[Skiboot] [PATCH] libstb: remove subid argument from sb_verify and tb_measure
Claudio Carvalho
cclaudio at linux.vnet.ibm.com
Mon Oct 31 14:11:41 AEDT 2016
We always verify and measure an image as a whole, never its subpartition
(if exists).
This removes the subid argument from sb_verify() and tb_measure()
functions, and also reflects the change to the callers, STB interface
and STB documentation.
Signed-off-by: Claudio Carvalho <cclaudio at linux.vnet.ibm.com>
---
core/flash.c | 4 ++--
core/init.c | 8 ++++----
doc/stb.rst | 8 ++++----
libstb/stb.c | 24 ++++++++++++------------
libstb/stb.h | 7 ++-----
5 files changed, 24 insertions(+), 27 deletions(-)
diff --git a/core/flash.c b/core/flash.c
index a704380..5ab7fc8 100644
--- a/core/flash.c
+++ b/core/flash.c
@@ -655,8 +655,8 @@ done_reading:
* Verify and measure the retrieved PNOR partition as part of the
* secure boot and trusted boot requirements
*/
- sb_verify(id, subid, buf, *len);
- tb_measure(id, subid, buf, *len);
+ sb_verify(id, buf, *len);
+ tb_measure(id, buf, *len);
/* Find subpartition */
if (subid != RESOURCE_SUBID_NONE) {
diff --git a/core/init.c b/core/init.c
index dbb381f..9d4ab60 100644
--- a/core/init.c
+++ b/core/init.c
@@ -415,10 +415,10 @@ static bool load_kernel(void)
if (do_stb)
{
- sb_verify(RESOURCE_ID_KERNEL, RESOURCE_SUBID_NONE,
- stb_container, kernel_size + SECURE_BOOT_HEADERS_SIZE);
- tb_measure(RESOURCE_ID_KERNEL, RESOURCE_SUBID_NONE,
- stb_container, kernel_size + SECURE_BOOT_HEADERS_SIZE);
+ sb_verify(RESOURCE_ID_KERNEL, stb_container,
+ kernel_size + SECURE_BOOT_HEADERS_SIZE);
+ tb_measure(RESOURCE_ID_KERNEL, stb_container,
+ kernel_size + SECURE_BOOT_HEADERS_SIZE);
}
/*
diff --git a/doc/stb.rst b/doc/stb.rst
index c62b574..b9b1301 100644
--- a/doc/stb.rst
+++ b/doc/stb.rst
@@ -60,11 +60,11 @@ boot support for a platform:
stb_init();
start_preload_resource(RESOURCE_ID_CAPP, 0, capp_ucode_info.lid, &capp_ucode_info.size);
- sb_verify(id, subid, buf);
- tb_measure(id, subid, buf, *len);
+ sb_verify(id, buf, len);
+ tb_measure(id, buf, len);
start_preload_resource(RESOURCE_ID_KERNEL, 0, KERNEL_LOAD_BASE, &kernel_size);
- sb_verify(id, subid, buf);
- tb_measure(id, subid, buf, *len);
+ sb_verify(id, buf, len);
+ tb_measure(id, buf, len);
stb_final();
First, ``stb_init()`` must be called to initialize libstb. Basically, it reads both
diff --git a/libstb/stb.c b/libstb/stb.c
index 4dc28a9..be68a50 100644
--- a/libstb/stb.c
+++ b/libstb/stb.c
@@ -202,7 +202,7 @@ int stb_final(void)
return rc;
}
-int tb_measure(enum resource_id id, uint32_t subid, void *buf, size_t len)
+int tb_measure(enum resource_id id, void *buf, size_t len)
{
int rc, r;
uint8_t digest[SHA512_DIGEST_LENGTH];
@@ -234,8 +234,8 @@ int tb_measure(enum resource_id id, uint32_t subid, void *buf, size_t len)
* come from the resource load framework and likely indicates a
* bug in the framework.
*/
- prlog(PR_ERR, "STB: %s failed: resource %s%d, buf null\n",
- __func__, resource_map[r].name, subid);
+ prlog(PR_ERR, "STB: %s failed: resource %s, buf null\n",
+ __func__, resource_map[r].name);
return STB_ARG_ERROR;
}
memset(digest, 0, SHA512_DIGEST_LENGTH);
@@ -290,12 +290,12 @@ int tb_measure(enum resource_id id, uint32_t subid, void *buf, size_t len)
EV_ACTION, resource_map[r].name);
if (rc)
return rc;
- prlog(PR_NOTICE, "STB: %s%d measured to pcr%d\n", resource_map[r].name,
- subid, resource_map[r].pcr);
+ prlog(PR_NOTICE, "STB: %s measured to pcr%d\n", resource_map[r].name,
+ resource_map[r].pcr);
return 0;
}
-int sb_verify(enum resource_id id, uint32_t subid, void *buf, size_t len)
+int sb_verify(enum resource_id id, void *buf, size_t len)
{
int r;
const char *name = NULL;
@@ -315,7 +315,7 @@ int sb_verify(enum resource_id id, uint32_t subid, void *buf, size_t len)
* measured if trusted mode is on.
*/
prlog(PR_WARNING, "STB: verifying the non-expected "
- "resource %d/%d\n", id, subid);
+ "resource %d\n", id);
else
name = resource_map[r].name;
if (!rom_driver || !rom_driver->verify) {
@@ -323,16 +323,16 @@ int sb_verify(enum resource_id id, uint32_t subid, void *buf, size_t len)
sb_enforce();
}
if (!buf || len < SECURE_BOOT_HEADERS_SIZE) {
- prlog(PR_EMERG, "STB: %s arg error: id %d/%d, buf %p, len %zd\n",
- __func__, id, subid, buf, len);
+ prlog(PR_EMERG, "STB: %s arg error: id %d, buf %p, len %zd\n",
+ __func__, id, buf, len);
sb_enforce();
}
if (rom_driver->verify(buf)) {
- prlog(PR_EMERG, "STB: %s failed: resource %s%d, "
- "eyecatcher 0x%016llx\n", __func__, name, subid,
+ prlog(PR_EMERG, "STB: %s failed: resource %s, "
+ "eyecatcher 0x%016llx\n", __func__, name,
*((uint64_t*)buf));
sb_enforce();
}
- prlog(PR_NOTICE, "STB: %s%d verified\n", name, subid);
+ prlog(PR_NOTICE, "STB: %s verified\n", name);
return 0;
}
diff --git a/libstb/stb.h b/libstb/stb.h
index 2141cf1..6ca44ea 100644
--- a/libstb/stb.h
+++ b/libstb/stb.h
@@ -39,7 +39,6 @@ extern int stb_final(void);
/**
* sb_verify - verify a resource
* @id : resource id
- * @subid: subpartition id
* @buf : data to be verified
* @len : buf length
*
@@ -51,13 +50,12 @@ extern int stb_final(void);
*
* returns: 0 otherwise the boot process is aborted
*/
-extern int sb_verify(enum resource_id id, uint32_t subid, void *buf, size_t len);
+extern int sb_verify(enum resource_id id, void *buf, size_t len);
/**
* tb_measure - measure a resource
* @id : resource id
- * @subid : subpartition id
* @buf : data to be measured
* @len : buf length
*
@@ -69,7 +67,6 @@ extern int sb_verify(enum resource_id id, uint32_t subid, void *buf, size_t len)
*
* returns: 0 or an error as defined in status_codes.h
*/
-extern int tb_measure(enum resource_id id, uint32_t subid, void *buf,
- size_t len);
+extern int tb_measure(enum resource_id id, void *buf, size_t len);
#endif /* __STB_H */
--
1.9.1
More information about the Skiboot
mailing list