[v2,3/5] discover: Update to reflect generic signed boot API

Message ID 1526345752-21072-4-git-send-email-brett.grandbois@opengear.com
State Accepted
Headers show
Series
  • Signed-Boot OpenSSL support
Related show

Commit Message

Brett Grandbois May 15, 2018, 12:55 a.m.
Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com>
---
 discover/Makefile.am |  3 +--
 discover/boot.c      | 12 ++++++------
 2 files changed, 7 insertions(+), 8 deletions(-)

Patch

diff --git a/discover/Makefile.am b/discover/Makefile.am
index ef4c602..3992a66 100644
--- a/discover/Makefile.am
+++ b/discover/Makefile.am
@@ -59,8 +59,7 @@  discover_pb_discover_LDADD = \
 	discover/grub2/grub2-parser.ro \
 	discover/platform.ro \
 	$(core_lib) \
-	$(UDEV_LIBS) \
-	$(GPGME_LIBS)
+	$(UDEV_LIBS)
 
 discover_pb_discover_LDFLAGS = \
 	$(AM_LDFLAGS) \
diff --git a/discover/boot.c b/discover/boot.c
index 0da40e3..0499a52 100644
--- a/discover/boot.c
+++ b/discover/boot.c
@@ -26,7 +26,7 @@ 
 #include "resource.h"
 #include "platform.h"
 
-#include <security/gpg.h>
+#include <security/security.h>
 
 static const char *boot_hook_dir = PKG_SYSCONF_DIR "/boot.d";
 enum {
@@ -72,7 +72,7 @@  static int kexec_load(struct boot_task *boot_task)
 	boot_task->local_dtb_override = NULL;
 	boot_task->local_image_override = NULL;
 
-	if ((result = gpg_validate_boot_files(boot_task))) {
+	if ((result = validate_boot_files(boot_task))) {
 		if (result == KEXEC_LOAD_DECRYPTION_FALURE) {
 			pb_log("%s: Aborting kexec due to"
 				" decryption failure\n", __func__);
@@ -144,7 +144,7 @@  static int kexec_load(struct boot_task *boot_task)
 	}
 
 abort_kexec:
-	gpg_validate_boot_files_cleanup(boot_task);
+	validate_boot_files_cleanup(boot_task);
 
 	return result;
 }
@@ -598,21 +598,21 @@  struct boot_task *boot(void *ctx, struct discover_boot_option *opt,
 	if (boot_task->verify_signature) {
 		/* Generate names of associated signature files and load */
 		if (image) {
-			image_sig = gpg_get_signature_url(ctx, image);
+			image_sig = get_signature_url(ctx, image);
 			tmp = add_boot_resource(boot_task,
 					_("kernel image signature"), image_sig,
 					&boot_task->local_image_signature);
 			rc |= start_url_load(boot_task, tmp);
 		}
 		if (initrd) {
-			initrd_sig = gpg_get_signature_url(ctx, initrd);
+			initrd_sig = get_signature_url(ctx, initrd);
 			tmp = add_boot_resource(boot_task,
 					_("initrd signature"), initrd_sig,
 					&boot_task->local_initrd_signature);
 			rc |= start_url_load(boot_task, tmp);
 		}
 		if (dtb) {
-			dtb_sig = gpg_get_signature_url(ctx, dtb);
+			dtb_sig = get_signature_url(ctx, dtb);
 			tmp = add_boot_resource(boot_task,
 					_("dtb signature"), dtb_sig,
 					&boot_task->local_dtb_signature);