Move old vkernel code out of vboot_firmware.

It will go away entirely once the build has moved to vboot_kernel.

Review URL: http://codereview.chromium.org/2866006

14 files changed, 28 insertions, 190 deletions

diff --git a/tests/Makefile b/tests/Makefile
index 733d68fd..c2075648 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -10,7 +10,8 @@ INCLUDES += -I./include \
 		-I../misclibs/include \
 		-I../vboot_firmware/lib/include\
 		-I../vkernel/include
-IMAGE_LIBS = $(BUILD)/vkernel/kernel_image.o
+IMAGE_LIBS = $(BUILD)/vkernel/kernel_image.o \
+		$(BUILD)/vkernel/kernel_image_fw.o
 UTIL_LIBS = $(BUILD)/misclibs/file_keys.o $(BUILD)/misclibs/signature_digest.o
 LIBS = $(IMAGE_LIBS) $(UTIL_LIBS) $(HOSTLIB) $(FWLIB) -lcrypto
 BUILD_ROOT = ${BUILD}/tests
diff --git a/utility/Makefile b/utility/Makefile
index eca60560..9fa7aacc 100644
--- a/utility/Makefile
+++ b/utility/Makefile
@@ -15,6 +15,8 @@ CFLAGS += -MMD -MF $@.d
 LIBS = $(BUILD)/misclibs/file_keys.o \
 	$(BUILD)/misclibs/signature_digest.o \
 	$(BUILD)/vkernel/kernel_image.o \
+	$(BUILD)/vkernel/kernel_image_fw.o \
+	$(BUILD)/vkernel/load_kernel_fw.o \
 	$(HOSTLIB) \
 	$(FWLIB)
 
@@ -26,7 +28,7 @@ TARGET_NAMES = dumpRSAPublicKey \
 		gbb_utility \
 		kernel_utility \
 		load_kernel_test \
-		load_kernel2_test \
+		load_kernel_test_old \
 		sign_image \
 		signature_digest_utility \
 		vbutil_firmware \
@@ -49,7 +51,7 @@ ${BUILD_ROOT}/gbb_utility: gbb_utility.cc
 ${BUILD_ROOT}/load_kernel_test: load_kernel_test.c $(LIBS)
 	$(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) -lcrypto
 
-${BUILD_ROOT}/load_kernel2_test: load_kernel2_test.c $(LIBS)
+${BUILD_ROOT}/load_kernel_test_old: load_kernel_test_old.c $(LIBS)
 	$(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) -lcrypto
 
 ${BUILD_ROOT}/kernel_utility: kernel_utility.cc $(LIBS)
diff --git a/utility/load_kernel_test.c b/utility/load_kernel_test.c
index 32c02c9a..ebeeb43a 100644
--- a/utility/load_kernel_test.c
+++ b/utility/load_kernel_test.c
@@ -18,6 +18,7 @@
 #include "host_common.h"
 #include "rollback_index.h"
 #include "utility.h"
+#include "vboot_kernel.h"
 
 /* ANSI Color coding sequences. */
 #define COL_GREEN "\e[1;32m"
@@ -123,8 +124,10 @@ int main(int argc, char* argv[]) {
     return 1;
   }
 
-  /* TODO: Option for boot mode */
-  lkp.boot_flags = 0;
+  /* TODO: Option for boot mode - developer, recovery */
+  /* Need to skip the address check, since we're putting it somewhere on the
+   * heap instead of its actual target address in the firmware. */
+  lkp.boot_flags = BOOT_FLAG_SKIP_ADDR_CHECK;
 
   /* Call LoadKernel() */
   rv = LoadKernel(&lkp);
diff --git a/utility/load_kernel2_test.c b/utility/load_kernel_test_old.c
index 3d50211b..84ba4ca3 100644
--- a/utility/load_kernel2_test.c
+++ b/utility/load_kernel_test_old.c
@@ -18,7 +18,11 @@
 #include "host_common.h"
 #include "rollback_index.h"
 #include "utility.h"
-#include "vboot_kernel.h"
+
+int LoadKernelOld(LoadKernelParams* params);
+/* Attempts to load the kernel from the current device.
+ *
+ * Returns LOAD_KERNEL_SUCCESS if successful, error code on failure. */
 
 /* ANSI Color coding sequences. */
 #define COL_GREEN "\e[1;32m"
@@ -124,14 +128,12 @@ int main(int argc, char* argv[]) {
     return 1;
   }
 
-  /* TODO: Option for boot mode - developer, recovery */
-  /* Need to skip the address check, since we're putting it somewhere on the
-   * heap instead of its actual target address in the firmware. */
-  lkp.boot_flags = BOOT_FLAG_SKIP_ADDR_CHECK;
+  /* TODO: Option for boot mode */
+  lkp.boot_flags = 0;
 
   /* Call LoadKernel() */
-  rv = LoadKernel2(&lkp);
-  printf("LoadKernel() returned %d\n", rv);
+  rv = LoadKernelOld(&lkp);
+  printf("LoadKernelOld() returned %d\n", rv);
 
   if (LOAD_KERNEL_SUCCESS == rv) {
     printf("Partition number:   %" PRIu64 "\n", lkp.partition_number);
diff --git a/vboot_firmware/Makefile b/vboot_firmware/Makefile
index 60eaa0c8..07e113a0 100644
--- a/vboot_firmware/Makefile
+++ b/vboot_firmware/Makefile
@@ -26,8 +26,6 @@ LIB_SRCS = \
 	./lib/cryptolib/sha1.c \
 	./lib/cryptolib/sha2.c \
 	./lib/cryptolib/sha_utility.c \
-	./lib/kernel_image_fw.c \
-	./lib/load_kernel_fw.c \
 	./lib/rollback_index.c \
 	./lib/stateful_util.c \
 	./lib/vboot_common.c \
diff --git a/vboot_firmware/include/firmware_image_fw.h b/vboot_firmware/include/firmware_image_fw.h
deleted file mode 100644
index 32ae9ed4..00000000
--- a/vboot_firmware/include/firmware_image_fw.h
+++ /dev/null
@@ -1,154 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Data structure and API definitions for a verified boot firmware image.
- * (Firmware Portion)
- */
-
-#ifndef VBOOT_REFERENCE_FIRMWARE_IMAGE_FW_H_
-#define VBOOT_REFERENCE_FIRMWARE_IMAGE_FW_H_
-
-#include <stdint.h>
-#include "cryptolib.h"
-
-#define FIRMWARE_MAGIC "CHROMEOS"
-#define FIRMWARE_MAGIC_SIZE 8
-#define FIRMWARE_PREAMBLE_SIZE 8
-
-/* RSA 8192 and SHA-512. */
-#define ROOT_SIGNATURE_ALGORITHM 11
-#define ROOT_SIGNATURE_ALGORITHM_STRING "11"
-
-typedef struct FirmwareImage {
-  uint8_t magic[FIRMWARE_MAGIC_SIZE];
-  /* Key Header */
-  uint16_t header_len;  /* Length of the header. */
-  uint16_t firmware_sign_algorithm;  /* Signature algorithm used by the signing
-                                      * key. */
-  uint16_t firmware_key_version;  /* Key Version# for preventing rollbacks. */
-  uint8_t* firmware_sign_key;  /* Pre-processed public half of signing key. */
-  uint8_t header_checksum[SHA512_DIGEST_SIZE];  /* SHA-512 hash of the header.*/
-
-  uint8_t firmware_key_signature[RSA8192NUMBYTES];  /* Signature of the header
-                                                     * above. */
-
-  /* Firmware Preamble. */
-  uint16_t firmware_version;  /* Firmware Version# for preventing rollbacks.*/
-  uint64_t firmware_len;  /* Length of the rest of the R/W firmware data. */
-  uint16_t kernel_subkey_sign_algorithm;  /* Signature algorithm used for
-                                           * signing the kernel subkey. */
-  uint8_t* kernel_subkey_sign_key;  /* Pre-processed public half of the kernel
-                                     * subkey signing key. */
-  uint8_t preamble[FIRMWARE_PREAMBLE_SIZE];  /* Remaining preamble data.*/
-
-  uint8_t* preamble_signature;  /* Signature over the preamble. */
-
-  /* The firmware signature comes first as it may allow us to parallelize
-   * the firmware data fetch and RSA public operation.
-   */
-  uint8_t* firmware_signature;  /* Signature on the Preamble +
-                                   [firmware_data]. */
-  uint8_t* firmware_data;  /* Rest of firmware data */
-
-} FirmwareImage;
-
-
-/* Error Codes for VerifyFirmware* family of functions. */
-#define VERIFY_FIRMWARE_SUCCESS 0
-#define VERIFY_FIRMWARE_INVALID_IMAGE 1
-#define VERIFY_FIRMWARE_ROOT_SIGNATURE_FAILED 2
-#define VERIFY_FIRMWARE_INVALID_ALGORITHM 3
-#define VERIFY_FIRMWARE_PREAMBLE_SIGNATURE_FAILED 4
-#define VERIFY_FIRMWARE_SIGNATURE_FAILED 5
-#define VERIFY_FIRMWARE_WRONG_MAGIC 6
-#define VERIFY_FIRMWARE_WRONG_HEADER_CHECKSUM 7
-#define VERIFY_FIRMWARE_KEY_ROLLBACK 8
-#define VERIFY_FIRMWARE_VERSION_ROLLBACK 9
-#define VERIFY_FIRMWARE_TPM_ERROR 10
-#define VERIFY_FIRMWARE_MAX 11  /* Total number of error codes. */
-
-extern char* kVerifyFirmwareErrors[VERIFY_FIRMWARE_MAX];
-
-/* Returns the length of the verified boot firmware preamble based on
- * kernel subkey signing algorithm [algorithm]. */
-uint64_t GetFirmwarePreambleLen(int algorithm);
-
-/* Checks for the sanity of the firmware header pointed by [header_blob].
- *
- * On success, put signature algorithm in [algorithm], header length
- * in [header_len], and return 0.
- * Else, return error code on failure.
- */
-int VerifyFirmwareHeader(const uint8_t* root_key_blob,
-                         const uint8_t* header_blob,
-                         int* algorithm,
-                         int* header_len);
-
-/* Checks the preamble signature on firmware preamble pointed by
- * [preamble_blob] using the signing key [sign_key].
- *
- * On success, put firmware length into [firmware_len], and return 0.
- * Else, return error code on failure.
- */
-int VerifyFirmwarePreamble(RSAPublicKey* sign_key,
-                           const uint8_t* preamble_blob,
-                           int algorithm,
-                           uint64_t* firmware_len);
-
-/* Checks the signature on the preamble + firmware data at
- * [preamble_start] and [firmware_data].
- * The length of the actual firmware data is firmware_len and it is assumed to
- * be prepended with the signature whose size depends on the signature_algorithm
- * [algorithm]. This signature also covers the preamble data (but not the
- * preamble signature itself).
- *
- * Return 0 on success, error code on failure.
- */
-int VerifyFirmwareData(RSAPublicKey* sign_key,
-                       const uint8_t* preamble_start,
-                       const uint8_t* firmware_data,
-                       uint64_t firmware_len,
-                       int algorithm);
-
-/* Performs a chained verify of the firmware blob [firmware_blob], using root
- * key [root_key] and verification header [verification_header_blob].
- *
- * Returns 0 on success, error code on failure.
- *
- * NOTE: The length of the firmware blob is derived from reading the fields
- * in the first few bytes of the verification header. This might look risky but
- * in firmware land, the start address of the firmware_blob will always be fixed
- * depending on the memory map on the particular platform. In addition, the
- * signature on length itself is checked early in the verification process for
- * extra safety.
- */
-int VerifyFirmware(const uint8_t* root_key_blob,
-                   const uint8_t* verification_header_blob,
-                   const uint8_t* firmware_blob);
-
-/* Returns the logical version of a firmware blob which is calculated as
- * (firmware_key_version << 16 | firmware_version). */
-uint32_t GetLogicalFirmwareVersion(uint8_t* firmware_blob);
-
-#define  BOOT_FIRMWARE_A_CONTINUE 1
-#define  BOOT_FIRMWARE_B_CONTINUE 2
-#define  BOOT_FIRMWARE_RECOVERY_CONTINUE 3
-
-/* This function is the driver used by the RO firmware to
- * determine which copy of the firmware to boot from. It performs
- * the requisite rollback index checking, including updating them,
- * if required.
- *
- * Returns the code path to follow. It is one of:
- * BOOT_FIRMWARE_A_CONTINUE          Boot from Firmware A
- * BOOT_FIRMWARE_B_CONTINUE          Boot from Firmware B
- * BOOT_FIRMWARE_RECOVERY_CONTINUE   Jump to recovery mode
- */
-int VerifyFirmwareDriver_f(uint8_t* root_key_blob,
-                           uint8_t* verification_headerA,
-                           uint8_t* firmwareA,
-                           uint8_t* verification_headerB,
-                           uint8_t* firmwareB);
-
-#endif  /* VBOOT_REFERENCE_FIRMWARE_IMAGE_FW_H_ */
diff --git a/vboot_firmware/lib/include/vboot_kernel.h b/vboot_firmware/lib/include/vboot_kernel.h
index ffe417c3..03b640a1 100644
--- a/vboot_firmware/lib/include/vboot_kernel.h
+++ b/vboot_firmware/lib/include/vboot_kernel.h
@@ -12,7 +12,6 @@
 #include <stdint.h>
 
 #include "cgptlib.h"
-#include "load_kernel_fw.h"
 
 /* Allocates and reads GPT data from the drive.  The sector_bytes and
  * drive_sectors fields should be filled on input.  The primary and
@@ -25,7 +24,4 @@ int AllocAndReadGptData(GptData* gptdata);
  * buffers. */
 int WriteAndFreeGptData(GptData* gptdata);
 
-/* Alternate LoadKernel() implementation; see load_kernel_fw.h */
-int LoadKernel2(LoadKernelParams* params);
-
 #endif  /* VBOOT_REFERENCE_VBOOT_KERNEL_H_ */
diff --git a/vboot_firmware/lib/vboot_kernel.c b/vboot_firmware/lib/vboot_kernel.c
index fd791afe..cdf653db 100644
--- a/vboot_firmware/lib/vboot_kernel.c
+++ b/vboot_firmware/lib/vboot_kernel.c
@@ -106,7 +106,7 @@ int WriteAndFreeGptData(GptData* gptdata) {
 }
 
 
-int LoadKernel2(LoadKernelParams* params) {
+int LoadKernel(LoadKernelParams* params) {
 
   VbPublicKey* kernel_subkey = (VbPublicKey*)params->header_sign_key_blob;
 
diff --git a/vboot_firmware/linktest/main.c b/vboot_firmware/linktest/main.c
index 0b3bb700..6be093b7 100644
--- a/vboot_firmware/linktest/main.c
+++ b/vboot_firmware/linktest/main.c
@@ -1,8 +1,6 @@
 #include <stdio.h>
 
 #include "cgptlib.h"
-#include "firmware_image_fw.h"
-#include "kernel_image_fw.h"
 #include "load_firmware_fw.h"
 #include "load_kernel_fw.h"
 #include "rollback_index.h"
@@ -19,14 +17,6 @@ int main(void)
   GptNextKernelEntry(0, 0, 0);
   GptUpdateKernelEntry(0, 0);
 
-  /* kernel_image_fw.h */
-  VerifyKernelKeyHeader(0, 0, 0, 0, 0, 0);
-  VerifyKernelPreamble(0, 0, 0, 0);
-  VerifyKernelData(0, 0, 0, 0, 0);
-  VerifyKernelHeader(0, 0, 0, 0, 0, 0);
-  VerifyKernel(0, 0, 0);
-  GetLogicalKernelVersion(0);
-
   /* load_firmware_fw.h */
   UpdateFirmwareBodyHash(0, 0, 0);
   LoadFirmware(0);
@@ -77,8 +67,5 @@ int main(void)
   VerifyFirmwarePreamble2(0, 0, 0);
   VerifyKernelPreamble2(0, 0, 0);
 
-  /* vboot_kernel.h */
-  LoadKernel2(0);
-
   return 0;
 }
diff --git a/vboot_firmware/stub/load_firmware_stub.c b/vboot_firmware/stub/load_firmware_stub.c
index 1570f70b..9453856a 100644
--- a/vboot_firmware/stub/load_firmware_stub.c
+++ b/vboot_firmware/stub/load_firmware_stub.c
@@ -8,10 +8,12 @@
  */
 
 #include "load_firmware_fw.h"
-
-#include "firmware_image_fw.h"
 #include "utility.h"
 
+#define  BOOT_FIRMWARE_A_CONTINUE 1
+#define  BOOT_FIRMWARE_B_CONTINUE 2
+#define  BOOT_FIRMWARE_RECOVERY_CONTINUE 3
+
 typedef struct CallerInternal {
   uint8_t *firmwareA;
   uint64_t firmwareA_size;
diff --git a/vkernel/Makefile b/vkernel/Makefile
index 08005fae..875fc6cb 100644
--- a/vkernel/Makefile
+++ b/vkernel/Makefile
@@ -4,6 +4,7 @@
 
 INCLUDES += -I./include \
 		-I$(FWDIR)/lib/include \
+		-I$(FWDIR)/lib/cgptlib/include \
 		-I$(FWDIR)/lib/cryptolib/include \
 		-I../common/include \
 		-I../utility/include \
@@ -11,7 +12,7 @@ INCLUDES += -I./include \
 
 BUILD_ROOT := ${BUILD}/vkernel
 
-ALL_SRCS = kernel_image.c
+ALL_SRCS = kernel_image.c kernel_image_fw.c load_kernel_fw.c
 
 include ../common.mk
 
diff --git a/vboot_firmware/include/kernel_image_fw.h b/vkernel/include/kernel_image_fw.h
index 60b9f99d..60b9f99d 100644
--- a/vboot_firmware/include/kernel_image_fw.h
+++ b/vkernel/include/kernel_image_fw.h
diff --git a/vboot_firmware/lib/kernel_image_fw.c b/vkernel/kernel_image_fw.c
index afa01dd5..afa01dd5 100644
--- a/vboot_firmware/lib/kernel_image_fw.c
+++ b/vkernel/kernel_image_fw.c
diff --git a/vboot_firmware/lib/load_kernel_fw.c b/vkernel/load_kernel_fw.c
index 88870679..a135628e 100644
--- a/vboot_firmware/lib/load_kernel_fw.c
+++ b/vkernel/load_kernel_fw.c
@@ -27,7 +27,7 @@
 
 #define KBUF_SIZE 65536  /* Bytes to read at start of kernel partition */
 
-int LoadKernel(LoadKernelParams* params) {
+int LoadKernelOld(LoadKernelParams* params) {
 
   GptData gpt;
   uint64_t part_start, part_size;