vboot2: vb2_unpack_key2() no longer passes through to vb2_unpack_key()

At one point I thought I'd be able to support both vboot1 and vboot2.1 data structures and dynamically determine which verification path to run. But space limitations on current platforms (e.g. pinky) mean that's not feasible. Remove this vestigal support, so that it's easier to make a clean break to the new data structures on appropriate platforms. BUG=chromium:423882 BRANCH=none TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag) And build firmware for veyron_pinky. Change-Id: I9887e0c54114c475df81d5a2b701b9b52e95b017 Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/232979 Reviewed-by: Bill Richardson <wfrichar@chromium.org>
2026-01-11 18:35:28 +00:00 · 2014-12-03 12:19:22 -08:00
parent a5b69b02e0
commit 7aef90c14d
3 changed files with 6 additions and 15 deletions
--- a/firmware/2lib/include/2return_codes.h
+++ b/firmware/2lib/include/2return_codes.h
@@ -226,6 +226,9 @@ enum vb2_return_code {
 	/* Key algorithm doesn't match signature algorithm */
 	VB2_ERROR_VDATA_ALGORITHM_MISMATCH,

+	/* Bad magic number in vb2_unpack_key2() */
+	VB2_ERROR_UNPACK_KEY_MAGIC,
+
        /**********************************************************************
 	 * Keyblock verification errors (all in vb2_verify_keyblock())
 	 */
--- a/firmware/lib21/packed_key.c
+++ b/firmware/lib21/packed_key.c
@@ -51,16 +51,9 @@ int vb2_unpack_key2(struct vb2_public_key *key,
 	uint32_t min_offset = 0;
 	int rv;

-	/*
-	 * Check magic number.
-	 *
-	 * If it doesn't match, pass through to the old packed key format.
-	 *
-	 * TODO: remove passthru when signing scripts have switched over to
-	 * use the new format.
-	 */
+	/* Check magic number */
 	if (pkey->c.magic != VB2_MAGIC_PACKED_KEY2)
-		return vb2_unpack_key(key, buf, size);
+		return VB2_ERROR_UNPACK_KEY_MAGIC;

 	rv = vb2_verify_common_header(buf, size);
 	if (rv)
--- a/tests/vb2_common2_tests.c
+++ b/tests/vb2_common2_tests.c
@@ -87,11 +87,6 @@ static void test_unpack_key2(const struct vb2_packed_key *key1,
 	/* Make a copy of the key for testing */
 	key2 = (struct vb2_packed_key2 *)malloc(size);

-	/* Should be able to handle a vboot1-style key binary as well */
-	TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key1,
-				  key1->key_offset + key1->key_size),
-		  "vb2_unpack_key2() passthru");
-
 	memcpy(key2, key, size);
 	TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
 		  "vb2_unpack_key2() ok");
@@ -117,7 +112,7 @@ static void test_unpack_key2(const struct vb2_packed_key *key1,
 	memcpy(key2, key, size);
 	key2->c.magic++;
 	TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
-		VB2_ERROR_INSIDE_DATA_OUTSIDE,
+		VB2_ERROR_UNPACK_KEY_MAGIC,
 		"vb2_unpack_key2() bad magic");

 	memcpy(key2, key, size);