vboot2: Scramble the GBB magic number
Compiling in the GBB magic number as is causes any tools that search for the
number to fail. This patch allows firmware to embed XOR'ed signature.
TEST=Booted Nyan in normal mode. FAFT:firmware_DevMode passes.
BUG=none
BRANCH=none
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Change-Id: Id18905a9969af3db24151e7c51332d0e94405108
Reviewed-on: https://chromium-review.googlesource.com/205416
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Daisuke Nojiri <dnojiri@chromium.org>
Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
diff --git a/firmware/2lib/include/2misc.h b/firmware/2lib/include/2misc.h
index d90399a..d6f48e8 100644
--- a/firmware/2lib/include/2misc.h
+++ b/firmware/2lib/include/2misc.h
@@ -23,6 +23,14 @@
}
/**
+ * Validate gbb signature (the magic number)
+ *
+ * @param sig pointer to the signature bytes to validate
+ * @return VB2_SUCCESS if valid or VB2_ERROR_GBB_MAGIC otherwise.
+ */
+int vb2_validate_gbb_signature(uint8_t *sig);
+
+/**
* Initialize a work buffer from the vboot context.
*
* This sets the work buffer to the unused portion of the context work buffer.
diff --git a/firmware/2lib/include/2struct.h b/firmware/2lib/include/2struct.h
index 7a6d0ce..646d091 100644
--- a/firmware/2lib/include/2struct.h
+++ b/firmware/2lib/include/2struct.h
@@ -301,9 +301,14 @@
/****************************************************************************/
-/* Signature at start of the GBB */
+/* Signature at start of the GBB
+ * Note that if you compile in the signature as is, you are likely to break any
+ * tools that search for the signature. */
#define VB2_GBB_SIGNATURE "$GBB"
#define VB2_GBB_SIGNATURE_SIZE 4
+#define VB2_GBB_XOR_CHARS "****"
+/* TODO: can we write a macro to produce this at compile time? */
+#define VB2_GBB_XOR_SIGNATURE { 0x0e, 0x6d, 0x68, 0x68 }
/* VB2 GBB struct version */
#define VB2_GBB_MAJOR_VER 1