From 9c6c9c9f35dc5e1022f864a5420b53339b4e3d31 Mon Sep 17 00:00:00 2001
From: Joel Kitching <kitching@google.com>
Date: Fri, 30 Aug 2019 16:00:28 +0800
Subject: vboot: remove VbVerifyMemoryBootImage function

Previously used for fastboot.

BUG=b:124141368, chromium:995172
TEST=make clean && make runtests
BRANCH=none

Change-Id: I960932526bbd4482707125700cfa63e94c9f356b
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1776290
Commit-Queue: Joel Kitching <kitching@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
---
 firmware/lib/vboot_api_kernel.c | 132 ----------------------------------------
 1 file changed, 132 deletions(-)

(limited to 'firmware/lib/vboot_api_kernel.c')

diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c
index a52412fd..853fd82c 100644
--- a/firmware/lib/vboot_api_kernel.c
+++ b/firmware/lib/vboot_api_kernel.c
@@ -456,135 +456,3 @@ vb2_error_t VbSelectAndLoadKernel(struct vb2_context *ctx,
 	VB2_DEBUG("Returning %d\n", (int)retval);
 	return retval;
 }
-
-vb2_error_t VbVerifyMemoryBootImage(struct vb2_context *ctx,
-				    VbSharedDataHeader *shared,
-				    VbSelectAndLoadKernelParams *kparams,
-				    void *boot_image, size_t image_size)
-{
-	struct vb2_packed_key *kernel_subkey = NULL;
-	uint8_t *kbuf;
-	VbKeyBlockHeader *key_block;
-	VbKernelPreambleHeader *preamble;
-	uint64_t body_offset;
-	int hash_only = 0;
-	int dev_switch;
-	struct vb2_workbuf wb;
-	vb2_error_t retval;
-	vb2_error_t rv;
-
-	/* Allocate work buffer */
-	vb2_workbuf_from_ctx(ctx, &wb);
-
-	retval = vb2_kernel_setup(ctx, shared, kparams);
-	if (retval)
-		goto fail;
-
-	if ((boot_image == NULL) || (image_size == 0)) {
-		retval = VB2_ERROR_INVALID_PARAMETER;
-		goto fail;
-	}
-
-	kbuf = boot_image;
-
-	/* Get recovery key. */
-	rv = vb2_gbb_read_recovery_key(ctx, &kernel_subkey, NULL, &wb);
-	if (VB2_SUCCESS != rv) {
-		VB2_DEBUG("GBB read recovery key failed.\n");
-		retval = VBERROR_INVALID_GBB;
-		goto fail;
-	}
-
-	/* If we fail at any step, retval returned would be invalid kernel. */
-	retval = VBERROR_INVALID_KERNEL_FOUND;
-
-	/* Verify the key block. */
-	key_block = (VbKeyBlockHeader *)kbuf;
-	struct vb2_keyblock *keyblock2 = (struct vb2_keyblock *)kbuf;
-	rv = VB2_SUCCESS;
-	if (hash_only) {
-		rv = vb2_verify_keyblock_hash(keyblock2, image_size, &wb);
-	} else {
-		/* Unpack kernel subkey */
-		struct vb2_public_key kernel_subkey2;
-		if (VB2_SUCCESS !=
-		    vb2_unpack_key(&kernel_subkey2, kernel_subkey)) {
-			VB2_DEBUG("Unable to unpack kernel subkey\n");
-			goto fail;
-		}
-		rv = vb2_verify_keyblock(keyblock2, image_size,
-					 &kernel_subkey2, &wb);
-	}
-
-	if (VB2_SUCCESS != rv) {
-		VB2_DEBUG("Verifying key block signature/hash failed.\n");
-		goto fail;
-	}
-
-	/* Check the key block flags against the current boot mode. */
-	dev_switch = shared->flags & VBSD_BOOT_DEV_SWITCH_ON;
-	if (!(key_block->key_block_flags &
-	      (dev_switch ? KEY_BLOCK_FLAG_DEVELOPER_1 :
-	       KEY_BLOCK_FLAG_DEVELOPER_0))) {
-		VB2_DEBUG("Key block developer flag mismatch.\n");
-		if (hash_only == 0)
-			goto fail;
-	}
-
-	if (!(key_block->key_block_flags & KEY_BLOCK_FLAG_RECOVERY_1)) {
-		VB2_DEBUG("Key block recovery flag mismatch.\n");
-		if (hash_only == 0)
-			goto fail;
-	}
-
-	/* Get key for preamble/data verification from the key block. */
-	struct vb2_public_key data_key2;
-	if (VB2_SUCCESS != vb2_unpack_key(&data_key2, &keyblock2->data_key)) {
-		VB2_DEBUG("Unable to unpack kernel data key\n");
-		goto fail;
-	}
-
-	/* Verify the preamble, which follows the key block */
-	preamble = (VbKernelPreambleHeader *)(kbuf + key_block->key_block_size);
-	struct vb2_kernel_preamble *preamble2 =
-			(struct vb2_kernel_preamble *)
-			(kbuf + key_block->key_block_size);
-
-	if (VB2_SUCCESS != vb2_verify_kernel_preamble(
-			preamble2,
-			image_size - key_block->key_block_size,
-			&data_key2,
-			&wb)) {
-		VB2_DEBUG("Preamble verification failed.\n");
-		goto fail;
-	}
-
-	VB2_DEBUG("Kernel preamble is good.\n");
-
-	/* Verify kernel data */
-	body_offset = key_block->key_block_size + preamble->preamble_size;
-	if (VB2_SUCCESS != vb2_verify_data(
-			(const uint8_t *)(kbuf + body_offset),
-			image_size - body_offset,
-			(struct vb2_signature *)&preamble->body_signature,
-			&data_key2, &wb)) {
-		VB2_DEBUG("Kernel data verification failed.\n");
-		goto fail;
-	}
-
-	VB2_DEBUG("Kernel is good.\n");
-
-	/* Fill in output parameters. */
-	kparams->kernel_buffer = kbuf + body_offset;
-	kparams->kernel_buffer_size = image_size - body_offset;
-	kparams->bootloader_address = preamble->bootloader_address;
-	kparams->bootloader_size = preamble->bootloader_size;
-	if (VbKernelHasFlags(preamble) == VBOOT_SUCCESS)
-		kparams->flags = preamble->flags;
-
-	retval = VB2_SUCCESS;
-
- fail:
-	vb2_kernel_cleanup(ctx);
-	return retval;
-}
-- 
cgit v1.2.1