| OLD | NEW |
|---|
| 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
| 3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
| 4 * | 4 * |
| 5 * High-level firmware API for loading and verifying rewritable firmware. | 5 * High-level firmware API for loading and verifying rewritable firmware. |
| 6 * (Firmware portion) | 6 * (Firmware portion) |
| 7 */ | 7 */ |
| 8 | 8 |
| 9 #include "load_firmware_fw.h" | 9 #include "load_firmware_fw.h" |
| 10 #include "rollback_index.h" | 10 #include "rollback_index.h" |
| (...skipping 30 matching lines...) Expand all Loading... |
| 41 uint64_t lowest_key_version = 0xFFFF; | 41 uint64_t lowest_key_version = 0xFFFF; |
| 42 uint64_t lowest_fw_version = 0xFFFF; | 42 uint64_t lowest_fw_version = 0xFFFF; |
| 43 int good_index = -1; | 43 int good_index = -1; |
| 44 int index; | 44 int index; |
| 45 | 45 |
| 46 /* Clear output params in case we fail */ | 46 /* Clear output params in case we fail */ |
| 47 params->firmware_index = 0; | 47 params->firmware_index = 0; |
| 48 params->kernel_sign_key_blob = NULL; | 48 params->kernel_sign_key_blob = NULL; |
| 49 params->kernel_sign_key_size = 0; | 49 params->kernel_sign_key_size = 0; |
| 50 | 50 |
| 51 debug("LoadFirmware started...\n"); |
| 52 |
| 51 /* Must have a root key */ | 53 /* Must have a root key */ |
| 52 if (!root_key) | 54 if (!root_key) |
| 53 return LOAD_FIRMWARE_RECOVERY; | 55 return LOAD_FIRMWARE_RECOVERY; |
| 54 | 56 |
| 55 /* Initialize the TPM and read rollback indices. */ | 57 /* Initialize the TPM and read rollback indices. */ |
| 56 /* TODO: fix SetupTPM parameter */ | 58 /* TODO: fix SetupTPM parameter */ |
| 57 if (0 != SetupTPM(0, 0) ) | 59 if (0 != SetupTPM(0, 0) ) |
| 58 return LOAD_FIRMWARE_RECOVERY; | 60 return LOAD_FIRMWARE_RECOVERY; |
| 59 if (0 != GetStoredVersions(FIRMWARE_VERSIONS, | 61 if (0 != GetStoredVersions(FIRMWARE_VERSIONS, |
| 60 &tpm_key_version, &tpm_fw_version)) | 62 &tpm_key_version, &tpm_fw_version)) |
| 61 return LOAD_FIRMWARE_RECOVERY; | 63 return LOAD_FIRMWARE_RECOVERY; |
| 62 | 64 |
| 63 /* Allocate our internal data */ | 65 /* Allocate our internal data */ |
| 64 lfi = (VbLoadFirmwareInternal*)Malloc(sizeof(VbLoadFirmwareInternal)); | 66 lfi = (VbLoadFirmwareInternal*)Malloc(sizeof(VbLoadFirmwareInternal)); |
| 65 if (!lfi) | 67 if (!lfi) |
| 66 return LOAD_FIRMWARE_RECOVERY; | 68 return LOAD_FIRMWARE_RECOVERY; |
| 67 params->load_firmware_internal = lfi; | 69 params->load_firmware_internal = (uint8_t*)lfi; |
| 68 | 70 |
| 69 /* Loop over indices */ | 71 /* Loop over indices */ |
| 70 for (index = 0; index < 2; index++) { | 72 for (index = 0; index < 2; index++) { |
| 71 VbKeyBlockHeader* key_block; | 73 VbKeyBlockHeader* key_block; |
| 72 uint64_t vblock_size; | 74 uint64_t vblock_size; |
| 73 VbFirmwarePreambleHeader* preamble; | 75 VbFirmwarePreambleHeader* preamble; |
| 74 RSAPublicKey* data_key; | 76 RSAPublicKey* data_key; |
| 75 uint64_t key_version; | 77 uint64_t key_version; |
| 76 uint8_t* body_digest; | 78 uint8_t* body_digest; |
| 77 | 79 |
| (...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 185 params->load_firmware_internal = NULL; | 187 params->load_firmware_internal = NULL; |
| 186 | 188 |
| 187 /* Handle finding good firmware */ | 189 /* Handle finding good firmware */ |
| 188 if (good_index >= 0) { | 190 if (good_index >= 0) { |
| 189 | 191 |
| 190 /* Update TPM if necessary */ | 192 /* Update TPM if necessary */ |
| 191 if ((lowest_key_version > tpm_key_version) || | 193 if ((lowest_key_version > tpm_key_version) || |
| 192 (lowest_key_version == tpm_key_version && | 194 (lowest_key_version == tpm_key_version && |
| 193 lowest_fw_version > tpm_fw_version)) { | 195 lowest_fw_version > tpm_fw_version)) { |
| 194 if (0 != WriteStoredVersions(FIRMWARE_VERSIONS, | 196 if (0 != WriteStoredVersions(FIRMWARE_VERSIONS, |
| 195 lowest_key_version, | 197 (uint16_t)lowest_key_version, |
| 196 lowest_fw_version)) | 198 (uint16_t)lowest_fw_version)) |
| 197 return LOAD_FIRMWARE_RECOVERY; | 199 return LOAD_FIRMWARE_RECOVERY; |
| 198 } | 200 } |
| 199 | 201 |
| 200 /* Lock Firmware TPM rollback indices from further writes. In | 202 /* Lock Firmware TPM rollback indices from further writes. In |
| 201 * this design, this is done by setting the globalLock bit, which | 203 * this design, this is done by setting the globalLock bit, which |
| 202 * is cleared only by TPM_Init at reboot. */ | 204 * is cleared only by TPM_Init at reboot. */ |
| 203 if (0 != LockFirmwareVersions()) | 205 if (0 != LockFirmwareVersions()) |
| 204 return LOAD_FIRMWARE_RECOVERY; | 206 return LOAD_FIRMWARE_RECOVERY; |
| 205 } | 207 } |
| 206 | 208 |
| 207 /* If we're still here, no good firmware, so go to recovery mode. */ | 209 /* If we're still here, no good firmware, so go to recovery mode. */ |
| 208 return LOAD_FIRMWARE_RECOVERY; | 210 return LOAD_FIRMWARE_RECOVERY; |
| 209 } | 211 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2851015:
Fixes to compiler warnings in MSVC (Closed)
Base URL: ssh://gitrw.chromium.org/vboot_reference.git