[PATCH v2 3/5] discover: Update to reflect generic signed boot API
Brett Grandbois
brett.grandbois at opengear.com
Tue May 15 10:55:50 AEST 2018
Signed-off-by: Brett Grandbois <brett.grandbois at opengear.com>
---
discover/Makefile.am | 3 +--
discover/boot.c | 12 ++++++------
2 files changed, 7 insertions(+), 8 deletions(-)
diff --git a/discover/Makefile.am b/discover/Makefile.am
index ef4c602..3992a66 100644
--- a/discover/Makefile.am
+++ b/discover/Makefile.am
@@ -59,8 +59,7 @@ discover_pb_discover_LDADD = \
discover/grub2/grub2-parser.ro \
discover/platform.ro \
$(core_lib) \
- $(UDEV_LIBS) \
- $(GPGME_LIBS)
+ $(UDEV_LIBS)
discover_pb_discover_LDFLAGS = \
$(AM_LDFLAGS) \
diff --git a/discover/boot.c b/discover/boot.c
index 0da40e3..0499a52 100644
--- a/discover/boot.c
+++ b/discover/boot.c
@@ -26,7 +26,7 @@
#include "resource.h"
#include "platform.h"
-#include <security/gpg.h>
+#include <security/security.h>
static const char *boot_hook_dir = PKG_SYSCONF_DIR "/boot.d";
enum {
@@ -72,7 +72,7 @@ static int kexec_load(struct boot_task *boot_task)
boot_task->local_dtb_override = NULL;
boot_task->local_image_override = NULL;
- if ((result = gpg_validate_boot_files(boot_task))) {
+ if ((result = validate_boot_files(boot_task))) {
if (result == KEXEC_LOAD_DECRYPTION_FALURE) {
pb_log("%s: Aborting kexec due to"
" decryption failure\n", __func__);
@@ -144,7 +144,7 @@ static int kexec_load(struct boot_task *boot_task)
}
abort_kexec:
- gpg_validate_boot_files_cleanup(boot_task);
+ validate_boot_files_cleanup(boot_task);
return result;
}
@@ -598,21 +598,21 @@ struct boot_task *boot(void *ctx, struct discover_boot_option *opt,
if (boot_task->verify_signature) {
/* Generate names of associated signature files and load */
if (image) {
- image_sig = gpg_get_signature_url(ctx, image);
+ image_sig = get_signature_url(ctx, image);
tmp = add_boot_resource(boot_task,
_("kernel image signature"), image_sig,
&boot_task->local_image_signature);
rc |= start_url_load(boot_task, tmp);
}
if (initrd) {
- initrd_sig = gpg_get_signature_url(ctx, initrd);
+ initrd_sig = get_signature_url(ctx, initrd);
tmp = add_boot_resource(boot_task,
_("initrd signature"), initrd_sig,
&boot_task->local_initrd_signature);
rc |= start_url_load(boot_task, tmp);
}
if (dtb) {
- dtb_sig = gpg_get_signature_url(ctx, dtb);
+ dtb_sig = get_signature_url(ctx, dtb);
tmp = add_boot_resource(boot_task,
_("dtb signature"), dtb_sig,
&boot_task->local_dtb_signature);
--
2.7.4
More information about the Petitboot
mailing list