coreboot-mirror
/
vboot
mirror of https://review.coreboot.org/vboot.git
1
0
Fork 0
Code Issues Releases Wiki Activity

vboot: remove VbPublicKey struct 

Update all references to vboot2-style struct vb2_packed_key.

BUG=b:124141368
TEST=make clean && make runtests
BRANCH=none

Change-Id: I55a5f6bf315bdb4b83a998759d3732077283998e
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1675871
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
This commit is contained in:
Joel Kitching 2019-06-25 16:51:16 +08:00 committed by Commit Bot
parent 9cff6fe1b8
commit e501b731d8
8 changed files with 50 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
firmware/include/vboot_struct.h
View File

@ -10,24 +10,18 @@
#define VBOOT_REFERENCE_VBOOT_STRUCT_H_
#include <stdint.h>
/*
* Needed for vb2_packed_key. Use relative path to place nicely with
* depthcharge and coreboot.
* TODO(kitching): This include should disappear once everything in
* this file has either been deprecated or has found a better home.
*/
#include "../2lib/include/2struct.h"
#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
/* Public key data */
typedef struct VbPublicKey {
/* Offset of key data from start of this struct */
uint64_t key_offset;
/* Size of key data in bytes (NOT strength of key in bits) */
uint64_t key_size;
/* Signature algorithm used by the key */
uint64_t algorithm;
/* Key version */
uint64_t key_version;
} __attribute__((packed)) VbPublicKey;
#define EXPECTED_VBPUBLICKEY_SIZE 32
/* Signature data (a secure hash, possibly signed) */
typedef struct VbSignature {
/* Offset of signature data from start of this struct */
@ -88,7 +82,7 @@ typedef struct VbKeyBlockHeader {
/* Flags for key (KEY_BLOCK_FLAG_*) */
uint64_t key_block_flags;
/* Key to verify the chunk of data */
VbPublicKey data_key;
struct vb2_packed_key data_key;
} __attribute__((packed)) VbKeyBlockHeader;
#define EXPECTED_VBKEYBLOCKHEADER_SIZE 112
@ -409,7 +403,7 @@ typedef struct VbSharedDataHeader {
/* Reserved for padding */
uint32_t reserved0;
/* Kernel subkey, from firmware */
VbPublicKey kernel_subkey;
struct vb2_packed_key kernel_subkey;
/* Offset of kernel subkey data from start of this struct */
uint64_t kernel_subkey_data_offset;
/* Size of kernel subkey data */

15
firmware/lib/include/vboot_common.h
View File

@ -9,6 +9,7 @@
#define VBOOT_REFERENCE_VBOOT_COMMON_H_
#include "2api.h"
#include "2struct.h"
#include "vboot_struct.h"
/* Test an important condition at compile time, not run time */
@ -47,8 +48,8 @@ extern const char *kVbootErrors[VBOOT_ERROR_MAX];
* Helper functions to get data pointed to by a public key or signature.
*/
uint8_t *GetPublicKeyData(VbPublicKey *key);
const uint8_t *GetPublicKeyDataC(const VbPublicKey *key);
uint8_t *GetPublicKeyData(struct vb2_packed_key *key);
const uint8_t *GetPublicKeyDataC(const struct vb2_packed_key *key);
uint8_t *GetSignatureData(VbSignature *sig);
const uint8_t *GetSignatureDataC(const VbSignature *sig);
@ -58,7 +59,7 @@ const uint8_t *GetSignatureDataC(const VbSignature *sig);
*/
int VerifyPublicKeyInside(const void *parent, uint64_t parent_size,
const VbPublicKey *key);
const struct vb2_packed_key *key);
int VerifySignatureInside(const void *parent, uint64_t parent_size,
const VbSignature *sig);
@ -66,14 +67,16 @@ int VerifySignatureInside(const void *parent, uint64_t parent_size,
/**
* Initialize a public key to refer to [key_data].
*/
void PublicKeyInit(VbPublicKey *key, uint8_t *key_data, uint64_t key_size);
void PublicKeyInit(struct vb2_packed_key *key,
uint8_t *key_data, uint64_t key_size);
/**
* Copy a public key from [src] to [dest].
*
* Returns 0 if success, non-zero if error.
*/
int PublicKeyCopy(VbPublicKey *dest, const VbPublicKey *src);
int PublicKeyCopy(struct vb2_packed_key *dest,
const struct vb2_packed_key *src);
/**
* Retrieve the 16-bit vmlinuz header address and size from the kernel preamble
@ -122,7 +125,7 @@ uint64_t VbSharedDataReserve(VbSharedDataHeader *header, uint64_t size);
* Returns 0 if success, non-zero if error.
*/
int VbSharedDataSetKernelKey(VbSharedDataHeader *header,
const VbPublicKey *src);
const struct vb2_packed_key *src);
/**
* Check whether recovery is allowed or not.

18
firmware/lib/vboot_common.c
View File

@ -30,12 +30,12 @@ const char *kVbootErrors[VBOOT_ERROR_MAX] = {
/* Helper functions to get data pointed to by a public key or signature. */
uint8_t *GetPublicKeyData(VbPublicKey *key)
uint8_t *GetPublicKeyData(struct vb2_packed_key *key)
{
return (uint8_t *)key + key->key_offset;
}
const uint8_t *GetPublicKeyDataC(const VbPublicKey *key)
const uint8_t *GetPublicKeyDataC(const struct vb2_packed_key *key)
{
return (const uint8_t *)key + key->key_offset;
}
@ -56,10 +56,10 @@ const uint8_t *GetSignatureDataC(const VbSignature *sig)
*/
int VerifyPublicKeyInside(const void *parent, uint64_t parent_size,
const VbPublicKey *key)
const struct vb2_packed_key *key)
{
return vb2_verify_member_inside(parent, parent_size,
key, sizeof(VbPublicKey),
key, sizeof(struct vb2_packed_key),
key->key_offset, key->key_size);
}
@ -71,7 +71,8 @@ int VerifySignatureInside(const void *parent, uint64_t parent_size,
sig->sig_offset, sig->sig_size);
}
void PublicKeyInit(VbPublicKey *key, uint8_t *key_data, uint64_t key_size)
void PublicKeyInit(struct vb2_packed_key *key,
uint8_t *key_data, uint64_t key_size)
{
key->key_offset = vb2_offset_of(key, key_data);
key->key_size = key_size;
@ -79,7 +80,7 @@ void PublicKeyInit(VbPublicKey *key, uint8_t *key_data, uint64_t key_size)
key->key_version = 0;
}
int PublicKeyCopy(VbPublicKey *dest, const VbPublicKey *src)
int PublicKeyCopy(struct vb2_packed_key *dest, const struct vb2_packed_key *src)
{
if (dest->key_size < src->key_size)
return 1;
@ -146,9 +147,10 @@ uint64_t VbSharedDataReserve(VbSharedDataHeader *header, uint64_t size)
return offs;
}
int VbSharedDataSetKernelKey(VbSharedDataHeader *header, const VbPublicKey *src)
int VbSharedDataSetKernelKey(VbSharedDataHeader *header,
const struct vb2_packed_key *src)
{
VbPublicKey *kdest;
struct vb2_packed_key *kdest;
if (!header)
return VBOOT_SHARED_DATA_INVALID;

6
firmware/lib/vboot_display.c
View File

@ -94,7 +94,7 @@ static void Uint8ToString(char *buf, uint8_t val)
*buf = trans[val & 0xF];
}
static void FillInSha1Sum(char *outbuf, VbPublicKey *key)
static void FillInSha1Sum(char *outbuf, struct vb2_packed_key *key)
{
uint8_t *buf = ((uint8_t *)key) + key->key_offset;
uint64_t buflen = key->key_size;
@ -371,7 +371,7 @@ VbError_t VbDisplayDebugInfo(struct vb2_context *ctx)
struct vb2_workbuf wblocal = wb;
ret = vb2_gbb_read_root_key(ctx, &key, NULL, &wblocal);
if (!ret) {
FillInSha1Sum(sha1sum, (VbPublicKey *)key);
FillInSha1Sum(sha1sum, key);
used += StrnAppend(buf + used, "\ngbb.rootkey: ",
DEBUG_INFO_SIZE - used);
used += StrnAppend(buf + used, sha1sum,
@ -384,7 +384,7 @@ VbError_t VbDisplayDebugInfo(struct vb2_context *ctx)
struct vb2_workbuf wblocal = wb;
ret = vb2_gbb_read_recovery_key(ctx, &key, NULL, &wblocal);
if (!ret) {
FillInSha1Sum(sha1sum, (VbPublicKey *)key);
FillInSha1Sum(sha1sum, key);
used += StrnAppend(buf + used, "\ngbb.recovery_key: ",
DEBUG_INFO_SIZE - used);
used += StrnAppend(buf + used, sha1sum,

6
tests/vb2_common_tests.c
View File

@ -80,18 +80,12 @@ static void test_array_size(void)
*/
static void test_struct_packing(void)
{
/* Test vboot2 versions of vboot1 structs */
TEST_EQ(EXPECTED_VB2_PACKED_KEY_SIZE,
sizeof(struct vb2_packed_key),
"sizeof(vb2_packed_key)");
TEST_EQ(EXPECTED_VB2_GBB_HEADER_SIZE,
sizeof(struct vb2_gbb_header),
"sizeof(vb2_gbb_header)");
/* And make sure they're the same as their vboot1 equivalents */
TEST_EQ(EXPECTED_VB2_PACKED_KEY_SIZE,
EXPECTED_VBPUBLICKEY_SIZE,
"vboot1->2 packed key sizes same");
}
/**

57
tests/vboot_common_tests.c
View File

@ -21,8 +21,6 @@
*/
static void StructPackingTest(void)
{
TEST_EQ(EXPECTED_VBPUBLICKEY_SIZE, sizeof(VbPublicKey),
"sizeof(VbPublicKey)");
TEST_EQ(EXPECTED_VBSIGNATURE_SIZE, sizeof(VbSignature),
"sizeof(VbSignature)");
TEST_EQ(EXPECTED_VBKEYBLOCKHEADER_SIZE, sizeof(VbKeyBlockHeader),
@ -43,38 +41,6 @@ static void StructPackingTest(void)
/* Helper functions not dependent on specific key sizes */
static void VerifyHelperFunctions(void)
{
{
VbPublicKey k = {sizeof(k), 2, 3, 4};
TEST_EQ((int)vb2_offset_of(&k, GetPublicKeyData(&k)), sizeof(k),
"GetPublicKeyData() adjacent");
TEST_EQ((int)vb2_offset_of(&k, GetPublicKeyDataC(&k)), sizeof(k),
"GetPublicKeyDataC() adjacent");
}
{
VbPublicKey k = {123, 2, 3, 4};
TEST_EQ((int)vb2_offset_of(&k, GetPublicKeyData(&k)), 123,
"GetPublicKeyData() spaced");
TEST_EQ((int)vb2_offset_of(&k, GetPublicKeyDataC(&k)), 123,
"GetPublicKeyDataC() spaced");
}
{
VbPublicKey k = {sizeof(k), 128, 0, 0};
TEST_EQ(VerifyPublicKeyInside(&k, sizeof(k)+128, &k), 0,
"PublicKeyInside ok 1");
TEST_EQ(VerifyPublicKeyInside(&k - 1, 2*sizeof(k)+128, &k), 0,
"PublicKeyInside ok 2");
TEST_NEQ(VerifyPublicKeyInside(&k, 128, &k), 0,
"PublicKeyInside key too big");
}
{
VbPublicKey k = {100, 4, 0, 0};
TEST_NEQ(VerifyPublicKeyInside(&k, 99, &k), 0,
"PublicKeyInside offset too big");
}
{
VbSignature s = {sizeof(s), 128, 2000};
TEST_EQ(VerifySignatureInside(&s, sizeof(s)+128, &s), 0,
@ -95,8 +61,8 @@ static void VerifyHelperFunctions(void)
/* Public key utility functions */
static void PublicKeyTest(void)
{
VbPublicKey k[3];
VbPublicKey j[5];
struct vb2_packed_key k[3];
struct vb2_packed_key j[5];
/* Fill some bits of the public key data */
memset(j, 0, sizeof(j));
@ -104,9 +70,11 @@ static void PublicKeyTest(void)
k[1].key_size = 12345;
k[2].key_version = 67;
PublicKeyInit(k, (uint8_t*)(k + 1), 2 * sizeof(VbPublicKey));
TEST_EQ(k->key_offset, sizeof(VbPublicKey), "PublicKeyInit key_offset");
TEST_EQ(k->key_size, 2 * sizeof(VbPublicKey), "PublicKeyInit key_size");
PublicKeyInit(k, (uint8_t*)(k + 1), 2 * sizeof(struct vb2_packed_key));
TEST_EQ(k->key_offset, sizeof(struct vb2_packed_key),
"PublicKeyInit key_offset");
TEST_EQ(k->key_size, 2 * sizeof(struct vb2_packed_key),
"PublicKeyInit key_size");
TEST_EQ(k->algorithm, VB2_ALG_COUNT, "PublicKeyInit algorithm");
TEST_EQ(k->key_version, 0, "PublicKeyInit key_version");
@ -115,17 +83,20 @@ static void PublicKeyTest(void)
k->key_version = 21;
/* Copying to a smaller destination should fail */
PublicKeyInit(j, (uint8_t*)(j + 1), 2 * sizeof(VbPublicKey) - 1);
PublicKeyInit(j, (uint8_t*)(j + 1),
2 * sizeof(struct vb2_packed_key) - 1);
TEST_NEQ(0, PublicKeyCopy(j, k), "PublicKeyCopy too small");
/* Copying to same or larger size should succeed */
PublicKeyInit(j, (uint8_t*)(j + 2), 2 * sizeof(VbPublicKey) + 1);
PublicKeyInit(j, (uint8_t*)(j + 2),
2 * sizeof(struct vb2_packed_key) + 1);
TEST_EQ(0, PublicKeyCopy(j, k), "PublicKeyCopy same");
/* Offset in destination shouldn't have been modified */
TEST_EQ(j->key_offset, 2 * sizeof(VbPublicKey),
TEST_EQ(j->key_offset, 2 * sizeof(struct vb2_packed_key),
"PublicKeyCopy key_offset");
/* Size should have been reduced to match the source */
TEST_EQ(k->key_size, 2 * sizeof(VbPublicKey), "PublicKeyCopy key_size");
TEST_EQ(k->key_size, 2 * sizeof(struct vb2_packed_key),
"PublicKeyCopy key_size");
/* Other fields should have been copied */
TEST_EQ(k->algorithm, j->algorithm, "PublicKeyCopy algorithm");
TEST_EQ(k->key_version, j->key_version, "PublicKeyCopy key_version");

4
tests/verify_kernel.c
View File

@ -62,7 +62,7 @@ static void print_help(const char *progname)
int main(int argc, char *argv[])
{
VbPublicKey *kernkey;
struct vb2_packed_key *kernkey;
uint64_t disk_bytes = 0;
int rv;
@ -80,7 +80,7 @@ int main(int argc, char *argv[])
}
/* Read public key */
kernkey = (VbPublicKey *)vb2_read_packed_key(argv[2]);
kernkey = vb2_read_packed_key(argv[2]);
if (!kernkey) {
fprintf(stderr, "Can't read key file %s\n", argv[2]);
return 1;

3
utility/load_kernel_test.c
View File

@ -184,7 +184,8 @@ int main(int argc, char* argv[]) {
}
/* Copy in the key blob, if any */
if (key_blob) {
if (0 != VbSharedDataSetKernelKey(shared, (VbPublicKey*)key_blob)) {
if (0 != VbSharedDataSetKernelKey(shared,
(struct vb2_packed_key *)key_blob)) {
fprintf(stderr, "Unable to set key in shared data\n");
return 1;
}