Implementation of Region API
At present reading data from storage in Vboot is a little fragmented. For
the firmware image, we expect the boot loader to handle this. For the disk
we have a block-level API. For the GBB (which also sits in the firmware
image) we expect the entire thing to be read before Vboot is called.
Add the concept of a region, and an API to read from a region. At present,
and most pressing, is reading from a GBB region. In the future this could
be extended to other parts of the firmware or even the disk.
Move all access to the GBB into this API so that the boot loader can provide
either a GBB region in one large contiguous chunk, or a function to deal with
read requests from vboot.
The call to VbExRegionRead() is behind a flag since not all boot loaders
support it yet.
The main change for boot loaders which don't support this new API is that
vboot will do more behind the scenes. For example, it will allocate memory
for chunks of data that it reads from the GBB, rather than just accessing it
directly. This approach is considerably simpler than trying to pass char **
everywhere and have vboot decide whether something needs to be allocated or
not.
The tests are updated, mainly to include setting up a GBB structure
accessible from VbCommonParams, which is now required by the firmware and
kernel functions. In normal operation this is set up at the start of
VbLoadFIrmware() and VbSelectAndLoadKernel() but for tests which call
children of these functions directly, the GBB structure must be set up
manually by the test.
BUG=chrome-os-partner:21115
BRANCH=none
TEST=manual
FEATURES=test sudo -E emerge vboot_reference
Change-Id: I2c19e9dc2ed602d0642bbf4f7d27f79fe9fad873
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/63336
Reviewed-by: Randall Spangler <rspangler@chromium.org>
diff --git a/firmware/include/gbb_access.h b/firmware/include/gbb_access.h
new file mode 100644
index 0000000..b94d0cd
--- /dev/null
+++ b/firmware/include/gbb_access.h
@@ -0,0 +1,83 @@
+/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Access to portions of the GBB using the region API.
+ */
+
+#ifndef VBOOT_REFERENCE_GBB_ACCESS_H_
+#define VBOOT_REFERENCE_GBB_ACCESS_H_
+
+#include "vboot_api.h"
+
+struct BmpBlockHeader;
+struct ImageInfo;
+struct GoogleBinaryBlockHeader;
+struct ScreenLayout;
+struct VbPublicKey;
+
+/**
+ * Read the GBB header
+ *
+ * This accesses the GBB and reads its header.
+ *
+ * @param cparams Vboot common parameters
+ * @param gbb Place to put GBB header
+ */
+VbError_t VbGbbReadHeader_static(VbCommonParams *cparams,
+ struct GoogleBinaryBlockHeader *gbb);
+
+/**
+ * Read the root key from the GBB
+ *
+ * @param cparams Vboot common parameters
+ * @param keyp Returns a pointer to the key. The caller must call
+ * VbExFree() on the key when finished with it.
+ * @return VBERROR_... error, VBERROR_SUCCESS on success,
+ */
+VbError_t VbGbbReadRootKey(VbCommonParams *cparams,
+ struct VbPublicKey **keyp);
+
+/**
+ * Read the recovery key from the GBB
+ *
+ * @param cparams Vboot common parameters
+ * @param keyp Returns a pointer to the key. The caller must call
+ * VbExFree() on the key when finished with it.
+ * @return VBERROR_... error, VBERROR_SUCCESS on success,
+ */
+VbError_t VbGbbReadRecoveryKey(VbCommonParams *cparams,
+ struct VbPublicKey **keyp);
+
+/**
+ * Read the bitmap block header from the GBB
+ *
+ * @param cparams Vboot common parameters
+ * @param hdr The header is placed in this block
+ * @return VBERROR_... error, VBERROR_SUCCESS on success,
+ */
+VbError_t VbGbbReadBmpHeader(VbCommonParams *cparams,
+ struct BmpBlockHeader *hdr);
+
+/**
+ * Read a image from the GBB
+ *
+ * The caller must call VbExFree() on *image_datap when finished with it.
+ *
+ * @param cparams Vboot common parameters
+ * @param localization Localization/language number
+ * @param screen_index Index of screen to display (VB_SCREEN_...)
+ * @param image_num Image number within the screen
+ * @param layout Returns layout information (x, y position)
+ * @param image_info Returns information about the image (format)
+ * @param image_datap Returns a pointer to the image data
+ * @param iamge_data_sizep Return size of image data
+ * @return VBERROR_... error, VBERROR_SUCCESS on success,
+ */
+VbError_t VbGbbReadImage(VbCommonParams *cparams,
+ uint32_t localization, uint32_t screen_index,
+ uint32_t image_num, struct ScreenLayout *layout,
+ struct ImageInfo *image_info, char **image_datap,
+ uint32_t *image_data_sizep);
+
+#endif
diff --git a/firmware/include/region.h b/firmware/include/region.h
new file mode 100644
index 0000000..78e1dba
--- /dev/null
+++ b/firmware/include/region.h
@@ -0,0 +1,55 @@
+/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Access to portions of the firmware image, perhaps later to be expanded
+ * to other devices.
+ */
+
+#ifndef VBOOT_REFERENCE_REGION_H_
+#define VBOOT_REFERENCE_REGION_H_
+
+#include "bmpblk_header.h"
+#include "gbb_header.h"
+#include "vboot_api.h"
+#include "vboot_struct.h"
+
+/* The maximum length of a hardware ID */
+#define VB_REGION_HWID_LEN 256
+
+/**
+ * Read data from a region
+ *
+ * @param cparams Vboot common parameters
+ * @param region Region number to read
+ * @param offset Offset within region to start reading
+ * @param size Size of data to read
+ * @param buf Buffer to put the data into
+ * @return VBERROR_... error, VBERROR_SUCCESS on success,
+ */
+VbError_t VbRegionReadData(VbCommonParams *cparams,
+ enum vb_firmware_region region, uint32_t offset,
+ uint32_t size, void *buf);
+
+/**
+ * Check the version of the GBB and print debug information if valid
+ *
+ * @param cparams Vboot common parameters
+ */
+void VbRegionCheckVersion(VbCommonParams *cparams);
+
+/**
+ * Read the hardware ID from the GBB
+ *
+ * @param cparams Vboot common parameters
+ * @param hwid Place to put HWID, which will be null-terminated
+ * @param max_size Maximum size of HWID including terminated null
+ * character (suggest VB_REGION_HWID_LEN). If this size
+ * it too small then VBERROR_INVALID_PARAMETER is
+ * returned.
+ * @return VBERROR_... error, VBERROR_SUCCESS on success,
+ */
+VbError_t VbRegionReadHWID(VbCommonParams *cparams, char *hwid,
+ uint32_t max_size);
+
+#endif /* VBOOT_REFERENCE_REGION_H_ */
diff --git a/firmware/include/vboot_api.h b/firmware/include/vboot_api.h
index 10adc37..214da75 100644
--- a/firmware/include/vboot_api.h
+++ b/firmware/include/vboot_api.h
@@ -104,6 +104,14 @@
VBERROR_VGA_OPROM_MISMATCH = 0x10021,
/* Need EC to reboot to read-only code */
VBERROR_EC_REBOOT_TO_RO_REQUIRED = 0x10022,
+ /* Invalid region read parameters */
+ VBERROR_REGION_READ_INVALID = 0x10023,
+ /* Cannot read from region */
+ VBERROR_REGION_READ_FAILED = 0x10024,
+ /* Unsupported region type */
+ VBERROR_UNSUPPORTED_REGION = 0x10025,
+ /* No image present (returned from VbGbbReadImage() for missing image) */
+ VBERROR_NO_IMAGE_PRESENT = 0x10026,
/* VbExEcGetExpectedRWHash() may return the following codes */
/* Compute expected RW hash from the EC image; BIOS doesn't have it */
@@ -167,6 +175,10 @@
* the stack.
*/
void *caller_context;
+
+ /* For internal use of Vboot - do not examine or modify! */
+ struct GoogleBinaryBlockHeader *gbb;
+ struct BmpBlockHeader *bmp;
} VbCommonParams;
/* Flags for VbInitParams.flags */
@@ -827,4 +839,33 @@
*/
int VbExLegacy(void);
+/* Regions for VbExRegionRead() */
+enum vb_firmware_region {
+ VB_REGION_GBB, /* Google Binary Block - see gbbheader.h */
+
+ VB_REGION_COUNT,
+};
+
+/**
+ * Read data from a region of the firmware image
+ *
+ * Vboot wants access to a region, to read data from it. This function
+ * reads it (typically from the firmware image such as SPI flash) and
+ * returns the data.
+ *
+ * cparams is passed so that the boot loader has some context for the
+ * operation.
+ *
+ * @param cparams Common parameters, e.g. use member caller_context
+ * to point to useful context data
+ * @param region Firmware region to read
+ * @param offset Start offset within region
+ * @param size Number of bytes to read
+ * @param buf Place to put data
+ * @return VBERROR_... error, VBERROR_SUCCESS on success,
+ */
+VbError_t VbExRegionRead(VbCommonParams *cparams,
+ enum vb_firmware_region region, uint32_t offset,
+ uint32_t size, void *buf);
+
#endif /* VBOOT_REFERENCE_VBOOT_API_H_ */
diff --git a/firmware/lib/include/load_kernel_fw.h b/firmware/lib/include/load_kernel_fw.h
index dd6e1a8..a710ee5 100644
--- a/firmware/lib/include/load_kernel_fw.h
+++ b/firmware/lib/include/load_kernel_fw.h
@@ -74,7 +74,7 @@
* Returns VBERROR_SUCCESS if successful. If unsuccessful, sets a recovery
* reason via VbNvStorage and returns an error code.
*/
-VbError_t LoadKernel(LoadKernelParams *params);
+VbError_t LoadKernel(LoadKernelParams *params, VbCommonParams *cparams);
/*
* The bootloader is loaded using the EFI LoadImage() and StartImage() calls.
diff --git a/firmware/lib/include/vboot_display.h b/firmware/lib/include/vboot_display.h
index 17ce48b..c35f669 100644
--- a/firmware/lib/include/vboot_display.h
+++ b/firmware/lib/include/vboot_display.h
@@ -43,11 +43,6 @@
const char *RecoveryReasonString(uint8_t code);
/**
- * Return a fixed string representing the HWID.
- */
-const char *VbHWID(VbCommonParams *cparams);
-
-/**
* Get the number of localizations in the GBB bitmap data.
*/
VbError_t VbGetLocalizationCount(VbCommonParams *cparams, uint32_t *count);
diff --git a/firmware/lib/include/vboot_kernel.h b/firmware/lib/include/vboot_kernel.h
index 1243cb8..48e1253 100644
--- a/firmware/lib/include/vboot_kernel.h
+++ b/firmware/lib/include/vboot_kernel.h
@@ -11,6 +11,7 @@
#include "cgptlib.h"
#include "load_firmware_fw.h"
+#include "load_kernel_fw.h"
#include "vboot_api.h"
/**
@@ -33,6 +34,11 @@
VbNvContext *VbApiKernelGetVnc(void);
/**
+ * Exported for unit tests only - frees memory used by VbSelectAndLoadKernel()
+ */
+void VbApiKernelFree(VbCommonParams *cparams);
+
+/**
* Try to load a kernel.
*/
uint32_t VbTryLoadKernel(VbCommonParams *cparams, LoadKernelParams *p,
diff --git a/firmware/lib/region-fw.c b/firmware/lib/region-fw.c
new file mode 100644
index 0000000..13b1c92
--- /dev/null
+++ b/firmware/lib/region-fw.c
@@ -0,0 +1,54 @@
+/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * High-level firmware API for loading and verifying rewritable firmware.
+ * (Firmware portion)
+ */
+
+#include "sysincludes.h"
+
+#include "bmpblk_header.h"
+#include "region.h"
+#include "gbb_header.h"
+#include "load_kernel_fw.h"
+#include "utility.h"
+#include "vboot_api.h"
+#include "vboot_struct.h"
+
+static VbError_t VbGbbReadKey(VbCommonParams *cparams, uint32_t offset,
+ VbPublicKey **keyp)
+{
+ VbPublicKey hdr, *key;
+ VbError_t ret;
+ uint32_t size;
+
+ ret = VbRegionReadData(cparams, VB_REGION_GBB, offset,
+ sizeof(VbPublicKey), &hdr);
+ if (ret)
+ return ret;
+
+ /* Deal with a zero-size key (used in testing) */
+ size = hdr.key_offset + hdr.key_size;
+ if (size < sizeof(hdr))
+ size = sizeof(hdr);
+ key = VbExMalloc(size);
+ ret = VbRegionReadData(cparams, VB_REGION_GBB, offset, size, key);
+ if (ret) {
+ VbExFree(key);
+ return ret;
+ }
+
+ *keyp = key;
+ return VBERROR_SUCCESS;
+}
+
+VbError_t VbGbbReadRootKey(VbCommonParams *cparams, VbPublicKey **keyp)
+{
+ return VbGbbReadKey(cparams, cparams->gbb->rootkey_offset, keyp);
+}
+
+VbError_t VbGbbReadRecoveryKey(VbCommonParams *cparams, VbPublicKey **keyp)
+{
+ return VbGbbReadKey(cparams, cparams->gbb->recovery_key_offset, keyp);
+}
diff --git a/firmware/lib/region-init.c b/firmware/lib/region-init.c
new file mode 100644
index 0000000..2c2b726
--- /dev/null
+++ b/firmware/lib/region-init.c
@@ -0,0 +1,49 @@
+/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * High-level firmware API for loading and verifying rewritable firmware.
+ * (Firmware portion)
+ */
+
+#include "sysincludes.h"
+
+#include "bmpblk_header.h"
+#include "region.h"
+#include "gbb_header.h"
+#include "load_kernel_fw.h"
+#include "utility.h"
+#include "vboot_api.h"
+#include "vboot_struct.h"
+
+VbError_t VbRegionReadData(VbCommonParams *cparams,
+ enum vb_firmware_region region, uint32_t offset,
+ uint32_t size, void *buf)
+{
+ /* This is the old API, for backwards compatibility */
+ if (region == VB_REGION_GBB && cparams->gbb_data) {
+ if (offset + size > cparams->gbb_size)
+ return VBERROR_INVALID_GBB;
+ Memcpy(buf, cparams->gbb_data + offset, size);
+ } else
+#ifdef REGION_READ
+ {
+ VbError_t ret;
+
+ ret = VbExRegionRead(cparams, region, offset, size, buf);
+ if (ret)
+ return ret;
+ }
+#else
+ return VBERROR_INVALID_GBB;
+#endif
+
+ return VBERROR_SUCCESS;
+}
+
+VbError_t VbGbbReadHeader_static(VbCommonParams *cparams,
+ GoogleBinaryBlockHeader *gbb)
+{
+ return VbRegionReadData(cparams, VB_REGION_GBB, 0,
+ sizeof(GoogleBinaryBlockHeader), gbb);
+}
diff --git a/firmware/lib/region-kernel.c b/firmware/lib/region-kernel.c
new file mode 100644
index 0000000..3d7cb84
--- /dev/null
+++ b/firmware/lib/region-kernel.c
@@ -0,0 +1,199 @@
+/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * High-level firmware API for loading and verifying rewritable firmware.
+ * (Firmware portion)
+ */
+
+#include "sysincludes.h"
+
+#include "bmpblk_header.h"
+#include "region.h"
+#include "gbb_header.h"
+#include "load_kernel_fw.h"
+#include "utility.h"
+#include "vboot_api.h"
+#include "vboot_struct.h"
+
+static VbError_t VbRegionReadGbb(VbCommonParams *cparams, uint32_t offset,
+ uint32_t size, void *buf)
+{
+ return VbRegionReadData(cparams, VB_REGION_GBB, offset, size, buf);
+}
+
+VbError_t VbGbbReadBmpHeader(VbCommonParams *cparams, BmpBlockHeader *hdr_ret)
+{
+ BmpBlockHeader *hdr;
+ VbError_t ret;
+
+ if (!cparams)
+ return VBERROR_INVALID_GBB;
+ if (!cparams->bmp) {
+ GoogleBinaryBlockHeader *gbb = cparams->gbb;
+
+ if (0 == gbb->bmpfv_size)
+ return VBERROR_INVALID_GBB;
+
+ hdr = VbExMalloc(sizeof(*hdr));
+ ret = VbRegionReadGbb(cparams, gbb->bmpfv_offset,
+ sizeof(BmpBlockHeader), hdr);
+ if (ret) {
+ VbExFree(hdr);
+ return ret;
+ }
+
+ /* Sanity-check the bitmap block header */
+ if ((0 != Memcmp(hdr->signature, BMPBLOCK_SIGNATURE,
+ BMPBLOCK_SIGNATURE_SIZE)) ||
+ (hdr->major_version > BMPBLOCK_MAJOR_VERSION) ||
+ ((hdr->major_version == BMPBLOCK_MAJOR_VERSION) &&
+ (hdr->minor_version > BMPBLOCK_MINOR_VERSION))) {
+ VBDEBUG(("VbDisplayScreenFromGBB(): "
+ "invalid/too new bitmap header\n"));
+ VbExFree(hdr);
+ return VBERROR_INVALID_BMPFV;
+ }
+ cparams->bmp = hdr;
+ }
+
+ *hdr_ret = *cparams->bmp;
+ return VBERROR_SUCCESS;
+}
+
+VbError_t VbRegionReadHWID(VbCommonParams *cparams, char *hwid,
+ uint32_t max_size)
+{
+ GoogleBinaryBlockHeader *gbb;
+ VbError_t ret;
+
+ if (!max_size)
+ return VBERROR_INVALID_PARAMETER;
+ *hwid = '\0';
+ StrnAppend(hwid, "{INVALID}", max_size);
+ if (!cparams)
+ return VBERROR_INVALID_GBB;
+
+ gbb = cparams->gbb;
+
+ if (0 == gbb->hwid_size) {
+ VBDEBUG(("VbHWID(): invalid hwid size\n"));
+ return VBERROR_SUCCESS; /* oddly enough! */
+ }
+
+ if (gbb->hwid_size > max_size) {
+ VBDEBUG(("VbDisplayDebugInfo(): invalid hwid offset/size\n"));
+ return VBERROR_INVALID_PARAMETER;
+ }
+ ret = VbRegionReadGbb(cparams, gbb->hwid_offset, gbb->hwid_size, hwid);
+ if (ret)
+ return ret;
+
+ return VBERROR_SUCCESS;
+}
+
+VbError_t VbGbbReadImage(VbCommonParams *cparams,
+ uint32_t localization, uint32_t screen_index,
+ uint32_t image_num, ScreenLayout *layout,
+ ImageInfo *image_info, char **image_datap,
+ uint32_t *image_data_sizep)
+{
+ uint32_t layout_offset, image_offset, data_offset, data_size;
+ GoogleBinaryBlockHeader *gbb;
+ BmpBlockHeader hdr;
+ void *data = NULL;
+ VbError_t ret;
+
+ if (!cparams)
+ return VBERROR_INVALID_GBB;
+
+ ret = VbGbbReadBmpHeader(cparams, &hdr);
+ if (ret)
+ return ret;
+
+ gbb = cparams->gbb;
+ layout_offset = gbb->bmpfv_offset + sizeof(BmpBlockHeader) +
+ localization * hdr.number_of_screenlayouts *
+ sizeof(ScreenLayout) +
+ screen_index * sizeof(ScreenLayout);
+ ret = VbRegionReadGbb(cparams, layout_offset, sizeof(*layout), layout);
+ if (ret)
+ return ret;
+
+ if (!layout->images[image_num].image_info_offset)
+ return VBERROR_NO_IMAGE_PRESENT;
+
+ image_offset = gbb->bmpfv_offset +
+ layout->images[image_num].image_info_offset;
+ ret = VbRegionReadGbb(cparams, image_offset, sizeof(*image_info),
+ image_info);
+ if (ret)
+ return ret;
+
+ data_offset = image_offset + sizeof(*image_info);
+ data_size = image_info->compressed_size;
+ if (data_size) {
+ void *orig_data;
+
+ data = VbExMalloc(image_info->compressed_size);
+ ret = VbRegionReadGbb(cparams, data_offset,
+ image_info->compressed_size, data);
+ if (ret) {
+ VbExFree(data);
+ return ret;
+ }
+ if (image_info->compression != COMPRESS_NONE) {
+ uint32_t inoutsize = image_info->original_size;
+
+ orig_data = VbExMalloc(image_info->original_size);
+ ret = VbExDecompress(data,
+ image_info->compressed_size,
+ image_info->compression,
+ orig_data, &inoutsize);
+ data_size = inoutsize;
+ VbExFree(data);
+ data = orig_data;
+ if (ret) {
+ VbExFree(data);
+ return ret;
+ }
+ }
+ }
+
+ *image_datap = data;
+ *image_data_sizep = data_size;
+
+ return VBERROR_SUCCESS;
+}
+
+#define OUTBUF_LEN 128
+
+void VbRegionCheckVersion(VbCommonParams *cparams)
+{
+ GoogleBinaryBlockHeader *gbb;
+
+ if (!cparams)
+ return;
+
+ gbb = cparams->gbb;
+
+ /*
+ * If GBB flags is nonzero, complain because that's something that the
+ * factory MUST fix before shipping. We only have to do this here,
+ * because it's obvious that something is wrong if we're not displaying
+ * screens from the GBB.
+ */
+ if (gbb->major_version == GBB_MAJOR_VER && gbb->minor_version >= 1 &&
+ (gbb->flags != 0)) {
+ uint32_t used = 0;
+ char outbuf[OUTBUF_LEN];
+
+ *outbuf = '\0';
+ used += StrnAppend(outbuf + used, "gbb.flags is nonzero: 0x",
+ OUTBUF_LEN - used);
+ used += Uint64ToString(outbuf + used, OUTBUF_LEN - used,
+ gbb->flags, 16, 8);
+ used += StrnAppend(outbuf + used, "\n", OUTBUF_LEN - used);
+ (void)VbExDisplayDebugInfo(outbuf);
+ }
+}
diff --git a/firmware/lib/vboot_api_firmware.c b/firmware/lib/vboot_api_firmware.c
index e0c93a3..cfe4251 100644
--- a/firmware/lib/vboot_api_firmware.c
+++ b/firmware/lib/vboot_api_firmware.c
@@ -7,6 +7,7 @@
#include "sysincludes.h"
+#include "gbb_access.h"
#include "gbb_header.h"
#include "load_firmware_fw.h"
#include "rollback_index.h"
@@ -27,6 +28,9 @@
int is_dev = (shared->flags & VBSD_BOOT_DEV_SWITCH_ON ? 1 : 0);
uint32_t tpm_status = 0;
+ cparams->gbb = NULL;
+ cparams->bmp = NULL;
+
/* Start timer */
shared->timer_vb_select_firmware_enter = VbExGetTimer();
@@ -44,6 +48,11 @@
/* Go directly to recovery mode */
fparams->selected_firmware = VB_SELECT_FIRMWARE_RECOVERY;
} else {
+ cparams->gbb = VbExMalloc(sizeof(*cparams->gbb));
+ retval = VbGbbReadHeader_static(cparams, cparams->gbb);
+ if (VBERROR_SUCCESS != retval)
+ goto VbSelectFirmware_exit;
+
/* Chain to LoadFirmware() */
retval = LoadFirmware(cparams, fparams, &vnc);
@@ -107,6 +116,11 @@
VbSelectFirmware_exit:
+ if (cparams->gbb) {
+ VbExFree(cparams->gbb);
+ cparams->gbb = NULL;
+ }
+
/* Save NV storage */
VbNvTeardown(&vnc);
if (vnc.raw_changed)
diff --git a/firmware/lib/vboot_api_init.c b/firmware/lib/vboot_api_init.c
index c55e708..ebafe2a 100644
--- a/firmware/lib/vboot_api_init.c
+++ b/firmware/lib/vboot_api_init.c
@@ -7,6 +7,8 @@
#include "sysincludes.h"
+#include "region.h"
+#include "gbb_access.h"
#include "gbb_header.h"
#include "load_firmware_fw.h"
#include "rollback_index.h"
@@ -19,8 +21,7 @@
{
VbSharedDataHeader *shared =
(VbSharedDataHeader *)cparams->shared_data_blob;
- GoogleBinaryBlockHeader *gbb =
- (GoogleBinaryBlockHeader *)cparams->gbb_data;
+ GoogleBinaryBlockHeader gbb;
VbNvContext vnc;
VbError_t retval = VBERROR_SUCCESS;
uint32_t recovery = VBNV_RECOVERY_NOT_REQUESTED;
@@ -36,12 +37,16 @@
uint32_t clear_tpm_owner_request = 0;
int is_dev = 0;
- VBDEBUG(("VbInit() input flags 0x%x gbb flags 0x%x\n", iparams->flags,
- gbb->flags));
-
/* Initialize output flags */
iparams->out_flags = 0;
+ retval = VbGbbReadHeader_static(cparams, &gbb);
+ if (retval)
+ return retval;
+
+ VBDEBUG(("VbInit() input flags 0x%x gbb flags 0x%x\n", iparams->flags,
+ gbb.flags));
+
/* Set up NV storage */
VbExNvStorageRead(vnc.raw);
VbNvSetup(&vnc);
@@ -163,7 +168,7 @@
VbNvGet(&vnc, VBNV_DISABLE_DEV_REQUEST, &disable_dev_request);
/* Allow GBB flag to override dev switch */
- if (gbb->flags & GBB_FLAG_FORCE_DEV_SWITCH_ON)
+ if (gbb.flags & GBB_FLAG_FORCE_DEV_SWITCH_ON)
is_hw_dev = 1;
/* Have we been explicitly asked to clear the TPM owner? */
@@ -242,11 +247,11 @@
}
/* Allow BIOS to load arbitrary option ROMs? */
- if (gbb->flags & GBB_FLAG_LOAD_OPTION_ROMS)
+ if (gbb.flags & GBB_FLAG_LOAD_OPTION_ROMS)
iparams->out_flags |= VB_INIT_OUT_ENABLE_OPROM;
/* Factory may need to boot custom OSes when the dev-switch is on */
- if (is_dev && (gbb->flags & GBB_FLAG_ENABLE_ALTERNATE_OS))
+ if (is_dev && (gbb.flags & GBB_FLAG_ENABLE_ALTERNATE_OS))
iparams->out_flags |= VB_INIT_OUT_ENABLE_ALTERNATE_OS;
/* Set output flags */
diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c
index 7ad4592..4f0b3f2 100644
--- a/firmware/lib/vboot_api_kernel.c
+++ b/firmware/lib/vboot_api_kernel.c
@@ -7,8 +7,10 @@
#include "sysincludes.h"
+#include "gbb_access.h"
#include "gbb_header.h"
#include "load_kernel_fw.h"
+#include "region.h"
#include "rollback_index.h"
#include "utility.h"
#include "vboot_api.h"
@@ -97,7 +99,7 @@
p->disk_handle = disk_info[i].handle;
p->bytes_per_lba = disk_info[i].bytes_per_lba;
p->ending_lba = disk_info[i].lba_count - 1;
- retval = LoadKernel(p);
+ retval = LoadKernel(p, cparams);
VBDEBUG(("VbTryLoadKernel() LoadKernel() = %d\n", retval));
/*
@@ -173,8 +175,7 @@
VbError_t VbBootDeveloper(VbCommonParams *cparams, LoadKernelParams *p)
{
- GoogleBinaryBlockHeader *gbb =
- (GoogleBinaryBlockHeader *)cparams->gbb_data;
+ GoogleBinaryBlockHeader *gbb = cparams->gbb;
VbSharedDataHeader *shared =
(VbSharedDataHeader *)cparams->shared_data_blob;
uint32_t allow_usb = 0, allow_legacy = 0, ctrl_d_pressed = 0;
@@ -807,13 +808,25 @@
return VBERROR_SUCCESS;
}
+/* This function is also used by tests */
+void VbApiKernelFree(VbCommonParams *cparams)
+{
+ /* VbSelectAndLoadKernel() always allocates this, tests don't */
+ if (cparams->gbb) {
+ VbExFree(cparams->gbb);
+ cparams->gbb = NULL;
+ }
+ if (cparams->bmp) {
+ VbExFree(cparams->bmp);
+ cparams->bmp = NULL;
+ }
+}
+
VbError_t VbSelectAndLoadKernel(VbCommonParams *cparams,
VbSelectAndLoadKernelParams *kparams)
{
VbSharedDataHeader *shared =
(VbSharedDataHeader *)cparams->shared_data_blob;
- GoogleBinaryBlockHeader *gbb =
- (GoogleBinaryBlockHeader *)cparams->gbb_data;
VbError_t retval = VBERROR_SUCCESS;
LoadKernelParams p;
uint32_t tpm_status = 0;
@@ -831,9 +844,15 @@
kparams->bootloader_size = 0;
Memset(kparams->partition_guid, 0, sizeof(kparams->partition_guid));
+ cparams->bmp = NULL;
+ cparams->gbb = VbExMalloc(sizeof(*cparams->gbb));
+ retval = VbGbbReadHeader_static(cparams, cparams->gbb);
+ if (VBERROR_SUCCESS != retval)
+ goto VbSelectAndLoadKernel_exit;
+
/* Do EC software sync if necessary */
if ((shared->flags & VBSD_EC_SOFTWARE_SYNC) &&
- !(gbb->flags & GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC)) {
+ !(cparams->gbb->flags & GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC)) {
retval = VbEcSoftwareSync(cparams);
if (retval != VBERROR_SUCCESS)
goto VbSelectAndLoadKernel_exit;
@@ -982,6 +1001,8 @@
VbSelectAndLoadKernel_exit:
+ VbApiKernelFree(cparams);
+
VbNvTeardown(&vnc);
if (vnc.raw_changed)
VbExNvStorageWrite(vnc.raw);
diff --git a/firmware/lib/vboot_audio.c b/firmware/lib/vboot_audio.c
index 5414f32..e24a039 100644
--- a/firmware/lib/vboot_audio.c
+++ b/firmware/lib/vboot_audio.c
@@ -208,8 +208,7 @@
*/
VbAudioContext *VbAudioOpen(VbCommonParams *cparams)
{
- GoogleBinaryBlockHeader* gbb =
- (GoogleBinaryBlockHeader *)cparams->gbb_data;
+ GoogleBinaryBlockHeader *gbb = cparams->gbb;
VbAudioContext *audio = &au;
int use_short = 0;
uint64_t a, b;
diff --git a/firmware/lib/vboot_display.c b/firmware/lib/vboot_display.c
index f79dfe1..910c60a 100644
--- a/firmware/lib/vboot_display.c
+++ b/firmware/lib/vboot_display.c
@@ -8,7 +8,9 @@
#include "sysincludes.h"
#include "bmpblk_font.h"
+#include "gbb_access.h"
#include "gbb_header.h"
+#include "region.h"
#include "utility.h"
#include "vboot_api.h"
#include "vboot_common.h"
@@ -20,49 +22,20 @@
VbError_t VbGetLocalizationCount(VbCommonParams *cparams, uint32_t *count)
{
- GoogleBinaryBlockHeader *gbb =
- (GoogleBinaryBlockHeader *)cparams->gbb_data;
- BmpBlockHeader *hdr;
+ BmpBlockHeader hdr;
+ VbError_t ret;
/* Default to 0 on error */
*count = 0;
- /* Make sure bitmap data is inside the GBB and is non-zero in size */
- if (0 == gbb->bmpfv_size ||
- gbb->bmpfv_offset > cparams->gbb_size ||
- gbb->bmpfv_offset + gbb->bmpfv_size > cparams->gbb_size) {
- return VBERROR_INVALID_GBB;
- }
+ ret = VbGbbReadBmpHeader(cparams, &hdr);
+ if (ret)
+ return ret;
- /* Sanity-check the bitmap block header */
- hdr = (BmpBlockHeader *)(((uint8_t *)gbb) + gbb->bmpfv_offset);
- if ((0 != Memcmp(hdr->signature, BMPBLOCK_SIGNATURE,
- BMPBLOCK_SIGNATURE_SIZE)) ||
- (hdr->major_version > BMPBLOCK_MAJOR_VERSION) ||
- ((hdr->major_version == BMPBLOCK_MAJOR_VERSION) &&
- (hdr->minor_version > BMPBLOCK_MINOR_VERSION))) {
- return VBERROR_INVALID_BMPFV;
- }
-
- *count = hdr->number_of_localizations;
+ *count = hdr.number_of_localizations;
return VBERROR_SUCCESS;
}
-const char *VbHWID(VbCommonParams *cparams)
-{
- GoogleBinaryBlockHeader *gbb =
- (GoogleBinaryBlockHeader *)cparams->gbb_data;
-
- if (0 == gbb->hwid_size ||
- gbb->hwid_offset > cparams->gbb_size ||
- gbb->hwid_offset + gbb->hwid_size > cparams->gbb_size) {
- VBDEBUG(("VbHWID(): invalid hwid offset/size\n"));
- return "{INVALID}";
- }
-
- return (char *)((uint8_t *)gbb + gbb->hwid_offset);
-}
-
/*
* TODO: We could cache the font info to speed things up, by making the
* in-memory font structure distinct from the in-flash version. We'll do that
@@ -164,62 +137,24 @@
}
}
-#define OUTBUF_LEN 128
-
VbError_t VbDisplayScreenFromGBB(VbCommonParams *cparams, uint32_t screen,
VbNvContext *vncptr)
{
- GoogleBinaryBlockHeader *gbb =
- (GoogleBinaryBlockHeader *)cparams->gbb_data;
- static uint8_t *bmpfv;
- void *fullimage = NULL;
- BmpBlockHeader *hdr;
- ScreenLayout *layout;
- ImageInfo *image_info;
+ char *fullimage = NULL;
+ BmpBlockHeader hdr;
uint32_t screen_index;
uint32_t localization = 0;
VbError_t retval = VBERROR_UNKNOWN; /* Assume error until proven ok */
uint32_t inoutsize;
- uint32_t offset;
uint32_t i;
VbFont_t *font;
const char *text_to_show;
int rtol = 0;
- char outbuf[OUTBUF_LEN] = "";
- uint32_t used = 0;
+ VbError_t ret;
- /* Make sure bitmap data is inside the GBB and is non-zero in size */
- if (0 == gbb->bmpfv_size ||
- gbb->bmpfv_offset > cparams->gbb_size ||
- gbb->bmpfv_offset + gbb->bmpfv_size > cparams->gbb_size) {
- VBDEBUG(("VbDisplayScreenFromGBB(): "
- "invalid bmpfv offset/size\n"));
- return VBERROR_INVALID_GBB;
- }
-
- /* Copy bitmap data from GBB into RAM for speed */
- if (!bmpfv) {
-#ifdef COPY_BMP_DATA
- bmpfv = (uint8_t *)VbExMalloc(gbb->bmpfv_size);
- Memcpy(bmpfv, ((uint8_t *)gbb) + gbb->bmpfv_offset,
- gbb->bmpfv_size);
-#else
- bmpfv = ((uint8_t *)gbb) + gbb->bmpfv_offset;
-#endif
- }
-
- /* Sanity-check the bitmap block header */
- hdr = (BmpBlockHeader *)bmpfv;
- if ((0 != Memcmp(hdr->signature, BMPBLOCK_SIGNATURE,
- BMPBLOCK_SIGNATURE_SIZE)) ||
- (hdr->major_version > BMPBLOCK_MAJOR_VERSION) ||
- ((hdr->major_version == BMPBLOCK_MAJOR_VERSION) &&
- (hdr->minor_version > BMPBLOCK_MINOR_VERSION))) {
- VBDEBUG(("VbDisplayScreenFromGBB(): "
- "invalid/too new bitmap header\n"));
- retval = VBERROR_INVALID_BMPFV;
- goto VbDisplayScreenFromGBB_exit;
- }
+ ret = VbGbbReadBmpHeader(cparams, &hdr);
+ if (ret)
+ return ret;
/*
* Translate screen ID into index. Note that not all screens are in
@@ -263,7 +198,7 @@
goto VbDisplayScreenFromGBB_exit;
}
- if (screen_index >= hdr->number_of_screenlayouts) {
+ if (screen_index >= hdr.number_of_screenlayouts) {
VBDEBUG(("VbDisplayScreenFromGBB(): "
"screen %d index %d not in the GBB\n",
(int)screen, (int)screen_index));
@@ -273,48 +208,31 @@
/* Clip localization to number of localizations present in the GBB */
VbNvGet(vncptr, VBNV_LOCALIZATION_INDEX, &localization);
- if (localization >= hdr->number_of_localizations) {
+ if (localization >= hdr.number_of_localizations) {
localization = 0;
VbNvSet(vncptr, VBNV_LOCALIZATION_INDEX, localization);
}
- /*
- * Calculate offset of screen layout = start of screen stuff + correct
- * locale + correct screen.
- */
- offset = sizeof(BmpBlockHeader) +
- localization * hdr->number_of_screenlayouts *
- sizeof(ScreenLayout) +
- screen_index * sizeof(ScreenLayout);
- layout = (ScreenLayout *)(bmpfv + offset);
-
/* Display all bitmaps for the image */
for (i = 0; i < MAX_IMAGE_IN_LAYOUT; i++) {
- if (!layout->images[i].image_info_offset)
- continue;
+ ScreenLayout layout;
+ ImageInfo image_info;
+ char hwid[256];
- offset = layout->images[i].image_info_offset;
- image_info = (ImageInfo *)(bmpfv + offset);
- fullimage = bmpfv + offset + sizeof(ImageInfo);
- inoutsize = image_info->original_size;
- if (inoutsize &&
- image_info->compression != COMPRESS_NONE) {
- fullimage = VbExMalloc(inoutsize);
- retval = VbExDecompress(
- bmpfv + offset + sizeof(ImageInfo),
- image_info->compressed_size,
- image_info->compression,
- fullimage, &inoutsize);
- if (VBERROR_SUCCESS != retval) {
- VbExFree(fullimage);
- goto VbDisplayScreenFromGBB_exit;
- }
+ ret = VbGbbReadImage(cparams, localization, screen_index,
+ i, &layout, &image_info,
+ &fullimage, &inoutsize);
+ if (ret == VBERROR_NO_IMAGE_PRESENT) {
+ continue;
+ } else if (ret) {
+ retval = ret;
+ goto VbDisplayScreenFromGBB_exit;
}
- switch(image_info->format) {
+ switch(image_info.format) {
case FORMAT_BMP:
- retval = VbExDisplayImage(layout->images[i].x,
- layout->images[i].y,
+ retval = VbExDisplayImage(layout.images[i].x,
+ layout.images[i].y,
fullimage, inoutsize);
break;
@@ -323,21 +241,23 @@
* The uncompressed blob is our font structure. Cache
* it as needed.
*/
- font = VbInternalizeFontData(fullimage);
+ font = VbInternalizeFontData(
+ (FontArrayHeader *)fullimage);
/* TODO: handle text in general here */
- if (TAG_HWID == image_info->tag ||
- TAG_HWID_RTOL == image_info->tag) {
- text_to_show = VbHWID(cparams);
- rtol = (TAG_HWID_RTOL == image_info->tag);
+ if (TAG_HWID == image_info.tag ||
+ TAG_HWID_RTOL == image_info.tag) {
+ VbRegionReadHWID(cparams, hwid, sizeof(hwid));
+ text_to_show = hwid;
+ rtol = (TAG_HWID_RTOL == image_info.tag);
} else {
text_to_show = "";
rtol = 0;
}
VbRenderTextAtPos(text_to_show, rtol,
- layout->images[i].x,
- layout->images[i].y, font);
+ layout.images[i].x,
+ layout.images[i].y, font);
VbDoneWithFontForNow(font);
break;
@@ -345,12 +265,11 @@
default:
VBDEBUG(("VbDisplayScreenFromGBB(): "
"unsupported ImageFormat %d\n",
- image_info->format));
+ image_info.format));
retval = VBERROR_INVALID_GBB;
}
- if (COMPRESS_NONE != image_info->compression)
- VbExFree(fullimage);
+ VbExFree(fullimage);
if (VBERROR_SUCCESS != retval)
goto VbDisplayScreenFromGBB_exit;
@@ -359,29 +278,15 @@
/* Successful if all bitmaps displayed */
retval = VBERROR_SUCCESS;
- /*
- * If GBB flags is nonzero, complain because that's something that the
- * factory MUST fix before shipping. We only have to do this here,
- * because it's obvious that something is wrong if we're not displaying
- * screens from the GBB.
- */
- if (gbb->major_version == GBB_MAJOR_VER && gbb->minor_version >= 1 &&
- (gbb->flags != 0)) {
- used += StrnAppend(outbuf + used, "gbb.flags is nonzero: 0x",
- OUTBUF_LEN - used);
- used += Uint64ToString(outbuf + used, OUTBUF_LEN - used,
- gbb->flags, 16, 8);
- used += StrnAppend(outbuf + used, "\n", OUTBUF_LEN - used);
- (void)VbExDisplayDebugInfo(outbuf);
- }
+ VbRegionCheckVersion(cparams);
VbDisplayScreenFromGBB_exit:
VBDEBUG(("leaving VbDisplayScreenFromGBB() with %d\n",retval));
return retval;
}
-VbError_t VbDisplayScreen(VbCommonParams *cparams, uint32_t screen, int force,
- VbNvContext *vncptr)
+VbError_t VbDisplayScreen(VbCommonParams *cparams, uint32_t screen,
+ int force, VbNvContext *vncptr)
{
VbError_t retval;
@@ -403,7 +308,8 @@
disp_current_screen = screen;
/* Look in the GBB first */
- if (VBERROR_SUCCESS == VbDisplayScreenFromGBB(cparams, screen, vncptr))
+ if (VBERROR_SUCCESS == VbDisplayScreenFromGBB(cparams, screen,
+ vncptr))
return VBERROR_SUCCESS;
/* If screen wasn't in the GBB bitmaps, fall back to a default */
@@ -571,29 +477,22 @@
{
VbSharedDataHeader *shared =
(VbSharedDataHeader *)cparams->shared_data_blob;
- GoogleBinaryBlockHeader *gbb =
- (GoogleBinaryBlockHeader *)cparams->gbb_data;
+ GoogleBinaryBlockHeader *gbb = cparams->gbb;
char buf[DEBUG_INFO_SIZE] = "";
char sha1sum[SHA1_DIGEST_SIZE * 2 + 1];
+ char hwid[256];
uint32_t used = 0;
+ VbPublicKey *key;
+ VbError_t ret;
uint32_t i;
/* Redisplay current screen to overwrite any previous debug output */
VbDisplayScreen(cparams, disp_current_screen, 1, vncptr);
/* Add hardware ID */
+ VbRegionReadHWID(cparams, hwid, sizeof(hwid));
used += StrnAppend(buf + used, "HWID: ", DEBUG_INFO_SIZE - used);
- if (0 == gbb->hwid_size ||
- gbb->hwid_offset > cparams->gbb_size ||
- gbb->hwid_offset + gbb->hwid_size > cparams->gbb_size) {
- VBDEBUG(("VbDisplayDebugInfo(): invalid hwid offset/size\n"));
- used += StrnAppend(buf + used,
- "(INVALID)", DEBUG_INFO_SIZE - used);
- } else {
- used += StrnAppend(buf + used,
- (char *)((uint8_t *)gbb + gbb->hwid_offset),
- DEBUG_INFO_SIZE - used);
- }
+ used += StrnAppend(buf + used, hwid, DEBUG_INFO_SIZE - used);
/* Add recovery reason */
used += StrnAppend(buf + used,
@@ -654,15 +553,25 @@
}
/* Add sha1sum for Root & Recovery keys */
- FillInSha1Sum(sha1sum,
- (VbPublicKey *)((uint8_t *)gbb + gbb->rootkey_offset));
- used += StrnAppend(buf + used, "\ngbb.rootkey: ", DEBUG_INFO_SIZE - used);
- used += StrnAppend(buf + used, sha1sum, DEBUG_INFO_SIZE - used);
- FillInSha1Sum(sha1sum,
- (VbPublicKey *)((uint8_t *)gbb + gbb->recovery_key_offset));
- used += StrnAppend(buf + used,
- "\ngbb.recovery_key: ", DEBUG_INFO_SIZE - used);
- used += StrnAppend(buf + used, sha1sum, DEBUG_INFO_SIZE - used);
+ ret = VbGbbReadRootKey(cparams, &key);
+ if (!ret) {
+ FillInSha1Sum(sha1sum, key);
+ VbExFree(key);
+ used += StrnAppend(buf + used, "\ngbb.rootkey: ",
+ DEBUG_INFO_SIZE - used);
+ used += StrnAppend(buf + used, sha1sum,
+ DEBUG_INFO_SIZE - used);
+ }
+
+ ret = VbGbbReadRecoveryKey(cparams, &key);
+ if (!ret) {
+ FillInSha1Sum(sha1sum, key);
+ VbExFree(key);
+ used += StrnAppend(buf + used, "\ngbb.recovery_key: ",
+ DEBUG_INFO_SIZE - used);
+ used += StrnAppend(buf + used, sha1sum,
+ DEBUG_INFO_SIZE - used);
+ }
/* If we're in dev-mode, show the kernel subkey that we expect, too. */
if (0 == shared->recovery_reason) {
diff --git a/firmware/lib/vboot_firmware.c b/firmware/lib/vboot_firmware.c
index c5000cb..e6a31fa 100644
--- a/firmware/lib/vboot_firmware.c
+++ b/firmware/lib/vboot_firmware.c
@@ -8,6 +8,8 @@
#include "sysincludes.h"
+#include "region.h"
+#include "gbb_access.h"
#include "gbb_header.h"
#include "load_firmware_fw.h"
#include "utility.h"
@@ -41,9 +43,8 @@
{
VbSharedDataHeader *shared =
(VbSharedDataHeader *)cparams->shared_data_blob;
- GoogleBinaryBlockHeader *gbb =
- (GoogleBinaryBlockHeader *)cparams->gbb_data;
- VbPublicKey *root_key;
+ GoogleBinaryBlockHeader *gbb = cparams->gbb;
+ VbPublicKey *root_key = NULL;
VbLoadFirmwareInternal *lfi;
uint32_t try_b_count;
@@ -62,12 +63,12 @@
VBDEBUG(("LoadFirmware started...\n"));
/* Must have a root key from the GBB */
- if (!gbb) {
+ retval = VbGbbReadRootKey(cparams, &root_key);
+ if (retval) {
VBDEBUG(("No GBB\n"));
retval = VBERROR_INVALID_GBB;
goto LoadFirmwareExit;
}
- root_key = (VbPublicKey *)((uint8_t *)gbb + gbb->rootkey_offset);
/* Parse flags */
is_dev = (shared->flags & VBSD_BOOT_DEV_SWITCH_ON ? 1 : 0);
@@ -345,6 +346,8 @@
}
LoadFirmwareExit:
+ VbExFree(root_key);
+
/* Store recovery request, if any */
VbNvSet(vnc, VBNV_RECOVERY_REQUEST, VBERROR_SUCCESS != retval ?
recovery : VBNV_RECOVERY_NOT_REQUESTED);
diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c
index aa1e41e..72cd2cc 100644
--- a/firmware/lib/vboot_kernel.c
+++ b/firmware/lib/vboot_kernel.c
@@ -10,6 +10,8 @@
#include "cgptlib.h"
#include "cgptlib_internal.h"
+#include "region.h"
+#include "gbb_access.h"
#include "gbb_header.h"
#include "load_kernel_fw.h"
#include "utility.h"
@@ -159,15 +161,14 @@
return ret;
}
-VbError_t LoadKernel(LoadKernelParams *params)
+VbError_t LoadKernel(LoadKernelParams *params, VbCommonParams *cparams)
{
VbSharedDataHeader *shared =
(VbSharedDataHeader *)params->shared_data_blob;
VbSharedDataKernelCall *shcall = NULL;
VbNvContext* vnc = params->nv_context;
- GoogleBinaryBlockHeader* gbb =
- (GoogleBinaryBlockHeader *)params->gbb_data;
- VbPublicKey* kernel_subkey;
+ VbPublicKey* kernel_subkey = NULL;
+ int free_kernel_subkey = 0;
GptData gpt;
uint64_t part_start, part_size;
uint64_t blba;
@@ -233,8 +234,10 @@
if (kBootRecovery == boot_mode) {
/* Use the recovery key to verify the kernel */
- kernel_subkey = (VbPublicKey*)
- ((uint8_t*)gbb + gbb->recovery_key_offset);
+ retval = VbGbbReadRecoveryKey(cparams, &kernel_subkey);
+ if (VBERROR_SUCCESS != retval)
+ goto LoadKernelExit;
+ free_kernel_subkey = 1;
} else {
/* Use the kernel subkey passed from LoadFirmware(). */
kernel_subkey = &shared->kernel_subkey;
@@ -632,5 +635,8 @@
/* Store how much shared data we used, if any */
params->shared_data_size = shared->data_used;
+ if (free_kernel_subkey)
+ VbExFree(kernel_subkey);
+
return retval;
}
diff --git a/firmware/linktest/main.c b/firmware/linktest/main.c
index bdf1483..2ff8e9d 100644
--- a/firmware/linktest/main.c
+++ b/firmware/linktest/main.c
@@ -27,7 +27,7 @@
LoadFirmware(0, 0, 0);
/* load_kernel_fw.h */
- LoadKernel(0);
+ LoadKernel(0, 0);
/* rollback_index.h */
RollbackS3Resume();
diff --git a/firmware/stub/vboot_api_stub_region.c b/firmware/stub/vboot_api_stub_region.c
new file mode 100644
index 0000000..0714203
--- /dev/null
+++ b/firmware/stub/vboot_api_stub_region.c
@@ -0,0 +1,21 @@
+/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Stub implementations of region API function.
+ */
+
+#include <stdint.h>
+
+#define _STUB_IMPLEMENTATION_
+
+#include <stdlib.h>
+
+#include "vboot_api.h"
+
+VbError_t VbExRegionRead(VbCommonParams *cparams,
+ enum vb_firmware_region region, uint32_t offset,
+ uint32_t size, void *buf)
+{
+ return VBERROR_SUCCESS;
+}