From 629c3964a2bd8a92d61daaef633fc0cc5e65bc10 Mon Sep 17 00:00:00 2001 From: Nicolas Boichat Date: Tue, 28 Mar 2017 16:59:11 +0800 Subject: common: Split rwsig parts from rsa.h header We're going to add more rwsig-related functions, and adding them to rsa.h seems increasingly incorrect. BRANCH=none BUG=b:35587171 TEST=make buildall -j Change-Id: I334c1774ce9a6ed8e219140f65ebe94d653e22d2 Reviewed-on: https://chromium-review.googlesource.com/468708 Commit-Ready: Nicolas Boichat Tested-by: Nicolas Boichat Reviewed-by: Randall Spangler Reviewed-by: Vincent Palatin --- board/zinger/board.c | 1 + common/firmware_image.lds.S | 2 +- common/fmap.c | 2 +- common/main.c | 2 +- common/rwsig.c | 1 + common/system.c | 2 +- core/cortex-m/ec.lds.S | 2 +- core/cortex-m0/ec.lds.S | 2 +- core/minute-ia/ec.lds.S | 2 +- include/rsa.h | 61 ----------------------------------- include/rwsig.h | 78 +++++++++++++++++++++++++++++++++++++++++++++ 11 files changed, 87 insertions(+), 68 deletions(-) create mode 100644 include/rwsig.h diff --git a/board/zinger/board.c b/board/zinger/board.c index bf4b51d5c7..d4b864763c 100644 --- a/board/zinger/board.c +++ b/board/zinger/board.c @@ -9,6 +9,7 @@ #include "ec_commands.h" #include "registers.h" #include "rsa.h" +#include "rwsig.h" #include "sha256.h" #include "system.h" #include "task.h" diff --git a/common/firmware_image.lds.S b/common/firmware_image.lds.S index 665743d878..30d7ebb0cc 100644 --- a/common/firmware_image.lds.S +++ b/common/firmware_image.lds.S @@ -4,7 +4,7 @@ */ #include "config.h" -#include "rsa.h" +#include "rwsig.h" OUTPUT_FORMAT(BFD_FORMAT, BFD_FORMAT, BFD_FORMAT) OUTPUT_ARCH(BFD_ARCH) diff --git a/common/fmap.c b/common/fmap.c index eb2a883b5f..9b649c7db2 100644 --- a/common/fmap.c +++ b/common/fmap.c @@ -7,7 +7,7 @@ #include #include "common.h" -#include "rsa.h" +#include "rwsig.h" #include "util.h" #include "version.h" diff --git a/common/main.c b/common/main.c index a5f6e6a3b1..dff6c6a126 100644 --- a/common/main.c +++ b/common/main.c @@ -21,7 +21,7 @@ #ifdef CONFIG_MPU #include "mpu.h" #endif -#include "rsa.h" +#include "rwsig.h" #include "system.h" #include "task.h" #include "timer.h" diff --git a/common/rwsig.c b/common/rwsig.c index d2218ba77e..931a74cbf2 100644 --- a/common/rwsig.c +++ b/common/rwsig.c @@ -11,6 +11,7 @@ #include "ec_commands.h" #include "rollback.h" #include "rsa.h" +#include "rwsig.h" #include "sha256.h" #include "shared_mem.h" #include "system.h" diff --git a/common/system.c b/common/system.c index 25ba9dea2c..b9e444c71c 100644 --- a/common/system.c +++ b/common/system.c @@ -15,7 +15,7 @@ #include "host_command.h" #include "i2c.h" #include "lpc.h" -#include "rsa.h" +#include "rwsig.h" #include "spi_flash.h" #ifdef CONFIG_MPU #include "mpu.h" diff --git a/core/cortex-m/ec.lds.S b/core/cortex-m/ec.lds.S index 2deedbbd3d..47540ffb4a 100644 --- a/core/cortex-m/ec.lds.S +++ b/core/cortex-m/ec.lds.S @@ -3,7 +3,7 @@ * found in the LICENSE file. */ #include "config.h" -#include "rsa.h" +#include "rwsig.h" #define STRINGIFY0(name) #name #define STRINGIFY(name) STRINGIFY0(name) diff --git a/core/cortex-m0/ec.lds.S b/core/cortex-m0/ec.lds.S index c03133b186..a43499ab27 100644 --- a/core/cortex-m0/ec.lds.S +++ b/core/cortex-m0/ec.lds.S @@ -3,7 +3,7 @@ * found in the LICENSE file. */ #include "config.h" -#include "rsa.h" +#include "rwsig.h" #define STRINGIFY0(name) #name #define STRINGIFY(name) STRINGIFY0(name) diff --git a/core/minute-ia/ec.lds.S b/core/minute-ia/ec.lds.S index a15ffedaf0..2eacb8db39 100644 --- a/core/minute-ia/ec.lds.S +++ b/core/minute-ia/ec.lds.S @@ -3,7 +3,7 @@ * found in the LICENSE file. */ #include "config.h" -#include "rsa.h" +#include "rwsig.h" OUTPUT_FORMAT(BFD_FORMAT, BFD_FORMAT, BFD_FORMAT) OUTPUT_ARCH(BFD_ARCH) diff --git a/include/rsa.h b/include/rsa.h index 5999159817..a2d5f73393 100644 --- a/include/rsa.h +++ b/include/rsa.h @@ -63,67 +63,6 @@ int rsa_verify(const struct rsa_public_key *key, const uint8_t *sha, uint32_t *workbuf32); -void check_rw_signature(void); - #endif /* !__ASSEMBLER__ */ -/* - * The signer puts the public key and signature into the RO and RW images - * (respectively) at known locations after the complete image is assembled. But - * since we compile the RO & RW images separately, the other image's addresses - * can't be computed by the linker. So we just hardcode the addresses here. - * These can be overridden in board.h files if desired. - */ - -#ifndef CONFIG_RO_PUBKEY_SIZE -#ifdef CONFIG_RWSIG_TYPE_RWSIG -/* - * rwsig type: 1024 bytes is enough to fit RSA-3072 public key. - * - * TODO(crosbug.com/p/62321): This still wastes space. We could pack the key at - * any arbitrary location, but we need proper signer support to make sure it - * can overwrite the key correctly. - */ -#define CONFIG_RO_PUBKEY_SIZE 1024 -#else -#define CONFIG_RO_PUBKEY_SIZE RSA_PUBLIC_KEY_SIZE -#endif -#endif /* ! CONFIG_RO_PUBKEY_SIZE */ -#ifndef CONFIG_RO_PUBKEY_ADDR -#ifdef CONFIG_RWSIG_TYPE_RWSIG -/* The pubkey goes at the end of the RO region */ -#define CONFIG_RO_PUBKEY_ADDR (CONFIG_PROGRAM_MEMORY_BASE \ - + CONFIG_RO_MEM_OFF \ - + CONFIG_RO_SIZE \ - - CONFIG_RO_PUBKEY_SIZE) -#else -/* - * usbpd1 type assumes pubkey location at the end of first half of flash, - * which might actually be in the PSTATE region. - */ -#define CONFIG_RO_PUBKEY_ADDR (CONFIG_PROGRAM_MEMORY_BASE \ - + (CONFIG_FLASH_SIZE / 2) \ - - CONFIG_RO_PUBKEY_SIZE) -#endif -#endif /* CONFIG_RO_PUBKEY_ADDR */ - -#ifndef CONFIG_RW_SIG_SIZE -#ifdef CONFIG_RWSIG_TYPE_RWSIG -/* - * rwsig type: futility expects signature to be 1024 bytes from the end of - * the file. - */ -#define CONFIG_RW_SIG_SIZE 1024 -#else -#define CONFIG_RW_SIG_SIZE RSANUMBYTES -#endif -#endif /* ! CONFIG_RW_SIG_SIZE */ -#ifndef CONFIG_RW_SIG_ADDR -/* The signature goes at the end of the RW region */ -#define CONFIG_RW_SIG_ADDR (CONFIG_PROGRAM_MEMORY_BASE \ - + CONFIG_RW_MEM_OFF \ - + CONFIG_RW_SIZE \ - - CONFIG_RW_SIG_SIZE) -#endif /* !CONFIG_RW_SIG_ADDR */ - #endif /* __CROS_EC_RSA_H */ diff --git a/include/rwsig.h b/include/rwsig.h new file mode 100644 index 0000000000..138751d3cc --- /dev/null +++ b/include/rwsig.h @@ -0,0 +1,78 @@ +/* Copyright 2017 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + */ + +#ifndef __CROS_EC_RWSIG_H +#define __CROS_EC_RWSIG_H + +#include "config.h" +#include "rsa.h" + +#ifndef __ASSEMBLER__ + +/* Checks RW signature. */ +void check_rw_signature(void); + +#endif /* !__ASSEMBLER__ */ + +/* + * The signer puts the public key and signature into the RO and RW images + * (respectively) at known locations after the complete image is assembled. But + * since we compile the RO & RW images separately, the other image's addresses + * can't be computed by the linker. So we just hardcode the addresses here. + * These can be overridden in board.h files if desired. + */ + +#ifndef CONFIG_RO_PUBKEY_SIZE +#ifdef CONFIG_RWSIG_TYPE_RWSIG +/* + * rwsig type: 1024 bytes is enough to fit RSA-3072 public key. + * + * TODO(crosbug.com/p/62321): This still wastes space. We could pack the key at + * any arbitrary location, but we need proper signer support to make sure it + * can overwrite the key correctly. + */ +#define CONFIG_RO_PUBKEY_SIZE 1024 +#else +#define CONFIG_RO_PUBKEY_SIZE RSA_PUBLIC_KEY_SIZE +#endif +#endif /* ! CONFIG_RO_PUBKEY_SIZE */ +#ifndef CONFIG_RO_PUBKEY_ADDR +#ifdef CONFIG_RWSIG_TYPE_RWSIG +/* The pubkey goes at the end of the RO region */ +#define CONFIG_RO_PUBKEY_ADDR (CONFIG_PROGRAM_MEMORY_BASE \ + + CONFIG_RO_MEM_OFF \ + + CONFIG_RO_SIZE \ + - CONFIG_RO_PUBKEY_SIZE) +#else +/* + * usbpd1 type assumes pubkey location at the end of first half of flash, + * which might actually be in the PSTATE region. + */ +#define CONFIG_RO_PUBKEY_ADDR (CONFIG_PROGRAM_MEMORY_BASE \ + + (CONFIG_FLASH_SIZE / 2) \ + - CONFIG_RO_PUBKEY_SIZE) +#endif +#endif /* CONFIG_RO_PUBKEY_ADDR */ + +#ifndef CONFIG_RW_SIG_SIZE +#ifdef CONFIG_RWSIG_TYPE_RWSIG +/* + * rwsig type: futility expects signature to be 1024 bytes from the end of + * the file. + */ +#define CONFIG_RW_SIG_SIZE 1024 +#else +#define CONFIG_RW_SIG_SIZE RSANUMBYTES +#endif +#endif /* ! CONFIG_RW_SIG_SIZE */ +#ifndef CONFIG_RW_SIG_ADDR +/* The signature goes at the end of the RW region */ +#define CONFIG_RW_SIG_ADDR (CONFIG_PROGRAM_MEMORY_BASE \ + + CONFIG_RW_MEM_OFF \ + + CONFIG_RW_SIZE \ + - CONFIG_RW_SIG_SIZE) +#endif /* !CONFIG_RW_SIG_ADDR */ + +#endif /* __CROS_EC_RWSIG_H */ -- cgit v1.2.1