| OLD | NEW |
|---|
| 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
| 3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
| 4 * | 4 * |
| 5 * Functions for loading a kernel from disk. | 5 * Functions for loading a kernel from disk. |
| 6 * (Firmware portion) | 6 * (Firmware portion) |
| 7 */ | 7 */ |
| 8 | 8 |
| 9 #include "vboot_kernel.h" | 9 #include "vboot_kernel.h" |
| 10 | 10 |
| (...skipping 193 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 204 if (0 != BootDeviceReadLBA(part_start, kbuf_sectors, kbuf)) | 204 if (0 != BootDeviceReadLBA(part_start, kbuf_sectors, kbuf)) |
| 205 continue; | 205 continue; |
| 206 | 206 |
| 207 /* Verify the key block */ | 207 /* Verify the key block */ |
| 208 key_block = (VbKeyBlockHeader*)kbuf; | 208 key_block = (VbKeyBlockHeader*)kbuf; |
| 209 if ((0 != KeyBlockVerify(key_block, KBUF_SIZE, kernel_subkey))) { | 209 if ((0 != KeyBlockVerify(key_block, KBUF_SIZE, kernel_subkey))) { |
| 210 VBDEBUG(("Verifying key block failed.\n")); | 210 VBDEBUG(("Verifying key block failed.\n")); |
| 211 continue; | 211 continue; |
| 212 } | 212 } |
| 213 | 213 |
| 214 /* Check the key block flags against the current boot mode */ | 214 /* Check the key block flags against the current boot mode in normal |
| 215 if (!(key_block->key_block_flags & | 215 * and recovery modes (not in developer mode booting from SSD). */ |
| 216 (is_dev ? KEY_BLOCK_FLAG_DEVELOPER_1 : | 216 if (is_rec || is_normal) { |
| 217 KEY_BLOCK_FLAG_DEVELOPER_0))) { | 217 if (!(key_block->key_block_flags & |
| 218 VBDEBUG(("Developer flag mismatch.\n")); | 218 (is_dev ? KEY_BLOCK_FLAG_DEVELOPER_1 : |
| 219 continue; | 219 KEY_BLOCK_FLAG_DEVELOPER_0))) { |
| 220 } | 220 VBDEBUG(("Developer flag mismatch.\n")); |
| 221 if (!(key_block->key_block_flags & | 221 continue; |
| 222 (is_rec ? KEY_BLOCK_FLAG_RECOVERY_1 : | 222 } |
| 223 KEY_BLOCK_FLAG_RECOVERY_0))) { | 223 if (!(key_block->key_block_flags & |
| 224 VBDEBUG(("Recovery flag mismatch.\n")); | 224 (is_rec ? KEY_BLOCK_FLAG_RECOVERY_1 : |
| 225 continue; | 225 KEY_BLOCK_FLAG_RECOVERY_0))) { |
| 226 VBDEBUG(("Recovery flag mismatch.\n")); |
| 227 continue; |
| 228 } |
| 226 } | 229 } |
| 227 | 230 |
| 228 /* Check for rollback of key version. Note this is implicitly | 231 /* Check for rollback of key version. Note this is implicitly |
| 229 * skipped in recovery and developer modes because those set | 232 * skipped in recovery and developer modes because those set |
| 230 * key_version=0 above. */ | 233 * key_version=0 above. */ |
| 231 key_version = key_block->data_key.key_version; | 234 key_version = key_block->data_key.key_version; |
| 232 if (key_version < tpm_key_version) { | 235 if (key_version < tpm_key_version) { |
| 233 VBDEBUG(("Key version too old.\n")); | 236 VBDEBUG(("Key version too old.\n")); |
| 234 continue; | 237 continue; |
| 235 } | 238 } |
| (...skipping 167 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 403 /* Success! */ | 406 /* Success! */ |
| 404 return LOAD_KERNEL_SUCCESS; | 407 return LOAD_KERNEL_SUCCESS; |
| 405 } | 408 } |
| 406 | 409 |
| 407 // Handle error cases | 410 // Handle error cases |
| 408 if (found_partitions) | 411 if (found_partitions) |
| 409 return LOAD_KERNEL_INVALID; | 412 return LOAD_KERNEL_INVALID; |
| 410 else | 413 else |
| 411 return LOAD_KERNEL_NOT_FOUND; | 414 return LOAD_KERNEL_NOT_FOUND; |
| 412 } | 415 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2806058:
Fix checking boot flags in developer mode. (Closed)
Base URL: ssh://gitrw.chromium.org/vboot_reference.git