Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 1 | /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 | * Use of this source code is governed by a BSD-style license that can be |
| 3 | * found in the LICENSE file. |
| 4 | * |
| 5 | * Verified boot kernel utility |
| 6 | */ |
| 7 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 8 | #include <errno.h> |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 9 | #include <getopt.h> |
| 10 | #include <inttypes.h> /* For PRIu64 */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 11 | #include <stdarg.h> |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 12 | #include <stddef.h> |
| 13 | #include <stdio.h> |
| 14 | #include <stdlib.h> |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 15 | #include <string.h> |
| 16 | #include <sys/stat.h> |
| 17 | #include <sys/types.h> |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 18 | #include <unistd.h> |
| 19 | |
| 20 | #include "cryptolib.h" |
| 21 | #include "host_common.h" |
| 22 | #include "kernel_blob.h" |
| 23 | #include "vboot_common.h" |
| 24 | |
| 25 | |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 26 | /* Global opt */ |
| 27 | static int opt_debug = 0; |
| 28 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 29 | static const int DEFAULT_PADDING = 65536; |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 30 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 31 | /* Command line options */ |
| 32 | enum { |
| 33 | OPT_MODE_PACK = 1000, |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 34 | OPT_MODE_REPACK, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 35 | OPT_MODE_VERIFY, |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 36 | OPT_OLDBLOB, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 37 | OPT_KEYBLOCK, |
| 38 | OPT_SIGNPUBKEY, |
| 39 | OPT_SIGNPRIVATE, |
| 40 | OPT_VERSION, |
| 41 | OPT_VMLINUZ, |
| 42 | OPT_BOOTLOADER, |
| 43 | OPT_CONFIG, |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 44 | OPT_VBLOCKONLY, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 45 | OPT_PAD, |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 46 | OPT_VERBOSE, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 47 | }; |
| 48 | |
| 49 | static struct option long_opts[] = { |
| 50 | {"pack", 1, 0, OPT_MODE_PACK }, |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 51 | {"repack", 1, 0, OPT_MODE_REPACK }, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 52 | {"verify", 1, 0, OPT_MODE_VERIFY }, |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 53 | {"oldblob", 1, 0, OPT_OLDBLOB }, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 54 | {"keyblock", 1, 0, OPT_KEYBLOCK }, |
| 55 | {"signpubkey", 1, 0, OPT_SIGNPUBKEY }, |
| 56 | {"signprivate", 1, 0, OPT_SIGNPRIVATE }, |
| 57 | {"version", 1, 0, OPT_VERSION }, |
| 58 | {"vmlinuz", 1, 0, OPT_VMLINUZ }, |
| 59 | {"bootloader", 1, 0, OPT_BOOTLOADER }, |
| 60 | {"config", 1, 0, OPT_CONFIG }, |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 61 | {"vblockonly", 0, 0, OPT_VBLOCKONLY }, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 62 | {"pad", 1, 0, OPT_PAD }, |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 63 | {"verbose", 0, 0, OPT_VERBOSE }, |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 64 | {"debug", 0, &opt_debug, 1 }, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 65 | {NULL, 0, 0, 0} |
| 66 | }; |
| 67 | |
| 68 | |
| 69 | /* Print help and return error */ |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 70 | static int PrintHelp(char *progname) { |
| 71 | fprintf(stderr, |
| 72 | "This program creates, signs, and verifies the kernel blob\n"); |
| 73 | fprintf(stderr, |
| 74 | "\n" |
| 75 | "Usage: %s --pack <file> [PARAMETERS]\n" |
| 76 | "\n" |
| 77 | " Required parameters:\n" |
| 78 | " --keyblock <file> Key block in .keyblock format\n" |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 79 | " --signprivate <file>" |
| 80 | " Private key to sign kernel data, in .vbprivk format\n" |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 81 | " --version <number> Kernel version\n" |
| 82 | " --vmlinuz <file> Linux kernel bzImage file\n" |
| 83 | " --bootloader <file> Bootloader stub\n" |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 84 | " --config <file> Command line file\n" |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 85 | "\n" |
| 86 | " Optional:\n" |
| 87 | " --pad <number> Verification padding size in bytes\n" |
| 88 | " --vblockonly Emit just the verification blob\n", |
| 89 | progname); |
| 90 | fprintf(stderr, |
| 91 | "\nOR\n\n" |
| 92 | "Usage: %s --repack <file> [PARAMETERS]\n" |
| 93 | "\n" |
vbendeb | 858fffb | 2010-10-06 09:51:44 -0700 | [diff] [blame] | 94 | " Required parameters (of --keyblock, --config, and --version \n" |
| 95 | " at least one is required):\n" |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 96 | " --keyblock <file> Key block in .keyblock format\n" |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 97 | " --signprivate <file>" |
| 98 | " Private key to sign kernel data, in .vbprivk format\n" |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 99 | " --oldblob <file> Previously packed kernel blob\n" |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 100 | " --config <file> New command line file\n" |
vbendeb | 858fffb | 2010-10-06 09:51:44 -0700 | [diff] [blame] | 101 | " --version <number> Kernel version\n" |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 102 | "\n" |
| 103 | " Optional:\n" |
| 104 | " --pad <number> Verification padding size in bytes\n" |
| 105 | " --vblockonly Emit just the verification blob\n", |
| 106 | progname); |
| 107 | fprintf(stderr, |
| 108 | "\nOR\n\n" |
| 109 | "Usage: %s --verify <file> [PARAMETERS]\n" |
| 110 | "\n" |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 111 | " Optional:\n" |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 112 | " --signpubkey <file>" |
| 113 | " Public key to verify kernel keyblock, in .vbpubk format\n" |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 114 | " --verbose Print a more detailed report\n" |
Will Drewry | 9342f88 | 2010-10-26 10:22:05 -0500 | [diff] [blame^] | 115 | " --keyblock <file>" |
| 116 | " Outputs the verified key block, in .keyblock format\n" |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 117 | "\n", |
| 118 | progname); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 119 | return 1; |
| 120 | } |
| 121 | |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 122 | static void Debug(const char *format, ...) { |
| 123 | if (!opt_debug) |
| 124 | return; |
| 125 | |
| 126 | va_list ap; |
| 127 | va_start(ap, format); |
| 128 | fprintf(stderr, "DEBUG: "); |
| 129 | vfprintf(stderr, format, ap); |
| 130 | va_end(ap); |
| 131 | } |
| 132 | |
Bill Richardson | 2f6a71f | 2010-10-14 09:25:39 -0700 | [diff] [blame] | 133 | /* Return an explanation when fread() fails. */ |
| 134 | static const char *error_fread(FILE *fp) { |
| 135 | const char *retval = "beats me why"; |
| 136 | if (feof(fp)) |
| 137 | retval = "EOF"; |
| 138 | else if (ferror(fp)) |
| 139 | retval = strerror(errno); |
| 140 | clearerr(fp); |
| 141 | return retval; |
| 142 | } |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 143 | |
| 144 | /* Return the smallest integral multiple of [alignment] that is equal |
| 145 | * to or greater than [val]. Used to determine the number of |
| 146 | * pages/sectors/blocks/whatever needed to contain [val] |
| 147 | * items/bytes/etc. */ |
| 148 | static uint64_t roundup(uint64_t val, uint64_t alignment) { |
| 149 | uint64_t rem = val % alignment; |
| 150 | if ( rem ) |
| 151 | return val + (alignment - rem); |
| 152 | return val; |
| 153 | } |
| 154 | |
| 155 | |
| 156 | /* Match regexp /\b--\b/ to delimit the start of the kernel commandline. If we |
| 157 | * don't find one, we'll use the whole thing. */ |
| 158 | static unsigned int find_cmdline_start(char *input, unsigned int max_len) { |
| 159 | int start = 0; |
| 160 | int i; |
| 161 | for(i = 0; i < max_len - 1 && input[i]; i++) { |
| 162 | if ('-' == input[i] && '-' == input[i + 1]) { /* found a "--" */ |
| 163 | if ((i == 0 || ' ' == input[i - 1]) && /* nothing before it */ |
| 164 | (i + 2 >= max_len || ' ' == input[i+2])) { /* nothing after it */ |
| 165 | start = i+2; /* note: hope there's a trailing '\0' */ |
| 166 | break; |
| 167 | } |
| 168 | } |
| 169 | } |
| 170 | while(' ' == input[start]) /* skip leading spaces */ |
| 171 | start++; |
| 172 | |
| 173 | return start; |
| 174 | } |
| 175 | |
| 176 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 177 | typedef struct blob_s { |
| 178 | /* Stuff needed by VbKernelPreambleHeader */ |
| 179 | uint64_t kernel_version; |
| 180 | uint64_t bootloader_address; |
| 181 | uint64_t bootloader_size; |
| 182 | /* Raw kernel blob data */ |
| 183 | uint64_t blob_size; |
| 184 | uint8_t *blob; |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 185 | |
| 186 | /* these fields are not always initialized */ |
| 187 | VbKernelPreambleHeader* preamble; |
| 188 | VbKeyBlockHeader* key_block; |
| 189 | uint8_t *buf; |
| 190 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 191 | } blob_t; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 192 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 193 | /* Given a blob return the location of the kernel command line buffer. */ |
| 194 | static char* BpCmdLineLocation(blob_t *bp) |
| 195 | { |
| 196 | return (char*)(bp->blob + bp->bootloader_address - CROS_32BIT_ENTRY_ADDR - |
| 197 | CROS_CONFIG_SIZE - CROS_PARAMS_SIZE); |
| 198 | } |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 199 | |
| 200 | static void FreeBlob(blob_t *bp) { |
| 201 | if (bp) { |
| 202 | if (bp->blob) |
| 203 | Free(bp->blob); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 204 | if (bp->buf) |
| 205 | Free(bp->buf); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 206 | Free(bp); |
| 207 | } |
| 208 | } |
| 209 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 210 | /* |
| 211 | * Read the kernel command line from a file. Get rid of \n characters along |
| 212 | * the way and verify that the line fits into a 4K buffer. |
| 213 | * |
| 214 | * Return the buffer contaning the line on success (and set the line length |
| 215 | * using the passed in parameter), or NULL in case something goes wrong. |
| 216 | */ |
| 217 | static uint8_t* ReadConfigFile(const char* config_file, uint64_t* config_size) |
| 218 | { |
| 219 | uint8_t* config_buf; |
| 220 | int ii; |
| 221 | |
| 222 | config_buf = ReadFile(config_file, config_size); |
| 223 | Debug(" config file size=0x%" PRIx64 "\n", *config_size); |
| 224 | if (CROS_CONFIG_SIZE <= *config_size) { /* need room for trailing '\0' */ |
| 225 | error("Config file %s is too large (>= %d bytes)\n", |
| 226 | config_file, CROS_CONFIG_SIZE); |
| 227 | return NULL; |
| 228 | } |
| 229 | |
| 230 | /* Replace newlines with spaces */ |
| 231 | for (ii = 0; ii < *config_size; ii++) { |
| 232 | if ('\n' == config_buf[ii]) { |
| 233 | config_buf[ii] = ' '; |
| 234 | } |
| 235 | } |
| 236 | return config_buf; |
| 237 | } |
| 238 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 239 | /* Create a blob from its components */ |
| 240 | static blob_t *NewBlob(uint64_t version, |
| 241 | const char* vmlinuz, |
| 242 | const char* bootloader_file, |
| 243 | const char* config_file) { |
| 244 | blob_t *bp; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 245 | struct linux_kernel_header *lh = 0; |
| 246 | struct linux_kernel_params *params = 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 247 | uint8_t* config_buf; |
| 248 | uint64_t config_size; |
| 249 | uint8_t* bootloader_buf; |
| 250 | uint64_t bootloader_size; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 251 | uint8_t* kernel_buf; |
| 252 | uint64_t kernel_size; |
| 253 | uint64_t kernel32_start = 0; |
| 254 | uint64_t kernel32_size = 0; |
| 255 | uint32_t cmdline_addr; |
| 256 | uint8_t* blob = NULL; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 257 | uint64_t now = 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 258 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 259 | if (!vmlinuz || !bootloader_file || !config_file) { |
| 260 | error("Must specify all input files\n"); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 261 | return 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 262 | } |
| 263 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 264 | bp = (blob_t *)Malloc(sizeof(blob_t)); |
| 265 | if (!bp) { |
| 266 | error("Couldn't allocate bytes for blob_t.\n"); |
| 267 | return 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 268 | } |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 269 | |
| 270 | Memset(bp, 0, sizeof(*bp)); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 271 | bp->kernel_version = version; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 272 | |
| 273 | /* Read the config file */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 274 | Debug("Reading %s\n", config_file); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 275 | config_buf = ReadConfigFile(config_file, &config_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 276 | if (!config_buf) |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 277 | return 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 278 | |
| 279 | /* Read the bootloader */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 280 | Debug("Reading %s\n", bootloader_file); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 281 | bootloader_buf = ReadFile(bootloader_file, &bootloader_size); |
| 282 | if (!bootloader_buf) |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 283 | return 0; |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 284 | Debug(" bootloader file size=0x%" PRIx64 "\n", bootloader_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 285 | |
| 286 | /* Read the kernel */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 287 | Debug("Reading %s\n", vmlinuz); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 288 | kernel_buf = ReadFile(vmlinuz, &kernel_size); |
| 289 | if (!kernel_buf) |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 290 | return 0; |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 291 | Debug(" kernel file size=0x%" PRIx64 "\n", kernel_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 292 | if (!kernel_size) { |
| 293 | error("Empty kernel file\n"); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 294 | return 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 295 | } |
| 296 | |
| 297 | /* The first part of vmlinuz is a header, followed by a real-mode |
| 298 | * boot stub. We only want the 32-bit part. */ |
| 299 | lh = (struct linux_kernel_header *)kernel_buf; |
| 300 | kernel32_start = (lh->setup_sects + 1) << 9; |
| 301 | if (kernel32_start >= kernel_size) { |
| 302 | error("Malformed kernel\n"); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 303 | return 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 304 | } |
| 305 | kernel32_size = kernel_size - kernel32_start; |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 306 | Debug(" kernel32_start=0x%" PRIx64 "\n", kernel32_start); |
| 307 | Debug(" kernel32_size=0x%" PRIx64 "\n", kernel32_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 308 | |
| 309 | /* Allocate and zero the blob we need. */ |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 310 | bp->blob_size = roundup(kernel32_size, CROS_ALIGN) + |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 311 | CROS_CONFIG_SIZE + |
| 312 | CROS_PARAMS_SIZE + |
| 313 | roundup(bootloader_size, CROS_ALIGN); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 314 | blob = (uint8_t *)Malloc(bp->blob_size); |
| 315 | Debug("blob_size=0x%" PRIx64 "\n", bp->blob_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 316 | if (!blob) { |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 317 | error("Couldn't allocate %ld bytes.\n", bp->blob_size); |
| 318 | return 0; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 319 | } |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 320 | Memset(blob, 0, bp->blob_size); |
| 321 | bp->blob = blob; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 322 | |
| 323 | /* Copy the 32-bit kernel. */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 324 | Debug("kernel goes at blob+=0x%" PRIx64 "\n", now); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 325 | if (kernel32_size) |
| 326 | Memcpy(blob + now, kernel_buf + kernel32_start, kernel32_size); |
| 327 | now += roundup(now + kernel32_size, CROS_ALIGN); |
| 328 | |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 329 | Debug("config goes at blob+0x%" PRIx64 "\n", now); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 330 | /* Find the load address of the commandline. We'll need it later. */ |
| 331 | cmdline_addr = CROS_32BIT_ENTRY_ADDR + now + |
| 332 | find_cmdline_start((char *)config_buf, config_size); |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 333 | Debug(" cmdline_addr=0x%" PRIx64 "\n", cmdline_addr); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 334 | |
| 335 | /* Copy the config. */ |
| 336 | if (config_size) |
| 337 | Memcpy(blob + now, config_buf, config_size); |
| 338 | now += CROS_CONFIG_SIZE; |
| 339 | |
| 340 | /* The zeropage data is next. Overlay the linux_kernel_header onto it, and |
| 341 | * tweak a few fields. */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 342 | Debug("params goes at blob+=0x%" PRIx64 "\n", now); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 343 | params = (struct linux_kernel_params *)(blob + now); |
| 344 | Memcpy(&(params->setup_sects), &(lh->setup_sects), |
| 345 | sizeof(*lh) - offsetof(struct linux_kernel_header, setup_sects)); |
| 346 | params->boot_flag = 0; |
| 347 | params->ramdisk_image = 0; /* we don't support initrd */ |
| 348 | params->ramdisk_size = 0; |
| 349 | params->type_of_loader = 0xff; |
| 350 | params->cmd_line_ptr = cmdline_addr; |
Che-Liang Chiou | 475bf44 | 2010-08-23 11:20:44 +0800 | [diff] [blame] | 351 | /* A fake e820 memory map with 2 entries */ |
| 352 | params->n_e820_entry = 2; |
| 353 | params->e820_entries[0].start_addr = 0x00000000; |
| 354 | params->e820_entries[0].segment_size = 0x00001000; |
| 355 | params->e820_entries[0].segment_type = E820_TYPE_RAM; |
| 356 | params->e820_entries[1].start_addr = 0xfffff000; |
| 357 | params->e820_entries[1].segment_size = 0x00001000; |
| 358 | params->e820_entries[1].segment_type = E820_TYPE_RESERVED; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 359 | now += CROS_PARAMS_SIZE; |
| 360 | |
| 361 | /* Finally, append the bootloader. Remember where it will load in |
| 362 | * memory, too. */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 363 | Debug("bootloader goes at blob+=0x%" PRIx64 "\n", now); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 364 | bp->bootloader_address = CROS_32BIT_ENTRY_ADDR + now; |
| 365 | bp->bootloader_size = roundup(bootloader_size, CROS_ALIGN); |
| 366 | Debug(" bootloader_address=0x%" PRIx64 "\n", bp->bootloader_address); |
| 367 | Debug(" bootloader_size=0x%" PRIx64 "\n", bp->bootloader_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 368 | if (bootloader_size) |
| 369 | Memcpy(blob + now, bootloader_buf, bootloader_size); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 370 | now += bp->bootloader_size; |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 371 | Debug("end of blob is 0x%" PRIx64 "\n", now); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 372 | |
| 373 | /* Free input buffers */ |
| 374 | Free(kernel_buf); |
| 375 | Free(config_buf); |
| 376 | Free(bootloader_buf); |
| 377 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 378 | /* Success */ |
| 379 | return bp; |
| 380 | } |
| 381 | |
| 382 | |
| 383 | /* Pull the blob_t stuff out of a prepacked kernel blob file */ |
| 384 | static blob_t *OldBlob(const char* filename) { |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 385 | FILE* fp = NULL; |
| 386 | blob_t *bp = NULL; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 387 | struct stat statbuf; |
| 388 | VbKeyBlockHeader* key_block; |
| 389 | VbKernelPreambleHeader* preamble; |
| 390 | uint64_t now = 0; |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 391 | uint8_t* buf = NULL; |
| 392 | int ret_error = 1; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 393 | |
| 394 | if (!filename) { |
| 395 | error("Must specify prepacked blob to read\n"); |
| 396 | return 0; |
| 397 | } |
| 398 | |
| 399 | if (0 != stat(filename, &statbuf)) { |
Bill Richardson | 2f6a71f | 2010-10-14 09:25:39 -0700 | [diff] [blame] | 400 | error("Unable to stat %s: %s\n", filename, strerror(errno)); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 401 | return 0; |
| 402 | } |
| 403 | |
| 404 | Debug("%s size is 0x%" PRIx64 "\n", filename, statbuf.st_size); |
| 405 | if (statbuf.st_size < DEFAULT_PADDING) { |
| 406 | error("%s is too small to be a valid kernel blob\n"); |
| 407 | return 0; |
| 408 | } |
| 409 | |
| 410 | Debug("Reading %s\n", filename); |
| 411 | fp = fopen(filename, "rb"); |
| 412 | if (!fp) { |
| 413 | error("Unable to open file %s: %s\n", filename, strerror(errno)); |
| 414 | return 0; |
| 415 | } |
| 416 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 417 | buf = Malloc(DEFAULT_PADDING); |
| 418 | if (!buf) { |
| 419 | error("Unable to allocate padding\n"); |
| 420 | goto unwind_oldblob; |
| 421 | } |
| 422 | |
| 423 | if (1 != fread(buf, DEFAULT_PADDING, 1, fp)) { |
Bill Richardson | 2f6a71f | 2010-10-14 09:25:39 -0700 | [diff] [blame] | 424 | error("Unable to read header from %s: %s\n", filename, error_fread(fp)); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 425 | goto unwind_oldblob; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 426 | } |
| 427 | |
| 428 | /* Skip the key block */ |
| 429 | key_block = (VbKeyBlockHeader*)buf; |
| 430 | Debug("Keyblock is 0x%" PRIx64 " bytes\n", key_block->key_block_size); |
| 431 | now += key_block->key_block_size; |
| 432 | if (now > statbuf.st_size) { |
| 433 | error("key_block_size advances past the end of the blob\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 434 | goto unwind_oldblob; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 435 | } |
| 436 | |
| 437 | /* Skip the preamble */ |
| 438 | preamble = (VbKernelPreambleHeader*)(buf + now); |
| 439 | Debug("Preamble is 0x%" PRIx64 " bytes\n", preamble->preamble_size); |
| 440 | now += preamble->preamble_size; |
| 441 | if (now > statbuf.st_size) { |
| 442 | error("preamble_size advances past the end of the blob\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 443 | goto unwind_oldblob; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 444 | } |
| 445 | |
| 446 | /* Go find the kernel blob */ |
| 447 | Debug("kernel blob is at offset 0x%" PRIx64 "\n", now); |
| 448 | if (0 != fseek(fp, now, SEEK_SET)) { |
| 449 | error("Unable to seek to 0x%" PRIx64 " in %s: %s\n", now, filename, |
| 450 | strerror(errno)); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 451 | goto unwind_oldblob; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 452 | } |
| 453 | |
| 454 | /* Remember what we've got */ |
| 455 | bp = (blob_t *)Malloc(sizeof(blob_t)); |
| 456 | if (!bp) { |
| 457 | error("Couldn't allocate bytes for blob_t.\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 458 | goto unwind_oldblob; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 459 | } |
| 460 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 461 | bp->buf = buf; |
| 462 | bp->key_block = key_block; |
| 463 | bp->preamble = preamble; |
| 464 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 465 | bp->kernel_version = preamble->kernel_version; |
| 466 | bp->bootloader_address = preamble->bootloader_address; |
| 467 | bp->bootloader_size = preamble->bootloader_size; |
| 468 | bp->blob_size = preamble->body_signature.data_size; |
| 469 | |
| 470 | Debug(" kernel_version = %d\n", bp->kernel_version); |
| 471 | Debug(" bootloader_address = 0x%" PRIx64 "\n", bp->bootloader_address); |
| 472 | Debug(" bootloader_size = 0x%" PRIx64 "\n", bp->bootloader_size); |
| 473 | Debug(" blob_size = 0x%" PRIx64 "\n", bp->blob_size); |
| 474 | |
Bill Richardson | 2f6a71f | 2010-10-14 09:25:39 -0700 | [diff] [blame] | 475 | if (!bp->blob_size) { |
| 476 | error("No kernel blob found\n"); |
| 477 | goto unwind_oldblob; |
| 478 | } |
| 479 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 480 | bp->blob = (uint8_t *)Malloc(bp->blob_size); |
| 481 | if (!bp->blob) { |
| 482 | error("Couldn't allocate 0x%" PRIx64 " bytes for blob_t.\n", bp->blob_size); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 483 | goto unwind_oldblob; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 484 | } |
| 485 | |
| 486 | /* read it in */ |
| 487 | if (1 != fread(bp->blob, bp->blob_size, 1, fp)) { |
Bill Richardson | 2f6a71f | 2010-10-14 09:25:39 -0700 | [diff] [blame] | 488 | error("Unable to read kernel blob from %s: %s\n", filename, error_fread(fp)); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 489 | goto unwind_oldblob; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 490 | } |
| 491 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 492 | ret_error = 0; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 493 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 494 | /* done */ |
| 495 | unwind_oldblob: |
| 496 | fclose(fp); |
| 497 | if (ret_error) { |
| 498 | if (bp) { |
| 499 | FreeBlob(bp); |
| 500 | bp = NULL; |
| 501 | } else if (buf) { |
| 502 | Free(buf); |
| 503 | } |
| 504 | } |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 505 | return bp; |
| 506 | } |
| 507 | |
| 508 | |
| 509 | /* Pack a .kernel */ |
| 510 | static int Pack(const char* outfile, const char* keyblock_file, |
| 511 | const char* signprivate, blob_t *bp, uint64_t pad, |
| 512 | int vblockonly) { |
| 513 | VbPrivateKey* signing_key; |
| 514 | VbSignature* body_sig; |
| 515 | VbKernelPreambleHeader* preamble; |
| 516 | VbKeyBlockHeader* key_block; |
| 517 | uint64_t key_block_size; |
| 518 | FILE* f; |
| 519 | uint64_t i; |
| 520 | |
| 521 | if (!outfile) { |
| 522 | error("Must specify output filename\n"); |
| 523 | return 1; |
| 524 | } |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 525 | if ((!keyblock_file && !bp->key_block) || !signprivate) { |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 526 | error("Must specify all keys\n"); |
| 527 | return 1; |
| 528 | } |
| 529 | if (!bp) { |
| 530 | error("Refusing to pack invalid kernel blob\n"); |
| 531 | return 1; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 532 | } |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 533 | |
| 534 | /* Get the key block and read the private key. */ |
| 535 | if (keyblock_file) { |
| 536 | key_block = (VbKeyBlockHeader*)ReadFile(keyblock_file, &key_block_size); |
| 537 | if (!key_block) { |
| 538 | error("Error reading key block.\n"); |
| 539 | return 1; |
| 540 | } |
| 541 | } else { |
| 542 | key_block = bp->key_block; |
| 543 | key_block_size = key_block->key_block_size; |
| 544 | } |
| 545 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 546 | if (pad < key_block->key_block_size) { |
| 547 | error("Pad too small\n"); |
| 548 | return 1; |
| 549 | } |
| 550 | |
Bill Richardson | abf0550 | 2010-07-01 10:22:06 -0700 | [diff] [blame] | 551 | signing_key = PrivateKeyRead(signprivate); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 552 | if (!signing_key) { |
| 553 | error("Error reading signing key.\n"); |
| 554 | return 1; |
| 555 | } |
| 556 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 557 | /* Sign the kernel data */ |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 558 | body_sig = CalculateSignature(bp->blob, bp->blob_size, signing_key); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 559 | if (!body_sig) { |
| 560 | error("Error calculating body signature\n"); |
| 561 | return 1; |
| 562 | } |
| 563 | |
| 564 | /* Create preamble */ |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 565 | preamble = CreateKernelPreamble(bp->kernel_version, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 566 | CROS_32BIT_ENTRY_ADDR, |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 567 | bp->bootloader_address, |
| 568 | bp->bootloader_size, |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 569 | body_sig, |
| 570 | pad - key_block_size, |
| 571 | signing_key); |
| 572 | if (!preamble) { |
| 573 | error("Error creating preamble.\n"); |
| 574 | return 1; |
| 575 | } |
| 576 | |
| 577 | /* Write the output file */ |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 578 | Debug("writing %s...\n", outfile); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 579 | f = fopen(outfile, "wb"); |
| 580 | if (!f) { |
| 581 | error("Can't open output file %s\n", outfile); |
| 582 | return 1; |
| 583 | } |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 584 | Debug("0x%" PRIx64 " bytes of key_block\n", key_block_size); |
| 585 | Debug("0x%" PRIx64 " bytes of preamble\n", preamble->preamble_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 586 | i = ((1 != fwrite(key_block, key_block_size, 1, f)) || |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 587 | (1 != fwrite(preamble, preamble->preamble_size, 1, f))); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 588 | if (i) { |
| 589 | error("Can't write output file %s\n", outfile); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 590 | fclose(f); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 591 | unlink(outfile); |
| 592 | return 1; |
| 593 | } |
| 594 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 595 | if (!vblockonly) { |
| 596 | Debug("0x%" PRIx64 " bytes of blob\n", bp->blob_size); |
| 597 | i = (1 != fwrite(bp->blob, bp->blob_size, 1, f)); |
| 598 | if (i) { |
| 599 | error("Can't write output file %s\n", outfile); |
| 600 | fclose(f); |
| 601 | unlink(outfile); |
| 602 | return 1; |
| 603 | } |
| 604 | } |
| 605 | |
| 606 | fclose(f); |
| 607 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 608 | /* Success */ |
| 609 | return 0; |
| 610 | } |
| 611 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 612 | /* |
| 613 | * Replace kernel command line in a blob representing a kernel. |
| 614 | */ |
| 615 | static int ReplaceConfig(blob_t* bp, const char* config_file) |
| 616 | { |
| 617 | uint8_t* new_conf; |
| 618 | uint64_t config_size; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 619 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 620 | if (!config_file) { |
| 621 | return 0; |
| 622 | } |
| 623 | |
| 624 | new_conf = ReadConfigFile(config_file, &config_size); |
| 625 | if (!new_conf) { |
| 626 | return 1; |
| 627 | } |
| 628 | |
| 629 | /* fill the config buffer with zeros */ |
| 630 | Memset(BpCmdLineLocation(bp), 0, CROS_CONFIG_SIZE); |
| 631 | Memcpy(BpCmdLineLocation(bp), new_conf, config_size); |
| 632 | Free(new_conf); |
| 633 | return 0; |
| 634 | } |
| 635 | |
Will Drewry | 9342f88 | 2010-10-26 10:22:05 -0500 | [diff] [blame^] | 636 | static int Verify(const char* infile, const char* signpubkey, int verbose, |
| 637 | const char* key_block_file) { |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 638 | |
| 639 | VbKeyBlockHeader* key_block; |
| 640 | VbKernelPreambleHeader* preamble; |
| 641 | VbPublicKey* data_key; |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 642 | VbPublicKey* sign_key = NULL; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 643 | RSAPublicKey* rsa; |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 644 | blob_t* bp; |
| 645 | uint64_t now; |
| 646 | int rv = 1; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 647 | |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 648 | if (!infile) { |
| 649 | error("Must specify filename\n"); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 650 | return 1; |
| 651 | } |
| 652 | |
| 653 | /* Read public signing key */ |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 654 | if (signpubkey) { |
| 655 | sign_key = PublicKeyRead(signpubkey); |
| 656 | if (!sign_key) { |
| 657 | error("Error reading signpubkey.\n"); |
| 658 | return 1; |
| 659 | } |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 660 | } |
| 661 | |
| 662 | /* Read blob */ |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 663 | bp = OldBlob(infile); |
| 664 | if (!bp) { |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 665 | error("Error reading input file\n"); |
| 666 | return 1; |
| 667 | } |
| 668 | |
| 669 | /* Verify key block */ |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 670 | key_block = bp->key_block; |
Randall Spangler | 138acfe | 2010-08-17 15:45:21 -0700 | [diff] [blame] | 671 | if (0 != KeyBlockVerify(key_block, bp->blob_size, sign_key, |
| 672 | (sign_key ? 0 : 1))) { |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 673 | error("Error verifying key block.\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 674 | goto verify_exit; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 675 | } |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 676 | now = key_block->key_block_size; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 677 | |
Will Drewry | 9342f88 | 2010-10-26 10:22:05 -0500 | [diff] [blame^] | 678 | if (key_block_file) { |
| 679 | FILE* f = NULL; |
| 680 | f = fopen(key_block_file, "wb"); |
| 681 | if (!f) { |
| 682 | error("Can't open key block file %s\n", key_block_file); |
| 683 | return 1; |
| 684 | } |
| 685 | if (1 != fwrite(key_block, key_block->key_block_size, 1, f)) { |
| 686 | error("Can't write key block file %s\n", key_block_file); |
| 687 | return 1; |
| 688 | } |
| 689 | fclose(f); |
| 690 | } |
| 691 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 692 | printf("Key block:\n"); |
| 693 | data_key = &key_block->data_key; |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 694 | if (verbose) |
| 695 | printf(" Signature: %s\n", sign_key ? "valid" : "ignored"); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 696 | printf(" Size: 0x%" PRIx64 "\n", key_block->key_block_size); |
Bill Richardson | 60bcbe3 | 2010-09-09 14:53:56 -0700 | [diff] [blame] | 697 | printf(" Flags: %" PRIu64 " ", key_block->key_block_flags); |
| 698 | if (key_block->key_block_flags & KEY_BLOCK_FLAG_DEVELOPER_0) |
| 699 | printf(" !DEV"); |
| 700 | if (key_block->key_block_flags & KEY_BLOCK_FLAG_DEVELOPER_1) |
| 701 | printf(" DEV"); |
| 702 | if (key_block->key_block_flags & KEY_BLOCK_FLAG_RECOVERY_0) |
| 703 | printf(" !REC"); |
| 704 | if (key_block->key_block_flags & KEY_BLOCK_FLAG_RECOVERY_1) |
| 705 | printf(" REC"); |
| 706 | printf("\n"); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 707 | printf(" Data key algorithm: %" PRIu64 " %s\n", data_key->algorithm, |
| 708 | (data_key->algorithm < kNumAlgorithms ? |
| 709 | algo_strings[data_key->algorithm] : "(invalid)")); |
| 710 | printf(" Data key version: %" PRIu64 "\n", data_key->key_version); |
Bill Richardson | 60bcbe3 | 2010-09-09 14:53:56 -0700 | [diff] [blame] | 711 | printf(" Data key sha1sum: "); |
| 712 | PrintPubKeySha1Sum(data_key); |
| 713 | printf("\n"); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 714 | |
| 715 | rsa = PublicKeyToRSA(&key_block->data_key); |
| 716 | if (!rsa) { |
| 717 | error("Error parsing data key.\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 718 | goto verify_exit; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 719 | } |
| 720 | |
| 721 | /* Verify preamble */ |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 722 | preamble = bp->preamble; |
Randall Spangler | 87c13d8 | 2010-07-19 10:35:40 -0700 | [diff] [blame] | 723 | if (0 != VerifyKernelPreamble( |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 724 | preamble, bp->blob_size - key_block->key_block_size, rsa)) { |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 725 | error("Error verifying preamble.\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 726 | goto verify_exit; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 727 | } |
| 728 | now += preamble->preamble_size; |
| 729 | |
| 730 | printf("Preamble:\n"); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 731 | printf(" Size: 0x%" PRIx64 "\n", preamble->preamble_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 732 | printf(" Header version: %" PRIu32 ".%" PRIu32"\n", |
| 733 | preamble->header_version_major, preamble->header_version_minor); |
| 734 | printf(" Kernel version: %" PRIu64 "\n", preamble->kernel_version); |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 735 | printf(" Body load address: 0x%" PRIx64 "\n", preamble->body_load_address); |
| 736 | printf(" Body size: 0x%" PRIx64 "\n", |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 737 | preamble->body_signature.data_size); |
Randall Spangler | 87c13d8 | 2010-07-19 10:35:40 -0700 | [diff] [blame] | 738 | printf(" Bootloader address: 0x%" PRIx64 "\n", |
| 739 | preamble->bootloader_address); |
Bill Richardson | 249677d | 2010-06-23 11:16:37 -0700 | [diff] [blame] | 740 | printf(" Bootloader size: 0x%" PRIx64 "\n", preamble->bootloader_size); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 741 | |
| 742 | /* Verify body */ |
Randall Spangler | 87c13d8 | 2010-07-19 10:35:40 -0700 | [diff] [blame] | 743 | if (0 != VerifyData(bp->blob, bp->blob_size, &preamble->body_signature, |
| 744 | rsa)) { |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 745 | error("Error verifying kernel body.\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 746 | goto verify_exit; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 747 | } |
| 748 | printf("Body verification succeeded.\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 749 | |
| 750 | rv = 0; |
| 751 | |
| 752 | if (!verbose) { |
| 753 | goto verify_exit; |
| 754 | } |
| 755 | |
| 756 | printf("Config:\n%s\n", BpCmdLineLocation(bp)); |
| 757 | |
| 758 | verify_exit: |
| 759 | FreeBlob(bp); |
| 760 | return rv; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 761 | } |
| 762 | |
| 763 | |
| 764 | int main(int argc, char* argv[]) { |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 765 | char* filename = NULL; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 766 | char* oldfile = NULL; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 767 | char* key_block_file = NULL; |
| 768 | char* signpubkey = NULL; |
| 769 | char* signprivate = NULL; |
vbendeb | 00b9088 | 2010-10-21 13:46:16 -0700 | [diff] [blame] | 770 | int version = -1; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 771 | char* vmlinuz = NULL; |
| 772 | char* bootloader = NULL; |
| 773 | char* config_file = NULL; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 774 | int vblockonly = 0; |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 775 | int verbose = 0; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 776 | uint64_t pad = DEFAULT_PADDING; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 777 | int mode = 0; |
| 778 | int parse_error = 0; |
| 779 | char* e; |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 780 | int i,r; |
| 781 | blob_t *bp; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 782 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 783 | |
| 784 | char *progname = strrchr(argv[0], '/'); |
| 785 | if (progname) |
| 786 | progname++; |
| 787 | else |
| 788 | progname = argv[0]; |
| 789 | |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 790 | while (((i = getopt_long(argc, argv, ":", long_opts, NULL)) != -1) && |
| 791 | !parse_error) { |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 792 | switch (i) { |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 793 | default: |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 794 | case '?': |
| 795 | /* Unhandled option */ |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 796 | parse_error = 1; |
| 797 | break; |
| 798 | |
Bill Richardson | 4f36ef3 | 2010-08-09 17:50:14 -0700 | [diff] [blame] | 799 | case 0: |
| 800 | /* silently handled option */ |
| 801 | break; |
| 802 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 803 | case OPT_MODE_PACK: |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 804 | case OPT_MODE_REPACK: |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 805 | case OPT_MODE_VERIFY: |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 806 | if (mode && (mode != i)) { |
| 807 | fprintf(stderr, "Only single mode can be specified\n"); |
| 808 | parse_error = 1; |
| 809 | break; |
| 810 | } |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 811 | mode = i; |
| 812 | filename = optarg; |
| 813 | break; |
| 814 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 815 | case OPT_OLDBLOB: |
| 816 | oldfile = optarg; |
| 817 | break; |
| 818 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 819 | case OPT_KEYBLOCK: |
| 820 | key_block_file = optarg; |
| 821 | break; |
| 822 | |
| 823 | case OPT_SIGNPUBKEY: |
| 824 | signpubkey = optarg; |
| 825 | break; |
| 826 | |
| 827 | case OPT_SIGNPRIVATE: |
| 828 | signprivate = optarg; |
| 829 | break; |
| 830 | |
| 831 | case OPT_VMLINUZ: |
| 832 | vmlinuz = optarg; |
| 833 | break; |
| 834 | |
| 835 | case OPT_BOOTLOADER: |
| 836 | bootloader = optarg; |
| 837 | break; |
| 838 | |
| 839 | case OPT_CONFIG: |
| 840 | config_file = optarg; |
| 841 | break; |
| 842 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 843 | case OPT_VBLOCKONLY: |
| 844 | vblockonly = 1; |
| 845 | break; |
| 846 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 847 | case OPT_VERSION: |
| 848 | version = strtoul(optarg, &e, 0); |
| 849 | if (!*optarg || (e && *e)) { |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 850 | fprintf(stderr, "Invalid --version\n"); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 851 | parse_error = 1; |
| 852 | } |
| 853 | break; |
| 854 | |
| 855 | case OPT_PAD: |
| 856 | pad = strtoul(optarg, &e, 0); |
| 857 | if (!*optarg || (e && *e)) { |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 858 | fprintf(stderr, "Invalid --pad\n"); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 859 | parse_error = 1; |
| 860 | } |
| 861 | break; |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 862 | |
| 863 | case OPT_VERBOSE: |
| 864 | verbose = 1; |
| 865 | break; |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 866 | } |
| 867 | } |
| 868 | |
| 869 | if (parse_error) |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 870 | return PrintHelp(progname); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 871 | |
| 872 | switch(mode) { |
| 873 | case OPT_MODE_PACK: |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 874 | bp = NewBlob(version, vmlinuz, bootloader, config_file); |
| 875 | if (!bp) |
| 876 | return 1; |
| 877 | r = Pack(filename, key_block_file, signprivate, bp, pad, vblockonly); |
| 878 | FreeBlob(bp); |
| 879 | return r; |
| 880 | |
| 881 | case OPT_MODE_REPACK: |
vbendeb | 00b9088 | 2010-10-21 13:46:16 -0700 | [diff] [blame] | 882 | if (!config_file && !key_block_file && (version<0)) { |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 883 | fprintf(stderr, |
vbendeb | 858fffb | 2010-10-06 09:51:44 -0700 | [diff] [blame] | 884 | "You must supply at least one of " |
| 885 | "--config, --keyblock or --version\n"); |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 886 | return 1; |
| 887 | } |
| 888 | |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 889 | bp = OldBlob(oldfile); |
| 890 | if (!bp) |
| 891 | return 1; |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 892 | r = ReplaceConfig(bp, config_file); |
| 893 | if (!r) { |
vbendeb | 00b9088 | 2010-10-21 13:46:16 -0700 | [diff] [blame] | 894 | if (version >= 0) { |
| 895 | bp->kernel_version = (uint64_t) version; |
vbendeb | 858fffb | 2010-10-06 09:51:44 -0700 | [diff] [blame] | 896 | } |
vbendeb | b2b0fcc | 2010-07-15 15:09:47 -0700 | [diff] [blame] | 897 | r = Pack(filename, key_block_file, signprivate, bp, pad, vblockonly); |
| 898 | } |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 899 | FreeBlob(bp); |
| 900 | return r; |
| 901 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 902 | case OPT_MODE_VERIFY: |
Will Drewry | 9342f88 | 2010-10-26 10:22:05 -0500 | [diff] [blame^] | 903 | return Verify(filename, signpubkey, verbose, key_block_file); |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 904 | |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 905 | default: |
Bill Richardson | a08b5c9 | 2010-06-30 21:59:43 -0700 | [diff] [blame] | 906 | fprintf(stderr, |
| 907 | "You must specify a mode: --pack, --repack or --verify\n"); |
| 908 | return PrintHelp(progname); |
Randall Spangler | 7d6898d | 2010-06-11 09:22:13 -0700 | [diff] [blame] | 909 | } |
| 910 | } |