diff options
author | Duncan Laurie <dlaurie@chromium.org> | 2014-11-25 18:41:24 -0800 |
---|---|---|
committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-11-26 02:46:34 +0000 |
commit | 87dbcbcebeb9331ec0d88568de8a7182b6dea524 (patch) | |
tree | e41614a8ae7848d8e2cadda71446192c519dccaf | |
parent | f1a794b4fde720872ff066fa085dd62167378209 (diff) | |
download | vboot-87dbcbcebeb9331ec0d88568de8a7182b6dea524.tar.gz |
Revert "Add hwid digest field to GBB header"
This reverts commit 5f1f8b7835d291c5e6304240a4b21187cd4c4d17.
Removing HWID digest commits as they seem to make gbb_utility segfault.
BUG=chrome-os-partner:34103
BRANCH=samus
TEST=gbb_utility -s --hwid=test image.bin
Change-Id: I041d923dfdffb4941a7be0391e8d534a049de0de
Signed-off-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/231992
-rw-r--r-- | Makefile | 2 | ||||
-rw-r--r-- | firmware/2lib/include/2struct.h | 11 | ||||
-rw-r--r-- | firmware/include/gbb_header.h | 7 | ||||
-rw-r--r-- | futility/cmd_gbb_utility.c | 16 | ||||
-rw-r--r-- | futility/cmd_show.c | 4 | ||||
-rw-r--r-- | futility/futility.c | 2 | ||||
-rw-r--r-- | futility/futility.h | 8 | ||||
-rw-r--r-- | futility/misc.c | 51 | ||||
-rwxr-xr-x | tests/futility/test_gbb_utility.sh | 27 | ||||
-rw-r--r-- | tests/futility/test_not_really.c | 12 | ||||
-rw-r--r-- | tests/vb2_misc_tests.c | 4 | ||||
-rw-r--r-- | utility/bmpblk_utility.cc | 2 |
12 files changed, 14 insertions, 132 deletions
@@ -175,7 +175,7 @@ endif # And a few more default utilities LD = ${CC} -CXX ?= g++ +CXX ?= g++ # HEY: really? PKG_CONFIG ?= pkg-config # Determine QEMU architecture needed, if any diff --git a/firmware/2lib/include/2struct.h b/firmware/2lib/include/2struct.h index 13eb8c19..339283ef 100644 --- a/firmware/2lib/include/2struct.h +++ b/firmware/2lib/include/2struct.h @@ -315,8 +315,7 @@ struct vb2_shared_data { /* VB2 GBB struct version */ #define VB2_GBB_MAJOR_VER 1 -#define VB2_GBB_MINOR_VER 2 -/* v1.2 - added fields for sha256 digest of the HWID */ +#define VB2_GBB_MINOR_VER 1 /* Flags for vb2_gbb_header.flags */ enum vb2_gbb_flag { @@ -389,13 +388,7 @@ struct vb2_gbb_header { uint32_t recovery_key_offset; /* Recovery key */ uint32_t recovery_key_size; - /* Added in version 1.2 */ - uint8_t hwid_digest[32]; /* sha256 */ - - uint8_t pad[48]; /* To match EXPECTED_GBB_HEADER_SIZE. Init to 0. */ + uint8_t pad[80]; /* To match GBB_HEADER_SIZE. Initialize to 0. */ } __attribute__((packed)); -/* The GBB is used outside of vboot_reference, so this size is important. */ -#define EXPECTED_GBB_HEADER_SIZE 128 - #endif /* VBOOT_REFERENCE_VBOOT_2STRUCT_H_ */ diff --git a/firmware/include/gbb_header.h b/firmware/include/gbb_header.h index e73ea95b..222a433a 100644 --- a/firmware/include/gbb_header.h +++ b/firmware/include/gbb_header.h @@ -26,8 +26,7 @@ * return default values for those fields. */ #define GBB_MAJOR_VER 1 -#define GBB_MINOR_VER 2 -/* v1.2 - added field to hold sha256 digest of the HWID */ +#define GBB_MINOR_VER 1 /* Maximum length of a HWID in bytes, counting terminating null. */ #define GBB_HWID_MAX_SIZE 256 @@ -89,10 +88,8 @@ typedef struct GoogleBinaryBlockHeader uint32_t bmpfv_size; uint32_t recovery_key_offset; /* Recovery key */ uint32_t recovery_key_size; - /* Added in version 1.2 */ - uint8_t hwid_digest[32]; /* sha256 */ - uint8_t pad[48]; /* To match GBB_HEADER_SIZE. Initialize to 0. */ + uint8_t pad[80]; /* To match GBB_HEADER_SIZE. Initialize to 0. */ } __attribute__((packed)) GoogleBinaryBlockHeader; #ifdef __cplusplus diff --git a/futility/cmd_gbb_utility.c b/futility/cmd_gbb_utility.c index 9e608d1f..e8910e67 100644 --- a/futility/cmd_gbb_utility.c +++ b/futility/cmd_gbb_utility.c @@ -29,7 +29,6 @@ static void print_help(const char *prog) "with following options:\n" " --hwid \tReport hardware id (default).\n" " --flags \tReport header flags.\n" - " --digest \tReport digest of hwid (>= v1.2)\n" " -k, --rootkey=FILE \tFile name to export Root Key.\n" " -b, --bmpfv=FILE \tFile name to export Bitmap FV.\n" " -r --recoverykey=FILE\tFile name to export Recovery Key.\n" @@ -56,10 +55,6 @@ static void print_help(const char *prog) prog, prog, prog, prog); } -enum { - OPT_DIGEST = 1000, -}; - /* Command line options */ static const struct option long_opts[] = { /* name hasarg *flag val */ @@ -72,7 +67,6 @@ static const struct option long_opts[] = { {"recoverykey", 1, NULL, 'R'}, {"hwid", 2, NULL, 'i'}, {"flags", 2, NULL, 'L'}, - {"digest", 0, NULL, OPT_DIGEST}, {NULL, 0, NULL, 0}, }; @@ -346,7 +340,6 @@ static int do_gbb_utility(int argc, char *argv[]) char *opt_hwid = NULL; char *opt_flags = NULL; int sel_hwid = 0; - int sel_digest = 0; int sel_flags = 0; uint8_t *inbuf = NULL; off_t filesize; @@ -393,9 +386,6 @@ static int do_gbb_utility(int argc, char *argv[]) opt_flags = optarg; sel_flags = 1; break; - case OPT_DIGEST: - sel_digest = 1; - break; case '?': errorcnt++; if (optopt) @@ -447,7 +437,7 @@ static int do_gbb_utility(int argc, char *argv[]) /* With no args, show the HWID */ if (!opt_rootkey && !opt_bmpfv && !opt_recoverykey - && !sel_flags && !sel_digest) + && !sel_flags) sel_hwid = 1; inbuf = read_entire_file(infile, &filesize); @@ -467,9 +457,6 @@ static int do_gbb_utility(int argc, char *argv[]) gbb->hwid_size ? (char *)(gbb_base + gbb-> hwid_offset) : ""); - if (sel_digest) - print_hwid_digest(gbb, "digest: ", "\n"); - if (sel_flags) printf("flags: 0x%08x\n", gbb->flags); if (opt_rootkey) @@ -553,7 +540,6 @@ static int do_gbb_utility(int argc, char *argv[]) gbb->hwid_size); strcpy((char *)(gbb_base + gbb->hwid_offset), opt_hwid); - update_hwid_digest(gbb); } } diff --git a/futility/cmd_show.c b/futility/cmd_show.c index f065b42c..2873f60b 100644 --- a/futility/cmd_show.c +++ b/futility/cmd_show.c @@ -141,8 +141,8 @@ int futil_cb_show_gbb(struct futil_traverse_state_s *state) } printf("GBB content:\n"); - printf(" HWID: %s\n", buf + gbb->hwid_offset); - print_hwid_digest(gbb, " digest: ", "\n"); + printf(" HWID: %s\n", + (const char *)(buf + gbb->hwid_offset)); pubkey = (VbPublicKey *)(buf + gbb->rootkey_offset); if (PublicKeyLooksOkay(pubkey, gbb->rootkey_size)) { diff --git a/futility/futility.c b/futility/futility.c index c74bba61..ec22e257 100644 --- a/futility/futility.c +++ b/futility/futility.c @@ -129,7 +129,7 @@ static void log_args(int argc, char *argv[]) log_open(); /* delimiter */ - log_str(NULL, "##### LOG #####"); + log_str(NULL, "##### HEY #####"); /* Can we tell who called us? */ parent = getppid(); diff --git a/futility/futility.h b/futility/futility.h index 652b5fbc..79d05da4 100644 --- a/futility/futility.h +++ b/futility/futility.h @@ -74,14 +74,6 @@ int futil_looks_like_gbb(GoogleBinaryBlockHeader *gbb, uint32_t len); int futil_valid_gbb_header(GoogleBinaryBlockHeader *gbb, uint32_t len, uint32_t *maxlen); -/* For GBB v1.2 and later, update the hwid_digest */ -void update_hwid_digest(GoogleBinaryBlockHeader *gbb); - -/* For GBB v1.2 and later, print the stored digest of the HWID (and whether - * it's correct). Return true if it is correct. */ -int print_hwid_digest(GoogleBinaryBlockHeader *gbb, - const char *banner, const char *footer); - /* Copies a file or dies with an error message */ void futil_copy_file_or_die(const char *infile, const char *outfile); diff --git a/futility/misc.c b/futility/misc.c index 42e8bb44..513fc8b6 100644 --- a/futility/misc.c +++ b/futility/misc.c @@ -114,57 +114,6 @@ int futil_valid_gbb_header(GoogleBinaryBlockHeader *gbb, uint32_t len, return 1; } -/* For GBB v1.2 and later, print the stored digest of the HWID (and whether - * it's correct). Return true if it is correct. */ -int print_hwid_digest(GoogleBinaryBlockHeader *gbb, - const char *banner, const char *footer) -{ - printf("%s", banner); - - /* There isn't one for v1.1 and earlier, so assume it's good. */ - if (gbb->minor_version < 2) { - printf("<none>%s", footer); - return 1; - } - - uint8_t *buf = (uint8_t *)gbb; - char *hwid_str = (char *)(buf + gbb->hwid_offset); - int is_valid = 0; - uint8_t* digest = DigestBuf(buf + gbb->hwid_offset, - strlen(hwid_str), - SHA256_DIGEST_ALGORITHM); - if (digest) { - int i; - is_valid = 1; - /* print it, comparing as we go */ - for (i = 0; i < SHA256_DIGEST_SIZE; i++) { - printf("%02x", gbb->hwid_digest[i]); - if (gbb->hwid_digest[i] != digest[i]) - is_valid = 0; - } - free(digest); - } - - printf(" %s", is_valid ? "valid" : "<invalid>"); - printf("%s", footer); - return is_valid; -} - -/* For GBB v1.2 and later, update the hwid_digest field. */ -void update_hwid_digest(GoogleBinaryBlockHeader *gbb) -{ - /* There isn't one for v1.1 and earlier */ - if (gbb->minor_version < 2) - return; - - uint8_t *buf = (uint8_t *)gbb; - char *hwid_str = (char *)(buf + gbb->hwid_offset); - uint8_t* digest = DigestBuf(buf + gbb->hwid_offset, - strlen(hwid_str), - SHA256_DIGEST_ALGORITHM); - memcpy(gbb->hwid_digest, digest, SHA256_DIGEST_SIZE); - free(digest); -} /* * TODO: All sorts of race conditions likely here, and everywhere this is used. diff --git a/tests/futility/test_gbb_utility.sh b/tests/futility/test_gbb_utility.sh index 3d8e576b..26e5ef1a 100755 --- a/tests/futility/test_gbb_utility.sh +++ b/tests/futility/test_gbb_utility.sh @@ -201,33 +201,6 @@ cat ${TMP}.blob | ${REPLACE} 0x2c 0x00 > ${TMP}.blob.bad ${FUTILITY} gbb_utility -g --recoverykey ${TMP}.read2 ${TMP}.blob.bad if ${FUTILITY} gbb_utility -s --recoverykey ${TMP}.data2 ${TMP}.blob.bad; then false; fi - -# GBB v1.2 adds a sha256 digest field in what was previously padding: -# -# hwid_digest: 0x0030 xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx -# 0x0040 xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx -# pad: 0x0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -# 0x0060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -# 0x0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -# (HWID) 0x0080 30 31 32 33 34 35 36 37 38 39 41 42 43 44 45 00 - -# See that the digest is updated properly. -hwid="123456789ABCDEF" -${FUTILITY} gbb_utility -s -i ${hwid} ${TMP}.blob -expect=$(echo -n "$hwid" | sha256sum | cut -d ' ' -f 1) -[ $(echo -n ${expect} | wc -c) == "64" ] -${FUTILITY} gbb_utility -g --digest ${TMP}.blob | grep ${expect} - -# Garble the digest, see that it's noticed. -# (assuming these zeros aren't present) -cat ${TMP}.blob | ${REPLACE} 0x33 0x00 0x00 0x00 0x00 0x00 > ${TMP}.blob.bad -${FUTILITY} gbb_utility -g --digest ${TMP}.blob.bad | grep '0000000000' -${FUTILITY} gbb_utility -g --digest ${TMP}.blob.bad | grep 'invalid' - -# Garble the HWID. The digest is unchanged, but now invalid. -cat ${TMP}.blob | ${REPLACE} 0x84 0x70 0x71 0x72 > ${TMP}.blob.bad -${FUTILITY} gbb_utility -g --digest ${TMP}.blob.bad | grep 'invalid' - # cleanup rm -f ${TMP}* exit 0 diff --git a/tests/futility/test_not_really.c b/tests/futility/test_not_really.c index 91756ac3..6a6555c4 100644 --- a/tests/futility/test_not_really.c +++ b/tests/futility/test_not_really.c @@ -1,19 +1,15 @@ /* - * Copyright (c) 2014 The Chromium OS Authors. All rights reserved. + * Copyright (c) 2013 The Chromium OS Authors. All rights reserved. * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. */ #include <stdio.h> -#include "gbb_header.h" #include "test_common.h" int main(int argc, char *argv[]) { - TEST_EQ(sizeof(GoogleBinaryBlockHeader), - GBB_HEADER_SIZE, - "sizeof(GoogleBinaryBlockHeader)"); + TEST_EQ(0, 0, "Not Really A"); - TEST_EQ(0, 0, "Not Really A"); - - return !gTestSuccess; + return !gTestSuccess; } + diff --git a/tests/vb2_misc_tests.c b/tests/vb2_misc_tests.c index 8c3fc333..6155f23e 100644 --- a/tests/vb2_misc_tests.c +++ b/tests/vb2_misc_tests.c @@ -134,10 +134,6 @@ static void gbb_tests(void) struct vb2_gbb_header gbbdest; - TEST_EQ(sizeof(struct vb2_gbb_header), - EXPECTED_GBB_HEADER_SIZE, - "sizeof(struct vb2_gbb_header)"); - reset_common_data(); /* Good contents */ diff --git a/utility/bmpblk_utility.cc b/utility/bmpblk_utility.cc index 5069e4a8..b3af1414 100644 --- a/utility/bmpblk_utility.cc +++ b/utility/bmpblk_utility.cc @@ -499,7 +499,7 @@ namespace vboot_reference { config_.header.minor_version = minor_version_; config_.header.number_of_localizations = config_.localizations.size(); config_.header.number_of_screenlayouts = config_.localizations[0].size(); - // NOTE: this is part of the yaml consistency check + // HEY: this is part of the yaml consistency check for (unsigned int i = 1; i < config_.localizations.size(); ++i) { assert(config_.header.number_of_screenlayouts == config_.localizations[i].size()); |