diff options
| author | Sridhar Siricilla <sridhar.siricilla@intel.com> | 2020-04-20 18:45:22 +0530 |
|---|---|---|
| committer | Patrick Georgi <pgeorgi@google.com> | 2020-05-04 09:46:58 +0000 |
| commit | 89ac87a976e2ace9a3637c99209adec492566d30 (patch) | |
| tree | d408a6635a828e5c4cc2c787265c54cfa2651ba7 /src/security/vboot/vboot_logic.c | |
| parent | 7f9c064263811700329812e16828b5b97cf916e5 (diff) | |
| download | coreboot-89ac87a976e2ace9a3637c99209adec492566d30.tar.xz | |
security/vboot: Limit vboot verification code access to only verstage
Make vboot verification code accessible in only verstage.
Vboot verification code in vboot_logic.c is being used
in verstage. Due to support function vboot_save_data(),
so core functionality in vboot_logic.c is made available in romstage.
The patch decouples the support function frm vboot_logic.c to
limit itself to verstage.
BUG=b:155544643
TEST=Verified on hatch
Signed-off-by: Sridhar Siricilla <sridhar.siricilla@intel.com>
Change-Id: Id1ede45c4dffe90afcef210eabaa657cf92a9335
Reviewed-on: https://review.coreboot.org/c/coreboot/+/40562
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Reviewed-by: Rizwan Qureshi <rizwan.qureshi@intel.com>
Diffstat (limited to 'src/security/vboot/vboot_logic.c')
| -rw-r--r-- | src/security/vboot/vboot_logic.c | 22 |
1 files changed, 0 insertions, 22 deletions
diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c index e1c77b6004..a8a7be55e7 100644 --- a/src/security/vboot/vboot_logic.c +++ b/src/security/vboot/vboot_logic.c @@ -209,28 +209,6 @@ static vb2_error_t hash_body(struct vb2_context *ctx, return VB2_SUCCESS; } -void vboot_save_data(struct vb2_context *ctx) -{ - if (ctx->flags & VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED && - (CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) { - printk(BIOS_INFO, "Saving secdata firmware\n"); - antirollback_write_space_firmware(ctx); - ctx->flags &= ~VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED; - } - - if (ctx->flags & VB2_CONTEXT_SECDATA_KERNEL_CHANGED && - (CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) { - printk(BIOS_INFO, "Saving secdata kernel\n"); - antirollback_write_space_kernel(ctx); - ctx->flags &= ~VB2_CONTEXT_SECDATA_KERNEL_CHANGED; - } - - if (ctx->flags & VB2_CONTEXT_NVDATA_CHANGED) { - printk(BIOS_INFO, "Saving nvdata\n"); - save_vbnv(ctx->nvdata); - ctx->flags &= ~VB2_CONTEXT_NVDATA_CHANGED; - } -} static uint32_t extend_pcrs(struct vb2_context *ctx) { |