From 58ae67008f4f70cdbf48d76234f70a3b61b6e83e Mon Sep 17 00:00:00 2001 From: Joel Kitching Date: Thu, 13 Feb 2020 18:04:21 +0800 Subject: vboot: unmarry LoadKernel from VBSD Create a function-local copy of VbSharedDataKernelCall rather than using the memory built-in to VBSD. Stop making any reference to vboot1 VBSD from LoadKernel. BUG=b:124141368, chromium:1038260 TEST=make clean && make runtests BRANCH=none Change-Id: I5dabfb33a0eb05c1f40509dcf00a4c5751af1ef5 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2053182 Tested-by: Joel Kitching Commit-Queue: Joel Kitching Reviewed-by: Joel Kitching --- firmware/lib/vboot_kernel.c | 33 +++++++------- host/lib/crossystem.c | 107 ++------------------------------------------ utility/crossystem.c | 2 - 3 files changed, 18 insertions(+), 124 deletions(-) diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c index 6c30c028..722b74de 100644 --- a/firmware/lib/vboot_kernel.c +++ b/firmware/lib/vboot_kernel.c @@ -440,7 +440,7 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params) struct vb2_shared_data *sd = vb2_get_sd(ctx); struct vb2_workbuf wb; VbSharedDataHeader *shared = sd->vbsd; - VbSharedDataKernelCall *shcall = NULL; + VbSharedDataKernelCall shcall; int found_partitions = 0; uint32_t lowest_version = LOWEST_TPM_VERSION; vb2_error_t rv; @@ -457,14 +457,11 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params) * Set up tracking for this call. This wraps around if called many * times, so we need to initialize the call entry each time. */ - shcall = shared->lk_calls + - (shared->lk_call_count & (VBSD_MAX_KERNEL_CALLS - 1)); - memset(shcall, 0, sizeof(*shcall)); - shcall->boot_flags = (uint32_t)params->boot_flags; - shcall->boot_mode = get_kernel_boot_mode(ctx); - shcall->sector_size = (uint32_t)params->bytes_per_lba; - shcall->sector_count = params->streaming_lba_count; - shared->lk_call_count++; + memset(&shcall, 0, sizeof(shcall)); + shcall.boot_flags = (uint32_t)params->boot_flags; + shcall.boot_mode = get_kernel_boot_mode(ctx); + shcall.sector_size = (uint32_t)params->bytes_per_lba; + shcall.sector_count = params->streaming_lba_count; /* Locate key to verify kernel. This will either be a recovery key, or a kernel subkey passed from firmware verification. */ @@ -480,14 +477,14 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params) ? GPT_FLAG_EXTERNAL : 0; if (0 != AllocAndReadGptData(params->disk_handle, &gpt)) { VB2_DEBUG("Unable to read GPT data\n"); - shcall->check_result = VBSD_LKC_CHECK_GPT_READ_ERROR; + shcall.check_result = VBSD_LKC_CHECK_GPT_READ_ERROR; goto gpt_done; } /* Initialize GPT library */ if (GPT_SUCCESS != GptInit(&gpt)) { VB2_DEBUG("Error parsing GPT\n"); - shcall->check_result = VBSD_LKC_CHECK_GPT_PARSE_ERROR; + shcall.check_result = VBSD_LKC_CHECK_GPT_PARSE_ERROR; goto gpt_done; } @@ -506,7 +503,7 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params) * time. */ VbSharedDataKernelPart *shpart = - shcall->parts + (shcall->kernel_parts_found + shcall.parts + (shcall.kernel_parts_found & (VBSD_MAX_KERNEL_PARTS - 1)); memset(shpart, 0, sizeof(VbSharedDataKernelPart)); shpart->sector_start = part_start; @@ -516,7 +513,7 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params) * 0. Adjust here, until cgptlib is fixed. */ shpart->gpt_index = (uint8_t)(gpt.current_kernel + 1); - shcall->kernel_parts_found++; + shcall.kernel_parts_found++; /* Found at least one kernel partition. */ found_partitions++; @@ -602,7 +599,7 @@ vb2_error_t LoadKernel(struct vb2_context *ctx, LoadKernelParams *params) * non-officially-signed kernel, there's no rollback * protection, so we can stop at the first valid kernel. */ - if (kBootRecovery == shcall->boot_mode || !keyblock_valid) { + if (kBootRecovery == shcall.boot_mode || !keyblock_valid) { VB2_DEBUG("In recovery mode or dev-signed kernel\n"); break; } @@ -627,7 +624,7 @@ gpt_done: /* Handle finding a good partition */ if (params->partition_number > 0) { VB2_DEBUG("Good partition %d\n", params->partition_number); - shcall->check_result = VBSD_LKC_CHECK_GOOD_PARTITION; + shcall.check_result = VBSD_LKC_CHECK_GOOD_PARTITION; shared->kernel_version_lowest = lowest_version; /* * Sanity check - only store a new TPM version if we found one. @@ -642,13 +639,13 @@ gpt_done: /* Success! */ rv = VB2_SUCCESS; } else if (found_partitions > 0) { - shcall->check_result = VBSD_LKC_CHECK_INVALID_PARTITIONS; + shcall.check_result = VBSD_LKC_CHECK_INVALID_PARTITIONS; rv = VB2_ERROR_LK_INVALID_KERNEL_FOUND; } else { - shcall->check_result = VBSD_LKC_CHECK_NO_PARTITIONS; + shcall.check_result = VBSD_LKC_CHECK_NO_PARTITIONS; rv = VB2_ERROR_LK_NO_KERNEL_FOUND; } - shcall->return_code = (uint8_t)rv; + shcall.return_code = (uint8_t)rv; return rv; } diff --git a/host/lib/crossystem.c b/host/lib/crossystem.c index 71cdd5c9..33cf332f 100644 --- a/host/lib/crossystem.c +++ b/host/lib/crossystem.c @@ -28,9 +28,9 @@ /* Fields that GetVdatString() can get */ typedef enum VdatStringField { VDAT_STRING_DEPRECATED_TIMERS = 0, /* Timer values */ - VDAT_STRING_LOAD_FIRMWARE_DEBUG, /* LoadFirmware() debug information */ - VDAT_STRING_LOAD_KERNEL_DEBUG, /* LoadKernel() debug information */ - VDAT_STRING_MAINFW_ACT /* Active main firmware */ + VDAT_STRING_LOAD_FIRMWARE_DEBUG, /* LoadFirmware() debug info */ + VDAT_STRING_DEPRECATED_LOAD_KERNEL_DEBUG, /* LoadKernel() debug info */ + VDAT_STRING_MAINFW_ACT /* Active main firmware */ } VdatStringField; @@ -243,101 +243,6 @@ static char *GetVdatLoadFirmwareDebug(char *dest, int size, return dest; } -#define TRUNCATED "\n(truncated)\n" - -static char *GetVdatLoadKernelDebug(char *dest, int size, - const VbSharedDataHeader *sh) -{ - int used = 0; - int first_call_tracked = 0; - int call; - - /* Make sure we have space for truncation warning */ - if (size < strlen(TRUNCATED) + 1) - return NULL; - size -= strlen(TRUNCATED) + 1; - - used += snprintf( - dest + used, size - used, - "Calls to LoadKernel()=%d\n", - sh->lk_call_count); - if (used > size) - goto LoadKernelDebugExit; - - /* Report on the last calls */ - if (sh->lk_call_count > VBSD_MAX_KERNEL_CALLS) - first_call_tracked = sh->lk_call_count - VBSD_MAX_KERNEL_CALLS; - for (call = first_call_tracked; call < sh->lk_call_count; call++) { - const VbSharedDataKernelCall* shc = sh->lk_calls + - (call & (VBSD_MAX_KERNEL_CALLS - 1)); - int first_part_tracked = 0; - int part; - - used += snprintf(dest + used, size - used, - "Call %d:\n" - " Boot flags=0x%02x\n" - " Boot mode=%d\n" - " Test error=%d\n" - " Return code=%d\n" - " Debug flags=0x%02x\n" - " Drive sectors=%" PRIu64 "\n" - " Sector size=%d\n" - " Check result=%d\n" - " Kernel partitions found=%d\n", - call + 1, - shc->boot_flags, - shc->boot_mode, - shc->test_error_num, - shc->return_code, - shc->flags, - shc->sector_count, - shc->sector_size, - shc->check_result, - shc->kernel_parts_found); - if (used > size) - goto LoadKernelDebugExit; - - /* If we found too many partitions, only prints ones where the - * structure has info. */ - if (shc->kernel_parts_found > VBSD_MAX_KERNEL_PARTS) - first_part_tracked = shc->kernel_parts_found - - VBSD_MAX_KERNEL_PARTS; - - /* Report on the partitions checked */ - for (part = first_part_tracked; part < shc->kernel_parts_found; - part++) { - const VbSharedDataKernelPart* shp = shc->parts + - (part & (VBSD_MAX_KERNEL_PARTS - 1)); - - used += snprintf(dest + used, size - used, - " Kernel %d:\n" - " GPT index=%d\n" - " Start sector=%" PRIu64 "\n" - " Sector count=%" PRIu64 "\n" - " Combined version=0x%08x\n" - " Check result=%d\n" - " Debug flags=0x%02x\n", - part + 1, - shp->gpt_index, - shp->sector_start, - shp->sector_count, - shp->combined_version, - shp->check_result, - shp->flags); - if (used > size) - goto LoadKernelDebugExit; - } - } - -LoadKernelDebugExit: - - /* Warn if data was truncated; we left space for this above. */ - if (used > size) - strcat(dest, TRUNCATED); - - return dest; -} - static char *GetVdatString(char *dest, int size, VdatStringField field) { VbSharedDataHeader *sh = VbSharedDataRead(); @@ -351,10 +256,6 @@ static char *GetVdatString(char *dest, int size, VdatStringField field) value = GetVdatLoadFirmwareDebug(dest, size, sh); break; - case VDAT_STRING_LOAD_KERNEL_DEBUG: - value = GetVdatLoadKernelDebug(dest, size, sh); - break; - case VDAT_STRING_MAINFW_ACT: switch(sh->firmware_index) { case 0: @@ -589,8 +490,6 @@ const char *VbGetSystemPropertyString(const char *name, char *dest, } else if (!strcasecmp(name, "vdat_lfdebug")) { return GetVdatString(dest, size, VDAT_STRING_LOAD_FIRMWARE_DEBUG); - } else if (!strcasecmp(name, "vdat_lkdebug")) { - return GetVdatString(dest, size, VDAT_STRING_LOAD_KERNEL_DEBUG); } else if (!strcasecmp(name, "fw_try_next")) { return vb2_get_nv_storage(VB2_NV_TRY_NEXT) ? "B" : "A"; } else if (!strcasecmp(name, "fw_tried")) { diff --git a/utility/crossystem.c b/utility/crossystem.c index d5f48835..ee0b9658 100644 --- a/utility/crossystem.c +++ b/utility/crossystem.c @@ -92,8 +92,6 @@ const Param sys_param_list[] = { {"vdat_flags", 0, "Flags from VbSharedData", "0x%08x"}, {"vdat_lfdebug", IS_STRING|NO_PRINT_ALL, "LoadFirmware() debug data (not in print-all)"}, - {"vdat_lkdebug", IS_STRING|NO_PRINT_ALL, - "LoadKernel() debug data (not in print-all)"}, {"wipeout_request", CAN_WRITE, "Firmware requested factory reset (wipeout)"}, {"wpsw_boot", 0, "Firmware write protect hardware switch position at boot"}, {"wpsw_cur", 0, "Firmware write protect hardware switch current position"}, -- cgit v1.2.1