From 786acdabcc15f023330d7c628aca9679e757a238 Mon Sep 17 00:00:00 2001 From: Randall Spangler Date: Thu, 22 May 2014 13:27:07 -0700 Subject: vboot2: Add workbuf functions We'll try breaking this up into smaller pieces. This one's pretty small - just the work buffer utility functions. BUG=chromium:370082 BRANCH=none TEST=make clean && VBOOT2=1 COV=1 make Change-Id: I4c417438053c155d6f7f9725552066e9b059951c Signed-off-by: Randall Spangler Reviewed-on: https://chromium-review.googlesource.com/201141 --- firmware/2lib/2common.c | 95 +++++++++++++++++++++++++++ firmware/2lib/include/2common.h | 120 ++++++++++++++++++++++++++++++++++ firmware/2lib/include/2return_codes.h | 62 ++++++++++++++++++ firmware/2lib/include/2sysincludes.h | 27 ++++++++ 4 files changed, 304 insertions(+) create mode 100644 firmware/2lib/2common.c create mode 100644 firmware/2lib/include/2common.h create mode 100644 firmware/2lib/include/2return_codes.h create mode 100644 firmware/2lib/include/2sysincludes.h (limited to 'firmware/2lib') diff --git a/firmware/2lib/2common.c b/firmware/2lib/2common.c new file mode 100644 index 00000000..9849b22b --- /dev/null +++ b/firmware/2lib/2common.c @@ -0,0 +1,95 @@ +/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Common functions between firmware and kernel verified boot. + * (Firmware portion) + */ + +#include "2sysincludes.h" +#include "2common.h" + +int vb2_align(uint8_t **ptr, uint32_t *size, uint32_t align, uint32_t want_size) +{ + uintptr_t p = (uintptr_t)*ptr; + uintptr_t offs = p & (align - 1); + + if (offs) { + offs = align - offs; + + if (*size < offs) + return VB2_ERROR_BUFFER_TOO_SMALL; + + *ptr += offs; + *size -= offs; + } + + if (*size < want_size) + return VB2_ERROR_BUFFER_TOO_SMALL; + + return VB2_SUCCESS; +} + +void vb2_workbuf_init(struct vb2_workbuf *wb, uint8_t *buf, uint32_t size) +{ + wb->buf = buf; + wb->size = size; + + /* Align the buffer so allocations will be aligned */ + if (vb2_align(&wb->buf, &wb->size, VB2_WORKBUF_ALIGN, 0)) + wb->size = 0; +} + +/** + * Round up a number to a multiple of VB2_WORKBUF_ALIGN + * + * @param v Number to round up + * @return The number, rounded up. + */ +static __inline uint32_t wb_round_up(uint32_t v) +{ + return (v + VB2_WORKBUF_ALIGN - 1) & ~(VB2_WORKBUF_ALIGN - 1); +} + +void *vb2_workbuf_alloc(struct vb2_workbuf *wb, uint32_t size) +{ + uint8_t *ptr = wb->buf; + + /* Round up size to work buffer alignment */ + size = wb_round_up(size); + + if (size > wb->size) + return NULL; + + wb->buf += size; + wb->size -= size; + + return ptr; +} + +void *vb2_workbuf_realloc(struct vb2_workbuf *wb, + uint32_t oldsize, + uint32_t newsize) +{ + /* + * Just free and allocate to update the size. No need to move/copy + * memory, since the new pointer is guaranteed to be the same as the + * old one. The new allocation can fail, if the new size is too big. + */ + vb2_workbuf_free(wb, oldsize); + return vb2_workbuf_alloc(wb, newsize); +} + +void vb2_workbuf_free(struct vb2_workbuf *wb, uint32_t size) +{ + /* Round up size to work buffer alignment */ + size = wb_round_up(size); + + wb->buf -= size; + wb->size += size; +} + +ptrdiff_t vb2_offset_of(const void *base, const void *ptr) +{ + return (uintptr_t)ptr - (uintptr_t)base; +} diff --git a/firmware/2lib/include/2common.h b/firmware/2lib/include/2common.h new file mode 100644 index 00000000..3724354b --- /dev/null +++ b/firmware/2lib/include/2common.h @@ -0,0 +1,120 @@ +/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Common functions between firmware and kernel verified boot. + */ + +#ifndef VBOOT_REFERENCE_VBOOT_2COMMON_H_ +#define VBOOT_REFERENCE_VBOOT_2COMMON_H_ + +#include "2return_codes.h" + +struct vb2_public_key; + +/* + * Return the greater of A and B. This is used in macros which calculate the + * required buffer size, so can't be turned into a static inline function. + */ +#ifndef VB2_MAX +#define VB2_MAX(A, B) ((A) > (B) ? (A) : (B)) +#endif + +/* + * Debug output. Defaults to printf(), but can be overridden on a per-platform + * basis. + */ +#if defined(VBOOT_DEBUG) && !defined(VB2_DEBUG) +#define VB2_DEBUG(format, args...) printf(format, ## args) +#else +#define VB2_DEBUG(format, args...) +#endif + +/* Alignment for work buffer pointers/allocations */ +#define VB2_WORKBUF_ALIGN 8 + +/* Work buffer */ +struct vb2_workbuf { + uint8_t *buf; + uint32_t size; +}; + +/** + * Initialize a work buffer. + * + * @param wb Work buffer to init + * @param buf Pointer to work buffer data + * @param size Size of work buffer data in bytes + */ +void vb2_workbuf_init(struct vb2_workbuf *wb, uint8_t *buf, uint32_t size); + +/** + * Allocate space in a work buffer. + * + * Note that the returned buffer will always be aligned to VB2_WORKBUF_ALIGN. + * + * The work buffer acts like a stack, and detailed tracking of allocs and frees + * is not done. The caller must track the size of each allocation and free via + * vb2_workbuf_free() in the reverse order they were allocated. + * + * @param wb Work buffer + * @param size Requested size in bytes + * @return A pointer to the allocated space, or NULL if error. + */ +void *vb2_workbuf_alloc(struct vb2_workbuf *wb, uint32_t size); + +/** + * Reallocate space in a work buffer. + * + * Note that the returned buffer will always be aligned to VB2_WORKBUF_ALIGN. + * The work buffer acts like a stack, so this must only be done to the most + * recently allocated buffer. + * + * @param wb Work buffer + * @param oldsize Old allocation size in bytes + * @param newsize Requested size in bytes + * @return A pointer to the allocated space, or NULL if error. + */ +void *vb2_workbuf_realloc(struct vb2_workbuf *wb, + uint32_t oldsize, + uint32_t newsize); + +/** + * Free the preceding allocation. + * + * Note that the work buffer acts like a stack, and detailed tracking of + * allocs and frees is not done. The caller must track the size of each + * allocation and free them in reverse order. + * + * @param wb Work buffer + * @param size Size of data to free + */ +void vb2_workbuf_free(struct vb2_workbuf *wb, uint32_t size); + +/* Check if a pointer is aligned on an align-byte boundary */ +#define vb_aligned(ptr, align) (!(((size_t)(ptr)) & ((align) - 1))) + +/** + * Align a buffer and check its size. + * + * @param **ptr Pointer to pointer to align + * @param *size Points to size of buffer pointed to by *ptr + * @param align Required alignment (must be power of 2) + * @param want_size Required size + * @return VB2_SUCCESS, or non-zero if error. + */ +int vb2_align(uint8_t **ptr, + uint32_t *size, + uint32_t align, + uint32_t want_size); + +/** + * Return offset of ptr from base. + * + * @param base Base pointer + * @param ptr Pointer at some offset from base + * @return The offset of ptr from base. + */ +ptrdiff_t vb2_offset_of(const void *base, const void *ptr); + +#endif /* VBOOT_REFERENCE_VBOOT_2COMMON_H_ */ diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h new file mode 100644 index 00000000..73a37b5e --- /dev/null +++ b/firmware/2lib/include/2return_codes.h @@ -0,0 +1,62 @@ +/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + */ + +#ifndef VBOOT_2_RETURN_CODES_H_ +#define VBOOT_2_RETURN_CODES_H_ + +/* + * Return codes from verified boot functions. + * + * TODO: Go through code and replace VB2_ERROR_UNKNOWN with more specific + * error codes, and make the existing codes more consistent and useful. + */ +enum vb2_return_code { + /* Success - no error */ + VB2_SUCCESS = 0, + + /* Unknown / unspecified error */ + VB2_ERROR_UNKNOWN = 0x10000, + + /* Work buffer too small */ + VB2_ERROR_WORKBUF_TOO_SMALL, + + /* Buffer too small (other than the work buffer) */ + VB2_ERROR_BUFFER_TOO_SMALL, + + /* Buffer unaligned */ + VB2_ERROR_BUFFER_UNALIGNED, + + /* Bad GBB header */ + VB2_ERROR_BAD_GBB_HEADER, + + /* Bad algorithm - unknown, or unsupported */ + VB2_ERROR_BAD_ALGORITHM, + + /* Signature check failed */ + VB2_ERROR_BAD_SIGNATURE, + + /* Bad secure data */ + VB2_ERROR_BAD_SECDATA, + + /* Bad key */ + VB2_ERROR_BAD_KEY, + + /* Bad keyblock */ + VB2_ERROR_BAD_KEYBLOCK, + + /* Bad preamble */ + VB2_ERROR_BAD_PREAMBLE, + + /* Bad firmware keyblock version (out of range, or rollback) */ + VB2_ERROR_FW_KEYBLOCK_VERSION, + + /* Bad firmware version (out of range, or rollback) */ + VB2_ERROR_FW_VERSION, + + /* Bad hash tag */ + VB2_ERROR_BAD_TAG, +}; + +#endif /* VBOOT_2_RETURN_CODES_H_ */ diff --git a/firmware/2lib/include/2sysincludes.h b/firmware/2lib/include/2sysincludes.h new file mode 100644 index 00000000..4c9e66c6 --- /dev/null +++ b/firmware/2lib/include/2sysincludes.h @@ -0,0 +1,27 @@ +/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + */ + +/* + * System includes for vboot reference library. With few exceptions, this is + * the ONLY place in firmware/ where system headers may be included via + * #include <...>, so that there's only one place that needs to be fixed up for + * platforms which don't have all the system includes. + */ + +#ifndef VBOOT_REFERENCE_2_SYSINCLUDES_H_ +#define VBOOT_REFERENCE_2_SYSINCLUDES_H_ + +#include /* For PRIu64 */ +#include +#include +#include +#include + +#if defined(HAVE_ENDIAN_H) && defined(HAVE_LITTLE_ENDIAN) +#include +#include +#endif + +#endif /* VBOOT_REFERENCE_2_SYSINCLUDES_H_ */ -- cgit v1.2.1