diff options
-rw-r--r-- | firmware/2lib/2api.c | 6 | ||||
-rw-r--r-- | firmware/2lib/2misc.c | 12 | ||||
-rw-r--r-- | firmware/2lib/include/2api.h | 15 | ||||
-rw-r--r-- | tests/vb20_verify_fw.c | 15 | ||||
-rw-r--r-- | tests/vb2_api_tests.c | 29 |
5 files changed, 50 insertions, 27 deletions
diff --git a/firmware/2lib/2api.c b/firmware/2lib/2api.c index a94f0193..f9b8bebb 100644 --- a/firmware/2lib/2api.c +++ b/firmware/2lib/2api.c @@ -226,8 +226,7 @@ vb2_error_t vb2api_fw_phase3(struct vb2_context *ctx) return VB2_SUCCESS; } -vb2_error_t vb2api_init_hash(struct vb2_context *ctx, uint32_t tag, - uint32_t *size) +vb2_error_t vb2api_init_hash(struct vb2_context *ctx, uint32_t tag) { struct vb2_shared_data *sd = vb2_get_sd(ctx); const struct vb2_fw_preamble *pre; @@ -296,9 +295,6 @@ vb2_error_t vb2api_init_hash(struct vb2_context *ctx, uint32_t tag, sd->hash_tag = tag; sd->hash_remaining_size = pre->body_signature.data_size; - if (size) - *size = pre->body_signature.data_size; - if (!(pre->flags & VB2_FIRMWARE_PREAMBLE_DISALLOW_HWCRYPTO)) { rv = vb2ex_hwcrypto_digest_init(key.hash_alg, pre->body_signature.data_size); diff --git a/firmware/2lib/2misc.c b/firmware/2lib/2misc.c index 76c780b9..1cd96929 100644 --- a/firmware/2lib/2misc.c +++ b/firmware/2lib/2misc.c @@ -14,6 +14,7 @@ #include "2sha.h" #include "2struct.h" #include "2sysincludes.h" +#include "vb2_common.h" #include "vboot_api.h" #include "vboot_struct.h" @@ -36,6 +37,17 @@ struct vb2_gbb_header *vb2_get_gbb(struct vb2_context *ctx) return (struct vb2_gbb_header *)((void *)sd + sd->gbb_offset); } +uint32_t vb2api_get_firmware_size(struct vb2_context *ctx) +{ + struct vb2_shared_data *sd = vb2_get_sd(ctx); + if (!sd->preamble_size) + return 0; + + const struct vb2_fw_preamble *pre = (const struct vb2_fw_preamble *) + vb2_member_of(sd, sd->preamble_offset); + return pre->body_signature.data_size; +} + vb2_error_t vb2_read_gbb_header(struct vb2_context *ctx, struct vb2_gbb_header *gbb) { diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h index fda1fa78..1dad47a8 100644 --- a/firmware/2lib/include/2api.h +++ b/firmware/2lib/include/2api.h @@ -602,12 +602,9 @@ vb2_error_t vb21api_fw_phase3(struct vb2_context *ctx); * * @param ctx Vboot context * @param tag Tag to start hashing (enum vb2_hash_tag) - * @param size If non-null, expected size of data for tag will be - * stored here on output. * @return VB2_SUCCESS, or error code on error. */ -vb2_error_t vb2api_init_hash(struct vb2_context *ctx, uint32_t tag, - uint32_t *size); +vb2_error_t vb2api_init_hash(struct vb2_context *ctx, uint32_t tag); /** * Same, but for new-style structs. @@ -759,6 +756,16 @@ vb2_error_t vb2api_gbb_read_hwid(struct vb2_context *ctx, char *hwid, vb2_gbb_flags_t vb2api_gbb_get_flags(struct vb2_context *ctx); /** + * Get the size of the signed firmware body. This is only legal to call after + * vb2api_fw_phase3() has returned successfully, and will return 0 otherwise. + * + * @param ctx Vboot context + * + * @return The firmware body size in bytes (or 0 if called too early). + */ +uint32_t vb2api_get_firmware_size(struct vb2_context *ctx); + +/** * Sync the Embedded Controller device to the expected version. * * This function will check if EC software sync is allowed, and if it diff --git a/tests/vb20_verify_fw.c b/tests/vb20_verify_fw.c index e7058054..4e107cf1 100644 --- a/tests/vb20_verify_fw.c +++ b/tests/vb20_verify_fw.c @@ -87,7 +87,7 @@ static void save_if_needed(struct vb2_context *c) */ static vb2_error_t hash_body(struct vb2_context *c) { - uint32_t expect_size; + uint32_t remaining; uint8_t block[8192]; uint32_t size; FILE *f; @@ -99,19 +99,20 @@ static vb2_error_t hash_body(struct vb2_context *c) return VB2_ERROR_TEST_INPUT_FILE; /* Start the body hash */ - rv = vb2api_init_hash(c, VB2_HASH_TAG_FW_BODY, &expect_size); + rv = vb2api_init_hash(c, VB2_HASH_TAG_FW_BODY); if (rv) { fclose(f); return rv; } - printf("Expect %d bytes of body...\n", expect_size); + remaining = vb2api_get_firmware_size(c); + printf("Expect %d bytes of body...\n", remaining); /* Extend over the body */ - while (expect_size) { + while (remaining) { size = sizeof(block); - if (size > expect_size) - size = expect_size; + if (size > remaining) + size = remaining; /* Read next body block */ size = fread(block, 1, size, f); @@ -125,7 +126,7 @@ static vb2_error_t hash_body(struct vb2_context *c) return rv; } - expect_size -= size; + remaining -= size; } fclose(f); diff --git a/tests/vb2_api_tests.c b/tests/vb2_api_tests.c index b3ad5fda..c2a52dbb 100644 --- a/tests/vb2_api_tests.c +++ b/tests/vb2_api_tests.c @@ -112,7 +112,7 @@ static void reset_common_data(enum reset_type t) k->algorithm = mock_algorithm; if (t == FOR_EXTEND_HASH || t == FOR_CHECK_HASH) - vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, NULL); + vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY); if (t == FOR_CHECK_HASH) vb2api_extend_hash(ctx, mock_body, mock_body_size); @@ -289,6 +289,14 @@ static void misc_tests(void) 12, "vb2api_fail request"); TEST_EQ(vb2_nv_get(ctx, VB2_NV_RECOVERY_SUBCODE), 34, "vb2api_fail subcode"); + + /* Test get_firmware_size() */ + reset_common_data(FOR_MISC); + TEST_EQ(vb2api_get_firmware_size(ctx), mock_body_size, "firmware_size"); + + reset_common_data(FOR_MISC); + sd->preamble_size = 0; + TEST_EQ(vb2api_get_firmware_size(ctx), 0, "firmware_size too early"); } static void phase1_tests(void) @@ -550,12 +558,11 @@ static void init_hash_tests(void) { struct vb2_packed_key *k; int wb_used_before; - uint32_t size; /* For now, all we support is body signature hash */ reset_common_data(FOR_MISC); wb_used_before = sd->workbuf_used; - TEST_SUCC(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, &size), + TEST_SUCC(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY), "init hash good"); TEST_EQ(sd->hash_offset, wb_used_before, "hash context offset"); TEST_EQ(sd->hash_size, sizeof(struct vb2_digest_context), @@ -567,43 +574,43 @@ static void init_hash_tests(void) TEST_EQ(sd->hash_remaining_size, mock_body_size, "hash remaining"); wb_used_before = sd->workbuf_used; - TEST_SUCC(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, NULL), + TEST_SUCC(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY), "init hash again"); TEST_EQ(sd->workbuf_used, wb_used_before, "init hash reuses context"); reset_common_data(FOR_MISC); - TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_INVALID, &size), + TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_INVALID), VB2_ERROR_API_INIT_HASH_TAG, "init hash invalid tag"); reset_common_data(FOR_MISC); sd->preamble_size = 0; - TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, &size), + TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY), VB2_ERROR_API_INIT_HASH_PREAMBLE, "init hash preamble"); reset_common_data(FOR_MISC); - TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY + 1, &size), + TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY + 1), VB2_ERROR_API_INIT_HASH_TAG, "init hash unknown tag"); reset_common_data(FOR_MISC); sd->workbuf_used = sd->workbuf_size + VB2_WORKBUF_ALIGN - vb2_wb_round_up(sizeof(struct vb2_digest_context)); - TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, &size), + TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY), VB2_ERROR_API_INIT_HASH_WORKBUF, "init hash workbuf"); reset_common_data(FOR_MISC); sd->data_key_size = 0; - TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, &size), + TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY), VB2_ERROR_API_INIT_HASH_DATA_KEY, "init hash data key"); reset_common_data(FOR_MISC); sd->data_key_size--; - TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, &size), + TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY), VB2_ERROR_UNPACK_KEY_SIZE, "init hash data key size"); reset_common_data(FOR_MISC); k = vb2_member_of(sd, sd->data_key_offset); k->algorithm--; - TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, &size), + TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY), VB2_ERROR_SHA_INIT_ALGORITHM, "init hash algorithm"); } |