diff options
Diffstat (limited to 'common/vboot_hash.c')
-rw-r--r-- | common/vboot_hash.c | 84 |
1 files changed, 48 insertions, 36 deletions
diff --git a/common/vboot_hash.c b/common/vboot_hash.c index 33172e7c74..ad41269794 100644 --- a/common/vboot_hash.c +++ b/common/vboot_hash.c @@ -1,16 +1,18 @@ -/* Copyright 2012 The Chromium OS Authors. All rights reserved. +/* Copyright 2012 The ChromiumOS Authors * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. */ /* Verified boot hash computing module for Chrome EC */ +#include "builtin/assert.h" #include "clock.h" #include "common.h" #include "console.h" #include "flash.h" #include "hooks.h" #include "host_command.h" +#include "printf.h" #include "sha256.h" #include "shared_mem.h" #include "stdbool.h" @@ -23,7 +25,7 @@ /* Console output macros */ #define CPUTS(outstr) cputs(CC_VBOOT, outstr) -#define CPRINTS(format, args...) cprints(CC_VBOOT, format, ## args) +#define CPRINTS(format, args...) cprints(CC_VBOOT, format, ##args) struct vboot_hash_tag { uint8_t hash[SHA256_DIGEST_SIZE]; @@ -31,8 +33,8 @@ struct vboot_hash_tag { uint32_t size; }; -#define CHUNK_SIZE 1024 /* Bytes to hash per deferred call */ -#define WORK_INTERVAL_US 100 /* Delay between deferred calls */ +#define CHUNK_SIZE 1024 /* Bytes to hash per deferred call */ +#define WORK_INTERVAL_US 100 /* Delay between deferred calls */ /* Check that CHUNK_SIZE fits in shared memory. */ SHARED_MEM_CHECK_SIZE(CHUNK_SIZE); @@ -40,11 +42,11 @@ SHARED_MEM_CHECK_SIZE(CHUNK_SIZE); static uint32_t data_offset; static uint32_t data_size; static uint32_t curr_pos; -static const uint8_t *hash; /* Hash, or NULL if not valid */ +static const uint8_t *hash; /* Hash, or NULL if not valid */ static int want_abort; static int in_progress; -#define VBOOT_HASH_DEFERRED true -#define VBOOT_HASH_BLOCKING false +#define VBOOT_HASH_DEFERRED true +#define VBOOT_HASH_BLOCKING false static struct sha256_ctx ctx; @@ -117,9 +119,10 @@ static void hash_next_chunk(size_t size) { #ifdef CONFIG_MAPPED_STORAGE crec_flash_lock_mapped_storage(1); - SHA256_update(&ctx, (const uint8_t *) - ((uintptr_t)CONFIG_MAPPED_STORAGE_BASE + - data_offset + curr_pos), size); + SHA256_update(&ctx, + (const uint8_t *)((uintptr_t)CONFIG_MAPPED_STORAGE_BASE + + data_offset + curr_pos), + size); crec_flash_lock_mapped_storage(0); #else if (read_and_hash_chunk(data_offset + curr_pos, size) != EC_SUCCESS) @@ -129,6 +132,8 @@ static void hash_next_chunk(size_t size) static void vboot_hash_all_chunks(void) { + char str_buf[hex_str_buf_size(SHA256_PRINT_SIZE)]; + do { size_t size = MIN(CHUNK_SIZE, data_size - curr_pos); hash_next_chunk(size); @@ -136,7 +141,9 @@ static void vboot_hash_all_chunks(void) } while (curr_pos < data_size); hash = SHA256_final(&ctx); - CPRINTS("hash done %ph", HEX_BUF(hash, SHA256_PRINT_SIZE)); + snprintf_hex_buffer(str_buf, sizeof(str_buf), + HEX_BUF(hash, SHA256_PRINT_SIZE)); + CPRINTS("hash done %s", str_buf); in_progress = 0; clock_enable_module(MODULE_FAST_CPU, 0); @@ -164,9 +171,14 @@ static void vboot_hash_next_chunk(void) curr_pos += size; if (curr_pos >= data_size) { + char str_buf[hex_str_buf_size(SHA256_PRINT_SIZE)]; + /* Store the final hash */ hash = SHA256_final(&ctx); - CPRINTS("hash done %ph", HEX_BUF(hash, SHA256_PRINT_SIZE)); + + snprintf_hex_buffer(str_buf, sizeof(str_buf), + HEX_BUF(hash, SHA256_PRINT_SIZE)); + CPRINTS("hash done %s", str_buf); in_progress = 0; @@ -271,9 +283,9 @@ int vboot_hash_invalidate(int offset, int size) */ static uint32_t get_rw_size(void) { -#ifdef CONFIG_VBOOT_EFS /* Only needed for EFS, which signs and verifies - * entire RW, thus not needed for EFS2, which - * verifies only the used image size. */ +#ifdef CONFIG_VBOOT_EFS /* Only needed for EFS, which signs and verifies \ + * entire RW, thus not needed for EFS2, which \ + * verifies only the used image size. */ return CONFIG_RW_SIZE; #else return system_get_image_used(EC_IMAGE_RW); @@ -327,10 +339,10 @@ static int get_offset(int offset) /****************************************************************************/ /* Console commands */ #ifdef CONFIG_CMD_HASH -static int command_hash(int argc, char **argv) +static int command_hash(int argc, const char **argv) { - uint32_t offset = CONFIG_EC_WRITABLE_STORAGE_OFF + - CONFIG_RW_STORAGE_OFF; + uint32_t offset = + CONFIG_EC_WRITABLE_STORAGE_OFF + CONFIG_RW_STORAGE_OFF; uint32_t size = CONFIG_RW_SIZE; char *e; @@ -342,9 +354,13 @@ static int command_hash(int argc, char **argv) ccprintf("(aborting)\n"); else if (in_progress) ccprintf("(in progress)\n"); - else if (hash) - ccprintf("%ph\n", HEX_BUF(hash, SHA256_DIGEST_SIZE)); - else + else if (hash) { + char str_buf[hex_str_buf_size(SHA256_DIGEST_SIZE)]; + + snprintf_hex_buffer(str_buf, sizeof(str_buf), + HEX_BUF(hash, SHA256_DIGEST_SIZE)); + ccprintf("%s\n", str_buf); + } else ccprintf("(invalid)\n"); return EC_SUCCESS; @@ -356,15 +372,14 @@ static int command_hash(int argc, char **argv) return EC_SUCCESS; } else if (!strcasecmp(argv[1], "rw")) { return vboot_hash_start( - get_offset(EC_VBOOT_HASH_OFFSET_ACTIVE), - get_rw_size(), - NULL, 0, VBOOT_HASH_DEFERRED); + get_offset(EC_VBOOT_HASH_OFFSET_ACTIVE), + get_rw_size(), NULL, 0, VBOOT_HASH_DEFERRED); } else if (!strcasecmp(argv[1], "ro")) { return vboot_hash_start( CONFIG_EC_PROTECTED_STORAGE_OFF + - CONFIG_RO_STORAGE_OFF, - system_get_image_used(EC_IMAGE_RO), - NULL, 0, VBOOT_HASH_DEFERRED); + CONFIG_RO_STORAGE_OFF, + system_get_image_used(EC_IMAGE_RO), NULL, 0, + VBOOT_HASH_DEFERRED); } return EC_ERROR_PARAM2; } @@ -384,12 +399,11 @@ static int command_hash(int argc, char **argv) if (*e) return EC_ERROR_PARAM3; - return vboot_hash_start(offset, size, - (const uint8_t *)&nonce, + return vboot_hash_start(offset, size, (const uint8_t *)&nonce, sizeof(nonce), VBOOT_HASH_DEFERRED); } else - return vboot_hash_start(offset, size, - NULL, 0, VBOOT_HASH_DEFERRED); + return vboot_hash_start(offset, size, NULL, 0, + VBOOT_HASH_DEFERRED); } DECLARE_CONSOLE_COMMAND(hash, command_hash, "[abort | ro | rw] | [<offset> <size> [<nonce>]]", @@ -399,8 +413,7 @@ DECLARE_CONSOLE_COMMAND(hash, command_hash, /* Host commands */ /* Fill in the response with the current hash status */ -static void fill_response(struct ec_response_vboot_hash *r, - int request_offset) +static void fill_response(struct ec_response_vboot_hash *r, int request_offset) { if (in_progress) r->status = EC_VBOOT_HASH_STATUS_BUSY; @@ -439,7 +452,7 @@ static int host_start_hash(const struct ec_params_vboot_hash *p) if (offset == EC_VBOOT_HASH_OFFSET_RO) size = system_get_image_used(EC_IMAGE_RO); else if ((offset == EC_VBOOT_HASH_OFFSET_ACTIVE) || - (offset == EC_VBOOT_HASH_OFFSET_UPDATE)) + (offset == EC_VBOOT_HASH_OFFSET_UPDATE)) size = get_rw_size(); offset = get_offset(offset); rv = vboot_hash_start(offset, size, p->nonce_data, p->nonce_size, @@ -493,6 +506,5 @@ host_command_vboot_hash(struct host_cmd_handler_args *args) return EC_RES_INVALID_PARAM; } } -DECLARE_HOST_COMMAND(EC_CMD_VBOOT_HASH, - host_command_vboot_hash, +DECLARE_HOST_COMMAND(EC_CMD_VBOOT_HASH, host_command_vboot_hash, EC_VER_MASK(0)); |