summaryrefslogtreecommitdiff
path: root/firmware
diff options
context:
space:
mode:
Diffstat (limited to 'firmware')
-rw-r--r--firmware/2lib/2api.c10
-rw-r--r--firmware/2lib/2secdata.c6
-rw-r--r--firmware/2lib/2secdatak.c6
-rw-r--r--firmware/2lib/include/2api.h16
-rw-r--r--firmware/2lib/include/2return_codes.h6
-rw-r--r--firmware/2lib/include/2secdata.h50
6 files changed, 19 insertions, 75 deletions
diff --git a/firmware/2lib/2api.c b/firmware/2lib/2api.c
index 99bb9630..f2e7d6bb 100644
--- a/firmware/2lib/2api.c
+++ b/firmware/2lib/2api.c
@@ -16,16 +16,6 @@
#include "2rsa.h"
#include "2tpm_bootmode.h"
-int vb2api_secdata_check(const struct vb2_context *ctx)
-{
- return vb2_secdata_check_crc(ctx);
-}
-
-int vb2api_secdata_create(struct vb2_context *ctx)
-{
- return vb2_secdata_create(ctx);
-}
-
void vb2api_fail(struct vb2_context *ctx, uint8_t reason, uint8_t subcode)
{
/* Initialize the vboot context if it hasn't been yet */
diff --git a/firmware/2lib/2secdata.c b/firmware/2lib/2secdata.c
index 3281f7c3..e4b42e44 100644
--- a/firmware/2lib/2secdata.c
+++ b/firmware/2lib/2secdata.c
@@ -11,7 +11,7 @@
#include "2misc.h"
#include "2secdata.h"
-int vb2_secdata_check_crc(const struct vb2_context *ctx)
+int vb2api_secdata_check(const struct vb2_context *ctx)
{
const struct vb2_secdata *sec =
(const struct vb2_secdata *)ctx->secdata;
@@ -27,7 +27,7 @@ int vb2_secdata_check_crc(const struct vb2_context *ctx)
return VB2_SUCCESS;
}
-int vb2_secdata_create(struct vb2_context *ctx)
+int vb2api_secdata_create(struct vb2_context *ctx)
{
struct vb2_secdata *sec = (struct vb2_secdata *)ctx->secdata;
@@ -48,7 +48,7 @@ int vb2_secdata_init(struct vb2_context *ctx)
struct vb2_shared_data *sd = vb2_get_sd(ctx);
int rv;
- rv = vb2_secdata_check_crc(ctx);
+ rv = vb2api_secdata_check(ctx);
if (rv)
return rv;
diff --git a/firmware/2lib/2secdatak.c b/firmware/2lib/2secdatak.c
index af11aef4..228312d8 100644
--- a/firmware/2lib/2secdatak.c
+++ b/firmware/2lib/2secdatak.c
@@ -11,7 +11,7 @@
#include "2misc.h"
#include "2secdata.h"
-int vb2_secdatak_check_crc(const struct vb2_context *ctx)
+int vb2api_secdatak_check(const struct vb2_context *ctx)
{
const struct vb2_secdatak *sec =
(const struct vb2_secdatak *)ctx->secdatak;
@@ -23,7 +23,7 @@ int vb2_secdatak_check_crc(const struct vb2_context *ctx)
return VB2_SUCCESS;
}
-int vb2_secdatak_create(struct vb2_context *ctx)
+int vb2api_secdatak_create(struct vb2_context *ctx)
{
struct vb2_secdatak *sec = (struct vb2_secdatak *)ctx->secdatak;
@@ -48,7 +48,7 @@ int vb2_secdatak_init(struct vb2_context *ctx)
struct vb2_shared_data *sd = vb2_get_sd(ctx);
int rv;
- rv = vb2_secdatak_check_crc(ctx);
+ rv = vb2api_secdatak_check(ctx);
if (rv)
return rv;
diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h
index 341517d9..9cab74e9 100644
--- a/firmware/2lib/include/2api.h
+++ b/firmware/2lib/include/2api.h
@@ -393,12 +393,13 @@ enum vb2_pcr_digest {
*/
/**
- * Sanity-check the contents of the secure storage context.
+ * Check the CRC of the secure storage context.
*
* Use this if reading from secure storage may be flaky, and you want to retry
* reading it several times.
*
- * This may be called before vb2api_phase1().
+ * This may be called before vb2api_phase1() (externally), and before
+ * vb2_context_init() (internally).
*
* @param ctx Context pointer
* @return VB2_SUCCESS, or non-zero error code if error.
@@ -413,7 +414,8 @@ int vb2api_secdata_check(const struct vb2_context *ctx);
* (or any other API in this library) fails; that could allow the secure data
* to be rolled back to an insecure state.
*
- * This may be called before vb2api_phase1().
+ * This may be called before vb2api_phase1() (externally), and before
+ * vb2_context_init() (internally).
*
* @param ctx Context pointer
* @return VB2_SUCCESS, or non-zero error code if error.
@@ -421,12 +423,13 @@ int vb2api_secdata_check(const struct vb2_context *ctx);
int vb2api_secdata_create(struct vb2_context *ctx);
/**
- * Sanity-check the contents of the kernel version secure storage context.
+ * Check the CRC of the kernel version secure storage context.
*
* Use this if reading from secure storage may be flaky, and you want to retry
* reading it several times.
*
- * This may be called before vb2api_phase1().
+ * This may be called before vb2api_phase1() (externally), and before
+ * vb2_context_init() (internally).
*
* @param ctx Context pointer
* @return VB2_SUCCESS, or non-zero error code if error.
@@ -441,7 +444,8 @@ int vb2api_secdatak_check(const struct vb2_context *ctx);
* (or any other API in this library) fails; that could allow the secure data
* to be rolled back to an insecure state.
*
- * This may be called before vb2api_phase1().
+ * This may be called before vb2api_phase1() (externally), and before
+ * vb2_context_init() (internally).
*
* @param ctx Context pointer
* @return VB2_SUCCESS, or non-zero error code if error.
diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h
index 15ec97f6..5126555b 100644
--- a/firmware/2lib/include/2return_codes.h
+++ b/firmware/2lib/include/2return_codes.h
@@ -90,10 +90,10 @@ enum vb2_return_code {
*/
VB2_ERROR_SECDATA = VB2_ERROR_BASE + 0x040000,
- /* Bad CRC in vb2_secdata_check_crc() */
+ /* Bad CRC in vb2api_secdata_check() */
VB2_ERROR_SECDATA_CRC,
- /* Secdata is all zeroes (uninitialized) in vb2_secdata_check_crc() */
+ /* Secdata is all zeroes (uninitialized) in vb2api_secdata_check() */
VB2_ERROR_SECDATA_ZERO,
/* Invalid param in vb2_secdata_get() */
@@ -111,7 +111,7 @@ enum vb2_return_code {
/* Called vb2_secdata_set() with uninitialized secdata */
VB2_ERROR_SECDATA_SET_UNINITIALIZED,
- /* Bad CRC in vb2_secdatak_check_crc() */
+ /* Bad CRC in vb2api_secdatak_check() */
VB2_ERROR_SECDATAK_CRC,
/* Bad struct version in vb2_secdatak_init() */
diff --git a/firmware/2lib/include/2secdata.h b/firmware/2lib/include/2secdata.h
index d27432e8..2563b3fb 100644
--- a/firmware/2lib/include/2secdata.h
+++ b/firmware/2lib/include/2secdata.h
@@ -92,31 +92,6 @@ enum vb2_secdatak_param {
/* Firmware version space functions */
/**
- * Check the CRC of the secure storage context.
- *
- * Use this if reading from secure storage may be flaky, and you want to retry
- * reading it several times.
- *
- * This may be called before vb2_context_init().
- *
- * @param ctx Context pointer
- * @return VB2_SUCCESS, or non-zero error code if error.
- */
-int vb2_secdata_check_crc(const struct vb2_context *ctx);
-
-/**
- * Create fresh data in the secure storage context.
- *
- * Use this only when initializing the secure storage context on a new machine
- * the first time it boots. Do NOT simply use this if vb2_secdata_check_crc()
- * (or any other API in this library) fails; that could allow the secure data
- * to be rolled back to an insecure state.
- *
- * This may be called before vb2_context_init().
- */
-int vb2_secdata_create(struct vb2_context *ctx);
-
-/**
* Initialize the secure storage context and verify its CRC.
*
* This must be called before vb2_secdata_get() or vb2_secdata_set().
@@ -158,31 +133,6 @@ int vb2_secdata_set(struct vb2_context *ctx,
*/
/**
- * Check the CRC of the kernel version secure storage context.
- *
- * Use this if reading from secure storage may be flaky, and you want to retry
- * reading it several times.
- *
- * This may be called before vb2_context_init().
- *
- * @param ctx Context pointer
- * @return VB2_SUCCESS, or non-zero error code if error.
- */
-int vb2_secdatak_check_crc(const struct vb2_context *ctx);
-
-/**
- * Create fresh data in the secure storage context.
- *
- * Use this only when initializing the secure storage context on a new machine
- * the first time it boots. Do NOT simply use this if vb2_secdatak_check_crc()
- * (or any other API in this library) fails; that could allow the secure data
- * to be rolled back to an insecure state.
- *
- * This may be called before vb2_context_init().
- */
-int vb2_secdatak_create(struct vb2_context *ctx);
-
-/**
* Initialize the secure storage context and verify its CRC.
*
* This must be called before vb2_secdatak_get() or vb2_secdatak_set().
View Lorry Controller Status