From adb418310d2e51e2f2a0f22607989fd3f66c4433 Mon Sep 17 00:00:00 2001 From: Joel Kitching Date: Mon, 23 Sep 2019 22:53:49 +0800 Subject: vboot/secdata: rewrite rollback_index and centralize reads/writes In current kernel verification code, secdata reads and writes are spread throughout the code. vboot2's design is to use vb2_context.secdata_* for storing the state of secdata spaces, and have the caller (depthcharge) read/save this field when necessary. Centralize secdata reads/writes into the functions of secdata_tpm.c, previously known as rollback_index.c. Functions which directly read/write to the TPM space are modified to use vb2_secdata_*_get and vb2_secdata_*_set. The secure spaces get read/flushed by functions in vboot_api_kernel.c. These calls and the underlying functions from secdata_tpm.c will eventually be relocated to depthcharge. Create a new external function vb2ex_commit_data, which commits any modified nvdata/secdata. Currently the depthcharge implementation of this function only writes nvdata, but once secdata TPM drivers have been migrated from vboot_reference to depthcharge, it will also commit these data spaces. This CL also removes the VbExNvStorageRead call from vb2_kernel_setup, and the data is instead read in depthcharge CL:1819379, right before calling VbSelectAndLoadKernel. As such, both the VbExNvStorageRead and VbExNvStorageWrite functions may be removed. Finally, create a vb2_secdata_kernel_lock function, which should be used right before attempting to leave vboot (by booting an OS or chainloading to another firmware). This should eventually be exposed as a vb2ex_ API function and relocated to depthcharge. BUG=b:124141368, chromium:972956, chromium:1006689 TEST=make clean && make runtests BRANCH=none Change-Id: Ifbfb21122af0bf85e22a6d3a0d48a1db7f7c25b7 Signed-off-by: Joel Kitching Cq-Depend: chromium:1819380, chromium:1939168 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1728298 Tested-by: Joel Kitching Reviewed-by: Andrey Pronin Reviewed-by: Julius Werner Commit-Queue: Joel Kitching --- firmware/include/vboot_api.h | 15 --------------- 1 file changed, 15 deletions(-) (limited to 'firmware/include/vboot_api.h') diff --git a/firmware/include/vboot_api.h b/firmware/include/vboot_api.h index 5481c379..455c3dcc 100644 --- a/firmware/include/vboot_api.h +++ b/firmware/include/vboot_api.h @@ -230,21 +230,6 @@ vb2_error_t VbExTpmGetRandom(uint8_t *buf, uint32_t length); #endif /* CHROMEOS_ENVIRONMENT */ -/*****************************************************************************/ -/* Non-volatile storage */ - -#define VBNV_BLOCK_SIZE 16 /* Size of NV storage block in bytes */ - -/** - * Read the VBNV_BLOCK_SIZE-byte non-volatile storage into buf. - */ -vb2_error_t VbExNvStorageRead(uint8_t *buf); - -/** - * Write the VBNV_BLOCK_SIZE-byte non-volatile storage from buf. - */ -vb2_error_t VbExNvStorageWrite(const uint8_t *buf); - /*****************************************************************************/ /* Disk access (previously in boot_device.h) */ -- cgit v1.2.1