diff options
Diffstat (limited to 'firmware')
-rw-r--r-- | firmware/2lib/2api.c | 10 | ||||
-rw-r--r-- | firmware/2lib/2secdata.c | 6 | ||||
-rw-r--r-- | firmware/2lib/2secdatak.c | 6 | ||||
-rw-r--r-- | firmware/2lib/include/2api.h | 16 | ||||
-rw-r--r-- | firmware/2lib/include/2return_codes.h | 6 | ||||
-rw-r--r-- | firmware/2lib/include/2secdata.h | 50 |
6 files changed, 19 insertions, 75 deletions
diff --git a/firmware/2lib/2api.c b/firmware/2lib/2api.c index 99bb9630..f2e7d6bb 100644 --- a/firmware/2lib/2api.c +++ b/firmware/2lib/2api.c @@ -16,16 +16,6 @@ #include "2rsa.h" #include "2tpm_bootmode.h" -int vb2api_secdata_check(const struct vb2_context *ctx) -{ - return vb2_secdata_check_crc(ctx); -} - -int vb2api_secdata_create(struct vb2_context *ctx) -{ - return vb2_secdata_create(ctx); -} - void vb2api_fail(struct vb2_context *ctx, uint8_t reason, uint8_t subcode) { /* Initialize the vboot context if it hasn't been yet */ diff --git a/firmware/2lib/2secdata.c b/firmware/2lib/2secdata.c index 3281f7c3..e4b42e44 100644 --- a/firmware/2lib/2secdata.c +++ b/firmware/2lib/2secdata.c @@ -11,7 +11,7 @@ #include "2misc.h" #include "2secdata.h" -int vb2_secdata_check_crc(const struct vb2_context *ctx) +int vb2api_secdata_check(const struct vb2_context *ctx) { const struct vb2_secdata *sec = (const struct vb2_secdata *)ctx->secdata; @@ -27,7 +27,7 @@ int vb2_secdata_check_crc(const struct vb2_context *ctx) return VB2_SUCCESS; } -int vb2_secdata_create(struct vb2_context *ctx) +int vb2api_secdata_create(struct vb2_context *ctx) { struct vb2_secdata *sec = (struct vb2_secdata *)ctx->secdata; @@ -48,7 +48,7 @@ int vb2_secdata_init(struct vb2_context *ctx) struct vb2_shared_data *sd = vb2_get_sd(ctx); int rv; - rv = vb2_secdata_check_crc(ctx); + rv = vb2api_secdata_check(ctx); if (rv) return rv; diff --git a/firmware/2lib/2secdatak.c b/firmware/2lib/2secdatak.c index af11aef4..228312d8 100644 --- a/firmware/2lib/2secdatak.c +++ b/firmware/2lib/2secdatak.c @@ -11,7 +11,7 @@ #include "2misc.h" #include "2secdata.h" -int vb2_secdatak_check_crc(const struct vb2_context *ctx) +int vb2api_secdatak_check(const struct vb2_context *ctx) { const struct vb2_secdatak *sec = (const struct vb2_secdatak *)ctx->secdatak; @@ -23,7 +23,7 @@ int vb2_secdatak_check_crc(const struct vb2_context *ctx) return VB2_SUCCESS; } -int vb2_secdatak_create(struct vb2_context *ctx) +int vb2api_secdatak_create(struct vb2_context *ctx) { struct vb2_secdatak *sec = (struct vb2_secdatak *)ctx->secdatak; @@ -48,7 +48,7 @@ int vb2_secdatak_init(struct vb2_context *ctx) struct vb2_shared_data *sd = vb2_get_sd(ctx); int rv; - rv = vb2_secdatak_check_crc(ctx); + rv = vb2api_secdatak_check(ctx); if (rv) return rv; diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h index 341517d9..9cab74e9 100644 --- a/firmware/2lib/include/2api.h +++ b/firmware/2lib/include/2api.h @@ -393,12 +393,13 @@ enum vb2_pcr_digest { */ /** - * Sanity-check the contents of the secure storage context. + * Check the CRC of the secure storage context. * * Use this if reading from secure storage may be flaky, and you want to retry * reading it several times. * - * This may be called before vb2api_phase1(). + * This may be called before vb2api_phase1() (externally), and before + * vb2_context_init() (internally). * * @param ctx Context pointer * @return VB2_SUCCESS, or non-zero error code if error. @@ -413,7 +414,8 @@ int vb2api_secdata_check(const struct vb2_context *ctx); * (or any other API in this library) fails; that could allow the secure data * to be rolled back to an insecure state. * - * This may be called before vb2api_phase1(). + * This may be called before vb2api_phase1() (externally), and before + * vb2_context_init() (internally). * * @param ctx Context pointer * @return VB2_SUCCESS, or non-zero error code if error. @@ -421,12 +423,13 @@ int vb2api_secdata_check(const struct vb2_context *ctx); int vb2api_secdata_create(struct vb2_context *ctx); /** - * Sanity-check the contents of the kernel version secure storage context. + * Check the CRC of the kernel version secure storage context. * * Use this if reading from secure storage may be flaky, and you want to retry * reading it several times. * - * This may be called before vb2api_phase1(). + * This may be called before vb2api_phase1() (externally), and before + * vb2_context_init() (internally). * * @param ctx Context pointer * @return VB2_SUCCESS, or non-zero error code if error. @@ -441,7 +444,8 @@ int vb2api_secdatak_check(const struct vb2_context *ctx); * (or any other API in this library) fails; that could allow the secure data * to be rolled back to an insecure state. * - * This may be called before vb2api_phase1(). + * This may be called before vb2api_phase1() (externally), and before + * vb2_context_init() (internally). * * @param ctx Context pointer * @return VB2_SUCCESS, or non-zero error code if error. diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h index 15ec97f6..5126555b 100644 --- a/firmware/2lib/include/2return_codes.h +++ b/firmware/2lib/include/2return_codes.h @@ -90,10 +90,10 @@ enum vb2_return_code { */ VB2_ERROR_SECDATA = VB2_ERROR_BASE + 0x040000, - /* Bad CRC in vb2_secdata_check_crc() */ + /* Bad CRC in vb2api_secdata_check() */ VB2_ERROR_SECDATA_CRC, - /* Secdata is all zeroes (uninitialized) in vb2_secdata_check_crc() */ + /* Secdata is all zeroes (uninitialized) in vb2api_secdata_check() */ VB2_ERROR_SECDATA_ZERO, /* Invalid param in vb2_secdata_get() */ @@ -111,7 +111,7 @@ enum vb2_return_code { /* Called vb2_secdata_set() with uninitialized secdata */ VB2_ERROR_SECDATA_SET_UNINITIALIZED, - /* Bad CRC in vb2_secdatak_check_crc() */ + /* Bad CRC in vb2api_secdatak_check() */ VB2_ERROR_SECDATAK_CRC, /* Bad struct version in vb2_secdatak_init() */ diff --git a/firmware/2lib/include/2secdata.h b/firmware/2lib/include/2secdata.h index d27432e8..2563b3fb 100644 --- a/firmware/2lib/include/2secdata.h +++ b/firmware/2lib/include/2secdata.h @@ -92,31 +92,6 @@ enum vb2_secdatak_param { /* Firmware version space functions */ /** - * Check the CRC of the secure storage context. - * - * Use this if reading from secure storage may be flaky, and you want to retry - * reading it several times. - * - * This may be called before vb2_context_init(). - * - * @param ctx Context pointer - * @return VB2_SUCCESS, or non-zero error code if error. - */ -int vb2_secdata_check_crc(const struct vb2_context *ctx); - -/** - * Create fresh data in the secure storage context. - * - * Use this only when initializing the secure storage context on a new machine - * the first time it boots. Do NOT simply use this if vb2_secdata_check_crc() - * (or any other API in this library) fails; that could allow the secure data - * to be rolled back to an insecure state. - * - * This may be called before vb2_context_init(). - */ -int vb2_secdata_create(struct vb2_context *ctx); - -/** * Initialize the secure storage context and verify its CRC. * * This must be called before vb2_secdata_get() or vb2_secdata_set(). @@ -158,31 +133,6 @@ int vb2_secdata_set(struct vb2_context *ctx, */ /** - * Check the CRC of the kernel version secure storage context. - * - * Use this if reading from secure storage may be flaky, and you want to retry - * reading it several times. - * - * This may be called before vb2_context_init(). - * - * @param ctx Context pointer - * @return VB2_SUCCESS, or non-zero error code if error. - */ -int vb2_secdatak_check_crc(const struct vb2_context *ctx); - -/** - * Create fresh data in the secure storage context. - * - * Use this only when initializing the secure storage context on a new machine - * the first time it boots. Do NOT simply use this if vb2_secdatak_check_crc() - * (or any other API in this library) fails; that could allow the secure data - * to be rolled back to an insecure state. - * - * This may be called before vb2_context_init(). - */ -int vb2_secdatak_create(struct vb2_context *ctx); - -/** * Initialize the secure storage context and verify its CRC. * * This must be called before vb2_secdatak_get() or vb2_secdatak_set(). |