vb2_audio_start() - using short dev screen delay\n"); audio_use_short = 1; diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c index f0c4ea6a..fc32917b 100644 --- a/firmware/lib/vboot_common.c +++ b/firmware/lib/vboot_common.c @@ -214,8 +214,9 @@ int VbSharedDataSetKernelKey(VbSharedDataHeader *header, const VbPublicKey *src) int vb2_allow_recovery(struct vb2_context *ctx) { - /* GBB_FLAG_FORCE_MANUAL_RECOVERY forces this to always return true. */ - if (vb2_get_sd(ctx)->gbb_flags & VB2_GBB_FLAG_FORCE_MANUAL_RECOVERY) + /* VB2_GBB_FLAG_FORCE_MANUAL_RECOVERY forces this to always return + true. */ + if (vb2_get_gbb(ctx)->flags & VB2_GBB_FLAG_FORCE_MANUAL_RECOVERY) return 1; /* diff --git a/firmware/lib/vboot_display.c b/firmware/lib/vboot_display.c index d735cb41..1f80a651 100644 --- a/firmware/lib/vboot_display.c +++ b/firmware/lib/vboot_display.c @@ -273,6 +273,7 @@ const char *RecoveryReasonString(uint8_t code) VbError_t VbDisplayDebugInfo(struct vb2_context *ctx) { struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); VbSharedDataHeader *shared = sd->vbsd; char buf[DEBUG_INFO_SIZE] = ""; char sha1sum[VB2_SHA1_DIGEST_SIZE * 2 + 1]; @@ -355,7 +356,7 @@ VbError_t VbDisplayDebugInfo(struct vb2_context *ctx) used += StrnAppend(buf + used, "\ngbb.flags: 0x", DEBUG_INFO_SIZE - used); used += Uint64ToString(buf + used, DEBUG_INFO_SIZE - used, - sd->gbb_flags, 16, 8); + gbb->flags, 16, 8); /* Add sha1sum for Root & Recovery keys */ ret = VbGbbReadRootKey(ctx, &key); diff --git a/firmware/lib/vboot_ui.c b/firmware/lib/vboot_ui.c index 14508a63..8321fbbb 100644 --- a/firmware/lib/vboot_ui.c +++ b/firmware/lib/vboot_ui.c @@ -55,7 +55,7 @@ static void VbAllowUsbBoot(struct vb2_context *ctx) */ static int VbWantShutdown(struct vb2_context *ctx, uint32_t key) { - struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); uint32_t shutdown_request = VbExIsShutdownRequested(); /* @@ -78,7 +78,7 @@ static int VbWantShutdown(struct vb2_context *ctx, uint32_t key) shutdown_request |= VB_SHUTDOWN_REQUEST_POWER_BUTTON; /* If desired, ignore shutdown request due to lid closure. */ - if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_LID_SHUTDOWN) + if (gbb->flags & VB2_GBB_FLAG_DISABLE_LID_SHUTDOWN) shutdown_request &= ~VB_SHUTDOWN_REQUEST_LID_CLOSED; return shutdown_request; @@ -518,6 +518,7 @@ static const char dev_disable_msg[] = static VbError_t vb2_developer_ui(struct vb2_context *ctx) { struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); VbSharedDataHeader *shared = sd->vbsd; uint32_t disable_dev_boot = 0; @@ -540,11 +541,11 @@ static VbError_t vb2_developer_ui(struct vb2_context *ctx) use_legacy = 1; /* Handle GBB flag override */ - if (sd->gbb_flags & VB2_GBB_FLAG_FORCE_DEV_BOOT_USB) + if (gbb->flags & VB2_GBB_FLAG_FORCE_DEV_BOOT_USB) allow_usb = 1; - if (sd->gbb_flags & VB2_GBB_FLAG_FORCE_DEV_BOOT_LEGACY) + if (gbb->flags & VB2_GBB_FLAG_FORCE_DEV_BOOT_LEGACY) allow_legacy = 1; - if (sd->gbb_flags & VB2_GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY) { + if (gbb->flags & VB2_GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY) { use_legacy = 1; use_usb = 0; } @@ -556,7 +557,7 @@ static VbError_t vb2_developer_ui(struct vb2_context *ctx) if (fwmp_flags & FWMP_DEV_ENABLE_LEGACY) allow_legacy = 1; if (fwmp_flags & FWMP_DEV_DISABLE_BOOT) { - if (sd->gbb_flags & VB2_GBB_FLAG_FORCE_DEV_SWITCH_ON) { + if (gbb->flags & VB2_GBB_FLAG_FORCE_DEV_SWITCH_ON) { VB2_DEBUG("FWMP_DEV_DISABLE_BOOT rejected by " "FORCE_DEV_SWITCH_ON\n"); } else { @@ -609,15 +610,14 @@ static VbError_t vb2_developer_ui(struct vb2_context *ctx) break; case VB_KEY_ENTER: /* Only disable virtual dev switch if allowed by GBB */ - if (!(sd->gbb_flags & - VB2_GBB_FLAG_ENTER_TRIGGERS_TONORM)) + if (!(gbb->flags & VB2_GBB_FLAG_ENTER_TRIGGERS_TONORM)) break; case ' ': /* See if we should disable virtual dev-mode switch. */ VB2_DEBUG("shared->flags=0x%x\n", shared->flags); if (shared->flags & VBSD_BOOT_DEV_SWITCH_ON) { /* Stop the countdown while we go ask... */ - if (sd->gbb_flags & + if (gbb->flags & VB2_GBB_FLAG_FORCE_DEV_SWITCH_ON) { /* * TONORM won't work (only for diff --git a/firmware/lib/vboot_ui_menu.c b/firmware/lib/vboot_ui_menu.c index 42494772..3fdf77cb 100644 --- a/firmware/lib/vboot_ui_menu.c +++ b/firmware/lib/vboot_ui_menu.c @@ -45,11 +45,11 @@ static const char no_legacy[] = "Legacy boot failed. Missing BIOS?\n"; */ static int VbWantShutdownMenu(struct vb2_context *ctx) { - struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); uint32_t shutdown_request = VbExIsShutdownRequested(); /* If desired, ignore shutdown request due to lid closure. */ - if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_LID_SHUTDOWN) + if (gbb->flags & VB2_GBB_FLAG_DISABLE_LID_SHUTDOWN) shutdown_request &= ~VB_SHUTDOWN_REQUEST_LID_CLOSED; /* @@ -181,7 +181,7 @@ static VbError_t boot_usb_action(struct vb2_context *ctx) } if (!vb2_nv_get(ctx, VB2_NV_DEV_BOOT_USB) && - !(vb2_get_sd(ctx)->gbb_flags & VB2_GBB_FLAG_FORCE_DEV_BOOT_USB) && + !(vb2_get_gbb(ctx)->flags & VB2_GBB_FLAG_FORCE_DEV_BOOT_USB) && !(vb2_get_fwmp_flags() & FWMP_DEV_ENABLE_USB)) { vb2_flash_screen(ctx); vb2_error_notify("WARNING: Booting from external media " @@ -377,7 +377,7 @@ static VbError_t to_dev_action(struct vb2_context *ctx) /* Action that disables developer mode, shows TO_NORM_CONFIRMED and reboots. */ static VbError_t to_norm_action(struct vb2_context *ctx) { - if (vb2_get_sd(ctx)->gbb_flags & VB2_GBB_FLAG_FORCE_DEV_SWITCH_ON) { + if (vb2_get_gbb(ctx)->flags & VB2_GBB_FLAG_FORCE_DEV_SWITCH_ON) { vb2_flash_screen(ctx); vb2_error_notify("WARNING: TONORM prohibited by " "GBB FORCE_DEV_SWITCH_ON.\n", NULL, @@ -741,18 +741,18 @@ static VbError_t vb2_init_menus(struct vb2_context *ctx) */ static VbError_t vb2_developer_menu(struct vb2_context *ctx) { - struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); VbError_t ret; /* Check if the default is to boot using disk, usb, or legacy */ default_boot = vb2_nv_get(ctx, VB2_NV_DEV_DEFAULT_BOOT); - if (sd->gbb_flags & VB2_GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY) + if (gbb->flags & VB2_GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY) default_boot = VB2_DEV_DEFAULT_BOOT_LEGACY; /* Check if developer mode is disabled by FWMP */ disable_dev_boot = 0; if (vb2_get_fwmp_flags() & FWMP_DEV_DISABLE_BOOT) { - if (sd->gbb_flags & VB2_GBB_FLAG_FORCE_DEV_SWITCH_ON) { + if (gbb->flags & VB2_GBB_FLAG_FORCE_DEV_SWITCH_ON) { VB2_DEBUG("FWMP_DEV_DISABLE_BOOT rejected by" "FORCE_DEV_SWITCH_ON\n"); } else { @@ -762,7 +762,7 @@ static VbError_t vb2_developer_menu(struct vb2_context *ctx) } } altfw_allowed = vb2_nv_get(ctx, VB2_NV_DEV_BOOT_LEGACY) || - (vb2_get_sd(ctx)->gbb_flags & VB2_GBB_FLAG_FORCE_DEV_BOOT_LEGACY) || + (gbb->flags & VB2_GBB_FLAG_FORCE_DEV_BOOT_LEGACY) || (vb2_get_fwmp_flags() & FWMP_DEV_ENABLE_LEGACY); /* Show appropriate initial menu */ diff --git a/firmware/lib20/kernel.c b/firmware/lib20/kernel.c index e06c20eb..f169e7eb 100644 --- a/firmware/lib20/kernel.c +++ b/firmware/lib20/kernel.c @@ -438,6 +438,7 @@ int vb2_load_kernel_preamble(struct vb2_context *ctx) * * Work buffer now contains: * - vb2_shared_data + * - vb2_gbb_header * - kernel key * - packed kernel data key * - kernel preamble diff --git a/firmware/lib20/misc.c b/firmware/lib20/misc.c index d7a905a9..bc479ab7 100644 --- a/firmware/lib20/misc.c +++ b/firmware/lib20/misc.c @@ -68,6 +68,7 @@ static void vb2_report_dev_firmware(struct vb2_public_key *root) int vb2_load_fw_keyblock(struct vb2_context *ctx) { struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); struct vb2_workbuf wb; uint8_t *key_data; @@ -83,12 +84,12 @@ int vb2_load_fw_keyblock(struct vb2_context *ctx) vb2_workbuf_from_ctx(ctx, &wb); /* Read the root key */ - key_size = sd->gbb_rootkey_size; + key_size = gbb->rootkey_size; key_data = vb2_workbuf_alloc(&wb, key_size); if (!key_data) return VB2_ERROR_FW_KEYBLOCK_WORKBUF_ROOT_KEY; - rv = vb2ex_read_resource(ctx, VB2_RES_GBB, sd->gbb_rootkey_offset, + rv = vb2ex_read_resource(ctx, VB2_RES_GBB, gbb->rootkey_offset, key_data, key_size); if (rv) return rv; @@ -137,7 +138,7 @@ int vb2_load_fw_keyblock(struct vb2_context *ctx) if (kb->data_key.key_version > VB2_MAX_KEY_VERSION) rv = VB2_ERROR_FW_KEYBLOCK_VERSION_RANGE; if (!rv && kb->data_key.key_version < (sd->fw_version_secdata >> 16)) { - if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK) + if (gbb->flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK) VB2_DEBUG("Ignoring FW key rollback due to GBB flag\n"); else rv = VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK; @@ -194,6 +195,7 @@ int vb2_load_fw_keyblock(struct vb2_context *ctx) int vb2_load_fw_preamble(struct vb2_context *ctx) { struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); struct vb2_workbuf wb; uint8_t *key_data = ctx->workbuf + sd->workbuf_data_key_offset; @@ -258,7 +260,7 @@ int vb2_load_fw_preamble(struct vb2_context *ctx) /* Combine with the key version from vb2_load_fw_keyblock() */ sd->fw_version |= pre->firmware_version; if (!rv && sd->fw_version < sd->fw_version_secdata) { - if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK) + if (gbb->flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK) VB2_DEBUG("Ignoring FW rollback due to GBB flag\n"); else rv = VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK; @@ -298,6 +300,7 @@ int vb2_load_fw_preamble(struct vb2_context *ctx) * * Work buffer now contains: * - vb2_shared_data + * - vb2_gbb_header * - packed firmware data key * - firmware preamble * diff --git a/firmware/lib21/misc.c b/firmware/lib21/misc.c index 361d6eda..c1d0169c 100644 --- a/firmware/lib21/misc.c +++ b/firmware/lib21/misc.c @@ -65,6 +65,7 @@ static int vb21_read_resource_object(struct vb2_context *ctx, int vb21_load_fw_keyblock(struct vb2_context *ctx) { struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); struct vb2_workbuf wb; uint8_t *key_data; @@ -78,12 +79,12 @@ int vb21_load_fw_keyblock(struct vb2_context *ctx) vb2_workbuf_from_ctx(ctx, &wb); /* Read the root key */ - key_size = sd->gbb_rootkey_size; + key_size = gbb->rootkey_size; key_data = vb2_workbuf_alloc(&wb, key_size); if (!key_data) return VB2_ERROR_FW_KEYBLOCK_WORKBUF_ROOT_KEY; - rv = vb2ex_read_resource(ctx, VB2_RES_GBB, sd->gbb_rootkey_offset, + rv = vb2ex_read_resource(ctx, VB2_RES_GBB, gbb->rootkey_offset, key_data, key_size); if (rv) return rv; @@ -118,7 +119,7 @@ int vb21_load_fw_keyblock(struct vb2_context *ctx) if (packed_key->key_version > 0xffff) rv = VB2_ERROR_FW_KEYBLOCK_VERSION_RANGE; if (!rv && packed_key->key_version < (sd->fw_version_secdata >> 16)) { - if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK) + if (gbb->flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK) VB2_DEBUG("Ignoring FW key rollback due to GBB flag\n"); else rv = VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK; @@ -157,6 +158,7 @@ int vb21_load_fw_keyblock(struct vb2_context *ctx) int vb21_load_fw_preamble(struct vb2_context *ctx) { struct vb2_shared_data *sd = vb2_get_sd(ctx); + struct vb2_gbb_header *gbb = vb2_get_gbb(ctx); struct vb2_workbuf wb; uint8_t *key_data = ctx->workbuf + sd->workbuf_data_key_offset; @@ -210,7 +212,7 @@ int vb21_load_fw_preamble(struct vb2_context *ctx) /* Combine with the key version from vb2_load_fw_keyblock() */ sd->fw_version |= pre->fw_version; if (!rv && sd->fw_version < sd->fw_version_secdata) { - if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK) + if (gbb->flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK) VB2_DEBUG("Ignoring FW rollback due to GBB flag\n"); else rv = VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK; |