From a62ffa8d61de19d8992c32a886e44c0aecb7e01b Mon Sep 17 00:00:00 2001 From: Randall Spangler Date: Thu, 30 Jun 2016 11:24:24 -0700 Subject: vboot: replace CreateKernelPreamble() with vboot2 equivalent Continued refactoring of host library to kernel style / vboot2 structs. BUG=chromium:611535 BRANCH=none TEST=make runtests Change-Id: Ifed376812ed7690eea1ec0dfab958e836f7724a0 Signed-off-by: Randall Spangler Reviewed-on: https://chromium-review.googlesource.com/363951 Reviewed-by: Daisuke Nojiri --- Makefile | 1 - futility/vb1_helper.c | 43 ++++++++--------- host/lib/host_common.c | 102 ++++++++++++++++++++++++++++++++--------- host/lib/host_common2.c | 81 -------------------------------- host/lib/include/host_common.h | 28 +++++++---- host/linktest/main.c | 3 -- tests/vb20_common3_tests.c | 14 +++--- tests/vboot_common2_tests.c | 7 +-- 8 files changed, 129 insertions(+), 150 deletions(-) delete mode 100644 host/lib/host_common2.c diff --git a/Makefile b/Makefile index 7b8cbcf2..7e2c1d69 100644 --- a/Makefile +++ b/Makefile @@ -460,7 +460,6 @@ UTILLIB_SRCS = \ host/lib/file_keys.c \ host/lib/fmap.c \ host/lib/host_common.c \ - host/lib/host_common2.c \ host/lib/host_key.c \ host/lib/host_key2.c \ host/lib/host_keyblock.c \ diff --git a/futility/vb1_helper.c b/futility/vb1_helper.c index 314fd02e..208fac14 100644 --- a/futility/vb1_helper.c +++ b/futility/vb1_helper.c @@ -411,43 +411,40 @@ uint8_t *SignKernelBlob(uint8_t *kernel_blob, uint64_t kernel_size, struct vb2_private_key *signpriv_key, uint32_t flags, uint64_t *vblock_size_ptr) { - VbSignature *body_sig; - VbKernelPreambleHeader *preamble; - uint64_t min_size = padding > keyblock->keyblock_size + /* Make sure the preamble fills up the rest of the required padding */ + uint32_t min_size = padding > keyblock->keyblock_size ? padding - keyblock->keyblock_size : 0; - void *outbuf; - uint64_t outsize; /* Sign the kernel data */ - body_sig = (VbSignature *)vb2_calculate_signature(kernel_blob, - kernel_size, - signpriv_key); + struct vb2_signature *body_sig = vb2_calculate_signature(kernel_blob, + kernel_size, + signpriv_key); if (!body_sig) { fprintf(stderr, "Error calculating body signature\n"); return NULL; } /* Create preamble */ - preamble = CreateKernelPreamble(version, - kernel_body_load_address, - g_ondisk_bootloader_addr, - g_bootloader_size, - body_sig, - g_ondisk_vmlinuz_header_addr, - g_vmlinuz_header_size, - flags, - min_size, - signpriv_key); + struct vb2_kernel_preamble *preamble = + vb2_create_kernel_preamble(version, + kernel_body_load_address, + g_ondisk_bootloader_addr, + g_bootloader_size, + body_sig, + g_ondisk_vmlinuz_header_addr, + g_vmlinuz_header_size, + flags, + min_size, + signpriv_key); if (!preamble) { fprintf(stderr, "Error creating preamble.\n"); return 0; } - outsize = keyblock->keyblock_size + preamble->preamble_size; - outbuf = malloc(outsize); - Memset(outbuf, 0, outsize); - Memcpy(outbuf, keyblock, keyblock->keyblock_size); - Memcpy(outbuf + keyblock->keyblock_size, + uint32_t outsize = keyblock->keyblock_size + preamble->preamble_size; + void *outbuf = calloc(outsize, 1); + memcpy(outbuf, keyblock, keyblock->keyblock_size); + memcpy(outbuf + keyblock->keyblock_size, preamble, preamble->preamble_size); if (vblock_size_ptr) diff --git a/host/lib/host_common.c b/host/lib/host_common.c index a8c1d977..a741fd96 100644 --- a/host/lib/host_common.c +++ b/host/lib/host_common.c @@ -3,8 +3,6 @@ * found in the LICENSE file. * * Host functions for verified boot. - * - * TODO: change all 'return 0', 'return 1' into meaningful return codes. */ #include @@ -16,39 +14,99 @@ #include "host_key2.h" #include "cryptolib.h" #include "utility.h" +#include "vb2_common.h" #include "vboot_common.h" -VbKernelPreambleHeader *CreateKernelPreamble( - uint64_t kernel_version, +struct vb2_fw_preamble *vb2_create_fw_preamble( + uint32_t firmware_version, + const struct vb2_packed_key *kernel_subkey, + const struct vb2_signature *body_signature, + const struct vb2_private_key *signing_key, + uint32_t flags) +{ + uint32_t signed_size = (sizeof(struct vb2_fw_preamble) + + kernel_subkey->key_size + + body_signature->sig_size); + uint32_t block_size = signed_size + + vb2_rsa_sig_size(signing_key->sig_alg); + + /* Allocate key block */ + struct vb2_fw_preamble *h = + (struct vb2_fw_preamble *)calloc(block_size, 1); + if (!h) + return NULL; + + uint8_t *kernel_subkey_dest = (uint8_t *)(h + 1); + uint8_t *body_sig_dest = kernel_subkey_dest + kernel_subkey->key_size; + uint8_t *block_sig_dest = body_sig_dest + body_signature->sig_size; + + h->header_version_major = FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR; + h->header_version_minor = FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR; + h->preamble_size = block_size; + h->firmware_version = firmware_version; + h->flags = flags; + + /* Copy data key */ + vb2_init_packed_key(&h->kernel_subkey, kernel_subkey_dest, + kernel_subkey->key_size); + if (VB2_SUCCESS != + vb2_copy_packed_key(&h->kernel_subkey, kernel_subkey)) { + free(h); + return NULL; + } + + /* Copy body signature */ + vb2_init_signature(&h->body_signature, + body_sig_dest, body_signature->sig_size, 0); + if (VB2_SUCCESS != + vb2_copy_signature(&h->body_signature, body_signature)) { + free(h); + return NULL; + } + + /* Set up signature struct so we can calculate the signature */ + vb2_init_signature(&h->preamble_signature, block_sig_dest, + vb2_rsa_sig_size(signing_key->sig_alg), signed_size); + + /* Calculate signature */ + struct vb2_signature *sig = + vb2_calculate_signature((uint8_t *)h, signed_size, signing_key); + vb2_copy_signature(&h->preamble_signature, sig); + free(sig); + + /* Return the header */ + return h; +} + +struct vb2_kernel_preamble *vb2_create_kernel_preamble( + uint32_t kernel_version, uint64_t body_load_address, uint64_t bootloader_address, - uint64_t bootloader_size, - const VbSignature *body_signature, + uint32_t bootloader_size, + const struct vb2_signature *body_signature, uint64_t vmlinuz_header_address, - uint64_t vmlinuz_header_size, + uint32_t vmlinuz_header_size, uint32_t flags, - uint64_t desired_size, + uint32_t desired_size, const struct vb2_private_key *signing_key) { - VbKernelPreambleHeader *h; - uint64_t signed_size = (sizeof(VbKernelPreambleHeader) + + uint64_t signed_size = (sizeof(struct vb2_kernel_preamble) + body_signature->sig_size); uint32_t sig_size = vb2_rsa_sig_size(signing_key->sig_alg); - uint64_t block_size = signed_size + sig_size; - uint8_t *body_sig_dest; - uint8_t *block_sig_dest; + uint32_t block_size = signed_size + sig_size; /* If the block size is smaller than the desired size, pad it */ if (block_size < desired_size) block_size = desired_size; /* Allocate key block */ - h = (VbKernelPreambleHeader *)calloc(block_size, 1); + struct vb2_kernel_preamble *h = + (struct vb2_kernel_preamble *)calloc(block_size, 1); if (!h) return NULL; - body_sig_dest = (uint8_t *)(h + 1); - block_sig_dest = body_sig_dest + body_signature->sig_size; + uint8_t *body_sig_dest = (uint8_t *)(h + 1); + uint8_t *block_sig_dest = body_sig_dest + body_signature->sig_size; h->header_version_major = KERNEL_PREAMBLE_HEADER_VERSION_MAJOR; h->header_version_minor = KERNEL_PREAMBLE_HEADER_VERSION_MINOR; @@ -62,18 +120,18 @@ VbKernelPreambleHeader *CreateKernelPreamble( h->flags = flags; /* Copy body signature */ - SignatureInit(&h->body_signature, body_sig_dest, - body_signature->sig_size, 0); - SignatureCopy(&h->body_signature, body_signature); + vb2_init_signature(&h->body_signature, body_sig_dest, + body_signature->sig_size, 0); + vb2_copy_signature(&h->body_signature, body_signature); /* Set up signature struct so we can calculate the signature */ - SignatureInit(&h->preamble_signature, block_sig_dest, - sig_size, signed_size); + vb2_init_signature(&h->preamble_signature, block_sig_dest, + sig_size, signed_size); /* Calculate signature */ struct vb2_signature *sigtmp = vb2_calculate_signature((uint8_t *)h, signed_size, signing_key); - SignatureCopy(&h->preamble_signature, (VbSignature *)sigtmp); + vb2_copy_signature(&h->preamble_signature, sigtmp); free(sigtmp); /* Return the header */ diff --git a/host/lib/host_common2.c b/host/lib/host_common2.c deleted file mode 100644 index fed2097a..00000000 --- a/host/lib/host_common2.c +++ /dev/null @@ -1,81 +0,0 @@ -/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Host functions for verified boot. - * - * TODO: change all 'return 0', 'return 1' into meaningful return codes. - */ - -#include - -#include "2sysincludes.h" -#include "2common.h" -#include "2rsa.h" -#include "host_common.h" -#include "host_key2.h" -#include "cryptolib.h" -#include "utility.h" -#include "vb2_common.h" -#include "vboot_common.h" - -struct vb2_fw_preamble *vb2_create_fw_preamble( - uint32_t firmware_version, - const struct vb2_packed_key *kernel_subkey, - const struct vb2_signature *body_signature, - const struct vb2_private_key *signing_key, - uint32_t flags) -{ - uint32_t signed_size = (sizeof(struct vb2_fw_preamble) + - kernel_subkey->key_size + - body_signature->sig_size); - uint32_t block_size = signed_size + - vb2_rsa_sig_size(signing_key->sig_alg); - - /* Allocate preamble */ - struct vb2_fw_preamble *h = - (struct vb2_fw_preamble *)calloc(block_size, 1); - if (!h) - return NULL; - - uint8_t *kernel_subkey_dest = (uint8_t *)(h + 1); - uint8_t *body_sig_dest = kernel_subkey_dest + kernel_subkey->key_size; - uint8_t *block_sig_dest = body_sig_dest + body_signature->sig_size; - - h->header_version_major = FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR; - h->header_version_minor = FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR; - h->preamble_size = block_size; - h->firmware_version = firmware_version; - h->flags = flags; - - /* Copy data key */ - vb2_init_packed_key(&h->kernel_subkey, kernel_subkey_dest, - kernel_subkey->key_size); - if (VB2_SUCCESS != - vb2_copy_packed_key(&h->kernel_subkey, kernel_subkey)) { - free(h); - return NULL; - } - - /* Copy body signature */ - vb2_init_signature(&h->body_signature, - body_sig_dest, body_signature->sig_size, 0); - if (VB2_SUCCESS != - vb2_copy_signature(&h->body_signature, body_signature)) { - free(h); - return NULL; - } - - /* Set up signature struct so we can calculate the signature */ - vb2_init_signature(&h->preamble_signature, block_sig_dest, - vb2_rsa_sig_size(signing_key->sig_alg), signed_size); - - /* Calculate signature */ - struct vb2_signature *sig = - vb2_calculate_signature((uint8_t *)h, signed_size, signing_key); - vb2_copy_signature(&h->preamble_signature, sig); - free(sig); - - /* Return the header */ - return h; -} diff --git a/host/lib/include/host_common.h b/host/lib/include/host_common.h index 50684864..84536634 100644 --- a/host/lib/include/host_common.h +++ b/host/lib/include/host_common.h @@ -41,23 +41,33 @@ struct vb2_fw_preamble *vb2_create_fw_preamble( const struct vb2_private_key *signing_key, uint32_t flags); + /** - * Create a kernel preamble, signed with [signing_key]. + * Create a kernel preamble. * - * Caller owns the returned pointer, and must free it with Free(). + * @param kernel_version Firmware version + * @param body_load_address Load address for kernel body + * @param bootloader_address Load address for bootloader + * @param bootloader_size Size of bootloader in bytes + * @param body_signature Signature of kernel body + * @param vmlinuz_header_address Load address for 16-bit vmlinuz header + * @param vmlinuz_header_size Size of 16-bit vmlinuz header in bytes + * @param flags Kernel preamble flags + * @param desired_size Minimum size of preamble in bytes + * @param signing_key Private key to sign header with * - * Returns NULL if error. + * @return The preamble, or NULL if error. Caller must free() it. */ -VbKernelPreambleHeader *CreateKernelPreamble( - uint64_t kernel_version, +struct vb2_kernel_preamble *vb2_create_kernel_preamble( + uint32_t kernel_version, uint64_t body_load_address, uint64_t bootloader_address, - uint64_t bootloader_size, - const VbSignature *body_signature, + uint32_t bootloader_size, + const struct vb2_signature *body_signature, uint64_t vmlinuz_header_address, - uint64_t vmlinuz_header_size, + uint32_t vmlinuz_header_size, uint32_t flags, - uint64_t desired_size, + uint32_t desired_size, const struct vb2_private_key *signing_key); #endif /* VBOOT_REFERENCE_HOST_COMMON_H_ */ diff --git a/host/linktest/main.c b/host/linktest/main.c index af125151..b5dc1732 100644 --- a/host/linktest/main.c +++ b/host/linktest/main.c @@ -24,9 +24,6 @@ int main(void) SignatureAlloc(0, 0); SignatureCopy(0, 0); - /* host_common.h */ - CreateKernelPreamble(0, 0, 0, 0, 0, 0, 0, 0, 0, 0); - /* file_keys.h */ BufferFromFile(0, 0); RSAPublicKeyFromFile(0); diff --git a/tests/vb20_common3_tests.c b/tests/vb20_common3_tests.c index a89cead1..62a36e45 100644 --- a/tests/vb20_common3_tests.c +++ b/tests/vb20_common3_tests.c @@ -343,8 +343,6 @@ static void test_verify_kernel_preamble( const struct vb2_packed_key *public_key, const struct vb2_private_key *private_key) { - struct vb2_kernel_preamble *hdr; - struct vb2_kernel_preamble *h; struct vb2_public_key rsa; // TODO: how many workbuf bytes? uint8_t workbuf[VB2_VERIFY_FIRMWARE_PREAMBLE_WORKBUF_BYTES] @@ -361,17 +359,17 @@ static void test_verify_kernel_preamble( public_key->key_offset + public_key->key_size), "vb2_verify_kernel_preamble() prereq key"); - hdr = (struct vb2_kernel_preamble *) - CreateKernelPreamble(0x1234, 0x100000, 0x300000, 0x4000, - (VbSignature *)body_sig, - 0x304000, 0x10000, 0, 0, - private_key); + struct vb2_kernel_preamble *hdr = + vb2_create_kernel_preamble(0x1234, 0x100000, 0x300000, 0x4000, + body_sig, 0x304000, 0x10000, 0, 0, + private_key); TEST_PTR_NEQ(hdr, NULL, "vb2_verify_kernel_preamble() prereq test preamble"); if (!hdr) return; hsize = (uint32_t) hdr->preamble_size; - h = (struct vb2_kernel_preamble *)malloc(hsize + 16384); + struct vb2_kernel_preamble *h = + (struct vb2_kernel_preamble *)malloc(hsize + 16384); Memcpy(h, hdr, hsize); TEST_SUCC(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), diff --git a/tests/vboot_common2_tests.c b/tests/vboot_common2_tests.c index 2c0a8949..a867f723 100644 --- a/tests/vboot_common2_tests.c +++ b/tests/vboot_common2_tests.c @@ -133,11 +133,12 @@ static void VerifyKernelPreambleTest(const VbPublicKey *public_key, unsigned hsize; /* Create a dummy signature */ - VbSignature *body_sig = SignatureAlloc(56, 78); + struct vb2_signature *body_sig = vb2_alloc_signature(56, 78); rsa = PublicKeyToRSA(public_key); - hdr = CreateKernelPreamble(0x1234, 0x100000, 0x300000, 0x4000, body_sig, - 0, 0, 0, 0, private_key); + hdr = (VbKernelPreambleHeader *) + vb2_create_kernel_preamble(0x1234, 0x100000, 0x300000, 0x4000, + body_sig, 0, 0, 0, 0, private_key); TEST_NEQ(hdr && rsa, 0, "VerifyKernelPreamble() prerequisites"); if (!hdr) return; -- cgit v1.2.1