diff options
| author | Randall Spangler <rspangler@chromium.org> | 2014-06-05 13:32:11 -0700 |
|---|---|---|
| committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-06-07 01:37:21 +0000 |
| commit | b9be53640efdee92b1b42e60adda274563236301 (patch) | |
| tree | f8f2f5ef809c7a0d163334f9e2675b016fae3ca4 /firmware/2lib | |
| parent | b64f097891e697eaf3b2794baae934f8b4d82d14 (diff) | |
| download | vboot-factory-samus-5939.B.tar.gz | |
vboot2: Use more specific error codesstabilize-5944.Bstabilize-5943.Bstabilize-5942.Bfactory-samus-5939.B
Error codes reported by the crypto and storage APIs are now very
specific, and tests verify the proper errors are reported.
More specific error codes coming to other files next, but I don't want
this CL to get too long.
This also changes test_common.c so TEST_EQ() reports mismatched values
in both decimal and hex, and adds TEST_SUCC() to test for a successful
return value.
BUG=chromium:370082
BRANCH=none
TEST=make clean && VBOOT2=1 COV=1 make
Change-Id: I255c8e5769284fbc286b9d94631b19677a71cdd0
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/202778
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Diffstat (limited to 'firmware/2lib')
| -rw-r--r-- | firmware/2lib/2nvstorage.c | 4 | ||||
| -rw-r--r-- | firmware/2lib/2rsa.c | 14 | ||||
| -rw-r--r-- | firmware/2lib/2secdata.c | 10 | ||||
| -rw-r--r-- | firmware/2lib/2sha_utility.c | 8 | ||||
| -rw-r--r-- | firmware/2lib/include/2return_codes.h | 98 |
5 files changed, 112 insertions, 22 deletions
diff --git a/firmware/2lib/2nvstorage.c b/firmware/2lib/2nvstorage.c index 3bfe151c..be635825 100644 --- a/firmware/2lib/2nvstorage.c +++ b/firmware/2lib/2nvstorage.c @@ -82,11 +82,11 @@ int vb2_nv_check_crc(const struct vb2_context *ctx) /* Check header */ if (VB2_NV_HEADER_SIGNATURE != (p[VB2_NV_OFFS_HEADER] & VB2_NV_HEADER_MASK)) - return VB2_ERROR_UNKNOWN; + return VB2_ERROR_NV_HEADER; /* Check CRC */ if (vb2_crc8(p, VB2_NV_OFFS_CRC) != p[VB2_NV_OFFS_CRC]) - return VB2_ERROR_UNKNOWN; + return VB2_ERROR_NV_CRC; return VB2_SUCCESS; } diff --git a/firmware/2lib/2rsa.c b/firmware/2lib/2rsa.c index e619e78b..cc39b1d6 100644 --- a/firmware/2lib/2rsa.c +++ b/firmware/2lib/2rsa.c @@ -286,7 +286,7 @@ int vb2_check_padding(uint8_t *sig, int algorithm) tail_size = sizeof(sha512_tail); break; default: - return VB2_ERROR_BAD_ALGORITHM; + return VB2_ERROR_RSA_PADDING_ALGORITHM; } /* First 2 bytes are always 0x00 0x01 */ @@ -303,7 +303,7 @@ int vb2_check_padding(uint8_t *sig, int algorithm) */ result |= vb2_safe_memcmp(sig, tail, tail_size); - return result ? VB2_ERROR_BAD_SIGNATURE : VB2_SUCCESS; + return result ? VB2_ERROR_RSA_PADDING : VB2_SUCCESS; } int vb2_verify_digest(const struct vb2_public_key *key, @@ -318,22 +318,22 @@ int vb2_verify_digest(const struct vb2_public_key *key, int rv; if (!key || !sig || !digest) - return VB2_ERROR_UNKNOWN; + return VB2_ERROR_RSA_VERIFY_PARAM; if (key->algorithm >= VB2_ALG_COUNT) { VB2_DEBUG("Invalid signature type!\n"); - return VB2_ERROR_BAD_ALGORITHM; + return VB2_ERROR_RSA_VERIFY_ALGORITHM; } /* Signature length should be same as key length */ if (key_bytes != vb2_rsa_sig_size(key->algorithm)) { VB2_DEBUG("Signature is of incorrect length!\n"); - return VB2_ERROR_BAD_SIGNATURE; + return VB2_ERROR_RSA_VERIFY_SIG_LEN; } workbuf32 = vb2_workbuf_alloc(&wblocal, 3 * key_bytes); if (!workbuf32) - return VB2_ERROR_UNKNOWN; + return VB2_ERROR_RSA_VERIFY_WORKBUF; modpowF4(key, sig, workbuf32); @@ -354,7 +354,7 @@ int vb2_verify_digest(const struct vb2_public_key *key, if (vb2_safe_memcmp(sig + pad_size, digest, key_bytes - pad_size)) { VB2_DEBUG("Digest check failed!\n"); - rv = VB2_ERROR_BAD_SIGNATURE; + rv = VB2_ERROR_RSA_VERIFY_DIGEST; } return rv; diff --git a/firmware/2lib/2secdata.c b/firmware/2lib/2secdata.c index 668bc507..2987e037 100644 --- a/firmware/2lib/2secdata.c +++ b/firmware/2lib/2secdata.c @@ -18,7 +18,7 @@ int vb2_secdata_check_crc(const struct vb2_context *ctx) /* Verify CRC */ if (sec->crc8 != vb2_crc8(sec, offsetof(struct vb2_secdata, crc8))) - return VB2_ERROR_BAD_SECDATA; + return VB2_ERROR_SECDATA_CRC; return VB2_SUCCESS; } @@ -47,7 +47,7 @@ int vb2_secdata_init(struct vb2_context *ctx) /* Data must be new enough to have a CRC */ if (sec->struct_version < 2) - return VB2_ERROR_BAD_SECDATA; + return VB2_ERROR_SECDATA_VERSION; rv = vb2_secdata_check_crc(ctx); if (rv) @@ -76,7 +76,7 @@ int vb2_secdata_get(struct vb2_context *ctx, return VB2_SUCCESS; default: - return VB2_ERROR_UNKNOWN; + return VB2_ERROR_SECDATA_GET_PARAM; } } @@ -95,7 +95,7 @@ int vb2_secdata_set(struct vb2_context *ctx, case VB2_SECDATA_FLAGS: /* Make sure flags is in valid range */ if (value > 0xff) - return VB2_ERROR_UNKNOWN; + return VB2_ERROR_SECDATA_SET_FLAGS; sec->flags = value; break; @@ -105,7 +105,7 @@ int vb2_secdata_set(struct vb2_context *ctx, break; default: - return VB2_ERROR_UNKNOWN; + return VB2_ERROR_SECDATA_SET_PARAM; } /* Regenerate CRC */ diff --git a/firmware/2lib/2sha_utility.c b/firmware/2lib/2sha_utility.c index 66e8b692..0f9adfa3 100644 --- a/firmware/2lib/2sha_utility.c +++ b/firmware/2lib/2sha_utility.c @@ -72,7 +72,7 @@ int vb2_digest_init(struct vb2_digest_context *dc, uint32_t algorithm) return VB2_SUCCESS; #endif default: - return VB2_ERROR_BAD_ALGORITHM; + return VB2_ERROR_SHA_INIT_ALGORITHM; } } @@ -97,7 +97,7 @@ int vb2_digest_extend(struct vb2_digest_context *dc, return VB2_SUCCESS; #endif default: - return VB2_ERROR_BAD_ALGORITHM; + return VB2_ERROR_SHA_EXTEND_ALGORITHM; } } @@ -106,7 +106,7 @@ int vb2_digest_finalize(struct vb2_digest_context *dc, uint32_t digest_size) { if (digest_size < vb2_digest_size(dc->algorithm)) - return VB2_ERROR_BUFFER_TOO_SMALL; + return VB2_ERROR_SHA_FINALIZE_DIGEST_SIZE; switch (vb2_hash_alg(dc->algorithm)) { #if VB2_SUPPORT_SHA1 @@ -125,6 +125,6 @@ int vb2_digest_finalize(struct vb2_digest_context *dc, return VB2_SUCCESS; #endif default: - return VB2_ERROR_BAD_ALGORITHM; + return VB2_ERROR_SHA_FINALIZE_ALGORITHM; } } diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h index 73a37b5e..28c0f91d 100644 --- a/firmware/2lib/include/2return_codes.h +++ b/firmware/2lib/include/2return_codes.h @@ -16,8 +16,93 @@ enum vb2_return_code { /* Success - no error */ VB2_SUCCESS = 0, + /* + * All vboot2 error codes start at a large offset from zero, to reduce + * the risk of overlap with other error codes (TPM, etc.). + */ + VB2_ERROR_BASE = 0x0100000, + /* Unknown / unspecified error */ - VB2_ERROR_UNKNOWN = 0x10000, + VB2_ERROR_UNKNOWN = VB2_ERROR_BASE + 1, + + /********************************************************************** + * SHA errors + */ + VB2_ERROR_SHA = VB2_ERROR_BASE + 0x010000, + + /* Bad algorithm in vb2_digest_init() */ + VB2_ERROR_SHA_INIT_ALGORITHM, + + /* Bad algorithm in vb2_digest_extend() */ + VB2_ERROR_SHA_EXTEND_ALGORITHM, + + /* Bad algorithm in vb2_digest_finalize() */ + VB2_ERROR_SHA_FINALIZE_ALGORITHM, + + /* Digest size buffer too small in vb2_digest_finalize() */ + VB2_ERROR_SHA_FINALIZE_DIGEST_SIZE, + + /********************************************************************** + * RSA errors + */ + VB2_ERROR_RSA = VB2_ERROR_BASE + 0x020000, + + /* Padding mismatch in vb2_check_padding() */ + VB2_ERROR_RSA_PADDING, + + /* Bad algorithm in vb2_check_padding() */ + VB2_ERROR_RSA_PADDING_ALGORITHM, + + /* Null param passed to vb2_verify_digest() */ + VB2_ERROR_RSA_VERIFY_PARAM, + + /* Bad algorithm in vb2_verify_digest() */ + VB2_ERROR_RSA_VERIFY_ALGORITHM, + + /* Bad signature length in vb2_verify_digest() */ + VB2_ERROR_RSA_VERIFY_SIG_LEN, + + /* Work buffer too small in vb2_verify_digest() */ + VB2_ERROR_RSA_VERIFY_WORKBUF, + + /* Digest mismatch in vb2_verify_digest() */ + VB2_ERROR_RSA_VERIFY_DIGEST, + + /********************************************************************** + * NV storage errors + */ + VB2_ERROR_NV = VB2_ERROR_BASE + 0x030000, + + /* Bad header in vb2_nv_check_crc() */ + VB2_ERROR_NV_HEADER, + + /* Bad CRC in vb2_nv_check_crc() */ + VB2_ERROR_NV_CRC, + + /********************************************************************** + * Secure data storage errors + */ + VB2_ERROR_SECDATA = VB2_ERROR_BASE + 0x040000, + + /* Bad CRC in vb2_secdata_check_crc() */ + VB2_ERROR_SECDATA_CRC, + + /* Bad struct version in vb2_secdata_init() */ + VB2_ERROR_SECDATA_VERSION, + + /* Invalid param in vb2_secdata_get() */ + VB2_ERROR_SECDATA_GET_PARAM, + + /* Invalid param in vb2_secdata_set() */ + VB2_ERROR_SECDATA_SET_PARAM, + + /* Invalid flags passed to vb2_secdata_set() */ + VB2_ERROR_SECDATA_SET_FLAGS, + + /********************************************************************** + * TODO: errors which must still be made specific + */ + VB2_ERROR_TODO = VB2_ERROR_BASE + 0xff0000, /* Work buffer too small */ VB2_ERROR_WORKBUF_TOO_SMALL, @@ -37,9 +122,6 @@ enum vb2_return_code { /* Signature check failed */ VB2_ERROR_BAD_SIGNATURE, - /* Bad secure data */ - VB2_ERROR_BAD_SECDATA, - /* Bad key */ VB2_ERROR_BAD_KEY, @@ -57,6 +139,14 @@ enum vb2_return_code { /* Bad hash tag */ VB2_ERROR_BAD_TAG, + + /********************************************************************** + * Highest non-zero error generated inside vboot library. Note that + * error codes passed through vboot when it calls external APIs may + * still be outside this range. + */ + VB2_ERROR_MAX = VB2_ERROR_BASE + 0xffffff, + }; #endif /* VBOOT_2_RETURN_CODES_H_ */ |