diff options
| -rw-r--r-- | Makefile | 8 | ||||
| -rw-r--r-- | README | 44 | ||||
| -rw-r--r-- | cgptlib/tests/Makefile | 2 | ||||
| -rw-r--r-- | common/Makefile | 18 | ||||
| -rw-r--r-- | cryptolib/Makefile | 23 | ||||
| -rw-r--r-- | misclibs/Makefile | 2 | ||||
| -rw-r--r-- | tests/Makefile | 18 | ||||
| -rw-r--r-- | utility/Makefile | 26 | ||||
| -rw-r--r-- | utility/cgpt/Makefile | 3 | ||||
| -rw-r--r-- | vboot_firmware/Makefile | 44 | ||||
| -rw-r--r-- | vboot_firmware/README | 6 | ||||
| -rw-r--r-- | vboot_firmware/include/boot_device.h (renamed from common/include/boot_device.h) | 0 | ||||
| -rw-r--r-- | vboot_firmware/include/firmware_image_fw.h (renamed from vfirmware/include/firmware_image_fw.h) | 0 | ||||
| -rw-r--r-- | vboot_firmware/include/kernel_image_fw.h (renamed from vkernel/include/kernel_image_fw.h) | 0 | ||||
| -rw-r--r-- | vboot_firmware/include/load_kernel_fw.h (renamed from fwapi/include/load_kernel_fw.h) | 2 | ||||
| -rw-r--r-- | vboot_firmware/include/rollback_index.h (renamed from common/include/rollback_index.h) | 0 | ||||
| -rw-r--r-- | vboot_firmware/include/tlcl.h (renamed from common/include/tlcl.h) | 0 | ||||
| -rw-r--r-- | vboot_firmware/include/utility.h (renamed from common/include/utility.h) | 0 | ||||
| -rw-r--r-- | vboot_firmware/lib/cryptolib/README | 3 | ||||
| -rw-r--r-- | vboot_firmware/lib/cryptolib/include/cryptolib.h (renamed from cryptolib/include/cryptolib.h) | 0 | ||||
| -rw-r--r-- | vboot_firmware/lib/cryptolib/include/padding.h (renamed from cryptolib/include/padding.h) | 0 | ||||
| -rw-r--r-- | vboot_firmware/lib/cryptolib/include/rsa.h (renamed from cryptolib/include/rsa.h) | 0 | ||||
| -rw-r--r-- | vboot_firmware/lib/cryptolib/include/sha.h (renamed from cryptolib/include/sha.h) | 0 | ||||
| -rw-r--r-- | vboot_firmware/lib/cryptolib/padding.c (renamed from cryptolib/padding.c) | 0 | ||||
| -rw-r--r-- | vboot_firmware/lib/cryptolib/rsa.c (renamed from cryptolib/rsa.c) | 0 | ||||
| -rw-r--r-- | vboot_firmware/lib/cryptolib/rsa_utility.c (renamed from cryptolib/rsa_utility.c) | 0 | ||||
| -rw-r--r-- | vboot_firmware/lib/cryptolib/sha1.c (renamed from cryptolib/sha1.c) | 0 | ||||
| -rw-r--r-- | vboot_firmware/lib/cryptolib/sha2.c (renamed from cryptolib/sha2.c) | 0 | ||||
| -rw-r--r-- | vboot_firmware/lib/cryptolib/sha_utility.c (renamed from cryptolib/sha_utility.c) | 0 | ||||
| -rw-r--r-- | vboot_firmware/lib/firmware_image_fw.c (renamed from vfirmware/firmware_image_fw.c) | 0 | ||||
| -rw-r--r-- | vboot_firmware/lib/include/tss_constants.h (renamed from common/include/tss_constants.h) | 0 | ||||
| -rw-r--r-- | vboot_firmware/lib/kernel_image_fw.c (renamed from vkernel/kernel_image_fw.c) | 0 | ||||
| -rw-r--r-- | vboot_firmware/lib/rollback_index.c (renamed from common/rollback_index.c) | 0 | ||||
| -rw-r--r-- | vboot_firmware/lib/tlcl.c (renamed from common/tlcl_stub.c) | 0 | ||||
| -rw-r--r-- | vboot_firmware/linktest/main.c | 55 | ||||
| -rw-r--r-- | vboot_firmware/stub/boot_device_stub.c (renamed from common/boot_device_stub.c) | 0 | ||||
| -rw-r--r-- | vboot_firmware/stub/utility_stub.c (renamed from common/utility_stub.c) | 0 | ||||
| -rw-r--r-- | vfirmware/Makefile | 4 | ||||
| -rw-r--r-- | vkernel/Makefile | 4 |
39 files changed, 146 insertions, 116 deletions
@@ -5,13 +5,15 @@ export CC ?= gcc export CFLAGS = -Wall -DNDEBUG -O3 -Werror export TOP = $(shell pwd) +export FWDIR=$(TOP)/vboot_firmware export INCLUDES = \ - -I$(TOP)/common/include \ - -I$(TOP)/cryptolib/include \ + -I$(FWDIR)/include \ -I$(TOP)/misclibs/include \ -I$(TOP)/cgptlib -SUBDIRS=common cgptlib cryptolib misclibs vfirmware vkernel utility tests +export FWLIB=$(FWDIR)/vboot_fw.a + +SUBDIRS=vboot_firmware cgptlib misclibs vfirmware vkernel utility tests all: set -e; \ @@ -7,26 +7,21 @@ Directory Structure The source is organized into distinct modules - -cryptolib/ - Contains the implementation for the crypto library. This -includes implementations for SHA1, SHA256, SHA512, and RSA signature -verification (for PKCS #1 v1.5 signatures). +vboot_firmware/ - Contains ONLY the code required by the BIOS to validate +the secure boot components. There shouldn't be any code in here that signs +or generates images. BIOS should require ONLY this directory to implement +secure boot. Refer to vboot_firmware/README for futher details. -common/ - Utility functions and stub implementations for wrapper -functions used in the verification code. These stub implementations -will need to be replaced with appropriate firmware equivalents. +cgptlib/ - Work in progress for handling GPT headers. Parts of this will no +doubt be migrated into vboot_firmware/ misclibs/ - Miscellaneous functions used by userland utilities. utility/ - Utilities for generating and verifying signed firmware and kernel images, as well as arbitrary blobs. -vfirmware/ and vkernel/ - The main firmware and kernel image -verification modules. It has functions for verifying and manipulating -signed firmware and kernel images. The main files of interest are: - vfirmware/firmware_image_fw.c (verification Functions used in Firmware) - vfirmware/firmware_image.c (functions for userland tools) - vkernel/kernel_image_fw.c (verification functions used in Firmware) - vkernel/kernel_image.c (functions for userland tools) +vfirmware/ and vkernel/ - Functions for generating, verifying, and +manipulating signed firmware and kernel images. tests/ - User-land tests and benchmarks that test the reference implementation. Please have a look at these if you'd like to @@ -49,29 +44,6 @@ dumpRSAPublicKey.c Dump RSA Public key (from a DER-encoded X509 verify_data.c Verify a given signature on a given file. ----------- -What is required for a minimal verified boot implementation ----------- - -1) cryptolib/ - as a separate module since it will be used by others -parts of the verified boot process. - -2) common/ - this contains the interface for dealing with memory allocation -and interacting with the TPM. The stubs will need to be replaced with their -firmware-level equivalents. - -3) Verified Firmware and Kernel image verification - This is the core -of the verified boot implementation. They are implemented under vfirmware -and vkernel (for firmware and kernel image verification respectively). - -firmware_image_fw.c and kernel_image_fw.c : Contain verification logic - used in the firmware. Needed. - -firmware_image.c and kernel_image.c : High level functions used by userland - tools. NOT needed in the firmware. - -cryptolib/, common/, vfirmware/firmware_image_fw.c are part of the RO firmware. -vkernel/kernel_image_fw.c is part of the RW firmware (it verifies the OS kernel). ---------- Generating a signed firmware image: diff --git a/cgptlib/tests/Makefile b/cgptlib/tests/Makefile index ecd166c1..ca2a170c 100644 --- a/cgptlib/tests/Makefile +++ b/cgptlib/tests/Makefile @@ -4,7 +4,7 @@ TOP ?= ../../ CFLAGS += -Wall -DNDEBUG -Werror -ansi -LIBS = $(TOP)/cgptlib/libcgpt.a $(TOP)/common/libcommon.a +LIBS = $(TOP)/cgptlib/libcgpt.a $(FWLIB) OBJS = cgptlib_test.o quick_sort_test.o crc32_test.o OUT = cgptlib_test diff --git a/common/Makefile b/common/Makefile deleted file mode 100644 index fa52657e..00000000 --- a/common/Makefile +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. -# Use of this source code is governed by a BSD-style license that can be -# found in the LICENSE file. - -SRCS = boot_device_stub.c rollback_index.c tlcl_stub.c utility_stub.c -OBJS = $(SRCS:.c=.o) -INCLUDES += -I./include/ - -all: libcommon.a - -libcommon.a: $(OBJS) - ar rs $@ $^ - -.c.o: $(OBJS) - $(CC) $(CFLAGS) $(INCLUDES) -c $< -o $@ - -clean: - rm -f $(OBJS) libcommon.a diff --git a/cryptolib/Makefile b/cryptolib/Makefile deleted file mode 100644 index 4c337eb6..00000000 --- a/cryptolib/Makefile +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. -# Use of this source code is governed by a BSD-style license that can be -# found in the LICENSE file. - -TOP ?= ../ -SRCS = rsa.c sha1.c sha2.c padding.c rsa_utility.c sha_utility.c -OBJS = $(SRCS:.c=.o) -CFLAGS += -DUNROLL_LOOPS -DHAVE_ENDIAN_H -DHAVE_LITTLE_ENDIAN -DNDEBUG -INCLUDES += -I./include/ -I$(TOP)/common/include/ - -all: libcrypto.a - -libcrypto.a: $(OBJS) - ar rs libcrypto.a $(OBJS) - -padding.c: $(TOP)/scripts/genpadding.sh - $(TOP)/scripts/genpadding.sh >$@ - -.c.o: $(OBJS) - $(CC) $(CFLAGS) -ansi $(INCLUDES) -c $< -o $@ - -clean: - rm -f $(OBJS) libcrypto.a diff --git a/misclibs/Makefile b/misclibs/Makefile index 5aba67e8..261158b0 100644 --- a/misclibs/Makefile +++ b/misclibs/Makefile @@ -6,7 +6,7 @@ TOP ?= ../ CC ?= gcc INCLUDES += -I./include \ -I$(TOP)/common/include \ - -I$(TOP)/cryptolib/include \ + -I$(TOP)/vboot_firmware/lib/cryptolib/include \ -I$(TOP)/vfirmware/include \ -I$(TOP)/vkernel/include diff --git a/tests/Makefile b/tests/Makefile index 80a7c6a7..3b26005c 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -6,18 +6,14 @@ TOP ?= ../ CC ?= gcc CFLAGS ?= -Wall -DNDEBUG -O3 -Werror INCLUDES += -I./include \ - -I../cryptolib/include \ - -I../common/include \ + -I$(FWDIR)/lib/cryptolib/include \ -I../misclibs/include \ -I../vfirmware/include\ -I../vkernel/include -BASE_LIBS = $(TOP)/cryptolib/libcrypto.a $(TOP)/common/libcommon.a IMAGE_LIBS = $(TOP)/vfirmware/firmware_image.o \ - $(TOP)/vfirmware/firmware_image_fw.o \ - $(TOP)/vkernel/kernel_image.o \ - $(TOP)/vkernel/kernel_image_fw.o + $(TOP)/vkernel/kernel_image.o UTIL_LIBS = $(TOP)/misclibs/file_keys.o $(TOP)/misclibs/signature_digest.o -LIBS = $(IMAGE_LIBS) $(UTIL_LIBS) -lcrypto $(BASE_LIBS) +LIBS = $(IMAGE_LIBS) $(UTIL_LIBS) $(FWLIB) -lcrypto TEST_BINS = big_firmware_tests \ big_kernel_tests \ @@ -75,18 +71,18 @@ kernel_verify_benchmark: kernel_verify_benchmark.c timer_utils.c \ $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ -lrt $(LIBS) rsa_padding_test: rsa_padding_test.c - $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ $(UTIL_LIBS) $(BASE_LIBS) \ + $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ $(UTIL_LIBS) $(FWLIB) \ -lcrypto rsa_verify_benchmark: rsa_verify_benchmark.c timer_utils.c - $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ -lrt $(UTIL_LIBS) $(BASE_LIBS) \ + $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ -lrt $(UTIL_LIBS) $(FWLIB) \ -lcrypto sha_benchmark: sha_benchmark.c timer_utils.c - $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ -lrt $(BASE_LIBS) + $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ -lrt $(FWLIB) sha_tests: sha_tests.c - $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ $(BASE_LIBS) + $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ $(FWLIB) verify_firmware_fuzz_driver: verify_firmware_fuzz_driver.c \ rollback_index_mock.c diff --git a/utility/Makefile b/utility/Makefile index 86bd35d5..78b967ad 100644 --- a/utility/Makefile +++ b/utility/Makefile @@ -6,8 +6,7 @@ TOP ?= ../ CC ?= gcc CXX ?= g++ INCLUDES += -I./include \ - -I../cryptolib/include \ - -I../common/include \ + -I$(FWDIR)/lib/cryptolib/include \ -I../misclibs/include \ -I../vfirmware/include\ -I../vkernel/include @@ -15,10 +14,7 @@ CFLAGS ?= -Wall -DNDEBUG -O3 -Werror $(INCLUDES) LIBS = $(TOP)/misclibs/file_keys.o \ $(TOP)/misclibs/signature_digest.o \ $(TOP)/vfirmware/firmware_image.o \ - $(TOP)/vfirmware/firmware_image_fw.o \ - $(TOP)/vkernel/kernel_image.o \ - $(TOP)/vkernel/kernel_image_fw.o -FIRMWARELIBS = $(TOP)/cryptolib/libcrypto.a $(TOP)/common/libcommon.a + $(TOP)/vkernel/kernel_image.o SUBDIRS = cgpt TARGET_BINS = dumpRSAPublicKey \ @@ -39,21 +35,19 @@ subdirs: dumpRSAPublicKey: dumpRSAPublicKey.c $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ -lcrypto -firmware_utility: firmware_utility.cc $(LIBS) $(FIRMWARELIBS) +firmware_utility: firmware_utility.cc $(LIBS) $(FWLIB) $(CXX) $(CFLAGS) $(INCLUDES) -ggdb -D__STDC_LIMIT_MACROS $< \ - -o $@ $(FIRMWARELIBS) $(LIBS) $(TOP)/common/libcommon.a \ - -lcrypto + -o $@ $(LIBS) $(FWLIB) -lcrypto -kernel_utility: kernel_utility.cc $(LIBS) $(FIRMWARELIBS) +kernel_utility: kernel_utility.cc $(LIBS) $(FWLIB) $(CXX) $(CFLAGS) $(INCLUDES) -ggdb -D__STDC_LIMIT_MACROS $< \ - -o $@ $(FIRMWARELIBS) $(LIBS) $(TOP)/common/libcommon.a \ - -lcrypto + -o $@ $(LIBS) $(FWLIB) -lcrypto -signature_digest_utility: signature_digest_utility.c $(LIBS) $(FIRMWARELIBS) - $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) $(FIRMWARELIBS) -lcrypto +signature_digest_utility: signature_digest_utility.c $(LIBS) $(FWLIB) + $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) $(FWLIB) -lcrypto -verify_data: verify_data.c $(LIBS) $(FIRMWARELIBS) - $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) $(FIRMWARELIBS) -lcrypto +verify_data: verify_data.c $(LIBS) $(FWLIB) + $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) $(FWLIB) -lcrypto clean: set -e; \ diff --git a/utility/cgpt/Makefile b/utility/cgpt/Makefile index cc3221c6..e678c03e 100644 --- a/utility/cgpt/Makefile +++ b/utility/cgpt/Makefile @@ -6,8 +6,7 @@ TOP ?= ../../ CC ?= cc INCLUDES += -I$(TOP)/common/include CFLAGS += -Wall -Werror -ggdb -LIBS += $(TOP)/common/libcommon.a \ - $(TOP)/cgptlib/libcgpt.a +LIBS += $(TOP)/cgptlib/libcgpt.a $(FWLIB) all: cgpt diff --git a/vboot_firmware/Makefile b/vboot_firmware/Makefile new file mode 100644 index 00000000..16669f50 --- /dev/null +++ b/vboot_firmware/Makefile @@ -0,0 +1,44 @@ +# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +LIBNAME = vboot_fw.a + +CC ?= gcc +CFLAGS = -Wall -DNDEBUG -O3 -Werror + +FWTOP := $(shell pwd) +LIBDIR = $(FWTOP)/lib +STUBDIR = $(FWTOP)/stub +TESTDIR = $(FWTOP)/linktest + +INC = \ + -I$(FWTOP)/include \ + -I$(LIBDIR)/include \ + -I$(LIBDIR)/cryptolib/include + + +LIB_SRCS := $(shell find $(LIBDIR) -iname '*.c') +LIB_OBJS := $(LIB_SRCS:%.c=%.o) + +STUB_SRCS := $(shell find $(STUBDIR) -iname '*.c') +STUB_OBJS := $(STUB_SRCS:%.c=%.o) + + +test : $(LIBNAME) + $(CC) $(CFLAGS) $(INC) -o $(TESTDIR)/a.out $(TESTDIR)/main.c $(LIBNAME) + +$(LIBNAME) : $(LIB_OBJS) $(STUB_OBJS) + rm -f $@ + ar qc $@ $^ + +%o : %c + $(CC) $(CFLAGS) $(INC) -c -o $@ $< + +clean: FORCE + rm -f $(LIBNAME) $(LIB_OBJS) $(STUB_OBJS) $(TESTDIR)/a.out + +FORCE: + + +.PHONY: FORCE diff --git a/vboot_firmware/README b/vboot_firmware/README new file mode 100644 index 00000000..2b0bff50 --- /dev/null +++ b/vboot_firmware/README @@ -0,0 +1,6 @@ + +lib/ is stuff that the BIOS needs to link with. + +stub/ is stuff to be implemented by the BIOS. + +include/ describes the interfaces between the two parts. diff --git a/common/include/boot_device.h b/vboot_firmware/include/boot_device.h index 47c834f6..47c834f6 100644 --- a/common/include/boot_device.h +++ b/vboot_firmware/include/boot_device.h diff --git a/vfirmware/include/firmware_image_fw.h b/vboot_firmware/include/firmware_image_fw.h index 8cba176c..8cba176c 100644 --- a/vfirmware/include/firmware_image_fw.h +++ b/vboot_firmware/include/firmware_image_fw.h diff --git a/vkernel/include/kernel_image_fw.h b/vboot_firmware/include/kernel_image_fw.h index 3e00ec27..3e00ec27 100644 --- a/vkernel/include/kernel_image_fw.h +++ b/vboot_firmware/include/kernel_image_fw.h diff --git a/fwapi/include/load_kernel_fw.h b/vboot_firmware/include/load_kernel_fw.h index 0c7f1bf8..1c7ed071 100644 --- a/fwapi/include/load_kernel_fw.h +++ b/vboot_firmware/include/load_kernel_fw.h @@ -38,7 +38,7 @@ typedef struct LoadKernelParams { uint64_t bootloader_size; /* Size of bootloader image in bytes */ } LoadKernelParams; -uintn_t LoadKernel(LoadKernelParams* params); +uint64_t LoadKernel(LoadKernelParams* params); /* Attempts to load the kernel from the current device. * * Returns LOAD_KERNEL_SUCCESS if successful, error code on failure. */ diff --git a/common/include/rollback_index.h b/vboot_firmware/include/rollback_index.h index d4e47ac8..d4e47ac8 100644 --- a/common/include/rollback_index.h +++ b/vboot_firmware/include/rollback_index.h diff --git a/common/include/tlcl.h b/vboot_firmware/include/tlcl.h index 362b61e1..362b61e1 100644 --- a/common/include/tlcl.h +++ b/vboot_firmware/include/tlcl.h diff --git a/common/include/utility.h b/vboot_firmware/include/utility.h index a5df8fa6..a5df8fa6 100644 --- a/common/include/utility.h +++ b/vboot_firmware/include/utility.h diff --git a/vboot_firmware/lib/cryptolib/README b/vboot_firmware/lib/cryptolib/README new file mode 100644 index 00000000..e576bb7b --- /dev/null +++ b/vboot_firmware/lib/cryptolib/README @@ -0,0 +1,3 @@ +This contains the implementation for the crypto library. This includes +implementations for SHA1, SHA256, SHA512, and RSA signature verification +(for PKCS #1 v1.5 signatures). diff --git a/cryptolib/include/cryptolib.h b/vboot_firmware/lib/cryptolib/include/cryptolib.h index b65a71db..b65a71db 100644 --- a/cryptolib/include/cryptolib.h +++ b/vboot_firmware/lib/cryptolib/include/cryptolib.h diff --git a/cryptolib/include/padding.h b/vboot_firmware/lib/cryptolib/include/padding.h index 8d8fc95f..8d8fc95f 100644 --- a/cryptolib/include/padding.h +++ b/vboot_firmware/lib/cryptolib/include/padding.h diff --git a/cryptolib/include/rsa.h b/vboot_firmware/lib/cryptolib/include/rsa.h index 1a458037..1a458037 100644 --- a/cryptolib/include/rsa.h +++ b/vboot_firmware/lib/cryptolib/include/rsa.h diff --git a/cryptolib/include/sha.h b/vboot_firmware/lib/cryptolib/include/sha.h index 16868942..16868942 100644 --- a/cryptolib/include/sha.h +++ b/vboot_firmware/lib/cryptolib/include/sha.h diff --git a/cryptolib/padding.c b/vboot_firmware/lib/cryptolib/padding.c index 14d94458..14d94458 100644 --- a/cryptolib/padding.c +++ b/vboot_firmware/lib/cryptolib/padding.c diff --git a/cryptolib/rsa.c b/vboot_firmware/lib/cryptolib/rsa.c index bfc64469..bfc64469 100644 --- a/cryptolib/rsa.c +++ b/vboot_firmware/lib/cryptolib/rsa.c diff --git a/cryptolib/rsa_utility.c b/vboot_firmware/lib/cryptolib/rsa_utility.c index bf322844..bf322844 100644 --- a/cryptolib/rsa_utility.c +++ b/vboot_firmware/lib/cryptolib/rsa_utility.c diff --git a/cryptolib/sha1.c b/vboot_firmware/lib/cryptolib/sha1.c index 41b729b1..41b729b1 100644 --- a/cryptolib/sha1.c +++ b/vboot_firmware/lib/cryptolib/sha1.c diff --git a/cryptolib/sha2.c b/vboot_firmware/lib/cryptolib/sha2.c index 7f476567..7f476567 100644 --- a/cryptolib/sha2.c +++ b/vboot_firmware/lib/cryptolib/sha2.c diff --git a/cryptolib/sha_utility.c b/vboot_firmware/lib/cryptolib/sha_utility.c index 4e266f7c..4e266f7c 100644 --- a/cryptolib/sha_utility.c +++ b/vboot_firmware/lib/cryptolib/sha_utility.c diff --git a/vfirmware/firmware_image_fw.c b/vboot_firmware/lib/firmware_image_fw.c index 85b4d352..85b4d352 100644 --- a/vfirmware/firmware_image_fw.c +++ b/vboot_firmware/lib/firmware_image_fw.c diff --git a/common/include/tss_constants.h b/vboot_firmware/lib/include/tss_constants.h index 523f075e..523f075e 100644 --- a/common/include/tss_constants.h +++ b/vboot_firmware/lib/include/tss_constants.h diff --git a/vkernel/kernel_image_fw.c b/vboot_firmware/lib/kernel_image_fw.c index 23111e93..23111e93 100644 --- a/vkernel/kernel_image_fw.c +++ b/vboot_firmware/lib/kernel_image_fw.c diff --git a/common/rollback_index.c b/vboot_firmware/lib/rollback_index.c index 2d7fd8e8..2d7fd8e8 100644 --- a/common/rollback_index.c +++ b/vboot_firmware/lib/rollback_index.c diff --git a/common/tlcl_stub.c b/vboot_firmware/lib/tlcl.c index ff59e23a..ff59e23a 100644 --- a/common/tlcl_stub.c +++ b/vboot_firmware/lib/tlcl.c diff --git a/vboot_firmware/linktest/main.c b/vboot_firmware/linktest/main.c new file mode 100644 index 00000000..e2eb4d13 --- /dev/null +++ b/vboot_firmware/linktest/main.c @@ -0,0 +1,55 @@ +#include <stdio.h> + +#include "firmware_image_fw.h" +#include "kernel_image_fw.h" +#include "load_kernel_fw.h" +#include "rollback_index.h" +#include "tlcl.h" + +int main(void) +{ + + // firmware_image_fw.h + VerifyFirmwareHeader(0, 0, 0, 0); + VerifyFirmwarePreamble(0, 0, 0, 0); + VerifyFirmwareData(0, 0, 0, 0, 0); + VerifyFirmware(0, 0, 0); + GetLogicalFirmwareVersion(0); + VerifyFirmwareDriver_f(0, 0, 0, 0, 0); + + // kernel_image_fw.h + VerifyKernelHeader(0, 0, 0, 0, 0, 0); + VerifyKernelConfig(0, 0, 0, 0); + VerifyKernelData(0, 0, 0, 0, 0); + VerifyKernel(0, 0, 0); + GetLogicalKernelVersion(0); + VerifyKernelDriver_f(0, 0, 0, 0); + + // load_kernel_fw.h + // FIXME: LoadKernel(0); + + // rollback_index.h + SetupTPM(); + GetStoredVersion(0); + WriteStoredVersion(0, 0); + LockStoredVersion(0); + + // tlcl.h + TlclLibinit(); + TlclStartup(); + TlclSelftestfull(); + TlclDefineSpace(0, 0, 0); + TlclWrite(0, 0, 0); + TlclRead(0, 0, 0); + TlclWriteLock(0); + TlclReadLock(0); + TlclAssertPhysicalPresence(); + TlclSetNvLocked(); + TlclIsOwned(); + TlclForceClear(); + TlclPhysicalEnable(); + TlclPhysicalSetDeactivated(0); + TlclGetFlags(0, 0); + + return 0; +} diff --git a/common/boot_device_stub.c b/vboot_firmware/stub/boot_device_stub.c index c7bb86f5..c7bb86f5 100644 --- a/common/boot_device_stub.c +++ b/vboot_firmware/stub/boot_device_stub.c diff --git a/common/utility_stub.c b/vboot_firmware/stub/utility_stub.c index 66132703..66132703 100644 --- a/common/utility_stub.c +++ b/vboot_firmware/stub/utility_stub.c diff --git a/vfirmware/Makefile b/vfirmware/Makefile index a915c316..be90dd5e 100644 --- a/vfirmware/Makefile +++ b/vfirmware/Makefile @@ -4,11 +4,11 @@ CC ?= gcc INCLUDES += -I./include \ - -I../cryptolib/include \ + -I$(FWDIR)/lib/cryptolib/include \ -I../common/include \ -I../misclibs/include CFLAGS ?= -Wall -DNDEBUG -O3 -Werror -FIRMWARE_OUT = firmware_image_fw.o firmware_image.o +FIRMWARE_OUT = firmware_image.o all: $(FIRMWARE_OUT) diff --git a/vkernel/Makefile b/vkernel/Makefile index fa69fc9e..f7dfd359 100644 --- a/vkernel/Makefile +++ b/vkernel/Makefile @@ -4,11 +4,11 @@ CC ?= gcc INCLUDES += -I./include \ - -I../cryptolib/include \ + -I$(FWDIR)/lib/cryptolib/include \ -I../common/include \ -I../misclibs/include CFLAGS ?= -Wall -DNDEBUG -O3 -Werror -KERNEL_OUT = kernel_image_fw.o kernel_image.o +KERNEL_OUT = kernel_image.o all: $(KERNEL_OUT) |