From 20db137e82039f9dafd42352525f1e8a8b7995ea Mon Sep 17 00:00:00 2001 From: Claudio Carvalho Date: Mon, 31 Oct 2016 01:11:41 -0200 Subject: libstb: remove subid argument from sb_verify and tb_measure We always verify and measure an image as a whole, never its subpartition (if exists). This removes the subid argument from sb_verify() and tb_measure() functions, and also reflects the change to the callers, STB interface and STB documentation. Signed-off-by: Claudio Carvalho Signed-off-by: Stewart Smith --- core/flash.c | 4 ++-- core/init.c | 8 ++++---- doc/stb.rst | 8 ++++---- libstb/stb.c | 24 ++++++++++++------------ libstb/stb.h | 7 ++----- 5 files changed, 24 insertions(+), 27 deletions(-) diff --git a/core/flash.c b/core/flash.c index a704380..5ab7fc8 100644 --- a/core/flash.c +++ b/core/flash.c @@ -655,8 +655,8 @@ done_reading: * Verify and measure the retrieved PNOR partition as part of the * secure boot and trusted boot requirements */ - sb_verify(id, subid, buf, *len); - tb_measure(id, subid, buf, *len); + sb_verify(id, buf, *len); + tb_measure(id, buf, *len); /* Find subpartition */ if (subid != RESOURCE_SUBID_NONE) { diff --git a/core/init.c b/core/init.c index dbb381f..9d4ab60 100644 --- a/core/init.c +++ b/core/init.c @@ -415,10 +415,10 @@ static bool load_kernel(void) if (do_stb) { - sb_verify(RESOURCE_ID_KERNEL, RESOURCE_SUBID_NONE, - stb_container, kernel_size + SECURE_BOOT_HEADERS_SIZE); - tb_measure(RESOURCE_ID_KERNEL, RESOURCE_SUBID_NONE, - stb_container, kernel_size + SECURE_BOOT_HEADERS_SIZE); + sb_verify(RESOURCE_ID_KERNEL, stb_container, + kernel_size + SECURE_BOOT_HEADERS_SIZE); + tb_measure(RESOURCE_ID_KERNEL, stb_container, + kernel_size + SECURE_BOOT_HEADERS_SIZE); } /* diff --git a/doc/stb.rst b/doc/stb.rst index c62b574..b9b1301 100644 --- a/doc/stb.rst +++ b/doc/stb.rst @@ -60,11 +60,11 @@ boot support for a platform: stb_init(); start_preload_resource(RESOURCE_ID_CAPP, 0, capp_ucode_info.lid, &capp_ucode_info.size); - sb_verify(id, subid, buf); - tb_measure(id, subid, buf, *len); + sb_verify(id, buf, len); + tb_measure(id, buf, len); start_preload_resource(RESOURCE_ID_KERNEL, 0, KERNEL_LOAD_BASE, &kernel_size); - sb_verify(id, subid, buf); - tb_measure(id, subid, buf, *len); + sb_verify(id, buf, len); + tb_measure(id, buf, len); stb_final(); First, ``stb_init()`` must be called to initialize libstb. Basically, it reads both diff --git a/libstb/stb.c b/libstb/stb.c index 4dc28a9..be68a50 100644 --- a/libstb/stb.c +++ b/libstb/stb.c @@ -202,7 +202,7 @@ int stb_final(void) return rc; } -int tb_measure(enum resource_id id, uint32_t subid, void *buf, size_t len) +int tb_measure(enum resource_id id, void *buf, size_t len) { int rc, r; uint8_t digest[SHA512_DIGEST_LENGTH]; @@ -234,8 +234,8 @@ int tb_measure(enum resource_id id, uint32_t subid, void *buf, size_t len) * come from the resource load framework and likely indicates a * bug in the framework. */ - prlog(PR_ERR, "STB: %s failed: resource %s%d, buf null\n", - __func__, resource_map[r].name, subid); + prlog(PR_ERR, "STB: %s failed: resource %s, buf null\n", + __func__, resource_map[r].name); return STB_ARG_ERROR; } memset(digest, 0, SHA512_DIGEST_LENGTH); @@ -290,12 +290,12 @@ int tb_measure(enum resource_id id, uint32_t subid, void *buf, size_t len) EV_ACTION, resource_map[r].name); if (rc) return rc; - prlog(PR_NOTICE, "STB: %s%d measured to pcr%d\n", resource_map[r].name, - subid, resource_map[r].pcr); + prlog(PR_NOTICE, "STB: %s measured to pcr%d\n", resource_map[r].name, + resource_map[r].pcr); return 0; } -int sb_verify(enum resource_id id, uint32_t subid, void *buf, size_t len) +int sb_verify(enum resource_id id, void *buf, size_t len) { int r; const char *name = NULL; @@ -315,7 +315,7 @@ int sb_verify(enum resource_id id, uint32_t subid, void *buf, size_t len) * measured if trusted mode is on. */ prlog(PR_WARNING, "STB: verifying the non-expected " - "resource %d/%d\n", id, subid); + "resource %d\n", id); else name = resource_map[r].name; if (!rom_driver || !rom_driver->verify) { @@ -323,16 +323,16 @@ int sb_verify(enum resource_id id, uint32_t subid, void *buf, size_t len) sb_enforce(); } if (!buf || len < SECURE_BOOT_HEADERS_SIZE) { - prlog(PR_EMERG, "STB: %s arg error: id %d/%d, buf %p, len %zd\n", - __func__, id, subid, buf, len); + prlog(PR_EMERG, "STB: %s arg error: id %d, buf %p, len %zd\n", + __func__, id, buf, len); sb_enforce(); } if (rom_driver->verify(buf)) { - prlog(PR_EMERG, "STB: %s failed: resource %s%d, " - "eyecatcher 0x%016llx\n", __func__, name, subid, + prlog(PR_EMERG, "STB: %s failed: resource %s, " + "eyecatcher 0x%016llx\n", __func__, name, *((uint64_t*)buf)); sb_enforce(); } - prlog(PR_NOTICE, "STB: %s%d verified\n", name, subid); + prlog(PR_NOTICE, "STB: %s verified\n", name); return 0; } diff --git a/libstb/stb.h b/libstb/stb.h index 2141cf1..6ca44ea 100644 --- a/libstb/stb.h +++ b/libstb/stb.h @@ -39,7 +39,6 @@ extern int stb_final(void); /** * sb_verify - verify a resource * @id : resource id - * @subid: subpartition id * @buf : data to be verified * @len : buf length * @@ -51,13 +50,12 @@ extern int stb_final(void); * * returns: 0 otherwise the boot process is aborted */ -extern int sb_verify(enum resource_id id, uint32_t subid, void *buf, size_t len); +extern int sb_verify(enum resource_id id, void *buf, size_t len); /** * tb_measure - measure a resource * @id : resource id - * @subid : subpartition id * @buf : data to be measured * @len : buf length * @@ -69,7 +67,6 @@ extern int sb_verify(enum resource_id id, uint32_t subid, void *buf, size_t len) * * returns: 0 or an error as defined in status_codes.h */ -extern int tb_measure(enum resource_id id, uint32_t subid, void *buf, - size_t len); +extern int tb_measure(enum resource_id id, void *buf, size_t len); #endif /* __STB_H */ -- cgit v1.1