1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
/* Copyright 2015 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* Secure storage APIs - kernel version space
*/
#include "2sysincludes.h"
#include "2common.h"
#include "2crc8.h"
#include "2misc.h"
#include "2secdata.h"
vb2_error_t vb2api_secdata_kernel_check(struct vb2_context *ctx)
{
struct vb2_secdata_kernel *sec =
(struct vb2_secdata_kernel *)ctx->secdata_kernel;
/* Verify CRC */
if (sec->crc8 != vb2_crc8(sec, offsetof(struct vb2_secdata_kernel,
crc8))) {
VB2_DEBUG("secdata_kernel: bad CRC\n");
return VB2_ERROR_SECDATA_KERNEL_CRC;
}
/* Verify version */
if (sec->struct_version < VB2_SECDATA_KERNEL_VERSION) {
VB2_DEBUG("secdata_firmware: version incompatible\n");
return VB2_ERROR_SECDATA_KERNEL_VERSION;
}
/* Verify UID */
if (sec->uid != VB2_SECDATA_KERNEL_UID) {
VB2_DEBUG("secdata_kernel: bad UID\n");
return VB2_ERROR_SECDATA_KERNEL_UID;
}
return VB2_SUCCESS;
}
vb2_error_t vb2api_secdata_kernel_create(struct vb2_context *ctx)
{
struct vb2_secdata_kernel *sec =
(struct vb2_secdata_kernel *)ctx->secdata_kernel;
/* Clear the entire struct */
memset(sec, 0, sizeof(*sec));
/* Set to current version */
sec->struct_version = VB2_SECDATA_KERNEL_VERSION;
/* Set UID */
sec->uid = VB2_SECDATA_KERNEL_UID;
/* Calculate initial CRC */
sec->crc8 = vb2_crc8(sec, offsetof(struct vb2_secdata_kernel, crc8));
/* Mark as changed */
ctx->flags |= VB2_CONTEXT_SECDATA_KERNEL_CHANGED;
return VB2_SUCCESS;
}
vb2_error_t vb2_secdata_kernel_init(struct vb2_context *ctx)
{
struct vb2_shared_data *sd = vb2_get_sd(ctx);
vb2_error_t rv;
rv = vb2api_secdata_kernel_check(ctx);
if (rv)
return rv;
/* Set status flag */
sd->status |= VB2_SD_STATUS_SECDATA_KERNEL_INIT;
return VB2_SUCCESS;
}
vb2_error_t vb2_secdata_kernel_get(struct vb2_context *ctx,
enum vb2_secdata_kernel_param param,
uint32_t *dest)
{
struct vb2_shared_data *sd = vb2_get_sd(ctx);
struct vb2_secdata_kernel *sec =
(struct vb2_secdata_kernel *)ctx->secdata_kernel;
if (!(sd->status & VB2_SD_STATUS_SECDATA_KERNEL_INIT))
return VB2_ERROR_SECDATA_KERNEL_GET_UNINITIALIZED;
switch (param) {
case VB2_SECDATA_KERNEL_VERSIONS:
*dest = sec->kernel_versions;
return VB2_SUCCESS;
default:
return VB2_ERROR_SECDATA_KERNEL_GET_PARAM;
}
}
vb2_error_t vb2_secdata_kernel_set(struct vb2_context *ctx,
enum vb2_secdata_kernel_param param,
uint32_t value)
{
struct vb2_shared_data *sd = vb2_get_sd(ctx);
struct vb2_secdata_kernel *sec =
(struct vb2_secdata_kernel *)ctx->secdata_kernel;
uint32_t now;
if (!(sd->status & VB2_SD_STATUS_SECDATA_KERNEL_INIT))
return VB2_ERROR_SECDATA_KERNEL_SET_UNINITIALIZED;
/* If not changing the value, don't regenerate the CRC. */
if (vb2_secdata_kernel_get(ctx, param, &now) == VB2_SUCCESS &&
now == value)
return VB2_SUCCESS;
switch (param) {
case VB2_SECDATA_KERNEL_VERSIONS:
VB2_DEBUG("secdata_kernel versions updated from 0x%x to 0x%x\n",
sec->kernel_versions, value);
sec->kernel_versions = value;
break;
default:
return VB2_ERROR_SECDATA_KERNEL_SET_PARAM;
}
/* Regenerate CRC */
sec->crc8 = vb2_crc8(sec, offsetof(struct vb2_secdata_kernel, crc8));
ctx->flags |= VB2_CONTEXT_SECDATA_KERNEL_CHANGED;
return VB2_SUCCESS;
}
|
