diff options
| author | Bill Richardson <wfrichar@chromium.org> | 2015-02-20 16:51:59 -0800 |
|---|---|---|
| committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2015-02-25 08:44:58 +0000 |
| commit | dd9c1447ac2625e8f78af07bb88a417b908ab34b (patch) | |
| tree | 0768b0de50fc1eb33d4a4c9988d133a5f6573e3b /common | |
| parent | 8a94ea4fbd7ef283af35ec5aa472a819f5a2a337 (diff) | |
| download | chrome-ec-dd9c1447ac2625e8f78af07bb88a417b908ab34b.tar.gz | |
cr50: enable signed RW images
This signs the RW firmware (with a non-secret key). The RO
firmware will verify the RW firmware and jump to it if it's good.
Note that this isn't the final solution, just the beginning.
BUG=chrome-os-partner:37071
BRANCH=none
TEST=manual
Build and install it. You'll see something like this:
--- UART initialized after reboot ---
[Reset cause: reset-pin hard]
[Image: RO, cr50_v1.1.2929-27e1b82-dirty 2015-02-24 14:36:29 wfrichar@wfrichar-glaptop]
[0.000444 Verifying RW image...]
[0.423742 RW image verified]
[0.423946 Jumping to image RW[0.428492 UART initialized after sysjump]
[Image: RW, cr50_v1.1.2929-27e1b82-dirty 2015-02-24 14:36:29 wfrichar@wfrichar-glaptop]
[0.428931 Inits done]
Console is enabled; type HELP for help.
>
> sysinfo
Reset flags: 0x00000c02 (reset-pin sysjump hard)
Copy: RW
Jumped: yes
Flags: unlocked
>
Change-Id: Icafa554baca135ff1f80cbce4dad5f980e7fc122
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/253081
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat (limited to 'common')
| -rw-r--r-- | common/rwsig.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/common/rwsig.c b/common/rwsig.c index 2065a3d215..6b90c6cd87 100644 --- a/common/rwsig.c +++ b/common/rwsig.c @@ -47,6 +47,8 @@ void check_rw_signature(void) if (*rw_rst == 0xffffffff) return; + CPRINTS("Verifying RW image..."); + /* Large buffer for RSA computation : could be re-use afterwards... */ res = shared_mem_acquire(3 * RSANUMBYTES, (char **)&rsa_workbuf); if (res) { @@ -59,13 +61,14 @@ void check_rw_signature(void) SHA256_update(&ctx, (void *)CONFIG_FLASH_BASE + CONFIG_FW_RW_OFF, CONFIG_FW_RW_SIZE - RSANUMBYTES); hash = SHA256_final(&ctx); + good = rsa_verify(&pkey, (void *)rw_sig, (void *)hash, rsa_workbuf); if (good) { - CPRINTS("RW image verified\n"); + CPRINTS("RW image verified"); /* Jump to the RW firmware */ system_run_image_copy(SYSTEM_IMAGE_RW); } else { - CPRINTS("RSA verify FAILED\n"); + CPRINTS("RSA verify FAILED"); pd_log_event(PD_EVENT_ACC_RW_FAIL, 0, 0, NULL); /* RW firmware is invalid : do not jump there */ if (system_is_locked()) |