This involves a minor code change but I take the opportunity to clean things up, getting rid of files we don't need, and fixing includes.
Change-Id: Ie9ead4b6a2473d2f25b7b0a777343aef598f8dd9 Signed-off-by: Ronald G. Minnich <[email protected]> --- kern/drivers/dev/capability.c | 15 +- kern/include/crypto/2api.h | 5 +- kern/include/crypto/2hmac.h | 1 - kern/lib/crypto/2api.c | 208 -------------------- kern/lib/crypto/2common.c | 8 +- kern/lib/crypto/2crc8.c | 4 +- kern/lib/crypto/2hmac.c | 6 +- kern/lib/crypto/2misc.c | 408 ---------------------------------------- kern/lib/crypto/2nvstorage.c | 370 ------------------------------------ kern/lib/crypto/2rsa.c | 8 +- kern/lib/crypto/2secdata.c | 10 +- kern/lib/crypto/2secdatak.c | 10 +- kern/lib/crypto/2sha1.c | 6 +- kern/lib/crypto/2sha512.c | 6 +- kern/lib/crypto/2sha_utility.c | 6 +- kern/lib/crypto/2stub.c | 59 ------ kern/lib/crypto/2tpm_bootmode.c | 54 ------ kern/lib/crypto/Kbuild | 18 +- 18 files changed, 54 insertions(+), 1148 deletions(-) delete mode 100644 kern/lib/crypto/2api.c delete mode 100644 kern/lib/crypto/2misc.c delete mode 100644 kern/lib/crypto/2nvstorage.c delete mode 100644 kern/lib/crypto/2stub.c delete mode 100644 kern/lib/crypto/2tpm_bootmode.c diff --git a/kern/drivers/dev/capability.c b/kern/drivers/dev/capability.c index ab0cd95..f974fff 100644 --- a/kern/drivers/dev/capability.c +++ b/kern/drivers/dev/capability.c @@ -21,8 +21,13 @@ #include <smp.h> #include <ip.h> +#include <crypto/2crypto.h> +#include <crypto/2hmac.h> +#include <crypto/2id.h> +#include <crypto/2sha.h> + enum { - Hashlen = 20, // SHA1dlen, + Hashlen = VB2_SHA256_BLOCK_SIZE, Maxhash = 256, }; @@ -197,6 +202,7 @@ static long capwrite(struct chan *c, void *va, long n, int64_t m) uint8_t hash[Hashlen]; char *key, *from, *to; char err[256]; + int ret; ERRSTACK(1); switch ((uint32_t)c->qid.path) { @@ -226,9 +232,10 @@ static long capwrite(struct chan *c, void *va, long n, int64_t m) error(EIO, "short read: Quse"); *key++ = 0; - panic("No way to hash"); - //hmac_sha1((uint8_t *)from, strlen(from), (uint8_t *)key, strlen(key), - //hash, NULL); + ret = hmac(VB2_ALG_RSA1024_SHA256, key, strlen(key), + from, strlen(from), hash, sizeof(hash)); + if (ret) + error(EINVAL,"HMAC failed"); p = remcap(hash); if (p == NULL) { diff --git a/kern/include/crypto/2api.h b/kern/include/crypto/2api.h index e4c6ad0..23d413d 100644 --- a/kern/include/crypto/2api.h +++ b/kern/include/crypto/2api.h @@ -17,8 +17,8 @@ * must be done elsewhere, and VB2_NV_DEBUG_RESET_MODE is ignored. */ -#ifndef VBOOT_2_API_H_ -#define VBOOT_2_API_H_ +#pragma once + #include <stdint.h> #include "2common.h" @@ -658,4 +658,3 @@ int vb2ex_hwcrypto_digest_extend(const uint8_t *buf, uint32_t size); */ int vb2ex_hwcrypto_digest_finalize(uint8_t *digest, uint32_t digest_size); -#endif /* VBOOT_2_API_H_ */ diff --git a/kern/include/crypto/2hmac.h b/kern/include/crypto/2hmac.h index 7209a38..ad7dfea 100644 --- a/kern/include/crypto/2hmac.h +++ b/kern/include/crypto/2hmac.h @@ -25,4 +25,3 @@ int hmac(enum vb2_hash_algorithm alg, const void *msg, uint32_t msg_size, uint8_t *mac, uint32_t mac_size); -#endif diff --git a/kern/lib/crypto/2api.c b/kern/lib/crypto/2api.c deleted file mode 100644 index c12a805..0000000 --- a/kern/lib/crypto/2api.c +++ /dev/null @@ -1,208 +0,0 @@ -/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Externally-callable APIs - * (Firmware portion) - */ - -#include "2sysincludes.h" -#include "2api.h" -#include "2common.h" -#include "2misc.h" -#include "2nvstorage.h" -#include "2secdata.h" -#include "2sha.h" -#include "2rsa.h" -#include "2tpm_bootmode.h" - -int vb2api_secdata_check(const struct vb2_context *ctx) -{ - return vb2_secdata_check_crc(ctx); -} - -int vb2api_secdata_create(struct vb2_context *ctx) -{ - return vb2_secdata_create(ctx); -} - -void vb2api_fail(struct vb2_context *ctx, uint8_t reason, uint8_t subcode) -{ - /* Initialize the vboot context if it hasn't been yet */ - vb2_init_context(ctx); - - vb2_fail(ctx, reason, subcode); -} - -int vb2api_fw_phase1(struct vb2_context *ctx) -{ - int rv; - - /* Initialize the vboot context if it hasn't been yet */ - vb2_init_context(ctx); - - /* Initialize NV context */ - vb2_nv_init(ctx); - - /* - * Handle caller-requested reboot due to secdata. Do this before we - * even look at secdata. If we fail because of a reboot loop we'll be - * the first failure so will get to set the recovery reason. - */ - if (!(ctx->flags & VB2_CONTEXT_SECDATA_WANTS_REBOOT)) { - /* No reboot requested */ - vb2_nv_set(ctx, VB2_NV_TPM_REQUESTED_REBOOT, 0); - } else if (vb2_nv_get(ctx, VB2_NV_TPM_REQUESTED_REBOOT)) { - /* - * Reboot requested... again. Fool me once, shame on you. - * Fool me twice, shame on me. Fail into recovery to avoid - * a reboot loop. - */ - vb2_fail(ctx, VB2_RECOVERY_RO_TPM_REBOOT, 0); - } else { - /* Reboot requested for the first time */ - vb2_nv_set(ctx, VB2_NV_TPM_REQUESTED_REBOOT, 1); - return VB2_ERROR_API_PHASE1_SECDATA_REBOOT; - } - - /* Initialize secure data */ - rv = vb2_secdata_init(ctx); - if (rv) - vb2_fail(ctx, VB2_RECOVERY_SECDATA_INIT, rv); - - /* Load and parse the GBB header */ - rv = vb2_fw_parse_gbb(ctx); - if (rv) - vb2_fail(ctx, VB2_RECOVERY_GBB_HEADER, rv); - - /* - * Check for recovery. Note that this function returns void, since any - * errors result in requesting recovery. That's also why we don't - * return error from failures in the preceding two steps; those - * failures simply cause us to detect recovery mode here. - */ - vb2_check_recovery(ctx); - - /* Check for dev switch */ - rv = vb2_check_dev_switch(ctx); - if (rv && !(ctx->flags & VB2_CONTEXT_RECOVERY_MODE)) { - /* - * Error in dev switch processing, and we weren't already - * headed for recovery mode. Reboot into recovery mode, since - * it's too late to handle those errors this boot, and we need - * to take a different path through the dev switch checking - * code in that case. - */ - vb2_fail(ctx, VB2_RECOVERY_DEV_SWITCH, rv); - return rv; - } - - /* Return error if recovery is needed */ - if (ctx->flags & VB2_CONTEXT_RECOVERY_MODE) { - /* Always clear RAM when entering recovery mode */ - ctx->flags |= VB2_CONTEXT_CLEAR_RAM; - return VB2_ERROR_API_PHASE1_RECOVERY; - } - - return VB2_SUCCESS; -} - -int vb2api_fw_phase2(struct vb2_context *ctx) -{ - int rv; - - /* - * Use the slot from the last boot if this is a resume. Do not set - * VB2_SD_STATUS_CHOSE_SLOT so the try counter is not decremented on - * failure as we are explicitly not attempting to boot from a new slot. - */ - if (ctx->flags & VB2_CONTEXT_S3_RESUME) { - struct vb2_shared_data *sd = vb2_get_sd(ctx); - - /* Set the current slot to the last booted slot */ - sd->fw_slot = vb2_nv_get(ctx, VB2_NV_FW_TRIED); - - /* Set context flag if we're using slot B */ - if (sd->fw_slot) - ctx->flags |= VB2_CONTEXT_FW_SLOT_B; - - return VB2_SUCCESS; - } - - /* Always clear RAM when entering developer mode */ - if (ctx->flags & VB2_CONTEXT_DEVELOPER_MODE) - ctx->flags |= VB2_CONTEXT_CLEAR_RAM; - - /* Check for explicit request to clear TPM */ - rv = vb2_check_tpm_clear(ctx); - if (rv) { - vb2_fail(ctx, VB2_RECOVERY_TPM_CLEAR_OWNER, rv); - return rv; - } - - /* Decide which firmware slot to try this boot */ - rv = vb2_select_fw_slot(ctx); - if (rv) { - vb2_fail(ctx, VB2_RECOVERY_FW_SLOT, rv); - return rv; - } - - return VB2_SUCCESS; -} - -int vb2api_extend_hash(struct vb2_context *ctx, - const void *buf, - uint32_t size) -{ - struct vb2_shared_data *sd = vb2_get_sd(ctx); - struct vb2_digest_context *dc = (struct vb2_digest_context *) - (ctx->workbuf + sd->workbuf_hash_offset); - - /* Must have initialized hash digest work area */ - if (!sd->workbuf_hash_size) - return VB2_ERROR_API_EXTEND_HASH_WORKBUF; - - /* Don't extend past the data we expect to hash */ - if (!size || size > sd->hash_remaining_size) - return VB2_ERROR_API_EXTEND_HASH_SIZE; - - sd->hash_remaining_size -= size; - - if (dc->using_hwcrypto) - return vb2ex_hwcrypto_digest_extend(buf, size); - else - return vb2_digest_extend(dc, buf, size); -} - -int vb2api_get_pcr_digest(struct vb2_context *ctx, - enum vb2_pcr_digest which_digest, - uint8_t *dest, - uint32_t *dest_size) -{ - const uint8_t *digest; - uint32_t digest_size; - - switch (which_digest) { - case BOOT_MODE_PCR: - digest = vb2_get_boot_state_digest(ctx); - digest_size = VB2_SHA1_DIGEST_SIZE; - break; - case HWID_DIGEST_PCR: - digest = vb2_get_sd(ctx)->gbb_hwid_digest; - digest_size = VB2_GBB_HWID_DIGEST_SIZE; - break; - default: - return VB2_ERROR_API_PCR_DIGEST; - } - - if (digest == NULL || *dest_size < digest_size) - return VB2_ERROR_API_PCR_DIGEST_BUF; - - memcpy(dest, digest, digest_size); - if (digest_size < *dest_size) - memset(dest + digest_size, 0, *dest_size - digest_size); - - *dest_size = digest_size; - - return VB2_SUCCESS; -} diff --git a/kern/lib/crypto/2common.c b/kern/lib/crypto/2common.c index 9e75d0c..de1da6e 100644 --- a/kern/lib/crypto/2common.c +++ b/kern/lib/crypto/2common.c @@ -6,10 +6,10 @@ * (Firmware portion) */ -#include "2sysincludes.h" -#include "2common.h" -#include "2rsa.h" -#include "2sha.h" +#include <crypto/2sysincludes.h> +#include <crypto/2common.h> +#include <crypto/2rsa.h> +#include <crypto/2sha.h> int vb2_safe_memcmp(const void *s1, const void *s2, size_t size) { diff --git a/kern/lib/crypto/2crc8.c b/kern/lib/crypto/2crc8.c index 9df0a00..57b63f2 100644 --- a/kern/lib/crypto/2crc8.c +++ b/kern/lib/crypto/2crc8.c @@ -3,8 +3,8 @@ * found in the LICENSE file. */ -#include "2sysincludes.h" -#include "2crc8.h" +#include <crypto/2sysincludes.h> +#include <crypto/2crc8.h> uint8_t vb2_crc8(const void *vptr, uint32_t size) { diff --git a/kern/lib/crypto/2hmac.c b/kern/lib/crypto/2hmac.c index 651ae57..7ca75ba 100644 --- a/kern/lib/crypto/2hmac.c +++ b/kern/lib/crypto/2hmac.c @@ -3,9 +3,9 @@ * found in the LICENSE file. */ -#include "2sysincludes.h" -#include "2sha.h" -#include "2hmac.h" +#include <crypto/2sysincludes.h> +#include <crypto/2common.h> +#include <crypto/2sha.h> int hmac(enum vb2_hash_algorithm alg, const void *key, uint32_t key_size, diff --git a/kern/lib/crypto/2misc.c b/kern/lib/crypto/2misc.c deleted file mode 100644 index a955f53..0000000 --- a/kern/lib/crypto/2misc.c +++ /dev/null @@ -1,408 +0,0 @@ -/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Misc functions which need access to vb2_context but are not public APIs - */ - -#include "2sysincludes.h" -#include "2api.h" -#include "2common.h" -#include "2misc.h" -#include "2nvstorage.h" -#include "2secdata.h" -#include "2sha.h" -#include "2rsa.h" - -int vb2_validate_gbb_signature(uint8_t *sig) { - const static uint8_t sig_xor[VB2_GBB_SIGNATURE_SIZE] = - VB2_GBB_XOR_SIGNATURE; - int i; - for (i = 0; i < VB2_GBB_SIGNATURE_SIZE; i++) { - if (sig[i] != (sig_xor[i] ^ VB2_GBB_XOR_CHARS[i])) - return VB2_ERROR_GBB_MAGIC; - } - return VB2_SUCCESS; -} - -void vb2_workbuf_from_ctx(struct vb2_context *ctx, struct vb2_workbuf *wb) -{ - vb2_workbuf_init(wb, ctx->workbuf + ctx->workbuf_used, - ctx->workbuf_size - ctx->workbuf_used); -} - -int vb2_read_gbb_header(struct vb2_context *ctx, struct vb2_gbb_header *gbb) -{ - int rv; - - /* Read the entire header */ - rv = vb2ex_read_resource(ctx, VB2_RES_GBB, 0, gbb, sizeof(*gbb)); - if (rv) - return rv; - - /* Make sure it's really a GBB */ - rv = vb2_validate_gbb_signature(gbb->signature); - if (rv) - return rv; - - /* Check for compatible version */ - if (gbb->major_version != VB2_GBB_MAJOR_VER) - return VB2_ERROR_GBB_VERSION; - - /* Current code is not backwards-compatible to 1.1 headers or older */ - if (gbb->minor_version < VB2_GBB_MINOR_VER) - return VB2_ERROR_GBB_TOO_OLD; - - /* - * Header size should be at least as big as we expect. It could be - * bigger, if the header has grown. - */ - if (gbb->header_size < sizeof(*gbb)) - return VB2_ERROR_GBB_HEADER_SIZE; - - return VB2_SUCCESS; -} - -void vb2_fail(struct vb2_context *ctx, uint8_t reason, uint8_t subcode) -{ - struct vb2_shared_data *sd = vb2_get_sd(ctx); - - /* If NV data hasn't been initialized, initialize it now */ - if (!(sd->status & VB2_SD_STATUS_NV_INIT)) - vb2_nv_init(ctx); - - /* See if we were far enough in the boot process to choose a slot */ - if (sd->status & VB2_SD_STATUS_CHOSE_SLOT) { - - /* Boot failed */ - vb2_nv_set(ctx, VB2_NV_FW_RESULT, VB2_FW_RESULT_FAILURE); - - /* Use up remaining tries */ - vb2_nv_set(ctx, VB2_NV_TRY_COUNT, 0); - - /* - * Try the other slot next time. We'll alternate - * between slots, which may help if one or both slots is - * flaky. - */ - vb2_nv_set(ctx, VB2_NV_TRY_NEXT, 1 - sd->fw_slot); - - /* - * If we didn't try the other slot last boot, or we tried it - * and it didn't fail, try it next boot. - */ - if (sd->last_fw_slot != 1 - sd->fw_slot || - sd->last_fw_result != VB2_FW_RESULT_FAILURE) - return; - } - - /* - * If we're still here, we failed before choosing a slot, or both - * this slot and the other slot failed in successive boots. So we - * need to go to recovery. - * - * Set a recovery reason and subcode only if they're not already set. - * If recovery is already requested, it's a more specific error code - * than later code is providing and we shouldn't overwrite it. - */ - VB2_DEBUG("Need recovery, reason: %#x / %#x\n", reason, subcode); - if (!vb2_nv_get(ctx, VB2_NV_RECOVERY_REQUEST)) { - vb2_nv_set(ctx, VB2_NV_RECOVERY_REQUEST, reason); - vb2_nv_set(ctx, VB2_NV_RECOVERY_SUBCODE, subcode); - } -} - -int vb2_init_context(struct vb2_context *ctx) -{ - struct vb2_shared_data *sd = vb2_get_sd(ctx); - - /* Don't do anything if the context has already been initialized */ - if (ctx->workbuf_used) - return VB2_SUCCESS; - - /* - * Workbuf had better be big enough for our shared data struct and - * aligned. Not much we can do if it isn't; we'll die before we can - * store a recovery reason. - */ - if (ctx->workbuf_size < sizeof(*sd)) - return VB2_ERROR_INITCTX_WORKBUF_SMALL; - if (!vb2_aligned(ctx->workbuf, VB2_WORKBUF_ALIGN)) - return VB2_ERROR_INITCTX_WORKBUF_ALIGN; - - /* Initialize the shared data at the start of the work buffer */ - memset(sd, 0, sizeof(*sd)); - ctx->workbuf_used = sizeof(*sd); - return VB2_SUCCESS; -} - -void vb2_check_recovery(struct vb2_context *ctx) -{ - struct vb2_shared_data *sd = vb2_get_sd(ctx); - uint32_t reason = vb2_nv_get(ctx, VB2_NV_RECOVERY_REQUEST); - uint32_t subcode = vb2_nv_get(ctx, VB2_NV_RECOVERY_SUBCODE); - - VB2_DEBUG("Recovery reason from previous boot: %#x / %#x\n", - reason, subcode); - - /* - * Sets the current recovery request, unless there's already been a - * failure earlier in the boot process. - */ - if (!sd->recovery_reason) - sd->recovery_reason = reason; - - /* Clear request and subcode so we don't get stuck in recovery mode */ - vb2_nv_set(ctx, VB2_NV_RECOVERY_REQUEST, VB2_RECOVERY_NOT_REQUESTED); - vb2_nv_set(ctx, VB2_NV_RECOVERY_SUBCODE, VB2_RECOVERY_NOT_REQUESTED); - - if (ctx->flags & VB2_CONTEXT_FORCE_RECOVERY_MODE) { - VB2_DEBUG("Recovery was requested manually\n"); - if (subcode && !sd->recovery_reason) - /* - * Recovery was requested at 'broken' screen. - * Promote subcode to reason. - */ - sd->recovery_reason = subcode; - else - /* Recovery was forced. Override recovery reason */ - sd->recovery_reason = VB2_RECOVERY_RO_MANUAL; - sd->flags |= VB2_SD_FLAG_MANUAL_RECOVERY; - } - - /* If recovery reason is non-zero, tell caller we need recovery mode */ - if (sd->recovery_reason) { - ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; - VB2_DEBUG("We have a recovery request: %#x / %#x\n", - sd->recovery_reason, - vb2_nv_get(ctx, VB2_NV_RECOVERY_SUBCODE)); - } -} - -int vb2_fw_parse_gbb(struct vb2_context *ctx) -{ - struct vb2_shared_data *sd = vb2_get_sd(ctx); - struct vb2_gbb_header *gbb; - struct vb2_workbuf wb; - int rv; - - vb2_workbuf_from_ctx(ctx, &wb); - - /* Read GBB into next chunk of work buffer */ - gbb = vb2_workbuf_alloc(&wb, sizeof(*gbb)); - if (!gbb) - return VB2_ERROR_GBB_WORKBUF; - - rv = vb2_read_gbb_header(ctx, gbb); - if (rv) - return rv; - - /* Extract the only things we care about at firmware time */ - sd->gbb_flags = gbb->flags; - sd->gbb_rootkey_offset = gbb->rootkey_offset; - sd->gbb_rootkey_size = gbb->rootkey_size; - memcpy(sd->gbb_hwid_digest, gbb->hwid_digest, VB2_GBB_HWID_DIGEST_SIZE); - - return VB2_SUCCESS; -} - -int vb2_check_dev_switch(struct vb2_context *ctx) -{ - struct vb2_shared_data *sd = vb2_get_sd(ctx); - uint32_t flags = 0; - uint32_t old_flags; - int is_dev = 0; - int use_secdata = 1; - int rv; - - /* Read secure flags */ - rv = vb2_secdata_get(ctx, VB2_SECDATA_FLAGS, &flags); - if (rv) { - if (ctx->flags & VB2_CONTEXT_RECOVERY_MODE) { - /* - * Recovery mode needs to check other ways developer - * mode can be enabled, so don't give up yet. But - * since we can't read secdata, assume dev mode was - * disabled. - */ - use_secdata = 0; - flags = 0; - } else { - /* Normal mode simply fails */ - return rv; - } - } - old_flags = flags; - - /* Handle dev disable request */ - if (use_secdata && vb2_nv_get(ctx, VB2_NV_DISABLE_DEV_REQUEST)) { - flags &= ~VB2_SECDATA_FLAG_DEV_MODE; - - /* Clear the request */ - vb2_nv_set(ctx, VB2_NV_DISABLE_DEV_REQUEST, 0); - } - - /* - * Check if we've been asked by the caller to disable dev mode. Note - * that hardware switch and GBB flag will take precedence over this. - */ - if (ctx->flags & VB2_DISABLE_DEVELOPER_MODE) - flags &= ~VB2_SECDATA_FLAG_DEV_MODE; - - /* Check virtual dev switch */ - if (flags & VB2_SECDATA_FLAG_DEV_MODE) - is_dev = 1; - - /* Handle forcing dev mode via physical switch */ - if (ctx->flags & VB2_CONTEXT_FORCE_DEVELOPER_MODE) - is_dev = 1; - - /* Check if GBB is forcing dev mode */ - if (sd->gbb_flags & VB2_GBB_FLAG_FORCE_DEV_SWITCH_ON) - is_dev = 1; - - /* Handle whichever mode we end up in */ - if (is_dev) { - /* Developer mode */ - sd->flags |= VB2_SD_DEV_MODE_ENABLED; - ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; - - flags |= VB2_SECDATA_FLAG_LAST_BOOT_DEVELOPER; - } else { - /* Normal mode */ - flags &= ~VB2_SECDATA_FLAG_LAST_BOOT_DEVELOPER; - - /* - * Disable dev_boot_* flags. This ensures they will be - * initially disabled if the user later transitions back into - * developer mode. - */ - vb2_nv_set(ctx, VB2_NV_DEV_BOOT_USB, 0); - vb2_nv_set(ctx, VB2_NV_DEV_BOOT_LEGACY, 0); - vb2_nv_set(ctx, VB2_NV_DEV_BOOT_SIGNED_ONLY, 0); - vb2_nv_set(ctx, VB2_NV_DEV_BOOT_FASTBOOT_FULL_CAP, 0); - vb2_nv_set(ctx, VB2_NV_DEV_DEFAULT_BOOT, 0); - vb2_nv_set(ctx, VB2_NV_FASTBOOT_UNLOCK_IN_FW, 0); - } - - if (ctx->flags & VB2_CONTEXT_FORCE_WIPEOUT_MODE) - vb2_nv_set(ctx, VB2_NV_REQ_WIPEOUT, 1); - - if (flags != old_flags) { - /* - * Just changed dev mode state. Clear TPM owner. This must be - * done here instead of simply passing a flag to - * vb2_check_tpm_clear(), because we don't want to update - * last_boot_developer and then fail to clear the TPM owner. - * - * Note that we do this even if we couldn't read secdata, since - * the TPM owner and secdata may be independent, and we want - * the owner to be cleared if *this boot* is different than the - * last one (perhaps due to GBB or hardware override). - */ - rv = vb2ex_tpm_clear_owner(ctx); - if (use_secdata) { - /* Check for failure to clear owner */ - if (rv) { - /* - * Note that this truncates rv to 8 bit. Which - * is not as useful as the full error code, but - * we don't have NVRAM space to store the full - * 32-bit code. - */ - vb2_fail(ctx, VB2_RECOVERY_TPM_CLEAR_OWNER, rv); - return rv; - } - - /* Save new flags */ - rv = vb2_secdata_set(ctx, VB2_SECDATA_FLAGS, flags); - if (rv) - return rv; - } - } - - return VB2_SUCCESS; -} - -int vb2_check_tpm_clear(struct vb2_context *ctx) -{ - int rv; - - /* Check if we've been asked to clear the owner */ - if (!vb2_nv_get(ctx, VB2_NV_CLEAR_TPM_OWNER_REQUEST)) - return VB2_SUCCESS; /* No need to clear */ - - /* Request applies one time only */ - vb2_nv_set(ctx, VB2_NV_CLEAR_TPM_OWNER_REQUEST, 0); - - /* Try clearing */ - rv = vb2ex_tpm_clear_owner(ctx); - if (rv) { - /* - * Note that this truncates rv to 8 bit. Which is not as - * useful as the full error code, but we don't have NVRAM space - * to store the full 32-bit code. - */ - vb2_fail(ctx, VB2_RECOVERY_TPM_CLEAR_OWNER, rv); - return rv; - } - - /* Clear successful */ - vb2_nv_set(ctx, VB2_NV_CLEAR_TPM_OWNER_DONE, 1); - return VB2_SUCCESS; -} - -int vb2_select_fw_slot(struct vb2_context *ctx) -{ - struct vb2_shared_data *sd = vb2_get_sd(ctx); - uint32_t tries; - - /* Get result of last boot */ - sd->last_fw_slot = vb2_nv_get(ctx, VB2_NV_FW_TRIED); - sd->last_fw_result = vb2_nv_get(ctx, VB2_NV_FW_RESULT); - - /* Save to the previous result fields in NV storage */ - vb2_nv_set(ctx, VB2_NV_FW_PREV_TRIED, sd->last_fw_slot); - vb2_nv_set(ctx, VB2_NV_FW_PREV_RESULT, sd->last_fw_result); - - /* Clear result, since we don't know what will happen this boot */ - vb2_nv_set(ctx, VB2_NV_FW_RESULT, VB2_FW_RESULT_UNKNOWN); - - /* Get slot to try */ - sd->fw_slot = vb2_nv_get(ctx, VB2_NV_TRY_NEXT); - - /* Check try count */ - tries = vb2_nv_get(ctx, VB2_NV_TRY_COUNT); - - if (sd->last_fw_result == VB2_FW_RESULT_TRYING && - sd->last_fw_slot == sd->fw_slot && - tries == 0) { - /* - * We used up our last try on the previous boot, so fall back - * to the other slot this boot. - */ - sd->fw_slot = 1 - sd->fw_slot; - vb2_nv_set(ctx, VB2_NV_TRY_NEXT, sd->fw_slot); - } - - if (tries > 0) { - /* Still trying this firmware */ - vb2_nv_set(ctx, VB2_NV_FW_RESULT, VB2_FW_RESULT_TRYING); - - /* Decrement non-zero try count, unless told not to */ - if (!(ctx->flags & VB2_CONTEXT_NOFAIL_BOOT)) - vb2_nv_set(ctx, VB2_NV_TRY_COUNT, tries - 1); - } - - /* Store the slot we're trying */ - vb2_nv_set(ctx, VB2_NV_FW_TRIED, sd->fw_slot); - - /* Set context flag if we're using slot B */ - if (sd->fw_slot) - ctx->flags |= VB2_CONTEXT_FW_SLOT_B; - - /* Set status flag */ - sd->status |= VB2_SD_STATUS_CHOSE_SLOT; - - return VB2_SUCCESS; -} diff --git a/kern/lib/crypto/2nvstorage.c b/kern/lib/crypto/2nvstorage.c deleted file mode 100644 index b40bbe7..0000000 --- a/kern/lib/crypto/2nvstorage.c +++ /dev/null @@ -1,370 +0,0 @@ -/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - */ - -/* Non-volatile storage routines */ - -#include "2sysincludes.h" -#include "2common.h" -#include "2crc8.h" -#include "2misc.h" -#include "2nvstorage.h" -#include "2nvstorage_fields.h" - -static void vb2_nv_regen_crc(struct vb2_context *ctx) -{ - ctx->nvdata[VB2_NV_OFFS_CRC] = vb2_crc8(ctx->nvdata, VB2_NV_OFFS_CRC); - ctx->flags |= VB2_CONTEXT_NVDATA_CHANGED; -} - -/** - * Check the CRC of the non-volatile storage context. - * - * Use this if reading from non-volatile storage may be flaky, and you want to - * retry reading it several times. - * - * This may be called before vb2_context_init(). - * - * @param ctx Context pointer - * @return VB2_SUCCESS, or non-zero error code if error. - */ -int vb2_nv_check_crc(const struct vb2_context *ctx) -{ - const uint8_t *p = ctx->nvdata; - - /* Check header */ - if (VB2_NV_HEADER_SIGNATURE != - (p[VB2_NV_OFFS_HEADER] & VB2_NV_HEADER_MASK)) - return VB2_ERROR_NV_HEADER; - - /* Check CRC */ - if (vb2_crc8(p, VB2_NV_OFFS_CRC) != p[VB2_NV_OFFS_CRC]) - return VB2_ERROR_NV_CRC; - - return VB2_SUCCESS; -} - -void vb2_nv_init(struct vb2_context *ctx) -{ - struct vb2_shared_data *sd = vb2_get_sd(ctx); - uint8_t *p = ctx->nvdata; - - /* Check data for consistency */ - if (vb2_nv_check_crc(ctx) != VB2_SUCCESS) { - /* Data is inconsistent (bad CRC or header); reset defaults */ - memset(p, 0, VB2_NVDATA_SIZE); - p[VB2_NV_OFFS_HEADER] = (VB2_NV_HEADER_SIGNATURE | - VB2_NV_HEADER_FW_SETTINGS_RESET | - VB2_NV_HEADER_KERNEL_SETTINGS_RESET); - - /* Regenerate CRC */ - vb2_nv_regen_crc(ctx); - - /* Set status flag */ - sd->status |= VB2_SD_STATUS_NV_REINIT; - /* TODO: unit test for status flag being set */ - } - - sd->status |= VB2_SD_STATUS_NV_INIT; -} - -/* Macro for vb2_nv_get() single-bit settings to reduce duplicate code. */ -#define GETBIT(offs, mask) (p[offs] & mask ? 1 : 0) - -uint32_t vb2_nv_get(struct vb2_context *ctx, enum vb2_nv_param param) -{ - const uint8_t *p = ctx->nvdata; - - /* - * TODO: We could reduce the binary size for this code by #ifdef'ing - * out the params not used by firmware verification. - */ - switch (param) { - case VB2_NV_FIRMWARE_SETTINGS_RESET: - return GETBIT(VB2_NV_OFFS_HEADER, - VB2_NV_HEADER_FW_SETTINGS_RESET); - - case VB2_NV_KERNEL_SETTINGS_RESET: - return GETBIT(VB2_NV_OFFS_HEADER, - VB2_NV_HEADER_KERNEL_SETTINGS_RESET); - - case VB2_NV_DEBUG_RESET_MODE: - return GETBIT(VB2_NV_OFFS_BOOT, VB2_NV_BOOT_DEBUG_RESET); - - case VB2_NV_TRY_NEXT: - return GETBIT(VB2_NV_OFFS_BOOT2, VB2_NV_BOOT2_TRY_NEXT); - - case VB2_NV_TRY_COUNT: - return p[VB2_NV_OFFS_BOOT] & VB2_NV_BOOT_TRY_COUNT_MASK; - - case VB2_NV_FW_TRIED: - return GETBIT(VB2_NV_OFFS_BOOT2, VB2_NV_BOOT2_TRIED); - - case VB2_NV_FW_RESULT: - return p[VB2_NV_OFFS_BOOT2] & VB2_NV_BOOT2_RESULT_MASK; - - case VB2_NV_FW_PREV_TRIED: - return GETBIT(VB2_NV_OFFS_BOOT2, VB2_NV_BOOT2_PREV_TRIED); - - case VB2_NV_FW_PREV_RESULT: - return (p[VB2_NV_OFFS_BOOT2] & VB2_NV_BOOT2_PREV_RESULT_MASK) - >> VB2_NV_BOOT2_PREV_RESULT_SHIFT; - - case VB2_NV_RECOVERY_REQUEST: - return p[VB2_NV_OFFS_RECOVERY]; - - case VB2_NV_RECOVERY_SUBCODE: - return p[VB2_NV_OFFS_RECOVERY_SUBCODE]; - - case VB2_NV_LOCALIZATION_INDEX: - return p[VB2_NV_OFFS_LOCALIZATION]; - - case VB2_NV_KERNEL_FIELD: - return (p[VB2_NV_OFFS_KERNEL] - | (p[VB2_NV_OFFS_KERNEL + 1] << 8) - | (p[VB2_NV_OFFS_KERNEL + 2] << 16) - | (p[VB2_NV_OFFS_KERNEL + 3] << 24)); - - case VB2_NV_DEV_BOOT_USB: - return GETBIT(VB2_NV_OFFS_DEV, VB2_NV_DEV_FLAG_USB); - - case VB2_NV_DEV_BOOT_LEGACY: - return GETBIT(VB2_NV_OFFS_DEV, VB2_NV_DEV_FLAG_LEGACY); - - case VB2_NV_DEV_BOOT_SIGNED_ONLY: - return GETBIT(VB2_NV_OFFS_DEV, VB2_NV_DEV_FLAG_SIGNED_ONLY); - - case VB2_NV_DEV_BOOT_FASTBOOT_FULL_CAP: - return GETBIT(VB2_NV_OFFS_DEV, - VB2_NV_DEV_FLAG_FASTBOOT_FULL_CAP); - - case VB2_NV_DEV_DEFAULT_BOOT: - return (p[VB2_NV_OFFS_DEV] & VB2_NV_DEV_FLAG_DEFAULT_BOOT) - >> VB2_NV_DEV_DEFAULT_BOOT_SHIFT; - - case VB2_NV_DISABLE_DEV_REQUEST: - return GETBIT(VB2_NV_OFFS_BOOT, VB2_NV_BOOT_DISABLE_DEV); - - case VB2_NV_OPROM_NEEDED: - return GETBIT(VB2_NV_OFFS_BOOT, VB2_NV_BOOT_OPROM_NEEDED); - - case VB2_NV_BACKUP_NVRAM_REQUEST: - return GETBIT(VB2_NV_OFFS_BOOT, VB2_NV_BOOT_BACKUP_NVRAM); - - case VB2_NV_CLEAR_TPM_OWNER_REQUEST: - return GETBIT(VB2_NV_OFFS_TPM, VB2_NV_TPM_CLEAR_OWNER_REQUEST); - - case VB2_NV_CLEAR_TPM_OWNER_DONE: - return GETBIT(VB2_NV_OFFS_TPM, VB2_NV_TPM_CLEAR_OWNER_DONE); - - case VB2_NV_TPM_REQUESTED_REBOOT: - return GETBIT(VB2_NV_OFFS_TPM, VB2_NV_TPM_REBOOTED); - - case VB2_NV_REQ_WIPEOUT: - return GETBIT(VB2_NV_OFFS_HEADER , VB2_NV_HEADER_WIPEOUT); - - case VB2_NV_FASTBOOT_UNLOCK_IN_FW: - return GETBIT(VB2_NV_OFFS_MISC, VB2_NV_MISC_UNLOCK_FASTBOOT); - - case VB2_NV_BOOT_ON_AC_DETECT: - return GETBIT(VB2_NV_OFFS_MISC, VB2_NV_MISC_BOOT_ON_AC_DETECT); - - case VB2_NV_TRY_RO_SYNC: - return GETBIT(VB2_NV_OFFS_MISC, VB2_NV_MISC_TRY_RO_SYNC); - - case VB2_NV_BATTERY_CUTOFF_REQUEST: - return GETBIT(VB2_NV_OFFS_MISC, VB2_NV_MISC_BATTERY_CUTOFF); - } - - /* - * Put default return outside the switch() instead of in default:, so - * that adding a new param will cause a compiler warning. - */ - return 0; -} - -#undef GETBIT - -/* Macro for vb2_nv_set() single-bit settings to reduce duplicate code. */ -#define SETBIT(offs, mask) \ - { if (value) p[offs] |= mask; else p[offs] &= ~mask; } - -void vb2_nv_set(struct vb2_context *ctx, - enum vb2_nv_param param, - uint32_t value) -{ - uint8_t *p = ctx->nvdata; - - /* If not changing the value, don't regenerate the CRC. */ - if (vb2_nv_get(ctx, param) == value) - return; - - /* - * TODO: We could reduce the binary size for this code by #ifdef'ing - * out the params not used by firmware verification. - */ - switch (param) { - case VB2_NV_FIRMWARE_SETTINGS_RESET: - SETBIT(VB2_NV_OFFS_HEADER, VB2_NV_HEADER_FW_SETTINGS_RESET); - break; - - case VB2_NV_KERNEL_SETTINGS_RESET: - SETBIT(VB2_NV_OFFS_HEADER, VB2_NV_HEADER_KERNEL_SETTINGS_RESET); - break; - - case VB2_NV_DEBUG_RESET_MODE: - SETBIT(VB2_NV_OFFS_BOOT, VB2_NV_BOOT_DEBUG_RESET); - break; - - case VB2_NV_TRY_NEXT: - SETBIT(VB2_NV_OFFS_BOOT2, VB2_NV_BOOT2_TRY_NEXT); - break; - - case VB2_NV_TRY_COUNT: - /* Clip to valid range. */ - if (value > VB2_NV_BOOT_TRY_COUNT_MASK) - value = VB2_NV_BOOT_TRY_COUNT_MASK; - - p[VB2_NV_OFFS_BOOT] &= ~VB2_NV_BOOT_TRY_COUNT_MASK; - p[VB2_NV_OFFS_BOOT] |= (uint8_t)value; - break; - - case VB2_NV_FW_TRIED: - SETBIT(VB2_NV_OFFS_BOOT2, VB2_NV_BOOT2_TRIED); - break; - - case VB2_NV_FW_RESULT: - /* Map out of range values to unknown */ - if (value > VB2_NV_BOOT2_RESULT_MASK) - value = VB2_FW_RESULT_UNKNOWN; - - p[VB2_NV_OFFS_BOOT2] &= ~VB2_NV_BOOT2_RESULT_MASK; - p[VB2_NV_OFFS_BOOT2] |= (uint8_t)value; - break; - - case VB2_NV_FW_PREV_TRIED: - SETBIT(VB2_NV_OFFS_BOOT2, VB2_NV_BOOT2_PREV_TRIED); - break; - - case VB2_NV_FW_PREV_RESULT: - /* Map out of range values to unknown */ - if (value > VB2_NV_BOOT2_RESULT_MASK) - value = VB2_FW_RESULT_UNKNOWN; - - p[VB2_NV_OFFS_BOOT2] &= ~VB2_NV_BOOT2_PREV_RESULT_MASK; - p[VB2_NV_OFFS_BOOT2] |= - (uint8_t)(value << VB2_NV_BOOT2_PREV_RESULT_SHIFT); - break; - - case VB2_NV_RECOVERY_REQUEST: - /* - * Map values outside the valid range to the legacy reason, - * since we can't determine if we're called from kernel or user - * mode. - */ - if (value > 0xff) - value = VB2_RECOVERY_LEGACY; - p[VB2_NV_OFFS_RECOVERY] = (uint8_t)value; - break; - - case VB2_NV_RECOVERY_SUBCODE: - p[VB2_NV_OFFS_RECOVERY_SUBCODE] = (uint8_t)value; - break; - - case VB2_NV_LOCALIZATION_INDEX: - /* Map values outside the valid range to the default index. */ - if (value > 0xFF) - value = 0; - p[VB2_NV_OFFS_LOCALIZATION] = (uint8_t)value; - break; - - case VB2_NV_KERNEL_FIELD: - p[VB2_NV_OFFS_KERNEL] = (uint8_t)(value); - p[VB2_NV_OFFS_KERNEL + 1] = (uint8_t)(value >> 8); - p[VB2_NV_OFFS_KERNEL + 2] = (uint8_t)(value >> 16); - p[VB2_NV_OFFS_KERNEL + 3] = (uint8_t)(value >> 24); - break; - - case VB2_NV_DEV_BOOT_USB: - SETBIT(VB2_NV_OFFS_DEV, VB2_NV_DEV_FLAG_USB); - break; - - case VB2_NV_DEV_BOOT_LEGACY: - SETBIT(VB2_NV_OFFS_DEV, VB2_NV_DEV_FLAG_LEGACY); - break; - - case VB2_NV_DEV_BOOT_SIGNED_ONLY: - SETBIT(VB2_NV_OFFS_DEV, VB2_NV_DEV_FLAG_SIGNED_ONLY); - break; - - case VB2_NV_DEV_BOOT_FASTBOOT_FULL_CAP: - SETBIT(VB2_NV_OFFS_DEV, VB2_NV_DEV_FLAG_FASTBOOT_FULL_CAP); - break; - - case VB2_NV_DEV_DEFAULT_BOOT: - /* Map out of range values to disk */ - if (value > (VB2_NV_DEV_FLAG_DEFAULT_BOOT >> - VB2_NV_DEV_DEFAULT_BOOT_SHIFT)) - value = VB2_DEV_DEFAULT_BOOT_DISK; - - p[VB2_NV_OFFS_DEV] &= ~VB2_NV_DEV_FLAG_DEFAULT_BOOT; - p[VB2_NV_OFFS_DEV] |= - (uint8_t)(value << VB2_NV_DEV_DEFAULT_BOOT_SHIFT); - break; - - case VB2_NV_DISABLE_DEV_REQUEST: - SETBIT(VB2_NV_OFFS_BOOT, VB2_NV_BOOT_DISABLE_DEV); - break; - - case VB2_NV_OPROM_NEEDED: - SETBIT(VB2_NV_OFFS_BOOT, VB2_NV_BOOT_OPROM_NEEDED); - break; - - case VB2_NV_BACKUP_NVRAM_REQUEST: - SETBIT(VB2_NV_OFFS_BOOT, VB2_NV_BOOT_BACKUP_NVRAM); - break; - - case VB2_NV_CLEAR_TPM_OWNER_REQUEST: - SETBIT(VB2_NV_OFFS_TPM, VB2_NV_TPM_CLEAR_OWNER_REQUEST); - break; - - case VB2_NV_CLEAR_TPM_OWNER_DONE: - SETBIT(VB2_NV_OFFS_TPM, VB2_NV_TPM_CLEAR_OWNER_DONE); - break; - - case VB2_NV_TPM_REQUESTED_REBOOT: - SETBIT(VB2_NV_OFFS_TPM, VB2_NV_TPM_REBOOTED); - break; - - case VB2_NV_REQ_WIPEOUT: - SETBIT(VB2_NV_OFFS_HEADER , VB2_NV_HEADER_WIPEOUT); - break; - - case VB2_NV_FASTBOOT_UNLOCK_IN_FW: - SETBIT(VB2_NV_OFFS_MISC, VB2_NV_MISC_UNLOCK_FASTBOOT); - break; - - case VB2_NV_BOOT_ON_AC_DETECT: - SETBIT(VB2_NV_OFFS_MISC, VB2_NV_MISC_BOOT_ON_AC_DETECT); - break; - - case VB2_NV_TRY_RO_SYNC: - SETBIT(VB2_NV_OFFS_MISC, VB2_NV_MISC_TRY_RO_SYNC); - break; - - case VB2_NV_BATTERY_CUTOFF_REQUEST: - SETBIT(VB2_NV_OFFS_MISC, VB2_NV_MISC_BATTERY_CUTOFF); - break; - } - - /* - * Note there is no default case. This causes a compiler warning if - * a new param is added to the enum without adding support here. - */ - - /* Need to regenerate CRC, since the value changed. */ - vb2_nv_regen_crc(ctx); -} - -#undef SETBIT diff --git a/kern/lib/crypto/2rsa.c b/kern/lib/crypto/2rsa.c index 7862b13..9fe5b44 100644 --- a/kern/lib/crypto/2rsa.c +++ b/kern/lib/crypto/2rsa.c @@ -9,10 +9,10 @@ * multiple RSA key lengths and hash digest algorithms. */ -#include "2sysincludes.h" -#include "2common.h" -#include "2rsa.h" -#include "2sha.h" +#include <crypto/2sysincludes.h> +#include <crypto/2common.h> +#include <crypto/2rsa.h> +#include <crypto/2sha.h> /** * a[] -= mod diff --git a/kern/lib/crypto/2secdata.c b/kern/lib/crypto/2secdata.c index 3281f7c..08316b6 100644 --- a/kern/lib/crypto/2secdata.c +++ b/kern/lib/crypto/2secdata.c @@ -5,11 +5,11 @@ * Secure storage APIs */ -#include "2sysincludes.h" -#include "2common.h" -#include "2crc8.h" -#include "2misc.h" -#include "2secdata.h" +#include <crypto/2sysincludes.h> +#include <crypto/2common.h> +#include <crypto/2crc8.h> +#include <crypto/2misc.h> +#include <crypto/2secdata.h> int vb2_secdata_check_crc(const struct vb2_context *ctx) { diff --git a/kern/lib/crypto/2secdatak.c b/kern/lib/crypto/2secdatak.c index af11aef..c037085 100644 --- a/kern/lib/crypto/2secdatak.c +++ b/kern/lib/crypto/2secdatak.c @@ -5,11 +5,11 @@ * Secure storage APIs - kernel version space */ -#include "2sysincludes.h" -#include "2common.h" -#include "2crc8.h" -#include "2misc.h" -#include "2secdata.h" +#include <crypto/2sysincludes.h> +#include <crypto/2common.h> +#include <crypto/2crc8.h> +#include <crypto/2misc.h> +#include <crypto/2secdata.h> int vb2_secdatak_check_crc(const struct vb2_context *ctx) { diff --git a/kern/lib/crypto/2sha1.c b/kern/lib/crypto/2sha1.c index 41c8317..5f824db 100644 --- a/kern/lib/crypto/2sha1.c +++ b/kern/lib/crypto/2sha1.c @@ -6,9 +6,9 @@ * Open Source Project (platorm/system/core.git/libmincrypt/sha.c */ -#include "2sysincludes.h" -#include "2common.h" -#include "2sha.h" +#include <crypto/2sysincludes.h> +#include <crypto/2common.h> +#include <crypto/2sha.h> /* * Some machines lack byteswap.h and endian.h. These have to use the diff --git a/kern/lib/crypto/2sha512.c b/kern/lib/crypto/2sha512.c index fedc8b7..69eab40 100644 --- a/kern/lib/crypto/2sha512.c +++ b/kern/lib/crypto/2sha512.c @@ -35,9 +35,9 @@ * SUCH DAMAGE. */ -#include "2sysincludes.h" -#include "2common.h" -#include "2sha.h" +#include <crypto/2sysincludes.h> +#include <crypto/2common.h> +#include <crypto/2sha.h> #define SHFR(x, n) (x >> n) #define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n))) diff --git a/kern/lib/crypto/2sha_utility.c b/kern/lib/crypto/2sha_utility.c index dd74f29..d0f40d8 100644 --- a/kern/lib/crypto/2sha_utility.c +++ b/kern/lib/crypto/2sha_utility.c @@ -5,9 +5,9 @@ * Utility functions for message digest functions. */ -#include "2sysincludes.h" -#include "2common.h" -#include "2sha.h" +#include <crypto/2sysincludes.h> +#include <crypto/2common.h> +#include <crypto/2sha.h> #if VB2_SUPPORT_SHA1 #define CTH_SHA1 VB2_HASH_SHA1 diff --git a/kern/lib/crypto/2stub.c b/kern/lib/crypto/2stub.c deleted file mode 100644 index 971286c..0000000 --- a/kern/lib/crypto/2stub.c +++ /dev/null @@ -1,59 +0,0 @@ -/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Stub API implementations which should be implemented by the caller. - */ - -#include <stdarg.h> -#include <stdio.h> - -#include "2sysincludes.h" -#include "2api.h" - -__attribute__((weak)) -void vb2ex_printf(const char *func, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - fprintf(stderr, "%s: ", func); - vfprintf(stderr, fmt, ap); - va_end(ap); -} - -__attribute__((weak)) -int vb2ex_tpm_clear_owner(struct vb2_context *ctx) -{ - return VB2_ERROR_EX_TPM_CLEAR_OWNER_UNIMPLEMENTED; -} - -__attribute__((weak)) -int vb2ex_read_resource(struct vb2_context *ctx, - enum vb2_resource_index index, - uint32_t offset, - void *buf, - uint32_t size) -{ - return VB2_ERROR_EX_READ_RESOURCE_UNIMPLEMENTED; -} - -__attribute__((weak)) -int vb2ex_hwcrypto_digest_init(enum vb2_hash_algorithm hash_alg, - uint32_t data_size) -{ - return VB2_ERROR_EX_HWCRYPTO_UNSUPPORTED; -} - -__attribute__((weak)) -int vb2ex_hwcrypto_digest_extend(const uint8_t *buf, - uint32_t size) -{ - return VB2_ERROR_SHA_EXTEND_ALGORITHM; /* Should not be called. */ -} - -__attribute__((weak)) -int vb2ex_hwcrypto_digest_finalize(uint8_t *digest, - uint32_t digest_size) -{ - return VB2_ERROR_SHA_FINALIZE_ALGORITHM; /* Should not be called. */ -} diff --git a/kern/lib/crypto/2tpm_bootmode.c b/kern/lib/crypto/2tpm_bootmode.c deleted file mode 100644 index 6903fe8..0000000 --- a/kern/lib/crypto/2tpm_bootmode.c +++ /dev/null @@ -1,54 +0,0 @@ -/* Copyright 2015 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Functions for updating the TPM state with the status of boot path. - */ - -#include "2sysincludes.h" -#include "2common.h" -#include "2sha.h" -#include "2tpm_bootmode.h" - -/* - * Input digests for PCR extend. - * These are calculated as: - * SHA1("|Developer_Mode||Recovery_Mode||Keyblock_Mode|"). - * Developer_Mode can be 0 or 1. - * Recovery_Mode can be 0 or 1. - * Keyblock flags are defined in 2struct.h and assumed always 0 in recovery mode - * or 7 in non-recovery mode. - * - * We map them to Keyblock_Mode as follows: - * ----------------------------------------- - * Keyblock Flags | Keyblock Mode - * ----------------------------------------- - * 0 recovery mode | 0 - * 7 Normal-signed firmware | 1 - */ - -const uint8_t kBootStateSHA1Digests[][VB2_SHA1_DIGEST_SIZE] = { - /* SHA1(0x00|0x00|0x01) */ - {0x25, 0x47, 0xcc, 0x73, 0x6e, 0x95, 0x1f, 0xa4, 0x91, 0x98, 0x53, 0xc4, - 0x3a, 0xe8, 0x90, 0x86, 0x1a, 0x3b, 0x32, 0x64}, - - /* SHA1(0x01|0x00|0x01) */ - {0xc4, 0x2a, 0xc1, 0xc4, 0x6f, 0x1d, 0x4e, 0x21, 0x1c, 0x73, 0x5c, 0xc7, - 0xdf, 0xad, 0x4f, 0xf8, 0x39, 0x11, 0x10, 0xe9}, - - /* SHA1(0x00|0x01|0x00) */ - {0x62, 0x57, 0x18, 0x91, 0x21, 0x5b, 0x4e, 0xfc, 0x1c, 0xea, 0xb7, 0x44, - 0xce, 0x59, 0xdd, 0x0b, 0x66, 0xea, 0x6f, 0x73}, - - /* SHA1(0x01|0x01|0x00) */ - {0x47, 0xec, 0x8d, 0x98, 0x36, 0x64, 0x33, 0xdc, 0x00, 0x2e, 0x77, 0x21, - 0xc9, 0xe3, 0x7d, 0x50, 0x67, 0x54, 0x79, 0x37}, -}; - -const uint8_t *vb2_get_boot_state_digest(struct vb2_context *ctx) -{ - int index = (ctx->flags & VB2_CONTEXT_RECOVERY_MODE ? 2 : 0) + - (ctx->flags & VB2_CONTEXT_DEVELOPER_MODE ? 1 : 0); - - return kBootStateSHA1Digests[index]; -} diff --git a/kern/lib/crypto/Kbuild b/kern/lib/crypto/Kbuild index f82f470..c706f80 100644 --- a/kern/lib/crypto/Kbuild +++ b/kern/lib/crypto/Kbuild @@ -1,15 +1,15 @@ #obj-y += 2api.o -#obj-y += 2common.o -#obj-y += 2crc8.o -#obj-y += 2hmac.o +obj-y += 2common.o +obj-y += 2crc8.o +obj-y += 2hmac.o #obj-y += 2misc.o #obj-y += 2nvstorage.o -#obj-y += 2rsa.o -#obj-y += 2secdata.o -#obj-y += 2secdatak.o -#obj-y += 2sha1.o +obj-y += 2rsa.o +obj-y += 2secdata.o +obj-y += 2secdatak.o +obj-y += 2sha1.o obj-y += 2sha256.o -#obj-y += 2sha512.o -#obj-y += 2sha_utility.o +obj-y += 2sha512.o +obj-y += 2sha_utility.o #obj-y += 2stub.o #obj-y += 2tpm_bootmode.o -- 2.8.0.rc3.226.g39d4020 -- You received this message because you are subscribed to the Google Groups "Akaros" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. For more options, visit https://groups.google.com/d/optout.
