1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
/* Copyright 2015 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* Secure storage APIs - kernel version space
*/
#include "2common.h"
#include "2crc8.h"
#include "2misc.h"
#include "2secdata.h"
#include "2secdata_struct.h"
#include "2sysincludes.h"
vb2_error_t vb2api_secdata_kernel_check(struct vb2_context *ctx)
{
struct vb2_secdata_kernel *sec =
(struct vb2_secdata_kernel *)ctx->secdata_kernel;
/* Verify CRC */
if (sec->crc8 != vb2_crc8(sec, offsetof(struct vb2_secdata_kernel,
crc8))) {
VB2_DEBUG("secdata_kernel: bad CRC\n");
return VB2_ERROR_SECDATA_KERNEL_CRC;
}
/* Verify version */
if (sec->struct_version < VB2_SECDATA_KERNEL_VERSION) {
VB2_DEBUG("secdata_firmware: version incompatible\n");
return VB2_ERROR_SECDATA_KERNEL_VERSION;
}
/* Verify UID */
if (sec->uid != VB2_SECDATA_KERNEL_UID) {
VB2_DEBUG("secdata_kernel: bad UID\n");
return VB2_ERROR_SECDATA_KERNEL_UID;
}
return VB2_SUCCESS;
}
uint32_t vb2api_secdata_kernel_create(struct vb2_context *ctx)
{
struct vb2_secdata_kernel *sec =
(struct vb2_secdata_kernel *)ctx->secdata_kernel;
/* Clear the entire struct */
memset(sec, 0, sizeof(*sec));
/* Set to current version */
sec->struct_version = VB2_SECDATA_KERNEL_VERSION;
/* Set UID */
sec->uid = VB2_SECDATA_KERNEL_UID;
/* Calculate initial CRC */
sec->crc8 = vb2_crc8(sec, offsetof(struct vb2_secdata_kernel, crc8));
/* Mark as changed */
ctx->flags |= VB2_CONTEXT_SECDATA_KERNEL_CHANGED;
return sizeof(*sec);
}
vb2_error_t vb2_secdata_kernel_init(struct vb2_context *ctx)
{
struct vb2_shared_data *sd = vb2_get_sd(ctx);
vb2_error_t rv;
rv = vb2api_secdata_kernel_check(ctx);
if (rv)
return rv;
/* Set status flag */
sd->status |= VB2_SD_STATUS_SECDATA_KERNEL_INIT;
return VB2_SUCCESS;
}
uint32_t vb2_secdata_kernel_get(struct vb2_context *ctx,
enum vb2_secdata_kernel_param param)
{
struct vb2_shared_data *sd = vb2_get_sd(ctx);
struct vb2_secdata_kernel *sec =
(struct vb2_secdata_kernel *)ctx->secdata_kernel;
const char *msg;
if (!(sd->status & VB2_SD_STATUS_SECDATA_KERNEL_INIT)) {
msg = "get before init";
goto fail;
}
switch (param) {
case VB2_SECDATA_KERNEL_VERSIONS:
return sec->kernel_versions;
default:
msg = "invalid param";
}
fail:
VB2_REC_OR_DIE(ctx, "%s\n", msg);
return 0;
}
void vb2_secdata_kernel_set(struct vb2_context *ctx,
enum vb2_secdata_kernel_param param,
uint32_t value)
{
struct vb2_shared_data *sd = vb2_get_sd(ctx);
struct vb2_secdata_kernel *sec =
(struct vb2_secdata_kernel *)ctx->secdata_kernel;
const char *msg;
if (!(sd->status & VB2_SD_STATUS_SECDATA_KERNEL_INIT)) {
msg = "set before init";
goto fail;
}
/* If not changing the value, just return early */
if (value == vb2_secdata_kernel_get(ctx, param))
return;
switch (param) {
case VB2_SECDATA_KERNEL_VERSIONS:
VB2_DEBUG("secdata_kernel versions updated from %#x to %#x\n",
sec->kernel_versions, value);
sec->kernel_versions = value;
break;
default:
msg = "invalid param";
goto fail;
}
/* Regenerate CRC */
sec->crc8 = vb2_crc8(sec, offsetof(struct vb2_secdata_kernel, crc8));
ctx->flags |= VB2_CONTEXT_SECDATA_KERNEL_CHANGED;
return;
fail:
VB2_REC_OR_DIE(ctx, "%s\n", msg);
}
|
