diff options
author | Randall Spangler <rspangler@chromium.org> | 2010-06-16 12:51:26 -0700 |
---|---|---|
committer | Randall Spangler <rspangler@chromium.org> | 2010-06-16 12:51:26 -0700 |
commit | bd529f05ddc29dd3e08258d0b1007518c2d1a6b2 (patch) | |
tree | e41bc2e47b104dc5604bb47deea4636f1d788fbc | |
parent | 2a0155663e0213d5b7492c433f8a4edece4db838 (diff) | |
download | vboot-bd529f05ddc29dd3e08258d0b1007518c2d1a6b2.tar.gz |
Move old vkernel code out of vboot_firmware.
It will go away entirely once the build has moved to vboot_kernel.
Review URL: http://codereview.chromium.org/2866006
-rw-r--r-- | tests/Makefile | 3 | ||||
-rw-r--r-- | utility/Makefile | 6 | ||||
-rw-r--r-- | utility/load_kernel_test.c | 7 | ||||
-rw-r--r-- | utility/load_kernel_test_old.c (renamed from utility/load_kernel2_test.c) | 16 | ||||
-rw-r--r-- | vboot_firmware/Makefile | 2 | ||||
-rw-r--r-- | vboot_firmware/include/firmware_image_fw.h | 154 | ||||
-rw-r--r-- | vboot_firmware/lib/include/vboot_kernel.h | 4 | ||||
-rw-r--r-- | vboot_firmware/lib/vboot_kernel.c | 2 | ||||
-rw-r--r-- | vboot_firmware/linktest/main.c | 13 | ||||
-rw-r--r-- | vboot_firmware/stub/load_firmware_stub.c | 6 | ||||
-rw-r--r-- | vkernel/Makefile | 3 | ||||
-rw-r--r-- | vkernel/include/kernel_image_fw.h (renamed from vboot_firmware/include/kernel_image_fw.h) | 0 | ||||
-rw-r--r-- | vkernel/kernel_image_fw.c (renamed from vboot_firmware/lib/kernel_image_fw.c) | 0 | ||||
-rw-r--r-- | vkernel/load_kernel_fw.c (renamed from vboot_firmware/lib/load_kernel_fw.c) | 2 |
14 files changed, 28 insertions, 190 deletions
diff --git a/tests/Makefile b/tests/Makefile index 733d68fd..c2075648 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -10,7 +10,8 @@ INCLUDES += -I./include \ -I../misclibs/include \ -I../vboot_firmware/lib/include\ -I../vkernel/include -IMAGE_LIBS = $(BUILD)/vkernel/kernel_image.o +IMAGE_LIBS = $(BUILD)/vkernel/kernel_image.o \ + $(BUILD)/vkernel/kernel_image_fw.o UTIL_LIBS = $(BUILD)/misclibs/file_keys.o $(BUILD)/misclibs/signature_digest.o LIBS = $(IMAGE_LIBS) $(UTIL_LIBS) $(HOSTLIB) $(FWLIB) -lcrypto BUILD_ROOT = ${BUILD}/tests diff --git a/utility/Makefile b/utility/Makefile index eca60560..9fa7aacc 100644 --- a/utility/Makefile +++ b/utility/Makefile @@ -15,6 +15,8 @@ CFLAGS += -MMD -MF $@.d LIBS = $(BUILD)/misclibs/file_keys.o \ $(BUILD)/misclibs/signature_digest.o \ $(BUILD)/vkernel/kernel_image.o \ + $(BUILD)/vkernel/kernel_image_fw.o \ + $(BUILD)/vkernel/load_kernel_fw.o \ $(HOSTLIB) \ $(FWLIB) @@ -26,7 +28,7 @@ TARGET_NAMES = dumpRSAPublicKey \ gbb_utility \ kernel_utility \ load_kernel_test \ - load_kernel2_test \ + load_kernel_test_old \ sign_image \ signature_digest_utility \ vbutil_firmware \ @@ -49,7 +51,7 @@ ${BUILD_ROOT}/gbb_utility: gbb_utility.cc ${BUILD_ROOT}/load_kernel_test: load_kernel_test.c $(LIBS) $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) -lcrypto -${BUILD_ROOT}/load_kernel2_test: load_kernel2_test.c $(LIBS) +${BUILD_ROOT}/load_kernel_test_old: load_kernel_test_old.c $(LIBS) $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) -lcrypto ${BUILD_ROOT}/kernel_utility: kernel_utility.cc $(LIBS) diff --git a/utility/load_kernel_test.c b/utility/load_kernel_test.c index 32c02c9a..ebeeb43a 100644 --- a/utility/load_kernel_test.c +++ b/utility/load_kernel_test.c @@ -18,6 +18,7 @@ #include "host_common.h" #include "rollback_index.h" #include "utility.h" +#include "vboot_kernel.h" /* ANSI Color coding sequences. */ #define COL_GREEN "\e[1;32m" @@ -123,8 +124,10 @@ int main(int argc, char* argv[]) { return 1; } - /* TODO: Option for boot mode */ - lkp.boot_flags = 0; + /* TODO: Option for boot mode - developer, recovery */ + /* Need to skip the address check, since we're putting it somewhere on the + * heap instead of its actual target address in the firmware. */ + lkp.boot_flags = BOOT_FLAG_SKIP_ADDR_CHECK; /* Call LoadKernel() */ rv = LoadKernel(&lkp); diff --git a/utility/load_kernel2_test.c b/utility/load_kernel_test_old.c index 3d50211b..84ba4ca3 100644 --- a/utility/load_kernel2_test.c +++ b/utility/load_kernel_test_old.c @@ -18,7 +18,11 @@ #include "host_common.h" #include "rollback_index.h" #include "utility.h" -#include "vboot_kernel.h" + +int LoadKernelOld(LoadKernelParams* params); +/* Attempts to load the kernel from the current device. + * + * Returns LOAD_KERNEL_SUCCESS if successful, error code on failure. */ /* ANSI Color coding sequences. */ #define COL_GREEN "\e[1;32m" @@ -124,14 +128,12 @@ int main(int argc, char* argv[]) { return 1; } - /* TODO: Option for boot mode - developer, recovery */ - /* Need to skip the address check, since we're putting it somewhere on the - * heap instead of its actual target address in the firmware. */ - lkp.boot_flags = BOOT_FLAG_SKIP_ADDR_CHECK; + /* TODO: Option for boot mode */ + lkp.boot_flags = 0; /* Call LoadKernel() */ - rv = LoadKernel2(&lkp); - printf("LoadKernel() returned %d\n", rv); + rv = LoadKernelOld(&lkp); + printf("LoadKernelOld() returned %d\n", rv); if (LOAD_KERNEL_SUCCESS == rv) { printf("Partition number: %" PRIu64 "\n", lkp.partition_number); diff --git a/vboot_firmware/Makefile b/vboot_firmware/Makefile index 60eaa0c8..07e113a0 100644 --- a/vboot_firmware/Makefile +++ b/vboot_firmware/Makefile @@ -26,8 +26,6 @@ LIB_SRCS = \ ./lib/cryptolib/sha1.c \ ./lib/cryptolib/sha2.c \ ./lib/cryptolib/sha_utility.c \ - ./lib/kernel_image_fw.c \ - ./lib/load_kernel_fw.c \ ./lib/rollback_index.c \ ./lib/stateful_util.c \ ./lib/vboot_common.c \ diff --git a/vboot_firmware/include/firmware_image_fw.h b/vboot_firmware/include/firmware_image_fw.h deleted file mode 100644 index 32ae9ed4..00000000 --- a/vboot_firmware/include/firmware_image_fw.h +++ /dev/null @@ -1,154 +0,0 @@ -/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Data structure and API definitions for a verified boot firmware image. - * (Firmware Portion) - */ - -#ifndef VBOOT_REFERENCE_FIRMWARE_IMAGE_FW_H_ -#define VBOOT_REFERENCE_FIRMWARE_IMAGE_FW_H_ - -#include <stdint.h> -#include "cryptolib.h" - -#define FIRMWARE_MAGIC "CHROMEOS" -#define FIRMWARE_MAGIC_SIZE 8 -#define FIRMWARE_PREAMBLE_SIZE 8 - -/* RSA 8192 and SHA-512. */ -#define ROOT_SIGNATURE_ALGORITHM 11 -#define ROOT_SIGNATURE_ALGORITHM_STRING "11" - -typedef struct FirmwareImage { - uint8_t magic[FIRMWARE_MAGIC_SIZE]; - /* Key Header */ - uint16_t header_len; /* Length of the header. */ - uint16_t firmware_sign_algorithm; /* Signature algorithm used by the signing - * key. */ - uint16_t firmware_key_version; /* Key Version# for preventing rollbacks. */ - uint8_t* firmware_sign_key; /* Pre-processed public half of signing key. */ - uint8_t header_checksum[SHA512_DIGEST_SIZE]; /* SHA-512 hash of the header.*/ - - uint8_t firmware_key_signature[RSA8192NUMBYTES]; /* Signature of the header - * above. */ - - /* Firmware Preamble. */ - uint16_t firmware_version; /* Firmware Version# for preventing rollbacks.*/ - uint64_t firmware_len; /* Length of the rest of the R/W firmware data. */ - uint16_t kernel_subkey_sign_algorithm; /* Signature algorithm used for - * signing the kernel subkey. */ - uint8_t* kernel_subkey_sign_key; /* Pre-processed public half of the kernel - * subkey signing key. */ - uint8_t preamble[FIRMWARE_PREAMBLE_SIZE]; /* Remaining preamble data.*/ - - uint8_t* preamble_signature; /* Signature over the preamble. */ - - /* The firmware signature comes first as it may allow us to parallelize - * the firmware data fetch and RSA public operation. - */ - uint8_t* firmware_signature; /* Signature on the Preamble + - [firmware_data]. */ - uint8_t* firmware_data; /* Rest of firmware data */ - -} FirmwareImage; - - -/* Error Codes for VerifyFirmware* family of functions. */ -#define VERIFY_FIRMWARE_SUCCESS 0 -#define VERIFY_FIRMWARE_INVALID_IMAGE 1 -#define VERIFY_FIRMWARE_ROOT_SIGNATURE_FAILED 2 -#define VERIFY_FIRMWARE_INVALID_ALGORITHM 3 -#define VERIFY_FIRMWARE_PREAMBLE_SIGNATURE_FAILED 4 -#define VERIFY_FIRMWARE_SIGNATURE_FAILED 5 -#define VERIFY_FIRMWARE_WRONG_MAGIC 6 -#define VERIFY_FIRMWARE_WRONG_HEADER_CHECKSUM 7 -#define VERIFY_FIRMWARE_KEY_ROLLBACK 8 -#define VERIFY_FIRMWARE_VERSION_ROLLBACK 9 -#define VERIFY_FIRMWARE_TPM_ERROR 10 -#define VERIFY_FIRMWARE_MAX 11 /* Total number of error codes. */ - -extern char* kVerifyFirmwareErrors[VERIFY_FIRMWARE_MAX]; - -/* Returns the length of the verified boot firmware preamble based on - * kernel subkey signing algorithm [algorithm]. */ -uint64_t GetFirmwarePreambleLen(int algorithm); - -/* Checks for the sanity of the firmware header pointed by [header_blob]. - * - * On success, put signature algorithm in [algorithm], header length - * in [header_len], and return 0. - * Else, return error code on failure. - */ -int VerifyFirmwareHeader(const uint8_t* root_key_blob, - const uint8_t* header_blob, - int* algorithm, - int* header_len); - -/* Checks the preamble signature on firmware preamble pointed by - * [preamble_blob] using the signing key [sign_key]. - * - * On success, put firmware length into [firmware_len], and return 0. - * Else, return error code on failure. - */ -int VerifyFirmwarePreamble(RSAPublicKey* sign_key, - const uint8_t* preamble_blob, - int algorithm, - uint64_t* firmware_len); - -/* Checks the signature on the preamble + firmware data at - * [preamble_start] and [firmware_data]. - * The length of the actual firmware data is firmware_len and it is assumed to - * be prepended with the signature whose size depends on the signature_algorithm - * [algorithm]. This signature also covers the preamble data (but not the - * preamble signature itself). - * - * Return 0 on success, error code on failure. - */ -int VerifyFirmwareData(RSAPublicKey* sign_key, - const uint8_t* preamble_start, - const uint8_t* firmware_data, - uint64_t firmware_len, - int algorithm); - -/* Performs a chained verify of the firmware blob [firmware_blob], using root - * key [root_key] and verification header [verification_header_blob]. - * - * Returns 0 on success, error code on failure. - * - * NOTE: The length of the firmware blob is derived from reading the fields - * in the first few bytes of the verification header. This might look risky but - * in firmware land, the start address of the firmware_blob will always be fixed - * depending on the memory map on the particular platform. In addition, the - * signature on length itself is checked early in the verification process for - * extra safety. - */ -int VerifyFirmware(const uint8_t* root_key_blob, - const uint8_t* verification_header_blob, - const uint8_t* firmware_blob); - -/* Returns the logical version of a firmware blob which is calculated as - * (firmware_key_version << 16 | firmware_version). */ -uint32_t GetLogicalFirmwareVersion(uint8_t* firmware_blob); - -#define BOOT_FIRMWARE_A_CONTINUE 1 -#define BOOT_FIRMWARE_B_CONTINUE 2 -#define BOOT_FIRMWARE_RECOVERY_CONTINUE 3 - -/* This function is the driver used by the RO firmware to - * determine which copy of the firmware to boot from. It performs - * the requisite rollback index checking, including updating them, - * if required. - * - * Returns the code path to follow. It is one of: - * BOOT_FIRMWARE_A_CONTINUE Boot from Firmware A - * BOOT_FIRMWARE_B_CONTINUE Boot from Firmware B - * BOOT_FIRMWARE_RECOVERY_CONTINUE Jump to recovery mode - */ -int VerifyFirmwareDriver_f(uint8_t* root_key_blob, - uint8_t* verification_headerA, - uint8_t* firmwareA, - uint8_t* verification_headerB, - uint8_t* firmwareB); - -#endif /* VBOOT_REFERENCE_FIRMWARE_IMAGE_FW_H_ */ diff --git a/vboot_firmware/lib/include/vboot_kernel.h b/vboot_firmware/lib/include/vboot_kernel.h index ffe417c3..03b640a1 100644 --- a/vboot_firmware/lib/include/vboot_kernel.h +++ b/vboot_firmware/lib/include/vboot_kernel.h @@ -12,7 +12,6 @@ #include <stdint.h> #include "cgptlib.h" -#include "load_kernel_fw.h" /* Allocates and reads GPT data from the drive. The sector_bytes and * drive_sectors fields should be filled on input. The primary and @@ -25,7 +24,4 @@ int AllocAndReadGptData(GptData* gptdata); * buffers. */ int WriteAndFreeGptData(GptData* gptdata); -/* Alternate LoadKernel() implementation; see load_kernel_fw.h */ -int LoadKernel2(LoadKernelParams* params); - #endif /* VBOOT_REFERENCE_VBOOT_KERNEL_H_ */ diff --git a/vboot_firmware/lib/vboot_kernel.c b/vboot_firmware/lib/vboot_kernel.c index fd791afe..cdf653db 100644 --- a/vboot_firmware/lib/vboot_kernel.c +++ b/vboot_firmware/lib/vboot_kernel.c @@ -106,7 +106,7 @@ int WriteAndFreeGptData(GptData* gptdata) { } -int LoadKernel2(LoadKernelParams* params) { +int LoadKernel(LoadKernelParams* params) { VbPublicKey* kernel_subkey = (VbPublicKey*)params->header_sign_key_blob; diff --git a/vboot_firmware/linktest/main.c b/vboot_firmware/linktest/main.c index 0b3bb700..6be093b7 100644 --- a/vboot_firmware/linktest/main.c +++ b/vboot_firmware/linktest/main.c @@ -1,8 +1,6 @@ #include <stdio.h> #include "cgptlib.h" -#include "firmware_image_fw.h" -#include "kernel_image_fw.h" #include "load_firmware_fw.h" #include "load_kernel_fw.h" #include "rollback_index.h" @@ -19,14 +17,6 @@ int main(void) GptNextKernelEntry(0, 0, 0); GptUpdateKernelEntry(0, 0); - /* kernel_image_fw.h */ - VerifyKernelKeyHeader(0, 0, 0, 0, 0, 0); - VerifyKernelPreamble(0, 0, 0, 0); - VerifyKernelData(0, 0, 0, 0, 0); - VerifyKernelHeader(0, 0, 0, 0, 0, 0); - VerifyKernel(0, 0, 0); - GetLogicalKernelVersion(0); - /* load_firmware_fw.h */ UpdateFirmwareBodyHash(0, 0, 0); LoadFirmware(0); @@ -77,8 +67,5 @@ int main(void) VerifyFirmwarePreamble2(0, 0, 0); VerifyKernelPreamble2(0, 0, 0); - /* vboot_kernel.h */ - LoadKernel2(0); - return 0; } diff --git a/vboot_firmware/stub/load_firmware_stub.c b/vboot_firmware/stub/load_firmware_stub.c index 1570f70b..9453856a 100644 --- a/vboot_firmware/stub/load_firmware_stub.c +++ b/vboot_firmware/stub/load_firmware_stub.c @@ -8,10 +8,12 @@ */ #include "load_firmware_fw.h" - -#include "firmware_image_fw.h" #include "utility.h" +#define BOOT_FIRMWARE_A_CONTINUE 1 +#define BOOT_FIRMWARE_B_CONTINUE 2 +#define BOOT_FIRMWARE_RECOVERY_CONTINUE 3 + typedef struct CallerInternal { uint8_t *firmwareA; uint64_t firmwareA_size; diff --git a/vkernel/Makefile b/vkernel/Makefile index 08005fae..875fc6cb 100644 --- a/vkernel/Makefile +++ b/vkernel/Makefile @@ -4,6 +4,7 @@ INCLUDES += -I./include \ -I$(FWDIR)/lib/include \ + -I$(FWDIR)/lib/cgptlib/include \ -I$(FWDIR)/lib/cryptolib/include \ -I../common/include \ -I../utility/include \ @@ -11,7 +12,7 @@ INCLUDES += -I./include \ BUILD_ROOT := ${BUILD}/vkernel -ALL_SRCS = kernel_image.c +ALL_SRCS = kernel_image.c kernel_image_fw.c load_kernel_fw.c include ../common.mk diff --git a/vboot_firmware/include/kernel_image_fw.h b/vkernel/include/kernel_image_fw.h index 60b9f99d..60b9f99d 100644 --- a/vboot_firmware/include/kernel_image_fw.h +++ b/vkernel/include/kernel_image_fw.h diff --git a/vboot_firmware/lib/kernel_image_fw.c b/vkernel/kernel_image_fw.c index afa01dd5..afa01dd5 100644 --- a/vboot_firmware/lib/kernel_image_fw.c +++ b/vkernel/kernel_image_fw.c diff --git a/vboot_firmware/lib/load_kernel_fw.c b/vkernel/load_kernel_fw.c index 88870679..a135628e 100644 --- a/vboot_firmware/lib/load_kernel_fw.c +++ b/vkernel/load_kernel_fw.c @@ -27,7 +27,7 @@ #define KBUF_SIZE 65536 /* Bytes to read at start of kernel partition */ -int LoadKernel(LoadKernelParams* params) { +int LoadKernelOld(LoadKernelParams* params) { GptData gpt; uint64_t part_start, part_size; |