diff options
Diffstat (limited to 'firmware/lib20/kernel.c')
-rw-r--r-- | firmware/lib20/kernel.c | 180 |
1 files changed, 0 insertions, 180 deletions
diff --git a/firmware/lib20/kernel.c b/firmware/lib20/kernel.c index b3a24367..81ded659 100644 --- a/firmware/lib20/kernel.c +++ b/firmware/lib20/kernel.c @@ -12,7 +12,6 @@ #include "2secdata.h" #include "2sha.h" #include "2sysincludes.h" -#include "vb2_common.h" /** * Returns non-zero if the kernel needs to have a valid signature, instead of @@ -35,49 +34,6 @@ static int vb2_need_signed_kernel(struct vb2_context *ctx) return 0; } -test_mockable -vb2_error_t vb2_verify_keyblock_hash(const struct vb2_keyblock *block, - uint32_t size, - const struct vb2_workbuf *wb) -{ - const struct vb2_signature *sig = &block->keyblock_hash; - struct vb2_workbuf wblocal = *wb; - struct vb2_digest_context *dc; - uint8_t *digest; - uint32_t digest_size; - - /* Validity check keyblock before attempting hash check of data */ - VB2_TRY(vb2_check_keyblock(block, size, sig)); - - VB2_DEBUG("Checking keyblock hash...\n"); - - /* Digest goes at start of work buffer */ - digest_size = vb2_digest_size(VB2_HASH_SHA512); - digest = vb2_workbuf_alloc(&wblocal, digest_size); - if (!digest) - return VB2_ERROR_VDATA_WORKBUF_DIGEST; - - /* Hashing requires temp space for the context */ - dc = vb2_workbuf_alloc(&wblocal, sizeof(*dc)); - if (!dc) - return VB2_ERROR_VDATA_WORKBUF_HASHING; - - VB2_TRY(vb2_digest_init(dc, VB2_HASH_SHA512)); - - VB2_TRY(vb2_digest_extend(dc, (const uint8_t *)block, sig->data_size)); - - VB2_TRY(vb2_digest_finalize(dc, digest, digest_size)); - - if (vb2_safe_memcmp(vb2_signature_data(sig), digest, - digest_size) != 0) { - VB2_DEBUG("Invalid keyblock hash.\n"); - return VB2_ERROR_KEYBLOCK_HASH_INVALID_IN_DEV_MODE; - } - - /* Success */ - return VB2_SUCCESS; -} - vb2_error_t vb2_load_kernel_keyblock(struct vb2_context *ctx) { struct vb2_shared_data *sd = vb2_get_sd(ctx); @@ -223,115 +179,6 @@ vb2_error_t vb2_load_kernel_keyblock(struct vb2_context *ctx) return VB2_SUCCESS; } -test_mockable -vb2_error_t vb2_verify_kernel_preamble(struct vb2_kernel_preamble *preamble, - uint32_t size, - const struct vb2_public_key *key, - const struct vb2_workbuf *wb) -{ - struct vb2_signature *sig = &preamble->preamble_signature; - uint32_t min_size = EXPECTED_VB2_KERNEL_PREAMBLE_2_0_SIZE; - - VB2_DEBUG("Verifying kernel preamble.\n"); - - /* Make sure it's even safe to look at the struct */ - if(size < min_size) { - VB2_DEBUG("Not enough data for preamble header.\n"); - return VB2_ERROR_PREAMBLE_TOO_SMALL_FOR_HEADER; - } - if (preamble->header_version_major != - VB2_KERNEL_PREAMBLE_HEADER_VERSION_MAJOR) { - VB2_DEBUG("Incompatible kernel preamble header version.\n"); - return VB2_ERROR_PREAMBLE_HEADER_VERSION; - } - - if (preamble->header_version_minor >= 2) - min_size = EXPECTED_VB2_KERNEL_PREAMBLE_2_2_SIZE; - else if (preamble->header_version_minor == 1) - min_size = EXPECTED_VB2_KERNEL_PREAMBLE_2_1_SIZE; - if(preamble->preamble_size < min_size) { - VB2_DEBUG("Preamble size too small for header.\n"); - return VB2_ERROR_PREAMBLE_TOO_SMALL_FOR_HEADER; - } - if (size < preamble->preamble_size) { - VB2_DEBUG("Not enough data for preamble.\n"); - return VB2_ERROR_PREAMBLE_SIZE; - } - - /* Check signature */ - if (vb2_verify_signature_inside(preamble, preamble->preamble_size, - sig)) { - VB2_DEBUG("Preamble signature off end of preamble\n"); - return VB2_ERROR_PREAMBLE_SIG_OUTSIDE; - } - - /* Make sure advertised signature data sizes are valid. */ - if (preamble->preamble_size < sig->data_size) { - VB2_DEBUG("Signature calculated past end of the block\n"); - return VB2_ERROR_PREAMBLE_SIGNED_TOO_MUCH; - } - - if (vb2_verify_data((const uint8_t *)preamble, size, sig, key, wb)) { - VB2_DEBUG("Preamble signature validation failed\n"); - return VB2_ERROR_PREAMBLE_SIG_INVALID; - } - - /* Verify we signed enough data */ - if (sig->data_size < sizeof(struct vb2_fw_preamble)) { - VB2_DEBUG("Didn't sign enough data\n"); - return VB2_ERROR_PREAMBLE_SIGNED_TOO_LITTLE; - } - - /* Verify body signature is inside the signed data */ - if (vb2_verify_signature_inside(preamble, sig->data_size, - &preamble->body_signature)) { - VB2_DEBUG("Body signature off end of preamble\n"); - return VB2_ERROR_PREAMBLE_BODY_SIG_OUTSIDE; - } - - /* - * If bootloader is present, verify it's covered by the body - * signature. - */ - if (preamble->bootloader_size) { - const void *body_ptr = - (const void *)(uintptr_t)preamble->body_load_address; - const void *bootloader_ptr = - (const void *)(uintptr_t)preamble->bootloader_address; - if (vb2_verify_member_inside(body_ptr, - preamble->body_signature.data_size, - bootloader_ptr, - preamble->bootloader_size, - 0, 0)) { - VB2_DEBUG("Bootloader off end of signed data\n"); - return VB2_ERROR_PREAMBLE_BOOTLOADER_OUTSIDE; - } - } - - /* - * If vmlinuz header is present, verify it's covered by the body - * signature. - */ - if (preamble->header_version_minor >= 1 && - preamble->vmlinuz_header_size) { - const void *body_ptr = - (const void *)(uintptr_t)preamble->body_load_address; - const void *vmlinuz_header_ptr = (const void *) - (uintptr_t)preamble->vmlinuz_header_address; - if (vb2_verify_member_inside(body_ptr, - preamble->body_signature.data_size, - vmlinuz_header_ptr, - preamble->vmlinuz_header_size, - 0, 0)) { - VB2_DEBUG("Vmlinuz header off end of signed data\n"); - return VB2_ERROR_PREAMBLE_VMLINUZ_HEADER_OUTSIDE; - } - } - - /* Success */ - return VB2_SUCCESS; -} - vb2_error_t vb2_load_kernel_preamble(struct vb2_context *ctx) { struct vb2_shared_data *sd = vb2_get_sd(ctx); @@ -421,30 +268,3 @@ vb2_error_t vb2_load_kernel_preamble(struct vb2_context *ctx) return VB2_SUCCESS; } - -void vb2_kernel_get_vmlinuz_header(const struct vb2_kernel_preamble *preamble, - uint64_t *vmlinuz_header_address, - uint32_t *vmlinuz_header_size) -{ - if (preamble->header_version_minor < 1) { - *vmlinuz_header_address = 0; - *vmlinuz_header_size = 0; - } else { - /* - * Set header and size only if the preamble header version is > - * 2.1 as they don't exist in version 2.0 (Note that we don't - * need to check header_version_major; if that's not 2 then - * vb2_verify_kernel_preamble() would have already failed. - */ - *vmlinuz_header_address = preamble->vmlinuz_header_address; - *vmlinuz_header_size = preamble->vmlinuz_header_size; - } -} - -uint32_t vb2_kernel_get_flags(const struct vb2_kernel_preamble *preamble) -{ - if (preamble->header_version_minor < 2) - return 0; - - return preamble->flags; -} |