Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(326)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: firmware/lib/vboot_firmware.c

Issue 6462010: Support dev vs consumer firmware in vboot_reference (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/vboot_reference.git@master
Patch Set: post-merge Created 9 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « firmware/include/load_kernel_fw.h ('k') | firmware/lib/vboot_kernel.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be 2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file. 3 * found in the LICENSE file.
4 * 4 *
5 * High-level firmware API for loading and verifying rewritable firmware. 5 * High-level firmware API for loading and verifying rewritable firmware.
6 * (Firmware portion) 6 * (Firmware portion)
7 */ 7 */
8 8
9 #include "load_firmware_fw.h" 9 #include "load_firmware_fw.h"
10 #include "rollback_index.h" 10 #include "rollback_index.h"
(...skipping 22 matching lines...) Expand all
33 33
34 int LoadFirmware(LoadFirmwareParams* params) { 34 int LoadFirmware(LoadFirmwareParams* params) {
35 35
36 VbPublicKey* root_key = (VbPublicKey*)params->firmware_root_key_blob; 36 VbPublicKey* root_key = (VbPublicKey*)params->firmware_root_key_blob;
37 VbLoadFirmwareInternal* lfi; 37 VbLoadFirmwareInternal* lfi;
38 38
39 uint32_t tpm_version = 0; 39 uint32_t tpm_version = 0;
40 uint64_t lowest_version = 0xFFFFFFFF; 40 uint64_t lowest_version = 0xFFFFFFFF;
41 uint32_t status; 41 uint32_t status;
42 int good_index = -1; 42 int good_index = -1;
43 int is_dev;
43 int index; 44 int index;
44 45
45 /* Clear output params in case we fail */ 46 /* Clear output params in case we fail */
46 params->firmware_index = 0; 47 params->firmware_index = 0;
47 48
48 VBDEBUG(("LoadFirmware started...\n")); 49 VBDEBUG(("LoadFirmware started...\n"));
49 50
50 if (params->kernel_sign_key_size < sizeof(VbPublicKey)) { 51 if (params->kernel_sign_key_size < sizeof(VbPublicKey)) {
51 VBDEBUG(("Kernel sign key buffer too small\n")); 52 VBDEBUG(("Kernel sign key buffer too small\n"));
52 return LOAD_FIRMWARE_RECOVERY; 53 return LOAD_FIRMWARE_RECOVERY;
53 } 54 }
54 55
55 /* Must have a root key */ 56 /* Must have a root key */
56 if (!root_key) { 57 if (!root_key) {
57 VBDEBUG(("No root key\n")); 58 VBDEBUG(("No root key\n"));
58 return LOAD_FIRMWARE_RECOVERY; 59 return LOAD_FIRMWARE_RECOVERY;
59 } 60 }
60 61
62 /* Parse flags */
63 is_dev = (params->boot_flags & BOOT_FLAG_DEVELOPER ? 1 : 0);
64
61 /* Initialize the TPM and read rollback indices. */ 65 /* Initialize the TPM and read rollback indices. */
62 VBPERFSTART("VB_TPMI"); 66 VBPERFSTART("VB_TPMI");
63 status = RollbackFirmwareSetup(params->boot_flags & BOOT_FLAG_DEVELOPER, 67 status = RollbackFirmwareSetup(is_dev, &tpm_version);
64 &tpm_version);
65 if (0 != status) { 68 if (0 != status) {
66 VBDEBUG(("Unable to setup TPM and read stored versions.\n")); 69 VBDEBUG(("Unable to setup TPM and read stored versions.\n"));
67 VBPERFEND("VB_TPMI"); 70 VBPERFEND("VB_TPMI");
68 return (status == TPM_E_MUST_REBOOT ? 71 return (status == TPM_E_MUST_REBOOT ?
69 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY_TPM); 72 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY_TPM);
70 } 73 }
71 VBPERFEND("VB_TPMI"); 74 VBPERFEND("VB_TPMI");
72 75
73 /* Allocate our internal data */ 76 /* Allocate our internal data */
74 lfi = (VbLoadFirmwareInternal*)Malloc(sizeof(VbLoadFirmwareInternal)); 77 lfi = (VbLoadFirmwareInternal*)Malloc(sizeof(VbLoadFirmwareInternal));
(...skipping 21 matching lines...) Expand all
96 key_block = (VbKeyBlockHeader*)params->verification_block_1; 99 key_block = (VbKeyBlockHeader*)params->verification_block_1;
97 vblock_size = params->verification_size_1; 100 vblock_size = params->verification_size_1;
98 } 101 }
99 if ((0 != KeyBlockVerify(key_block, vblock_size, root_key, 0))) { 102 if ((0 != KeyBlockVerify(key_block, vblock_size, root_key, 0))) {
100 VBDEBUG(("Key block verification failed.\n")); 103 VBDEBUG(("Key block verification failed.\n"));
101 VBPERFEND("VB_VKB"); 104 VBPERFEND("VB_VKB");
102 continue; 105 continue;
103 } 106 }
104 VBPERFEND("VB_VKB"); 107 VBPERFEND("VB_VKB");
105 108
109 /* Check the key block flags against the current boot mode. */
110 if (!(key_block->key_block_flags &
111 (is_dev ? KEY_BLOCK_FLAG_DEVELOPER_1 :
112 KEY_BLOCK_FLAG_DEVELOPER_0))) {
113 VBDEBUG(("Developer flag mismatch.\n"));
114 continue;
115 }
116 /* RW firmware never runs in recovery mode. */
117 if (!(key_block->key_block_flags & KEY_BLOCK_FLAG_RECOVERY_0)) {
118 VBDEBUG(("Recovery flag mismatch.\n"));
119 continue;
120 }
121
106 /* Check for rollback of key version. */ 122 /* Check for rollback of key version. */
107 key_version = key_block->data_key.key_version; 123 key_version = key_block->data_key.key_version;
108 if (key_version < (tpm_version >> 16)) { 124 if (key_version < (tpm_version >> 16)) {
109 VBDEBUG(("Key rollback detected.\n")); 125 VBDEBUG(("Key rollback detected.\n"));
110 continue; 126 continue;
111 } 127 }
112 128
113 /* Get the key for preamble/data verification from the key block. */ 129 /* Get the key for preamble/data verification from the key block. */
114 data_key = PublicKeyToRSA(&key_block->data_key); 130 data_key = PublicKeyToRSA(&key_block->data_key);
115 if (!data_key) { 131 if (!data_key) {
(...skipping 146 matching lines...) Expand 10 before | Expand all | Expand 10 after
262 /* Resume the TPM */ 278 /* Resume the TPM */
263 uint32_t status = RollbackS3Resume(); 279 uint32_t status = RollbackS3Resume();
264 280
265 if (status == TPM_SUCCESS) 281 if (status == TPM_SUCCESS)
266 return LOAD_FIRMWARE_SUCCESS; 282 return LOAD_FIRMWARE_SUCCESS;
267 else if (status == TPM_E_MUST_REBOOT) 283 else if (status == TPM_E_MUST_REBOOT)
268 return LOAD_FIRMWARE_REBOOT; 284 return LOAD_FIRMWARE_REBOOT;
269 else 285 else
270 return LOAD_FIRMWARE_RECOVERY_TPM; 286 return LOAD_FIRMWARE_RECOVERY_TPM;
271 } 287 }
OLDNEW
« no previous file with comments | « firmware/include/load_kernel_fw.h ('k') | firmware/lib/vboot_kernel.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698