Commit dfc34da2 authored by Marek Vasut's avatar Marek Vasut
Browse files

mxssb: Use section header from the tree



Pull out the section header information from the SB image tree.
This allows us to remove some ad-hoc calls.
Signed-off-by: Marek Vasut's avatarMarek Vasut <marex@denx.de>
parent 5886192e
......@@ -314,22 +314,23 @@ static void sb_encrypt_sb_header(struct sb_image_ctx *ictx,
}
static void sb_encrypt_sb_sections_header(struct sb_image_ctx *ictx,
struct sb_sections_header *sb_sections_header,
uint8_t cbc_mac[sizeof(struct sb_key_dictionary_key)],
int tag_offset)
uint8_t cbc_mac[sizeof(struct sb_key_dictionary_key)])
{
EVP_MD_CTX *md_ctx = &ictx->md_ctx;
uint8_t *sb_sections_header_ptr = (uint8_t *)sb_sections_header;
const int size = sizeof(*sb_sections_header);
struct sb_section_ctx *sctx = ictx->sect;
struct sb_sections_header *shdr;
uint8_t *sb_sections_header_ptr;
const int size = sizeof(*shdr);
/* Skip the "TAG" tag. */
sb_sections_header->section_offset = tag_offset + 1;
sb_sections_header->section_size = sb_get_sections_block_size() - 1;
/* Section #0 is bootable. */
sb_sections_header->section_flags = SB_SECTION_FLAG_BOOTABLE;
while (sctx) {
shdr = &sctx->payload;
sb_sections_header_ptr = (uint8_t *)shdr;
sb_aes_encrypt(ictx, sb_sections_header_ptr, cbc_mac, size);
EVP_DigestUpdate(md_ctx, sb_sections_header_ptr, size);
sb_aes_encrypt(ictx, sb_sections_header_ptr, cbc_mac, size);
EVP_DigestUpdate(md_ctx, sb_sections_header_ptr, size);
sctx = sctx->sect;
};
}
static void sb_encrypt_key_dictionary_key(struct sb_image_ctx *ictx,
......@@ -448,9 +449,6 @@ static int sb_create_image(struct sb_image_ctx *ictx, uint8_t **image)
/* The currect offset in the SB image. */
size_t image_offset = 0;
/* Save offset of the TAG tag. */
uint32_t tag_offset = sb_header->first_boot_tag_block;
/* Start image-wide crypto. */
EVP_MD_CTX_init(&ictx->md_ctx);
EVP_DigestInit(&ictx->md_ctx, EVP_sha1());
......@@ -471,15 +469,11 @@ static int sb_create_image(struct sb_image_ctx *ictx, uint8_t **image)
/*
* SB sections header.
*/
struct sb_sections_header sb_sections_header;
uint8_t sb_section_header_cbc_mac[sizeof(struct sb_key_dictionary_key)];
memset(&sb_sections_header, 0, sizeof(sb_sections_header));
sb_encrypt_sb_sections_header(ictx,
&sb_sections_header, sb_section_header_cbc_mac,
tag_offset);
sb_emit_data(*image, &image_offset, &sb_sections_header,
sizeof(sb_sections_header));
sb_encrypt_sb_sections_header(ictx, sb_section_header_cbc_mac);
sb_emit_data(*image, &image_offset, &ictx->sect->payload,
sizeof(struct sb_sections_header));
/*
* Key dictionary.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment