diff options
Diffstat (limited to 'common/vboot')
-rw-r--r-- | common/vboot/common.c | 10 | ||||
-rw-r--r-- | common/vboot/efs2.c | 58 | ||||
-rw-r--r-- | common/vboot/vb21_lib.c | 17 | ||||
-rw-r--r-- | common/vboot/vboot.c | 42 |
4 files changed, 79 insertions, 48 deletions
diff --git a/common/vboot/common.c b/common/vboot/common.c index 39f8c193c7..a92652364b 100644 --- a/common/vboot/common.c +++ b/common/vboot/common.c @@ -1,4 +1,4 @@ -/* Copyright 2017 The Chromium OS Authors. All rights reserved. +/* Copyright 2017 The ChromiumOS Authors * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. */ @@ -10,8 +10,8 @@ #include "shared_mem.h" #include "vboot.h" -#define CPRINTS(format, args...) cprints(CC_VBOOT, format, ## args) -#define CPRINTF(format, args...) cprintf(CC_VBOOT, format, ## args) +#define CPRINTS(format, args...) cprints(CC_VBOOT, format, ##args) +#define CPRINTF(format, args...) cprintf(CC_VBOOT, format, ##args) int vboot_is_padding_valid(const uint8_t *data, uint32_t start, uint32_t end) { @@ -32,8 +32,8 @@ int vboot_is_padding_valid(const uint8_t *data, uint32_t start, uint32_t end) return EC_SUCCESS; } -int vboot_verify(const uint8_t *data, int len, - const struct rsa_public_key *key, const uint8_t *sig) +int vboot_verify(const uint8_t *data, int len, const struct rsa_public_key *key, + const uint8_t *sig) { struct sha256_ctx ctx; uint8_t *hash; diff --git a/common/vboot/efs2.c b/common/vboot/efs2.c index a410c274f5..b45109029d 100644 --- a/common/vboot/efs2.c +++ b/common/vboot/efs2.c @@ -1,4 +1,4 @@ -/* Copyright 2020 The Chromium OS Authors. All rights reserved. +/* Copyright 2020 The ChromiumOS Authors * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. */ @@ -26,19 +26,23 @@ #include "vboot.h" #include "vboot_hash.h" -#define CPRINTS(format, args...) cprints(CC_VBOOT,"VB " format, ## args) -#define CPRINTF(format, args...) cprintf(CC_VBOOT,"VB " format, ## args) +#define CPRINTS(format, args...) cprints(CC_VBOOT, "VB " format, ##args) +#define CPRINTF(format, args...) cprintf(CC_VBOOT, "VB " format, ##args) +/* LCOV_EXCL_START - TODO(b/172210316) implement is_battery_ready(), and remove + * this lcov excl. + */ static const char *boot_mode_to_string(uint8_t mode) { static const char *boot_mode_str[] = { - [BOOT_MODE_NORMAL] = "NORMAL", - [BOOT_MODE_NO_BOOT] = "NO_BOOT", + [BOOT_MODE_NORMAL] = "NORMAL", + [BOOT_MODE_NO_BOOT] = "NO_BOOT", }; if (mode < ARRAY_SIZE(boot_mode_str)) return boot_mode_str[mode]; return "UNDEF"; } +/* LCOV_EXCL_STOP */ /* * Check whether the session has successfully ended or not. ERR_TIMEOUT is @@ -46,8 +50,8 @@ static const char *boot_mode_to_string(uint8_t mode) */ static bool is_valid_cr50_response(enum cr50_comm_err code) { - return code != CR50_COMM_ERR_TIMEOUT - && (code >> 8) == CR50_COMM_ERR_PREFIX; + return code != CR50_COMM_ERR_TIMEOUT && + (code >> 8) == CR50_COMM_ERR_PREFIX; } __overridable void board_enable_packet_mode(bool enable) @@ -74,8 +78,13 @@ static enum cr50_comm_err send_to_cr50(const uint8_t *data, size_t size) if (uart_shell_stop()) { /* Failed to stop the shell. */ + /* LCOV_EXCL_START - At least on posix systems, uart_shell_stop + * will never fail, it will crash the binary or hang forever on + * error. + */ board_enable_packet_mode(false); return CR50_COMM_ERR_UNKNOWN; + /* LCOV_EXCL_STOP */ } /* @@ -108,7 +117,7 @@ static enum cr50_comm_err send_to_cr50(const uint8_t *data, size_t size) while (!timeout) { int c = uart_getc(); if (c != -1) { - res.error = res.error | c << (i*8); + res.error = res.error | c << (i * 8); break; } msleep(1); @@ -159,7 +168,7 @@ static enum cr50_comm_err cmd_to_cr50(enum cr50_comm_cmd cmd, p->size = size; memcpy(p->data, data, size); p->crc = cros_crc8((uint8_t *)&p->type, - sizeof(p->type) + sizeof(p->size) + size); + sizeof(p->type) + sizeof(p->size) + size); do { rv = send_to_cr50((uint8_t *)&s, @@ -191,17 +200,21 @@ static enum cr50_comm_err verify_hash(void) return cmd_to_cr50(CR50_COMM_CMD_VERIFY_HASH, hash, SHA256_DIGEST_SIZE); } +/* LCOV_EXCL_START - TODO(b/172210316) implement is_battery_ready(), and remove + * this lcov excl. + */ static enum cr50_comm_err set_boot_mode(uint8_t mode) { enum cr50_comm_err rv; CPRINTS("Setting boot mode to %s(%d)", boot_mode_to_string(mode), mode); - rv = cmd_to_cr50(CR50_COMM_CMD_SET_BOOT_MODE, - &mode, sizeof(enum boot_mode)); + rv = cmd_to_cr50(CR50_COMM_CMD_SET_BOOT_MODE, &mode, + sizeof(enum boot_mode)); if (rv != CR50_COMM_SUCCESS) CPRINTS("Failed to set boot mode"); return rv; } +/* LCOV_EXCL_STOP */ static bool pd_comm_enabled; @@ -216,10 +229,19 @@ bool vboot_allow_usb_pd(void) return pd_comm_enabled; } +#ifdef TEST_BUILD +void vboot_disable_pd(void) +{ + pd_comm_enabled = false; +} +#endif + +/* LCOV_EXCL_START - This is just a stub intended to be overridden */ __overridable void show_critical_error(void) { CPRINTS("%s", __func__); } +/* LCOV_EXCL_STOP */ static void verify_and_jump(void) { @@ -244,14 +266,16 @@ static void verify_and_jump(void) } } +/* LCOV_EXCL_START - This is just a stub intended to be overridden */ __overridable void show_power_shortage(void) { CPRINTS("%s", __func__); } +/* LCOV_EXCL_STOP */ static bool is_battery_ready(void) { - /* TODO: Add battery check (https://crbug.com/1045216) */ + /* TODO(b/172210316): Add battery check */ return true; } @@ -274,8 +298,8 @@ void vboot_main(void) (system_get_reset_flags() & EC_RESET_FLAG_STAY_IN_RO)) { if (system_is_manual_recovery()) CPRINTS("In recovery mode"); - if (!IS_ENABLED(CONFIG_BATTERY) - && !IS_ENABLED(HAS_TASK_KEYSCAN)) { + if (!IS_ENABLED(CONFIG_BATTERY) && + !IS_ENABLED(HAS_TASK_KEYSCAN)) { /* * For Chromeboxes, we relax security by allowing PD in * RO. Attackers don't gain meaningful advantage on @@ -293,12 +317,16 @@ void vboot_main(void) * If battery is drained or bad, we will boot in NO_BOOT mode to * inform the user of the problem. */ + /* LCOV_EXCL_START - TODO(b/172210316) implement + * is_battery_ready(), and remove this lcov excl. + */ if (!is_battery_ready()) { CPRINTS("Battery not ready or bad"); if (set_boot_mode(BOOT_MODE_NO_BOOT) == - CR50_COMM_SUCCESS) + CR50_COMM_SUCCESS) enable_pd(); } + /* LCOV_EXCL_STOP */ /* We'll enter recovery mode immediately, later, or never. */ return; diff --git a/common/vboot/vb21_lib.c b/common/vboot/vb21_lib.c index 4e215c14e5..ab7628371f 100644 --- a/common/vboot/vb21_lib.c +++ b/common/vboot/vb21_lib.c @@ -1,4 +1,4 @@ -/* Copyright 2017 The Chromium OS Authors. All rights reserved. +/* Copyright 2017 The ChromiumOS Authors * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. */ @@ -52,7 +52,6 @@ const struct vb21_packed_key *vb21_get_packed_key(void) static void read_rwsig_info(struct ec_response_rwsig_info *r) { - const struct vb21_packed_key *vb21_key; int rv; @@ -61,17 +60,21 @@ static void read_rwsig_info(struct ec_response_rwsig_info *r) r->sig_alg = vb21_key->sig_alg; r->hash_alg = vb21_key->hash_alg; r->key_version = vb21_key->key_version; - { BUILD_ASSERT(sizeof(r->key_id) == sizeof(vb21_key->id), - "key ID sizes must match"); } - { BUILD_ASSERT(sizeof(vb21_key->id) == sizeof(vb21_key->id.raw), - "key ID sizes must match"); } + { + BUILD_ASSERT(sizeof(r->key_id) == sizeof(vb21_key->id), + "key ID sizes must match"); + } + { + BUILD_ASSERT(sizeof(vb21_key->id) == sizeof(vb21_key->id.raw), + "key ID sizes must match"); + } memcpy(r->key_id, vb21_key->id.raw, sizeof(r->key_id)); rv = vb21_is_packed_key_valid(vb21_key); r->key_is_valid = (rv == EC_SUCCESS); } -static int command_rwsig_info(int argc, char **argv) +static int command_rwsig_info(int argc, const char **argv) { int i; struct ec_response_rwsig_info r; diff --git a/common/vboot/vboot.c b/common/vboot/vboot.c index 910156335d..cf449da1b8 100644 --- a/common/vboot/vboot.c +++ b/common/vboot/vboot.c @@ -1,4 +1,4 @@ -/* Copyright 2017 The Chromium OS Authors. All rights reserved. +/* Copyright 2017 The ChromiumOS Authors * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. */ @@ -25,8 +25,8 @@ #include "vboot.h" #include "vb21_struct.h" -#define CPRINTS(format, args...) cprints(CC_VBOOT,"VB " format, ## args) -#define CPRINTF(format, args...) cprintf(CC_VBOOT,"VB " format, ## args) +#define CPRINTS(format, args...) cprints(CC_VBOOT, "VB " format, ##args) +#define CPRINTF(format, args...) cprintf(CC_VBOOT, "VB " format, ##args) static int has_matrix_keyboard(void) { @@ -45,34 +45,34 @@ static int verify_slot(enum ec_image slot) CPRINTS("Verifying %s", ec_image_to_string(slot)); - vb21_key = (const struct vb21_packed_key *)( - CONFIG_MAPPED_STORAGE_BASE + - CONFIG_EC_PROTECTED_STORAGE_OFF + - CONFIG_RO_PUBKEY_STORAGE_OFF); + vb21_key = + (const struct vb21_packed_key *)(CONFIG_MAPPED_STORAGE_BASE + + CONFIG_EC_PROTECTED_STORAGE_OFF + + CONFIG_RO_PUBKEY_STORAGE_OFF); rv = vb21_is_packed_key_valid(vb21_key); if (rv) { CPRINTS("Invalid key (%d)", rv); return EC_ERROR_VBOOT_KEY; } - key = (const struct rsa_public_key *) - ((const uint8_t *)vb21_key + vb21_key->key_offset); + key = (const struct rsa_public_key *)((const uint8_t *)vb21_key + + vb21_key->key_offset); if (slot == EC_IMAGE_RW_A) { data = (const uint8_t *)(CONFIG_MAPPED_STORAGE_BASE + - CONFIG_EC_WRITABLE_STORAGE_OFF + - CONFIG_RW_A_STORAGE_OFF); - vb21_sig = (const struct vb21_signature *)( - CONFIG_MAPPED_STORAGE_BASE + - CONFIG_EC_WRITABLE_STORAGE_OFF + - CONFIG_RW_A_SIGN_STORAGE_OFF); + CONFIG_EC_WRITABLE_STORAGE_OFF + + CONFIG_RW_A_STORAGE_OFF); + vb21_sig = (const struct vb21_signature + *)(CONFIG_MAPPED_STORAGE_BASE + + CONFIG_EC_WRITABLE_STORAGE_OFF + + CONFIG_RW_A_SIGN_STORAGE_OFF); } else { data = (const uint8_t *)(CONFIG_MAPPED_STORAGE_BASE + - CONFIG_EC_WRITABLE_STORAGE_OFF + - CONFIG_RW_B_STORAGE_OFF); - vb21_sig = (const struct vb21_signature *)( - CONFIG_MAPPED_STORAGE_BASE + - CONFIG_EC_WRITABLE_STORAGE_OFF + - CONFIG_RW_B_SIGN_STORAGE_OFF); + CONFIG_EC_WRITABLE_STORAGE_OFF + + CONFIG_RW_B_STORAGE_OFF); + vb21_sig = (const struct vb21_signature + *)(CONFIG_MAPPED_STORAGE_BASE + + CONFIG_EC_WRITABLE_STORAGE_OFF + + CONFIG_RW_B_SIGN_STORAGE_OFF); } rv = vb21_is_signature_valid(vb21_sig, vb21_key); |