Verified boot wrapper - add stub implementations for host
This is part 2 of the wrapper API refactor. It adds stub
implementations for the host, and changes the host-side utilities to
use them. Firmware implementation is unchanged in this CL (other than
a few updates to macros).
BUG=chromium_os:16997
TEST=make && make runtests
Change-Id: I63989bd11de1f2239ddae256beaccd31bfb5acef
Reviewed-on: http://gerrit.chromium.org/gerrit/3256
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
Tested-by: Randall Spangler <rspangler@chromium.org>
diff --git a/utility/vbutil_kernel.c b/utility/vbutil_kernel.c
index c2b4a0f..821f751 100644
--- a/utility/vbutil_kernel.c
+++ b/utility/vbutil_kernel.c
@@ -148,6 +148,7 @@
va_end(ap);
}
+
/* Return an explanation when fread() fails. */
static const char *error_fread(FILE *fp) {
const char *retval = "beats me why";
@@ -218,10 +219,10 @@
static void FreeBlob(blob_t *bp) {
if (bp) {
if (bp->blob)
- Free(bp->blob);
+ free(bp->blob);
if (bp->buf)
- Free(bp->buf);
- Free(bp);
+ free(bp->buf);
+ free(bp);
}
}
@@ -240,8 +241,8 @@
config_buf = ReadFile(config_file, config_size);
Debug(" config file size=0x%" PRIx64 "\n", *config_size);
if (CROS_CONFIG_SIZE <= *config_size) { /* need room for trailing '\0' */
- error("Config file %s is too large (>= %d bytes)\n",
- config_file, CROS_CONFIG_SIZE);
+ VbExError("Config file %s is too large (>= %d bytes)\n",
+ config_file, CROS_CONFIG_SIZE);
return NULL;
}
@@ -277,13 +278,13 @@
uint64_t now = 0;
if (!vmlinuz || !bootloader_file || !config_file) {
- error("Must specify all input files\n");
+ VbExError("Must specify all input files\n");
return 0;
}
- bp = (blob_t *)Malloc(sizeof(blob_t));
+ bp = (blob_t *)malloc(sizeof(blob_t));
if (!bp) {
- error("Couldn't allocate bytes for blob_t.\n");
+ VbExError("Couldn't allocate bytes for blob_t.\n");
return 0;
}
@@ -310,7 +311,7 @@
return 0;
Debug(" kernel file size=0x%" PRIx64 "\n", kernel_size);
if (!kernel_size) {
- error("Empty kernel file\n");
+ VbExError("Empty kernel file\n");
return 0;
}
@@ -320,7 +321,7 @@
lh = (struct linux_kernel_header *)kernel_buf;
kernel32_start = (lh->setup_sects + 1) << 9;
if (kernel32_start >= kernel_size) {
- error("Malformed kernel\n");
+ VbExError("Malformed kernel\n");
return 0;
}
} else
@@ -334,10 +335,10 @@
CROS_CONFIG_SIZE +
CROS_PARAMS_SIZE +
roundup(bootloader_size, CROS_ALIGN);
- blob = (uint8_t *)Malloc(bp->blob_size);
+ blob = (uint8_t *)malloc(bp->blob_size);
Debug("blob_size=0x%" PRIx64 "\n", bp->blob_size);
if (!blob) {
- error("Couldn't allocate %ld bytes.\n", bp->blob_size);
+ VbExError("Couldn't allocate %ld bytes.\n", bp->blob_size);
return 0;
}
Memset(blob, 0, bp->blob_size);
@@ -398,9 +399,9 @@
Debug("end of blob is 0x%" PRIx64 "\n", now);
/* Free input buffers */
- Free(kernel_buf);
- Free(config_buf);
- Free(bootloader_buf);
+ free(kernel_buf);
+ free(config_buf);
+ free(bootloader_buf);
/* Success */
return bp;
@@ -419,36 +420,36 @@
int ret_error = 1;
if (!filename) {
- error("Must specify prepacked blob to read\n");
+ VbExError("Must specify prepacked blob to read\n");
return 0;
}
if (0 != stat(filename, &statbuf)) {
- error("Unable to stat %s: %s\n", filename, strerror(errno));
+ VbExError("Unable to stat %s: %s\n", filename, strerror(errno));
return 0;
}
Debug("%s size is 0x%" PRIx64 "\n", filename, statbuf.st_size);
if (statbuf.st_size < pad) {
- error("%s is too small to be a valid kernel blob\n");
+ VbExError("%s is too small to be a valid kernel blob\n");
return 0;
}
Debug("Reading %s\n", filename);
fp = fopen(filename, "rb");
if (!fp) {
- error("Unable to open file %s: %s\n", filename, strerror(errno));
+ VbExError("Unable to open file %s: %s\n", filename, strerror(errno));
return 0;
}
- buf = Malloc(pad);
+ buf = malloc(pad);
if (!buf) {
- error("Unable to allocate padding\n");
+ VbExError("Unable to allocate padding\n");
goto unwind_oldblob;
}
if (1 != fread(buf, pad, 1, fp)) {
- error("Unable to read header from %s: %s\n", filename, error_fread(fp));
+ VbExError("Unable to read header from %s: %s\n", filename, error_fread(fp));
goto unwind_oldblob;
}
@@ -457,11 +458,11 @@
Debug("Keyblock is 0x%" PRIx64 " bytes\n", key_block->key_block_size);
now += key_block->key_block_size;
if (now > statbuf.st_size) {
- error("key_block_size advances past the end of the blob\n");
+ VbExError("key_block_size advances past the end of the blob\n");
goto unwind_oldblob;
}
if (now > pad) {
- error("key_block_size advances past %" PRIu64 " byte padding\n", pad);
+ VbExError("key_block_size advances past %" PRIu64 " byte padding\n", pad);
goto unwind_oldblob;
}
@@ -470,26 +471,26 @@
Debug("Preamble is 0x%" PRIx64 " bytes\n", preamble->preamble_size);
now += preamble->preamble_size;
if (now > statbuf.st_size) {
- error("preamble_size advances past the end of the blob\n");
+ VbExError("preamble_size advances past the end of the blob\n");
goto unwind_oldblob;
}
if (now > pad) {
- error("preamble_size advances past %" PRIu64 " byte padding\n", pad);
+ VbExError("preamble_size advances past %" PRIu64 " byte padding\n", pad);
goto unwind_oldblob;
}
/* Go find the kernel blob */
Debug("kernel blob is at offset 0x%" PRIx64 "\n", now);
if (0 != fseek(fp, now, SEEK_SET)) {
- error("Unable to seek to 0x%" PRIx64 " in %s: %s\n", now, filename,
+ VbExError("Unable to seek to 0x%" PRIx64 " in %s: %s\n", now, filename,
strerror(errno));
goto unwind_oldblob;
}
/* Remember what we've got */
- bp = (blob_t *)Malloc(sizeof(blob_t));
+ bp = (blob_t *)malloc(sizeof(blob_t));
if (!bp) {
- error("Couldn't allocate bytes for blob_t.\n");
+ VbExError("Couldn't allocate bytes for blob_t.\n");
goto unwind_oldblob;
}
@@ -508,19 +509,21 @@
Debug(" blob_size = 0x%" PRIx64 "\n", bp->blob_size);
if (!bp->blob_size) {
- error("No kernel blob found\n");
+ VbExError("No kernel blob found\n");
goto unwind_oldblob;
}
- bp->blob = (uint8_t *)Malloc(bp->blob_size);
+ bp->blob = (uint8_t *)malloc(bp->blob_size);
if (!bp->blob) {
- error("Couldn't allocate 0x%" PRIx64 " bytes for blob_t.\n", bp->blob_size);
+ VbExError("Couldn't allocate 0x%" PRIx64 " bytes for blob_t.\n",
+ bp->blob_size);
goto unwind_oldblob;
}
/* read it in */
if (1 != fread(bp->blob, bp->blob_size, 1, fp)) {
- error("Unable to read kernel blob from %s: %s\n", filename, error_fread(fp));
+ VbExError("Unable to read kernel blob from %s: %s\n", filename,
+ error_fread(fp));
goto unwind_oldblob;
}
@@ -534,7 +537,7 @@
FreeBlob(bp);
bp = NULL;
} else if (buf) {
- Free(buf);
+ free(buf);
}
}
return bp;
@@ -555,15 +558,15 @@
uint64_t i;
if (!outfile) {
- error("Must specify output filename\n");
+ VbExError("Must specify output filename\n");
return 1;
}
if ((!keyblock_file && !bp->key_block) || !signprivate) {
- error("Must specify all keys\n");
+ VbExError("Must specify all keys\n");
return 1;
}
if (!bp) {
- error("Refusing to pack invalid kernel blob\n");
+ VbExError("Refusing to pack invalid kernel blob\n");
return 1;
}
@@ -571,7 +574,7 @@
if (keyblock_file) {
key_block = (VbKeyBlockHeader*)ReadFile(keyblock_file, &key_block_size);
if (!key_block) {
- error("Error reading key block.\n");
+ VbExError("Error reading key block.\n");
return 1;
}
} else {
@@ -580,20 +583,20 @@
}
if (pad < key_block->key_block_size) {
- error("Pad too small\n");
+ VbExError("Pad too small\n");
return 1;
}
signing_key = PrivateKeyRead(signprivate);
if (!signing_key) {
- error("Error reading signing key.\n");
+ VbExError("Error reading signing key.\n");
return 1;
}
/* Sign the kernel data */
body_sig = CalculateSignature(bp->blob, bp->blob_size, signing_key);
if (!body_sig) {
- error("Error calculating body signature\n");
+ VbExError("Error calculating body signature\n");
return 1;
}
@@ -606,7 +609,7 @@
pad - key_block_size,
signing_key);
if (!preamble) {
- error("Error creating preamble.\n");
+ VbExError("Error creating preamble.\n");
return 1;
}
@@ -614,7 +617,7 @@
Debug("writing %s...\n", outfile);
f = fopen(outfile, "wb");
if (!f) {
- error("Can't open output file %s\n", outfile);
+ VbExError("Can't open output file %s\n", outfile);
return 1;
}
Debug("0x%" PRIx64 " bytes of key_block\n", key_block_size);
@@ -622,7 +625,7 @@
i = ((1 != fwrite(key_block, key_block_size, 1, f)) ||
(1 != fwrite(preamble, preamble->preamble_size, 1, f)));
if (i) {
- error("Can't write output file %s\n", outfile);
+ VbExError("Can't write output file %s\n", outfile);
fclose(f);
unlink(outfile);
return 1;
@@ -632,7 +635,7 @@
Debug("0x%" PRIx64 " bytes of blob\n", bp->blob_size);
i = (1 != fwrite(bp->blob, bp->blob_size, 1, f));
if (i) {
- error("Can't write output file %s\n", outfile);
+ VbExError("Can't write output file %s\n", outfile);
fclose(f);
unlink(outfile);
return 1;
@@ -667,7 +670,7 @@
Memset(BpCmdLineLocation(bp, kernel_body_load_address), 0, CROS_CONFIG_SIZE);
Memcpy(BpCmdLineLocation(bp, kernel_body_load_address),
new_conf, config_size);
- Free(new_conf);
+ free(new_conf);
return 0;
}
@@ -686,7 +689,7 @@
int rv = 1;
if (!infile) {
- error("Must specify filename\n");
+ VbExError("Must specify filename\n");
return 1;
}
@@ -694,7 +697,7 @@
if (signpubkey) {
sign_key = PublicKeyRead(signpubkey);
if (!sign_key) {
- error("Error reading signpubkey.\n");
+ VbExError("Error reading signpubkey.\n");
return 1;
}
}
@@ -702,7 +705,7 @@
/* Read blob */
bp = OldBlob(infile, pad);
if (!bp) {
- error("Error reading input file\n");
+ VbExError("Error reading input file\n");
return 1;
}
@@ -710,7 +713,7 @@
key_block = bp->key_block;
if (0 != KeyBlockVerify(key_block, bp->blob_size, sign_key,
(sign_key ? 0 : 1))) {
- error("Error verifying key block.\n");
+ VbExError("Error verifying key block.\n");
goto verify_exit;
}
now = key_block->key_block_size;
@@ -719,11 +722,11 @@
FILE* f = NULL;
f = fopen(key_block_file, "wb");
if (!f) {
- error("Can't open key block file %s\n", key_block_file);
+ VbExError("Can't open key block file %s\n", key_block_file);
return 1;
}
if (1 != fwrite(key_block, key_block->key_block_size, 1, f)) {
- error("Can't write key block file %s\n", key_block_file);
+ VbExError("Can't write key block file %s\n", key_block_file);
return 1;
}
fclose(f);
@@ -753,14 +756,15 @@
printf("\n");
if (data_key->key_version < (min_version >> 16)) {
- error("Data key version %" PRIu64 " is lower than minimum %" PRIu64".\n",
- data_key->key_version, (min_version >> 16));
+ VbExError("Data key version %" PRIu64
+ " is lower than minimum %" PRIu64".\n",
+ data_key->key_version, (min_version >> 16));
goto verify_exit;
}
rsa = PublicKeyToRSA(&key_block->data_key);
if (!rsa) {
- error("Error parsing data key.\n");
+ VbExError("Error parsing data key.\n");
goto verify_exit;
}
@@ -768,7 +772,7 @@
preamble = bp->preamble;
if (0 != VerifyKernelPreamble(
preamble, bp->blob_size - key_block->key_block_size, rsa)) {
- error("Error verifying preamble.\n");
+ VbExError("Error verifying preamble.\n");
goto verify_exit;
}
now += preamble->preamble_size;
@@ -786,15 +790,15 @@
printf(" Bootloader size: 0x%" PRIx64 "\n", preamble->bootloader_size);
if (preamble->kernel_version < (min_version & 0xFFFF)) {
- error("Kernel version %" PRIu64 " is lower than minimum %" PRIu64 ".\n",
- preamble->kernel_version, (min_version & 0xFFFF));
+ VbExError("Kernel version %" PRIu64 " is lower than minimum %" PRIu64 ".\n",
+ preamble->kernel_version, (min_version & 0xFFFF));
goto verify_exit;
}
/* Verify body */
if (0 != VerifyData(bp->blob, bp->blob_size, &preamble->body_signature,
rsa)) {
- error("Error verifying kernel body.\n");
+ VbExError("Error verifying kernel body.\n");
goto verify_exit;
}
printf("Body verification succeeded.\n");