Add VBDEBUG macro for debug output.

firmware/lib/vboot_firmware.c

 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  *
  * High-level firmware API for loading and verifying rewritable firmware.
  * (Firmware portion)
  */
 
 #include "load_firmware_fw.h"
 #include "rollback_index.h"
@@ skipping 28 matching lines @@
   uint16_t tpm_key_version = 0;
   uint16_t tpm_fw_version = 0;
   uint64_t lowest_key_version = 0xFFFF;
   uint64_t lowest_fw_version = 0xFFFF;
   int good_index = -1;
   int index;
 
   /* Clear output params in case we fail */
   params->firmware_index = 0;
 
-  debug("LoadFirmware started...\n");
+  VBDEBUG(("LoadFirmware started...\n"));
 
   if (params->kernel_sign_key_size < sizeof(VbPublicKey)) {
-    debug("Kernel sign key buffer too small\n");
+    VBDEBUG(("Kernel sign key buffer too small\n"));
     return LOAD_FIRMWARE_RECOVERY;
   }
 
   /* Must have a root key */
   if (!root_key) {
-    debug("No root key\n");
+    VBDEBUG(("No root key\n"));
     return LOAD_FIRMWARE_RECOVERY;
   }
 
   /* Initialize the TPM and read rollback indices. */
   /* TODO: fix SetupTPM parameter for developer mode */
   if (0 != RollbackFirmwareSetup(0, &tpm_key_version, &tpm_fw_version)) {
-    debug("Unable to get stored versions.\n");
+    VBDEBUG(("Unable to get stored versions.\n"));
     return LOAD_FIRMWARE_RECOVERY;
   }
 
   /* Allocate our internal data */
   lfi = (VbLoadFirmwareInternal*)Malloc(sizeof(VbLoadFirmwareInternal));
   if (!lfi)
     return LOAD_FIRMWARE_RECOVERY;
   params->load_firmware_internal = (uint8_t*)lfi;
 
   /* Loop over indices */
   for (index = 0; index < 2; index++) {
     VbKeyBlockHeader* key_block;
     uint64_t vblock_size;
     VbFirmwarePreambleHeader* preamble;
     RSAPublicKey* data_key;
     uint64_t key_version;
     uint8_t* body_digest;
 
     /* Verify the key block */
     if (0 == index) {
       key_block = (VbKeyBlockHeader*)params->verification_block_0;
       vblock_size = params->verification_size_0;
     } else {
       key_block = (VbKeyBlockHeader*)params->verification_block_1;
       vblock_size = params->verification_size_1;
     }
     if ((0 != KeyBlockVerify(key_block, vblock_size, root_key))) {
-      debug("Key block verification failed.\n");
+      VBDEBUG(("Key block verification failed.\n"));
       continue;
     }
 
     /* Check for rollback of key version. */
     key_version = key_block->data_key.key_version;
     if (key_version < tpm_key_version) {
-      debug("Key rollback detected.\n");
+      VBDEBUG(("Key rollback detected.\n"));
       continue;
     }
 
     /* Get the key for preamble/data verification from the key block. */
     data_key = PublicKeyToRSA(&key_block->data_key);
     if (!data_key) {
-      debug("Unable to parse data key.\n");
+      VBDEBUG(("Unable to parse data key.\n"));
       continue;
     }
 
     /* Verify the preamble, which follows the key block. */
     preamble = (VbFirmwarePreambleHeader*)((uint8_t*)key_block +
                                            key_block->key_block_size);
     if ((0 != VerifyFirmwarePreamble2(preamble,
                                       vblock_size - key_block->key_block_size,
                                       data_key))) {
-      debug("Preamble verfication failed.\n");
+      VBDEBUG(("Preamble verfication failed.\n"));
       RSAPublicKeyFree(data_key);
       continue;
     }
 
     /* Check for rollback of firmware version. */
     if (key_version == tpm_key_version &&
         preamble->firmware_version < tpm_fw_version) {
-      debug("Firmware version rollback detected.\n");
+      VBDEBUG(("Firmware version rollback detected.\n"));
       RSAPublicKeyFree(data_key);
       continue;
     }
 
     /* Check for lowest key version from a valid header. */
     if (lowest_key_version > key_version) {
       lowest_key_version = key_version;
       lowest_fw_version = preamble->firmware_version;
     }
     else if (lowest_key_version == key_version &&
              lowest_fw_version > preamble->firmware_version) {
       lowest_fw_version = preamble->firmware_version;
     }
 
     /* If we already have good firmware, no need to read another one;
      * we only needed to look at the versions to check for
      * rollback. */
     if (-1 != good_index)
       continue;
 
     /* Read the firmware data */
     DigestInit(&lfi->body_digest_context, data_key->algorithm);
     lfi->body_size_accum = 0;
     if (0 != GetFirmwareBody(params, index)) {
-      debug("GetFirmwareBody() failed for index %d\n", index);
+      VBDEBUG(("GetFirmwareBody() failed for index %d\n", index));
       RSAPublicKeyFree(data_key);
       continue;
     }
     if (lfi->body_size_accum != preamble->body_signature.data_size) {
-      debug("Hash updated %d bytes but expected %d\n",
-            (int)lfi->body_size_accum, (int)preamble->body_signature.data_size);
+      VBDEBUG(("Hash updated %d bytes but expected %d\n",
+               (int)lfi->body_size_accum,
+               (int)preamble->body_signature.data_size));
       RSAPublicKeyFree(data_key);
       continue;
     }
 
     /* Verify firmware data */
     body_digest = DigestFinal(&lfi->body_digest_context);
     if (0 != VerifyDigest(body_digest, &preamble->body_signature, data_key)) {
-      debug("Firmware body verification failed.\n");
+      VBDEBUG(("Firmware body verification failed.\n"));
       RSAPublicKeyFree(data_key);
       Free(body_digest);
       continue;
     }
 
     /* Done with the digest and data key, so can free them now */
     RSAPublicKeyFree(data_key);
     Free(body_digest);
 
     /* If we're still here, the firmware is valid. */
-    debug("Firmware %d is valid.\n", index);
+    VBDEBUG(("Firmware %d is valid.\n", index));
     if (-1 == good_index) {
       VbPublicKey *kdest = (VbPublicKey*)params->kernel_sign_key_blob;
 
       /* Copy the kernel sign key blob into the destination buffer */
       PublicKeyInit(kdest, (uint8_t*)(kdest + 1),
                     (params->kernel_sign_key_size - sizeof(VbPublicKey)));
 
       if (0 != PublicKeyCopy(kdest, &preamble->kernel_subkey)) {
-        debug("Kernel subkey too big for buffer.\n");
+        VBDEBUG(("Kernel subkey too big for buffer.\n"));
         continue;  /* The firmware signature was good, but the public
                     * key was bigger that the caller can handle. */
       }
 
       /* Save the key size we actually used */
       params->kernel_sign_key_size = kdest->key_offset + kdest->key_size;
 
       /* Save the good index, now that we're sure we can actually use
        * this firmware.  That's the one we'll boot. */
       good_index = index;
@@ skipping 15 matching lines @@
 
   /* Handle finding good firmware */
   if (good_index >= 0) {
 
     /* Update TPM if necessary */
     if ((lowest_key_version > tpm_key_version) ||
         (lowest_key_version == tpm_key_version &&
          lowest_fw_version > tpm_fw_version)) {
       if (0 != RollbackFirmwareWrite((uint16_t)lowest_key_version,
                                      (uint16_t)lowest_fw_version)) {
-        debug("Unable to write stored versions.\n");
+        VBDEBUG(("Unable to write stored versions.\n"));
         return LOAD_FIRMWARE_RECOVERY;
       }
     }
 
     /* Lock firmware versions in TPM */
     if (0 != RollbackFirmwareLock()) {
-      debug("Unable to lock firmware versions.\n");
+      VBDEBUG(("Unable to lock firmware versions.\n"));
       return LOAD_FIRMWARE_RECOVERY;
     }
 
     /* Success */
-    debug("Will boot firmware index %d\n", (int)params->firmware_index);
+    VBDEBUG(("Will boot firmware index %d\n", (int)params->firmware_index));
     return LOAD_FIRMWARE_SUCCESS;
   }
 
   /* If we're still here, no good firmware, so go to recovery mode. */
-  debug("Alas, no good firmware.\n");
+  VBDEBUG(("Alas, no good firmware.\n"));
   return LOAD_FIRMWARE_RECOVERY;
 }