discover/boot: unify verification failure messages

Currently, we have two sites where the result of validate_boot_files is interpreted: in kexec_load, and boot_process. In the former, we generate the pb_log message, and in the latter we generate the status message. This means we have separate places to maintain similar error messages, which is prone to future errors. This change does all of the interpretation directly after calling validate_boot_files(). Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
open-power · Jan 23, 2020 · 059cc51 · 059cc51
1 parent 2f6259d
commit 059cc51
Showing 1 changed file with 22 additions and 23 deletions.
diff --git a/discover/boot.c b/discover/boot.c
@@ -79,16 +79,30 @@ static int kexec_load(struct boot_task *boot_task)
 	boot_task->local_dtb_override = NULL;
 	boot_task->local_image_override = NULL;
 
-	if ((result = validate_boot_files(boot_task))) {
-		if (result == KEXEC_LOAD_DECRYPTION_FALURE) {
-			pb_log("%s: Aborting kexec due to"
-				" decryption failure\n", __func__);
-		}
-		if (result == KEXEC_LOAD_SIGNATURE_FAILURE) {
-			pb_log("%s: Aborting kexec due to signature"
-				" verification failure\n", __func__);
+	result = validate_boot_files(boot_task);
+	if (result) {
+		const char *msg;
+
+		switch (result) {
+		case KEXEC_LOAD_DECRYPTION_FALURE:
+			msg = _("decryption failed");
+			break;
+		case KEXEC_LOAD_SIGNATURE_FAILURE:
+			msg = _("signature verification failed");
+			break;
+		case KEXEC_LOAD_SIG_SETUP_INVALID:
+			msg = _("invalid signature configuration");
+			break;
+		default:
+			msg = _("unknown verification failure");
 		}
 
+		update_status(boot_task->status_fn, boot_task->status_arg,
+				STATUS_ERROR,
+				_("Boot verification failure: %s"), msg);
+		pb_log_fn("Aborting kexec due to verification failure: %s",
+				msg);
+
 		validate_boot_files_cleanup(boot_task);
 		return result;
 	}
@@ -461,21 +475,6 @@ static void boot_process(struct load_url_result *result, void *data)
 			_("Performing kexec load"));
 
 	rc = kexec_load(task);
-	pb_log_fn("kexec_load returned %d\n", rc);
-	if (rc == KEXEC_LOAD_DECRYPTION_FALURE) {
-		update_status(task->status_fn, task->status_arg,
-				STATUS_ERROR, _("Decryption failed"));
-	}
-	else if (rc == KEXEC_LOAD_SIGNATURE_FAILURE) {
-		update_status(task->status_fn, task->status_arg,
-				STATUS_ERROR,
-				_("Signature verification failed"));
-	}
-	else if (rc == KEXEC_LOAD_SIG_SETUP_INVALID) {
-		update_status(task->status_fn, task->status_arg,
-				STATUS_ERROR,
-				_("Invalid signature configuration"));
-	}
 
 no_load:
 	list_for_each_entry(&task->resources, resource, list)