Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 1 | /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 | * Use of this source code is governed by a BSD-style license that can be |
| 3 | * found in the LICENSE file. |
| 4 | * |
| 5 | * Verified boot kernel utility |
| 6 | */ |
| 7 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 8 | #include <errno.h> |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 9 | #include <getopt.h> |
| 10 | #include <inttypes.h> /* For PRIu64 */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 11 | #include <stdarg.h> |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 12 | #include <stddef.h> |
| 13 | #include <stdio.h> |
| 14 | #include <stdlib.h> |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 15 | #include <string.h> |
| 16 | #include <sys/stat.h> |
| 17 | #include <sys/types.h> |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 18 | #include <unistd.h> |
| 19 | |
| 20 | #include "cryptolib.h" |
| 21 | #include "host_common.h" |
| 22 | #include "kernel_blob.h" |
| 23 | #include "vboot_common.h" |
| 24 | |
| 25 | |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 26 | /* Global opt */ |
| 27 | static int opt_debug = 0; |
| 28 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 29 | static const int DEFAULT_PADDING = 65536; |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 30 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 31 | /* Command line options */ |
| 32 | enum { |
| 33 | OPT_MODE_PACK = 1000, |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 34 | OPT_MODE_REPACK, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 35 | OPT_MODE_VERIFY, |
Che-Liang Chiou | 0376203 | 2011-02-22 11:16:51 +0800 | [diff] [blame^] | 36 | OPT_ARCH, |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 37 | OPT_OLDBLOB, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 38 | OPT_KEYBLOCK, |
| 39 | OPT_SIGNPUBKEY, |
| 40 | OPT_SIGNPRIVATE, |
| 41 | OPT_VERSION, |
| 42 | OPT_VMLINUZ, |
| 43 | OPT_BOOTLOADER, |
| 44 | OPT_CONFIG, |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 45 | OPT_VBLOCKONLY, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 46 | OPT_PAD, |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 47 | OPT_VERBOSE, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 48 | }; |
| 49 | |
Che-Liang Chiou | 0376203 | 2011-02-22 11:16:51 +0800 | [diff] [blame^] | 50 | enum { |
| 51 | ARCH_ARM, |
| 52 | ARCH_X86 /* default */ |
| 53 | }; |
| 54 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 55 | static struct option long_opts[] = { |
| 56 | {"pack", 1, 0, OPT_MODE_PACK }, |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 57 | {"repack", 1, 0, OPT_MODE_REPACK }, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 58 | {"verify", 1, 0, OPT_MODE_VERIFY }, |
Che-Liang Chiou | 0376203 | 2011-02-22 11:16:51 +0800 | [diff] [blame^] | 59 | {"arch", 1, 0, OPT_ARCH }, |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 60 | {"oldblob", 1, 0, OPT_OLDBLOB }, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 61 | {"keyblock", 1, 0, OPT_KEYBLOCK }, |
| 62 | {"signpubkey", 1, 0, OPT_SIGNPUBKEY }, |
| 63 | {"signprivate", 1, 0, OPT_SIGNPRIVATE }, |
| 64 | {"version", 1, 0, OPT_VERSION }, |
| 65 | {"vmlinuz", 1, 0, OPT_VMLINUZ }, |
| 66 | {"bootloader", 1, 0, OPT_BOOTLOADER }, |
| 67 | {"config", 1, 0, OPT_CONFIG }, |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 68 | {"vblockonly", 0, 0, OPT_VBLOCKONLY }, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 69 | {"pad", 1, 0, OPT_PAD }, |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 70 | {"verbose", 0, 0, OPT_VERBOSE }, |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 71 | {"debug", 0, &opt_debug, 1 }, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 72 | {NULL, 0, 0, 0} |
| 73 | }; |
| 74 | |
| 75 | |
| 76 | /* Print help and return error */ |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 77 | static int PrintHelp(char *progname) { |
| 78 | fprintf(stderr, |
| 79 | "This program creates, signs, and verifies the kernel blob\n"); |
| 80 | fprintf(stderr, |
| 81 | "\n" |
| 82 | "Usage: %s --pack <file> [PARAMETERS]\n" |
| 83 | "\n" |
| 84 | " Required parameters:\n" |
| 85 | " --keyblock <file> Key block in .keyblock format\n" |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 86 | " --signprivate <file>" |
| 87 | " Private key to sign kernel data, in .vbprivk format\n" |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 88 | " --version <number> Kernel version\n" |
| 89 | " --vmlinuz <file> Linux kernel bzImage file\n" |
| 90 | " --bootloader <file> Bootloader stub\n" |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 91 | " --config <file> Command line file\n" |
Che-Liang Chiou | 0376203 | 2011-02-22 11:16:51 +0800 | [diff] [blame^] | 92 | " --arch <arch> Cpu architecture (default x86)\n" |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 93 | "\n" |
| 94 | " Optional:\n" |
| 95 | " --pad <number> Verification padding size in bytes\n" |
| 96 | " --vblockonly Emit just the verification blob\n", |
| 97 | progname); |
| 98 | fprintf(stderr, |
| 99 | "\nOR\n\n" |
| 100 | "Usage: %s --repack <file> [PARAMETERS]\n" |
| 101 | "\n" |
vbendeb | 858fffb | 2010-10-06 09:51:44 -0700 | [diff] [blame] | 102 | " Required parameters (of --keyblock, --config, and --version \n" |
| 103 | " at least one is required):\n" |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 104 | " --keyblock <file> Key block in .keyblock format\n" |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 105 | " --signprivate <file>" |
| 106 | " Private key to sign kernel data, in .vbprivk format\n" |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 107 | " --oldblob <file> Previously packed kernel blob\n" |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 108 | " --config <file> New command line file\n" |
vbendeb | 858fffb | 2010-10-06 09:51:44 -0700 | [diff] [blame] | 109 | " --version <number> Kernel version\n" |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 110 | "\n" |
| 111 | " Optional:\n" |
| 112 | " --pad <number> Verification padding size in bytes\n" |
| 113 | " --vblockonly Emit just the verification blob\n", |
| 114 | progname); |
| 115 | fprintf(stderr, |
| 116 | "\nOR\n\n" |
| 117 | "Usage: %s --verify <file> [PARAMETERS]\n" |
| 118 | "\n" |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 119 | " Optional:\n" |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 120 | " --signpubkey <file>" |
| 121 | " Public key to verify kernel keyblock, in .vbpubk format\n" |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 122 | " --verbose Print a more detailed report\n" |
Will Drewry | 9342f88 | 2010-10-26 10:22:05 -0500 | [diff] [blame] | 123 | " --keyblock <file>" |
| 124 | " Outputs the verified key block, in .keyblock format\n" |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 125 | "\n", |
| 126 | progname); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 127 | return 1; |
| 128 | } |
| 129 | |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 130 | static void Debug(const char *format, ...) { |
| 131 | if (!opt_debug) |
| 132 | return; |
| 133 | |
| 134 | va_list ap; |
| 135 | va_start(ap, format); |
| 136 | fprintf(stderr, "DEBUG: "); |
| 137 | vfprintf(stderr, format, ap); |
| 138 | va_end(ap); |
| 139 | } |
| 140 | |
Bill Richardson | 2f6a71f | 2010-10-14 09:25:39 -0700 | [diff] [blame] | 141 | /* Return an explanation when fread() fails. */ |
| 142 | static const char *error_fread(FILE *fp) { |
| 143 | const char *retval = "beats me why"; |
| 144 | if (feof(fp)) |
| 145 | retval = "EOF"; |
| 146 | else if (ferror(fp)) |
| 147 | retval = strerror(errno); |
| 148 | clearerr(fp); |
| 149 | return retval; |
| 150 | } |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 151 | |
| 152 | /* Return the smallest integral multiple of [alignment] that is equal |
| 153 | * to or greater than [val]. Used to determine the number of |
| 154 | * pages/sectors/blocks/whatever needed to contain [val] |
| 155 | * items/bytes/etc. */ |
| 156 | static uint64_t roundup(uint64_t val, uint64_t alignment) { |
| 157 | uint64_t rem = val % alignment; |
| 158 | if ( rem ) |
| 159 | return val + (alignment - rem); |
| 160 | return val; |
| 161 | } |
| 162 | |
| 163 | |
| 164 | /* Match regexp /\b--\b/ to delimit the start of the kernel commandline. If we |
| 165 | * don't find one, we'll use the whole thing. */ |
| 166 | static unsigned int find_cmdline_start(char *input, unsigned int max_len) { |
| 167 | int start = 0; |
| 168 | int i; |
| 169 | for(i = 0; i < max_len - 1 && input[i]; i++) { |
| 170 | if ('-' == input[i] && '-' == input[i + 1]) { /* found a "--" */ |
| 171 | if ((i == 0 || ' ' == input[i - 1]) && /* nothing before it */ |
| 172 | (i + 2 >= max_len || ' ' == input[i+2])) { /* nothing after it */ |
| 173 | start = i+2; /* note: hope there's a trailing '\0' */ |
| 174 | break; |
| 175 | } |
| 176 | } |
| 177 | } |
| 178 | while(' ' == input[start]) /* skip leading spaces */ |
| 179 | start++; |
| 180 | |
| 181 | return start; |
| 182 | } |
| 183 | |
| 184 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 185 | typedef struct blob_s { |
| 186 | /* Stuff needed by VbKernelPreambleHeader */ |
| 187 | uint64_t kernel_version; |
| 188 | uint64_t bootloader_address; |
| 189 | uint64_t bootloader_size; |
| 190 | /* Raw kernel blob data */ |
| 191 | uint64_t blob_size; |
| 192 | uint8_t *blob; |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 193 | |
| 194 | /* these fields are not always initialized */ |
| 195 | VbKernelPreambleHeader* preamble; |
| 196 | VbKeyBlockHeader* key_block; |
| 197 | uint8_t *buf; |
| 198 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 199 | } blob_t; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 200 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 201 | /* Given a blob return the location of the kernel command line buffer. */ |
| 202 | static char* BpCmdLineLocation(blob_t *bp) |
| 203 | { |
| 204 | return (char*)(bp->blob + bp->bootloader_address - CROS_32BIT_ENTRY_ADDR - |
| 205 | CROS_CONFIG_SIZE - CROS_PARAMS_SIZE); |
| 206 | } |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 207 | |
| 208 | static void FreeBlob(blob_t *bp) { |
| 209 | if (bp) { |
| 210 | if (bp->blob) |
| 211 | Free(bp->blob); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 212 | if (bp->buf) |
| 213 | Free(bp->buf); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 214 | Free(bp); |
| 215 | } |
| 216 | } |
| 217 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 218 | /* |
| 219 | * Read the kernel command line from a file. Get rid of \n characters along |
| 220 | * the way and verify that the line fits into a 4K buffer. |
| 221 | * |
| 222 | * Return the buffer contaning the line on success (and set the line length |
| 223 | * using the passed in parameter), or NULL in case something goes wrong. |
| 224 | */ |
| 225 | static uint8_t* ReadConfigFile(const char* config_file, uint64_t* config_size) |
| 226 | { |
| 227 | uint8_t* config_buf; |
| 228 | int ii; |
| 229 | |
| 230 | config_buf = ReadFile(config_file, config_size); |
| 231 | Debug(" config file size=0x%" PRIx64 "\n", *config_size); |
| 232 | if (CROS_CONFIG_SIZE <= *config_size) { /* need room for trailing '\0' */ |
| 233 | error("Config file %s is too large (>= %d bytes)\n", |
| 234 | config_file, CROS_CONFIG_SIZE); |
| 235 | return NULL; |
| 236 | } |
| 237 | |
| 238 | /* Replace newlines with spaces */ |
| 239 | for (ii = 0; ii < *config_size; ii++) { |
| 240 | if ('\n' == config_buf[ii]) { |
| 241 | config_buf[ii] = ' '; |
| 242 | } |
| 243 | } |
| 244 | return config_buf; |
| 245 | } |
| 246 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 247 | /* Create a blob from its components */ |
| 248 | static blob_t *NewBlob(uint64_t version, |
| 249 | const char* vmlinuz, |
| 250 | const char* bootloader_file, |
Che-Liang Chiou | 0376203 | 2011-02-22 11:16:51 +0800 | [diff] [blame^] | 251 | const char* config_file, |
| 252 | int arch) { |
| 253 | blob_t* bp; |
| 254 | struct linux_kernel_header* lh = 0; |
| 255 | struct linux_kernel_params* params = 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 256 | uint8_t* config_buf; |
| 257 | uint64_t config_size; |
| 258 | uint8_t* bootloader_buf; |
| 259 | uint64_t bootloader_size; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 260 | uint8_t* kernel_buf; |
| 261 | uint64_t kernel_size; |
| 262 | uint64_t kernel32_start = 0; |
| 263 | uint64_t kernel32_size = 0; |
| 264 | uint32_t cmdline_addr; |
| 265 | uint8_t* blob = NULL; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 266 | uint64_t now = 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 267 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 268 | if (!vmlinuz || !bootloader_file || !config_file) { |
| 269 | error("Must specify all input files\n"); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 270 | return 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 271 | } |
| 272 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 273 | bp = (blob_t *)Malloc(sizeof(blob_t)); |
| 274 | if (!bp) { |
| 275 | error("Couldn't allocate bytes for blob_t.\n"); |
| 276 | return 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 277 | } |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 278 | |
| 279 | Memset(bp, 0, sizeof(*bp)); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 280 | bp->kernel_version = version; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 281 | |
| 282 | /* Read the config file */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 283 | Debug("Reading %s\n", config_file); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 284 | config_buf = ReadConfigFile(config_file, &config_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 285 | if (!config_buf) |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 286 | return 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 287 | |
| 288 | /* Read the bootloader */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 289 | Debug("Reading %s\n", bootloader_file); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 290 | bootloader_buf = ReadFile(bootloader_file, &bootloader_size); |
| 291 | if (!bootloader_buf) |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 292 | return 0; |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 293 | Debug(" bootloader file size=0x%" PRIx64 "\n", bootloader_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 294 | |
| 295 | /* Read the kernel */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 296 | Debug("Reading %s\n", vmlinuz); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 297 | kernel_buf = ReadFile(vmlinuz, &kernel_size); |
| 298 | if (!kernel_buf) |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 299 | return 0; |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 300 | Debug(" kernel file size=0x%" PRIx64 "\n", kernel_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 301 | if (!kernel_size) { |
| 302 | error("Empty kernel file\n"); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 303 | return 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 304 | } |
| 305 | |
Che-Liang Chiou | 0376203 | 2011-02-22 11:16:51 +0800 | [diff] [blame^] | 306 | if (arch == ARCH_X86) { |
| 307 | /* The first part of vmlinuz is a header, followed by a real-mode |
| 308 | * boot stub. We only want the 32-bit part. */ |
| 309 | lh = (struct linux_kernel_header *)kernel_buf; |
| 310 | kernel32_start = (lh->setup_sects + 1) << 9; |
| 311 | if (kernel32_start >= kernel_size) { |
| 312 | error("Malformed kernel\n"); |
| 313 | return 0; |
| 314 | } |
| 315 | } else |
| 316 | kernel32_start = 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 317 | kernel32_size = kernel_size - kernel32_start; |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 318 | Debug(" kernel32_start=0x%" PRIx64 "\n", kernel32_start); |
| 319 | Debug(" kernel32_size=0x%" PRIx64 "\n", kernel32_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 320 | |
| 321 | /* Allocate and zero the blob we need. */ |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 322 | bp->blob_size = roundup(kernel32_size, CROS_ALIGN) + |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 323 | CROS_CONFIG_SIZE + |
| 324 | CROS_PARAMS_SIZE + |
| 325 | roundup(bootloader_size, CROS_ALIGN); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 326 | blob = (uint8_t *)Malloc(bp->blob_size); |
| 327 | Debug("blob_size=0x%" PRIx64 "\n", bp->blob_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 328 | if (!blob) { |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 329 | error("Couldn't allocate %ld bytes.\n", bp->blob_size); |
| 330 | return 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 331 | } |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 332 | Memset(blob, 0, bp->blob_size); |
| 333 | bp->blob = blob; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 334 | |
| 335 | /* Copy the 32-bit kernel. */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 336 | Debug("kernel goes at blob+=0x%" PRIx64 "\n", now); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 337 | if (kernel32_size) |
| 338 | Memcpy(blob + now, kernel_buf + kernel32_start, kernel32_size); |
| 339 | now += roundup(now + kernel32_size, CROS_ALIGN); |
| 340 | |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 341 | Debug("config goes at blob+0x%" PRIx64 "\n", now); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 342 | /* Find the load address of the commandline. We'll need it later. */ |
| 343 | cmdline_addr = CROS_32BIT_ENTRY_ADDR + now + |
| 344 | find_cmdline_start((char *)config_buf, config_size); |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 345 | Debug(" cmdline_addr=0x%" PRIx64 "\n", cmdline_addr); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 346 | |
| 347 | /* Copy the config. */ |
| 348 | if (config_size) |
| 349 | Memcpy(blob + now, config_buf, config_size); |
| 350 | now += CROS_CONFIG_SIZE; |
| 351 | |
| 352 | /* The zeropage data is next. Overlay the linux_kernel_header onto it, and |
| 353 | * tweak a few fields. */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 354 | Debug("params goes at blob+=0x%" PRIx64 "\n", now); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 355 | params = (struct linux_kernel_params *)(blob + now); |
Che-Liang Chiou | 0376203 | 2011-02-22 11:16:51 +0800 | [diff] [blame^] | 356 | if (arch == ARCH_X86) |
| 357 | Memcpy(&(params->setup_sects), &(lh->setup_sects), |
| 358 | sizeof(*lh) - offsetof(struct linux_kernel_header, setup_sects)); |
| 359 | else |
| 360 | Memset(&(params->setup_sects), 0, |
| 361 | sizeof(*lh) - offsetof(struct linux_kernel_header, setup_sects)); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 362 | params->boot_flag = 0; |
| 363 | params->ramdisk_image = 0; /* we don't support initrd */ |
| 364 | params->ramdisk_size = 0; |
| 365 | params->type_of_loader = 0xff; |
| 366 | params->cmd_line_ptr = cmdline_addr; |
Che-Liang Chiou | 475bf44 | 2010-08-23 11:20:44 +0800 | [diff] [blame] | 367 | /* A fake e820 memory map with 2 entries */ |
| 368 | params->n_e820_entry = 2; |
| 369 | params->e820_entries[0].start_addr = 0x00000000; |
| 370 | params->e820_entries[0].segment_size = 0x00001000; |
| 371 | params->e820_entries[0].segment_type = E820_TYPE_RAM; |
| 372 | params->e820_entries[1].start_addr = 0xfffff000; |
| 373 | params->e820_entries[1].segment_size = 0x00001000; |
| 374 | params->e820_entries[1].segment_type = E820_TYPE_RESERVED; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 375 | now += CROS_PARAMS_SIZE; |
| 376 | |
| 377 | /* Finally, append the bootloader. Remember where it will load in |
| 378 | * memory, too. */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 379 | Debug("bootloader goes at blob+=0x%" PRIx64 "\n", now); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 380 | bp->bootloader_address = CROS_32BIT_ENTRY_ADDR + now; |
| 381 | bp->bootloader_size = roundup(bootloader_size, CROS_ALIGN); |
| 382 | Debug(" bootloader_address=0x%" PRIx64 "\n", bp->bootloader_address); |
| 383 | Debug(" bootloader_size=0x%" PRIx64 "\n", bp->bootloader_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 384 | if (bootloader_size) |
| 385 | Memcpy(blob + now, bootloader_buf, bootloader_size); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 386 | now += bp->bootloader_size; |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 387 | Debug("end of blob is 0x%" PRIx64 "\n", now); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 388 | |
| 389 | /* Free input buffers */ |
| 390 | Free(kernel_buf); |
| 391 | Free(config_buf); |
| 392 | Free(bootloader_buf); |
| 393 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 394 | /* Success */ |
| 395 | return bp; |
| 396 | } |
| 397 | |
| 398 | |
| 399 | /* Pull the blob_t stuff out of a prepacked kernel blob file */ |
| 400 | static blob_t *OldBlob(const char* filename) { |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 401 | FILE* fp = NULL; |
| 402 | blob_t *bp = NULL; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 403 | struct stat statbuf; |
| 404 | VbKeyBlockHeader* key_block; |
| 405 | VbKernelPreambleHeader* preamble; |
| 406 | uint64_t now = 0; |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 407 | uint8_t* buf = NULL; |
| 408 | int ret_error = 1; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 409 | |
| 410 | if (!filename) { |
| 411 | error("Must specify prepacked blob to read\n"); |
| 412 | return 0; |
| 413 | } |
| 414 | |
| 415 | if (0 != stat(filename, &statbuf)) { |
Bill Richardson | 2f6a71f | 2010-10-14 09:25:39 -0700 | [diff] [blame] | 416 | error("Unable to stat %s: %s\n", filename, strerror(errno)); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 417 | return 0; |
| 418 | } |
| 419 | |
| 420 | Debug("%s size is 0x%" PRIx64 "\n", filename, statbuf.st_size); |
| 421 | if (statbuf.st_size < DEFAULT_PADDING) { |
| 422 | error("%s is too small to be a valid kernel blob\n"); |
| 423 | return 0; |
| 424 | } |
| 425 | |
| 426 | Debug("Reading %s\n", filename); |
| 427 | fp = fopen(filename, "rb"); |
| 428 | if (!fp) { |
| 429 | error("Unable to open file %s: %s\n", filename, strerror(errno)); |
| 430 | return 0; |
| 431 | } |
| 432 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 433 | buf = Malloc(DEFAULT_PADDING); |
| 434 | if (!buf) { |
| 435 | error("Unable to allocate padding\n"); |
| 436 | goto unwind_oldblob; |
| 437 | } |
| 438 | |
| 439 | if (1 != fread(buf, DEFAULT_PADDING, 1, fp)) { |
Bill Richardson | 2f6a71f | 2010-10-14 09:25:39 -0700 | [diff] [blame] | 440 | error("Unable to read header from %s: %s\n", filename, error_fread(fp)); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 441 | goto unwind_oldblob; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 442 | } |
| 443 | |
| 444 | /* Skip the key block */ |
| 445 | key_block = (VbKeyBlockHeader*)buf; |
| 446 | Debug("Keyblock is 0x%" PRIx64 " bytes\n", key_block->key_block_size); |
| 447 | now += key_block->key_block_size; |
| 448 | if (now > statbuf.st_size) { |
| 449 | error("key_block_size advances past the end of the blob\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 450 | goto unwind_oldblob; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 451 | } |
| 452 | |
| 453 | /* Skip the preamble */ |
| 454 | preamble = (VbKernelPreambleHeader*)(buf + now); |
| 455 | Debug("Preamble is 0x%" PRIx64 " bytes\n", preamble->preamble_size); |
| 456 | now += preamble->preamble_size; |
| 457 | if (now > statbuf.st_size) { |
| 458 | error("preamble_size advances past the end of the blob\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 459 | goto unwind_oldblob; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 460 | } |
| 461 | |
| 462 | /* Go find the kernel blob */ |
| 463 | Debug("kernel blob is at offset 0x%" PRIx64 "\n", now); |
| 464 | if (0 != fseek(fp, now, SEEK_SET)) { |
| 465 | error("Unable to seek to 0x%" PRIx64 " in %s: %s\n", now, filename, |
| 466 | strerror(errno)); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 467 | goto unwind_oldblob; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 468 | } |
| 469 | |
| 470 | /* Remember what we've got */ |
| 471 | bp = (blob_t *)Malloc(sizeof(blob_t)); |
| 472 | if (!bp) { |
| 473 | error("Couldn't allocate bytes for blob_t.\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 474 | goto unwind_oldblob; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 475 | } |
| 476 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 477 | bp->buf = buf; |
| 478 | bp->key_block = key_block; |
| 479 | bp->preamble = preamble; |
| 480 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 481 | bp->kernel_version = preamble->kernel_version; |
| 482 | bp->bootloader_address = preamble->bootloader_address; |
| 483 | bp->bootloader_size = preamble->bootloader_size; |
| 484 | bp->blob_size = preamble->body_signature.data_size; |
| 485 | |
| 486 | Debug(" kernel_version = %d\n", bp->kernel_version); |
| 487 | Debug(" bootloader_address = 0x%" PRIx64 "\n", bp->bootloader_address); |
| 488 | Debug(" bootloader_size = 0x%" PRIx64 "\n", bp->bootloader_size); |
| 489 | Debug(" blob_size = 0x%" PRIx64 "\n", bp->blob_size); |
| 490 | |
Bill Richardson | 2f6a71f | 2010-10-14 09:25:39 -0700 | [diff] [blame] | 491 | if (!bp->blob_size) { |
| 492 | error("No kernel blob found\n"); |
| 493 | goto unwind_oldblob; |
| 494 | } |
| 495 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 496 | bp->blob = (uint8_t *)Malloc(bp->blob_size); |
| 497 | if (!bp->blob) { |
| 498 | error("Couldn't allocate 0x%" PRIx64 " bytes for blob_t.\n", bp->blob_size); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 499 | goto unwind_oldblob; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 500 | } |
| 501 | |
| 502 | /* read it in */ |
| 503 | if (1 != fread(bp->blob, bp->blob_size, 1, fp)) { |
Bill Richardson | 2f6a71f | 2010-10-14 09:25:39 -0700 | [diff] [blame] | 504 | error("Unable to read kernel blob from %s: %s\n", filename, error_fread(fp)); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 505 | goto unwind_oldblob; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 506 | } |
| 507 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 508 | ret_error = 0; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 509 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 510 | /* done */ |
| 511 | unwind_oldblob: |
| 512 | fclose(fp); |
| 513 | if (ret_error) { |
| 514 | if (bp) { |
| 515 | FreeBlob(bp); |
| 516 | bp = NULL; |
| 517 | } else if (buf) { |
| 518 | Free(buf); |
| 519 | } |
| 520 | } |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 521 | return bp; |
| 522 | } |
| 523 | |
| 524 | |
| 525 | /* Pack a .kernel */ |
| 526 | static int Pack(const char* outfile, const char* keyblock_file, |
| 527 | const char* signprivate, blob_t *bp, uint64_t pad, |
| 528 | int vblockonly) { |
| 529 | VbPrivateKey* signing_key; |
| 530 | VbSignature* body_sig; |
| 531 | VbKernelPreambleHeader* preamble; |
| 532 | VbKeyBlockHeader* key_block; |
| 533 | uint64_t key_block_size; |
| 534 | FILE* f; |
| 535 | uint64_t i; |
| 536 | |
| 537 | if (!outfile) { |
| 538 | error("Must specify output filename\n"); |
| 539 | return 1; |
| 540 | } |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 541 | if ((!keyblock_file && !bp->key_block) || !signprivate) { |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 542 | error("Must specify all keys\n"); |
| 543 | return 1; |
| 544 | } |
| 545 | if (!bp) { |
| 546 | error("Refusing to pack invalid kernel blob\n"); |
| 547 | return 1; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 548 | } |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 549 | |
| 550 | /* Get the key block and read the private key. */ |
| 551 | if (keyblock_file) { |
| 552 | key_block = (VbKeyBlockHeader*)ReadFile(keyblock_file, &key_block_size); |
| 553 | if (!key_block) { |
| 554 | error("Error reading key block.\n"); |
| 555 | return 1; |
| 556 | } |
| 557 | } else { |
| 558 | key_block = bp->key_block; |
| 559 | key_block_size = key_block->key_block_size; |
| 560 | } |
| 561 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 562 | if (pad < key_block->key_block_size) { |
| 563 | error("Pad too small\n"); |
| 564 | return 1; |
| 565 | } |
| 566 | |
Bill Richardson | abf0550 | 2010-07-01 10:22:06 -0700 | [diff] [blame] | 567 | signing_key = PrivateKeyRead(signprivate); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 568 | if (!signing_key) { |
| 569 | error("Error reading signing key.\n"); |
| 570 | return 1; |
| 571 | } |
| 572 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 573 | /* Sign the kernel data */ |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 574 | body_sig = CalculateSignature(bp->blob, bp->blob_size, signing_key); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 575 | if (!body_sig) { |
| 576 | error("Error calculating body signature\n"); |
| 577 | return 1; |
| 578 | } |
| 579 | |
| 580 | /* Create preamble */ |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 581 | preamble = CreateKernelPreamble(bp->kernel_version, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 582 | CROS_32BIT_ENTRY_ADDR, |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 583 | bp->bootloader_address, |
| 584 | bp->bootloader_size, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 585 | body_sig, |
| 586 | pad - key_block_size, |
| 587 | signing_key); |
| 588 | if (!preamble) { |
| 589 | error("Error creating preamble.\n"); |
| 590 | return 1; |
| 591 | } |
| 592 | |
| 593 | /* Write the output file */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 594 | Debug("writing %s...\n", outfile); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 595 | f = fopen(outfile, "wb"); |
| 596 | if (!f) { |
| 597 | error("Can't open output file %s\n", outfile); |
| 598 | return 1; |
| 599 | } |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 600 | Debug("0x%" PRIx64 " bytes of key_block\n", key_block_size); |
| 601 | Debug("0x%" PRIx64 " bytes of preamble\n", preamble->preamble_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 602 | i = ((1 != fwrite(key_block, key_block_size, 1, f)) || |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 603 | (1 != fwrite(preamble, preamble->preamble_size, 1, f))); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 604 | if (i) { |
| 605 | error("Can't write output file %s\n", outfile); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 606 | fclose(f); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 607 | unlink(outfile); |
| 608 | return 1; |
| 609 | } |
| 610 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 611 | if (!vblockonly) { |
| 612 | Debug("0x%" PRIx64 " bytes of blob\n", bp->blob_size); |
| 613 | i = (1 != fwrite(bp->blob, bp->blob_size, 1, f)); |
| 614 | if (i) { |
| 615 | error("Can't write output file %s\n", outfile); |
| 616 | fclose(f); |
| 617 | unlink(outfile); |
| 618 | return 1; |
| 619 | } |
| 620 | } |
| 621 | |
| 622 | fclose(f); |
| 623 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 624 | /* Success */ |
| 625 | return 0; |
| 626 | } |
| 627 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 628 | /* |
| 629 | * Replace kernel command line in a blob representing a kernel. |
| 630 | */ |
| 631 | static int ReplaceConfig(blob_t* bp, const char* config_file) |
| 632 | { |
| 633 | uint8_t* new_conf; |
| 634 | uint64_t config_size; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 635 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 636 | if (!config_file) { |
| 637 | return 0; |
| 638 | } |
| 639 | |
| 640 | new_conf = ReadConfigFile(config_file, &config_size); |
| 641 | if (!new_conf) { |
| 642 | return 1; |
| 643 | } |
| 644 | |
| 645 | /* fill the config buffer with zeros */ |
| 646 | Memset(BpCmdLineLocation(bp), 0, CROS_CONFIG_SIZE); |
| 647 | Memcpy(BpCmdLineLocation(bp), new_conf, config_size); |
| 648 | Free(new_conf); |
| 649 | return 0; |
| 650 | } |
| 651 | |
Will Drewry | 9342f88 | 2010-10-26 10:22:05 -0500 | [diff] [blame] | 652 | static int Verify(const char* infile, const char* signpubkey, int verbose, |
| 653 | const char* key_block_file) { |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 654 | |
| 655 | VbKeyBlockHeader* key_block; |
| 656 | VbKernelPreambleHeader* preamble; |
| 657 | VbPublicKey* data_key; |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 658 | VbPublicKey* sign_key = NULL; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 659 | RSAPublicKey* rsa; |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 660 | blob_t* bp; |
| 661 | uint64_t now; |
| 662 | int rv = 1; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 663 | |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 664 | if (!infile) { |
| 665 | error("Must specify filename\n"); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 666 | return 1; |
| 667 | } |
| 668 | |
| 669 | /* Read public signing key */ |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 670 | if (signpubkey) { |
| 671 | sign_key = PublicKeyRead(signpubkey); |
| 672 | if (!sign_key) { |
| 673 | error("Error reading signpubkey.\n"); |
| 674 | return 1; |
| 675 | } |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 676 | } |
| 677 | |
| 678 | /* Read blob */ |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 679 | bp = OldBlob(infile); |
| 680 | if (!bp) { |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 681 | error("Error reading input file\n"); |
| 682 | return 1; |
| 683 | } |
| 684 | |
| 685 | /* Verify key block */ |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 686 | key_block = bp->key_block; |
Randall Spangler | 138acfe | 2010-08-17 15:45:21 -0700 | [diff] [blame] | 687 | if (0 != KeyBlockVerify(key_block, bp->blob_size, sign_key, |
| 688 | (sign_key ? 0 : 1))) { |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 689 | error("Error verifying key block.\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 690 | goto verify_exit; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 691 | } |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 692 | now = key_block->key_block_size; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 693 | |
Will Drewry | 9342f88 | 2010-10-26 10:22:05 -0500 | [diff] [blame] | 694 | if (key_block_file) { |
| 695 | FILE* f = NULL; |
| 696 | f = fopen(key_block_file, "wb"); |
| 697 | if (!f) { |
| 698 | error("Can't open key block file %s\n", key_block_file); |
| 699 | return 1; |
| 700 | } |
| 701 | if (1 != fwrite(key_block, key_block->key_block_size, 1, f)) { |
| 702 | error("Can't write key block file %s\n", key_block_file); |
| 703 | return 1; |
| 704 | } |
| 705 | fclose(f); |
| 706 | } |
| 707 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 708 | printf("Key block:\n"); |
| 709 | data_key = &key_block->data_key; |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 710 | if (verbose) |
| 711 | printf(" Signature: %s\n", sign_key ? "valid" : "ignored"); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 712 | printf(" Size: 0x%" PRIx64 "\n", key_block->key_block_size); |
Bill Richardson | 60bcbe3 | 2010-09-09 14:53:56 -0700 | [diff] [blame] | 713 | printf(" Flags: %" PRIu64 " ", key_block->key_block_flags); |
| 714 | if (key_block->key_block_flags & KEY_BLOCK_FLAG_DEVELOPER_0) |
| 715 | printf(" !DEV"); |
| 716 | if (key_block->key_block_flags & KEY_BLOCK_FLAG_DEVELOPER_1) |
| 717 | printf(" DEV"); |
| 718 | if (key_block->key_block_flags & KEY_BLOCK_FLAG_RECOVERY_0) |
| 719 | printf(" !REC"); |
| 720 | if (key_block->key_block_flags & KEY_BLOCK_FLAG_RECOVERY_1) |
| 721 | printf(" REC"); |
| 722 | printf("\n"); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 723 | printf(" Data key algorithm: %" PRIu64 " %s\n", data_key->algorithm, |
| 724 | (data_key->algorithm < kNumAlgorithms ? |
| 725 | algo_strings[data_key->algorithm] : "(invalid)")); |
| 726 | printf(" Data key version: %" PRIu64 "\n", data_key->key_version); |
Bill Richardson | 60bcbe3 | 2010-09-09 14:53:56 -0700 | [diff] [blame] | 727 | printf(" Data key sha1sum: "); |
| 728 | PrintPubKeySha1Sum(data_key); |
| 729 | printf("\n"); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 730 | |
| 731 | rsa = PublicKeyToRSA(&key_block->data_key); |
| 732 | if (!rsa) { |
| 733 | error("Error parsing data key.\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 734 | goto verify_exit; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 735 | } |
| 736 | |
| 737 | /* Verify preamble */ |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 738 | preamble = bp->preamble; |
Randall Spangler | 87c13d8 | 2010-07-19 10:35:40 -0700 | [diff] [blame] | 739 | if (0 != VerifyKernelPreamble( |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 740 | preamble, bp->blob_size - key_block->key_block_size, rsa)) { |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 741 | error("Error verifying preamble.\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 742 | goto verify_exit; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 743 | } |
| 744 | now += preamble->preamble_size; |
| 745 | |
| 746 | printf("Preamble:\n"); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 747 | printf(" Size: 0x%" PRIx64 "\n", preamble->preamble_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 748 | printf(" Header version: %" PRIu32 ".%" PRIu32"\n", |
| 749 | preamble->header_version_major, preamble->header_version_minor); |
| 750 | printf(" Kernel version: %" PRIu64 "\n", preamble->kernel_version); |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 751 | printf(" Body load address: 0x%" PRIx64 "\n", preamble->body_load_address); |
| 752 | printf(" Body size: 0x%" PRIx64 "\n", |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 753 | preamble->body_signature.data_size); |
Randall Spangler | 87c13d8 | 2010-07-19 10:35:40 -0700 | [diff] [blame] | 754 | printf(" Bootloader address: 0x%" PRIx64 "\n", |
| 755 | preamble->bootloader_address); |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 756 | printf(" Bootloader size: 0x%" PRIx64 "\n", preamble->bootloader_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 757 | |
| 758 | /* Verify body */ |
Randall Spangler | 87c13d8 | 2010-07-19 10:35:40 -0700 | [diff] [blame] | 759 | if (0 != VerifyData(bp->blob, bp->blob_size, &preamble->body_signature, |
| 760 | rsa)) { |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 761 | error("Error verifying kernel body.\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 762 | goto verify_exit; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 763 | } |
| 764 | printf("Body verification succeeded.\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 765 | |
| 766 | rv = 0; |
| 767 | |
| 768 | if (!verbose) { |
| 769 | goto verify_exit; |
| 770 | } |
| 771 | |
| 772 | printf("Config:\n%s\n", BpCmdLineLocation(bp)); |
| 773 | |
| 774 | verify_exit: |
| 775 | FreeBlob(bp); |
| 776 | return rv; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 777 | } |
| 778 | |
| 779 | |
| 780 | int main(int argc, char* argv[]) { |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 781 | char* filename = NULL; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 782 | char* oldfile = NULL; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 783 | char* key_block_file = NULL; |
| 784 | char* signpubkey = NULL; |
| 785 | char* signprivate = NULL; |
vbendeb | 00b9088 | 2010-10-21 13:46:16 -0700 | [diff] [blame] | 786 | int version = -1; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 787 | char* vmlinuz = NULL; |
| 788 | char* bootloader = NULL; |
| 789 | char* config_file = NULL; |
Che-Liang Chiou | 0376203 | 2011-02-22 11:16:51 +0800 | [diff] [blame^] | 790 | int arch = ARCH_X86; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 791 | int vblockonly = 0; |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 792 | int verbose = 0; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 793 | uint64_t pad = DEFAULT_PADDING; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 794 | int mode = 0; |
| 795 | int parse_error = 0; |
| 796 | char* e; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 797 | int i,r; |
| 798 | blob_t *bp; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 799 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 800 | |
| 801 | char *progname = strrchr(argv[0], '/'); |
| 802 | if (progname) |
| 803 | progname++; |
| 804 | else |
| 805 | progname = argv[0]; |
| 806 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 807 | while (((i = getopt_long(argc, argv, ":", long_opts, NULL)) != -1) && |
| 808 | !parse_error) { |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 809 | switch (i) { |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 810 | default: |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 811 | case '?': |
| 812 | /* Unhandled option */ |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 813 | parse_error = 1; |
| 814 | break; |
| 815 | |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 816 | case 0: |
| 817 | /* silently handled option */ |
| 818 | break; |
| 819 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 820 | case OPT_MODE_PACK: |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 821 | case OPT_MODE_REPACK: |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 822 | case OPT_MODE_VERIFY: |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 823 | if (mode && (mode != i)) { |
| 824 | fprintf(stderr, "Only single mode can be specified\n"); |
| 825 | parse_error = 1; |
| 826 | break; |
| 827 | } |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 828 | mode = i; |
| 829 | filename = optarg; |
| 830 | break; |
| 831 | |
Che-Liang Chiou | 0376203 | 2011-02-22 11:16:51 +0800 | [diff] [blame^] | 832 | case OPT_ARCH: |
| 833 | if (!strcasecmp(optarg, "x86")) |
| 834 | arch = ARCH_X86; |
| 835 | else if (!strcasecmp(optarg, "arm")) |
| 836 | arch = ARCH_ARM; |
| 837 | else { |
| 838 | fprintf(stderr, "Unknown architecture string: %s\n", optarg); |
| 839 | parse_error = 1; |
| 840 | } |
| 841 | break; |
| 842 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 843 | case OPT_OLDBLOB: |
| 844 | oldfile = optarg; |
| 845 | break; |
| 846 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 847 | case OPT_KEYBLOCK: |
| 848 | key_block_file = optarg; |
| 849 | break; |
| 850 | |
| 851 | case OPT_SIGNPUBKEY: |
| 852 | signpubkey = optarg; |
| 853 | break; |
| 854 | |
| 855 | case OPT_SIGNPRIVATE: |
| 856 | signprivate = optarg; |
| 857 | break; |
| 858 | |
| 859 | case OPT_VMLINUZ: |
| 860 | vmlinuz = optarg; |
| 861 | break; |
| 862 | |
| 863 | case OPT_BOOTLOADER: |
| 864 | bootloader = optarg; |
| 865 | break; |
| 866 | |
| 867 | case OPT_CONFIG: |
| 868 | config_file = optarg; |
| 869 | break; |
| 870 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 871 | case OPT_VBLOCKONLY: |
| 872 | vblockonly = 1; |
| 873 | break; |
| 874 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 875 | case OPT_VERSION: |
| 876 | version = strtoul(optarg, &e, 0); |
| 877 | if (!*optarg || (e && *e)) { |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 878 | fprintf(stderr, "Invalid --version\n"); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 879 | parse_error = 1; |
| 880 | } |
| 881 | break; |
| 882 | |
| 883 | case OPT_PAD: |
| 884 | pad = strtoul(optarg, &e, 0); |
| 885 | if (!*optarg || (e && *e)) { |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 886 | fprintf(stderr, "Invalid --pad\n"); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 887 | parse_error = 1; |
| 888 | } |
| 889 | break; |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 890 | |
| 891 | case OPT_VERBOSE: |
| 892 | verbose = 1; |
| 893 | break; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 894 | } |
| 895 | } |
| 896 | |
| 897 | if (parse_error) |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 898 | return PrintHelp(progname); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 899 | |
| 900 | switch(mode) { |
| 901 | case OPT_MODE_PACK: |
Che-Liang Chiou | 0376203 | 2011-02-22 11:16:51 +0800 | [diff] [blame^] | 902 | bp = NewBlob(version, vmlinuz, bootloader, config_file, arch); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 903 | if (!bp) |
| 904 | return 1; |
| 905 | r = Pack(filename, key_block_file, signprivate, bp, pad, vblockonly); |
| 906 | FreeBlob(bp); |
| 907 | return r; |
| 908 | |
| 909 | case OPT_MODE_REPACK: |
vbendeb | 00b9088 | 2010-10-21 13:46:16 -0700 | [diff] [blame] | 910 | if (!config_file && !key_block_file && (version<0)) { |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 911 | fprintf(stderr, |
vbendeb | 858fffb | 2010-10-06 09:51:44 -0700 | [diff] [blame] | 912 | "You must supply at least one of " |
| 913 | "--config, --keyblock or --version\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 914 | return 1; |
| 915 | } |
| 916 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 917 | bp = OldBlob(oldfile); |
| 918 | if (!bp) |
| 919 | return 1; |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 920 | r = ReplaceConfig(bp, config_file); |
| 921 | if (!r) { |
vbendeb | 00b9088 | 2010-10-21 13:46:16 -0700 | [diff] [blame] | 922 | if (version >= 0) { |
Che-Liang Chiou | 0376203 | 2011-02-22 11:16:51 +0800 | [diff] [blame^] | 923 | bp->kernel_version = (uint64_t) version; |
vbendeb | 858fffb | 2010-10-06 09:51:44 -0700 | [diff] [blame] | 924 | } |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 925 | r = Pack(filename, key_block_file, signprivate, bp, pad, vblockonly); |
| 926 | } |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 927 | FreeBlob(bp); |
| 928 | return r; |
| 929 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 930 | case OPT_MODE_VERIFY: |
Will Drewry | 9342f88 | 2010-10-26 10:22:05 -0500 | [diff] [blame] | 931 | return Verify(filename, signpubkey, verbose, key_block_file); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 932 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 933 | default: |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 934 | fprintf(stderr, |
| 935 | "You must specify a mode: --pack, --repack or --verify\n"); |
| 936 | return PrintHelp(progname); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 937 | } |
| 938 | } |