Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(930)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: firmware/lib/vboot_kernel.c

Issue 3027009: Added size param to VerifyData() (Closed) Base URL: ssh://gitrw.chromium.org/vboot_reference.git
Patch Set: Created 10 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « firmware/lib/vboot_firmware.c ('k') | firmware/linktest/main.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be 2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file. 3 * found in the LICENSE file.
4 * 4 *
5 * Functions for loading a kernel from disk. 5 * Functions for loading a kernel from disk.
6 * (Firmware portion) 6 * (Firmware portion)
7 */ 7 */
8 8
9 #include "vboot_kernel.h" 9 #include "vboot_kernel.h"
10 10
(...skipping 223 matching lines...) Expand 10 before | Expand all | Expand 10 after
234 continue; 234 continue;
235 } 235 }
236 236
237 /* Get the key for preamble/data verification from the key block */ 237 /* Get the key for preamble/data verification from the key block */
238 data_key = PublicKeyToRSA(&key_block->data_key); 238 data_key = PublicKeyToRSA(&key_block->data_key);
239 if (!data_key) 239 if (!data_key)
240 continue; 240 continue;
241 241
242 /* Verify the preamble, which follows the key block */ 242 /* Verify the preamble, which follows the key block */
243 preamble = (VbKernelPreambleHeader*)(kbuf + key_block->key_block_size); 243 preamble = (VbKernelPreambleHeader*)(kbuf + key_block->key_block_size);
244 if ((0 != VerifyKernelPreamble2(preamble, 244 if ((0 != VerifyKernelPreamble(preamble,
245 KBUF_SIZE - key_block->key_block_size, 245 KBUF_SIZE - key_block->key_block_size,
246 data_key))) { 246 data_key))) {
247 VBDEBUG(("Preamble verification failed.\n")); 247 VBDEBUG(("Preamble verification failed.\n"));
248 RSAPublicKeyFree(data_key); 248 RSAPublicKeyFree(data_key);
249 continue; 249 continue;
250 } 250 }
251 251
252 /* Check for rollback of kernel version. Note this is implicitly 252 /* Check for rollback of kernel version. Note this is implicitly
253 * skipped in recovery and developer modes because those set 253 * skipped in recovery and developer modes because those set
254 * key_version=0 and kernel_version=0 above. */ 254 * key_version=0 and kernel_version=0 above. */
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after
306 part_start + (body_offset / blba), 306 part_start + (body_offset / blba),
307 (preamble->body_signature.data_size + blba - 1) / blba, 307 (preamble->body_signature.data_size + blba - 1) / blba,
308 params->kernel_buffer)) { 308 params->kernel_buffer)) {
309 VBDEBUG(("Unable to read kernel data.\n")); 309 VBDEBUG(("Unable to read kernel data.\n"));
310 RSAPublicKeyFree(data_key); 310 RSAPublicKeyFree(data_key);
311 continue; 311 continue;
312 } 312 }
313 313
314 /* Verify kernel data */ 314 /* Verify kernel data */
315 if (0 != VerifyData((const uint8_t*)params->kernel_buffer, 315 if (0 != VerifyData((const uint8_t*)params->kernel_buffer,
316 params->kernel_buffer_size,
316 &preamble->body_signature, data_key)) { 317 &preamble->body_signature, data_key)) {
317 VBDEBUG(("Kernel data verification failed.\n")); 318 VBDEBUG(("Kernel data verification failed.\n"));
318 RSAPublicKeyFree(data_key); 319 RSAPublicKeyFree(data_key);
319 continue; 320 continue;
320 } 321 }
321 322
322 /* Done with the kernel signing key, so can free it now */ 323 /* Done with the kernel signing key, so can free it now */
323 RSAPublicKeyFree(data_key); 324 RSAPublicKeyFree(data_key);
324 325
325 /* If we're still here, the kernel is valid. */ 326 /* If we're still here, the kernel is valid. */
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after
402 /* Success! */ 403 /* Success! */
403 return LOAD_KERNEL_SUCCESS; 404 return LOAD_KERNEL_SUCCESS;
404 } 405 }
405 406
406 // Handle error cases 407 // Handle error cases
407 if (found_partitions) 408 if (found_partitions)
408 return LOAD_KERNEL_INVALID; 409 return LOAD_KERNEL_INVALID;
409 else 410 else
410 return LOAD_KERNEL_NOT_FOUND; 411 return LOAD_KERNEL_NOT_FOUND;
411 } 412 }
OLDNEW
« no previous file with comments | « firmware/lib/vboot_firmware.c ('k') | firmware/linktest/main.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698