prog_loaders: Remove prog_locate()
This patch rewrites the last few users of prog_locate() to access CBFS APIs directly and removes the call. This eliminates the double-meaning of prog_rdev() (referring to both the boot medium where the program is stored before loading, and the memory area where it is loaded after) and makes sure that programs are always located and loaded in a single operation. This makes CBFS verification easier to implement and secure because it avoids leaking a raw rdev of unverified data outside the CBFS core code. Signed-off-by: Julius Werner <jwerner@chromium.org> Change-Id: I7a5525f66e1d5f3a632e8f6f0ed9e116e3cebfcf Reviewed-on: https://review.coreboot.org/c/coreboot/+/49337 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
This commit is contained in:
Julius Werner
@ -20,23 +20,6 @@
|
||||
const struct mem_region_device addrspace_32bit =
|
||||
MEM_REGION_DEV_RO_INIT(0, ~0UL);
|
||||
|
||||
int prog_locate(struct prog *prog)
|
||||
{
|
||||
struct cbfsf file;
|
||||
|
||||
if (prog_locate_hook(prog))
|
||||
return -1;
|
||||
|
||||
if (cbfs_boot_locate(&file, prog_name(prog), NULL))
|
||||
return -1;
|
||||
|
||||
cbfsf_file_type(&file, &prog->cbfs_type);
|
||||
|
||||
cbfs_file_data(prog_rdev(prog), &file);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void run_romstage(void)
|
||||
{
|
||||
struct prog romstage =
|
||||
|
||||
Reference in New Issue
Block a user