diff options
author | Shelley Chen <shchen@chromium.org> | 2015-01-08 09:13:44 -0800 |
---|---|---|
committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2015-01-23 21:32:12 +0000 |
commit | f1f53b3732f235da15a50080db6e7bbd4666e390 (patch) | |
tree | edddd76b155d86824fe33934a3d427914987b7ef /firmware | |
parent | f242ad0f6fcfc9dc9195af06fe79301a9bd74113 (diff) | |
download | vboot-f1f53b3732f235da15a50080db6e7bbd4666e390.tar.gz |
vboot: Add flag to vbutil_kernel for reconstruction of vmlinuz image
Adding functionality to allow for rebuilding of vmlinuz after it
has been processed into vblock and header stripped. Basically appends
the 16-bit header of a vmlinuz image onto the end of the vblock.
BUG=chromium:438302
BRANCH=none
TEST=Successfully ran "make runalltests".
Also, ran:
1. Repack kernel block (so that 16-bit header is included):
"vbutil_kernel --pack kern_0 ..."
2. Verify kernel: "vbutil_kernel --verify kern_0 ... ". This should
be done before booting into kernel, but not necessary for it to work.
3. Rebuild vmlinuz image:
"vbutil_kernel --get-vmlinuz kern_0 --vmlinuz-out vm.out"
4. Set up kexec with vmlinuz (this should complete with no errors):
"kexec -l vm.out (other kernel cmd line args)"
5. Boot into kernel:
"kexec -e"
Change-Id: Iaa1582a1aedf70b43cdb3a56cde1fb248f1793d4
Signed-off-by: Shelley Chen <shchen@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/232750
Reviewed-by: Furquan Shaikh <furquan@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat (limited to 'firmware')
-rw-r--r-- | firmware/include/vboot_struct.h | 55 | ||||
-rw-r--r-- | firmware/lib/include/vboot_common.h | 19 | ||||
-rw-r--r-- | firmware/lib/vboot_common.c | 44 |
3 files changed, 114 insertions, 4 deletions
diff --git a/firmware/include/vboot_struct.h b/firmware/include/vboot_struct.h index 923e63cd..9e845ef8 100644 --- a/firmware/include/vboot_struct.h +++ b/firmware/include/vboot_struct.h @@ -180,9 +180,9 @@ typedef struct VbFirmwarePreambleHeader { /****************************************************************************/ #define KERNEL_PREAMBLE_HEADER_VERSION_MAJOR 2 -#define KERNEL_PREAMBLE_HEADER_VERSION_MINOR 0 +#define KERNEL_PREAMBLE_HEADER_VERSION_MINOR 1 -/* Preamble block for kernel +/* Preamble block for kernel, version 2.0 * * This should be followed by: * 1) The signature data for the kernel body, pointed to by @@ -190,7 +190,7 @@ typedef struct VbFirmwarePreambleHeader { * 2) The signature data for (VBFirmwarePreambleHeader + body signature * data), pointed to by preamble_signature.sig_offset. */ -typedef struct VbKernelPreambleHeader { +typedef struct VbKernelPreambleHeader2_0 { /* * Size of this preamble, including keys, signatures, and padding, in * bytes @@ -213,9 +213,56 @@ typedef struct VbKernelPreambleHeader { uint64_t bootloader_size; /* Signature for the kernel body */ VbSignature body_signature; +} __attribute__((packed)) VbKernelPreambleHeader2_0; + +#define EXPECTED_VBKERNELPREAMBLEHEADER2_0_SIZE 96 + +/* Preamble block for kernel, version 2.1 + * + * This should be followed by: + * 1) The signature data for the kernel body, pointed to by + * body_signature.sig_offset. + * 2) The signature data for (VBFirmwarePreambleHeader + body signature + * data), pointed to by preamble_signature.sig_offset. + * 3) The 16-bit vmlinuz header, which is used for reconstruction of + * vmlinuz image. + */ +typedef struct VbKernelPreambleHeader { + /* + * Size of this preamble, including keys, signatures, vmlinuz header, + * and padding, in bytes + */ + uint64_t preamble_size; + /* Signature for this preamble (header + body signature) */ + VbSignature preamble_signature; + /* Version of this header format */ + uint32_t header_version_major; + /* Version of this header format */ + uint32_t header_version_minor; + + /* Kernel version */ + uint64_t kernel_version; + /* Load address for kernel body */ + uint64_t body_load_address; + /* Address of bootloader, after body is loaded at body_load_address */ + uint64_t bootloader_address; + /* Size of bootloader in bytes */ + uint64_t bootloader_size; + /* Signature for the kernel body */ + VbSignature body_signature; + /* + * Fields added in header version 2.1. You must verify the header + * version before reading these fields! + */ + /* Address of 16-bit header for vmlinuz reassembly. Readers should + return 0 for header version < 2.1 */ + uint64_t vmlinuz_header_address; + /* Size of 16-bit header for vmlinuz in bytes. Readers should return 0 + for header version < 2.1 */ + uint64_t vmlinuz_header_size; } __attribute__((packed)) VbKernelPreambleHeader; -#define EXPECTED_VBKERNELPREAMBLEHEADER_SIZE 96 +#define EXPECTED_VBKERNELPREAMBLEHEADER2_1_SIZE 112 /****************************************************************************/ diff --git a/firmware/lib/include/vboot_common.h b/firmware/lib/include/vboot_common.h index 83064d2b..f792d1a2 100644 --- a/firmware/lib/include/vboot_common.h +++ b/firmware/lib/include/vboot_common.h @@ -149,6 +149,25 @@ int VerifyKernelPreamble(const VbKernelPreambleHeader *preamble, /** + * Retrieve the 16-bit vmlinuz header address and size from the kernel preamble + * if there is one. These are only available in Kernel Preamble Header version + * >= 2.1. If given a header 2.0 or lower, will set address and size to 0 (this + * is not considered an error). + * + * Returns VBOOT_SUCCESS if successful. + */ +int VbGetKernelVmlinuzHeader(const VbKernelPreambleHeader *preamble, + uint64_t *vmlinuz_header_address, + uint64_t *vmlinuz_header_size); + +/** + * Verify that the Vmlinuz Header is contained inside of the kernel blob. + * + * Returns VBOOT_SUCCESS or VBOOT_PREAMBLE_INVALID on error + */ +int VerifyVmlinuzInsideKBlob(uint64_t kblob, uint64_t kblob_size, + uint64_t header, uint64_t header_size); +/** * Initialize a verified boot shared data structure. * * Returns 0 if success, non-zero if error. diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c index 3811e1ef..2cb01f37 100644 --- a/firmware/lib/vboot_common.c +++ b/firmware/lib/vboot_common.c @@ -435,10 +435,54 @@ int VerifyKernelPreamble(const VbKernelPreambleHeader *preamble, return VBOOT_PREAMBLE_INVALID; } + /* + * If the preamble header version is at least 2.1, verify we have space + * for the added fields from 2.1. + */ + if (preamble->header_version_minor >= 1) { + if(size < EXPECTED_VBKERNELPREAMBLEHEADER2_1_SIZE) { + VBDEBUG(("Not enough data for preamble header 2.1.\n")); + return VBOOT_PREAMBLE_INVALID; + } + } + /* Success */ return VBOOT_SUCCESS; } +int VbGetKernelVmlinuzHeader(const VbKernelPreambleHeader *preamble, + uint64_t *vmlinuz_header_address, + uint64_t *vmlinuz_header_size) +{ + *vmlinuz_header_address = 0; + *vmlinuz_header_size = 0; + if (preamble->header_version_minor > 0) { + /* + * Set header and size only if the preamble header version is > + * 2.1 as they don't exist in version 2.0 (Note that we don't + * need to check header_version_major; if that's not 2 then + * VerifyKernelPreamble() would have already failed. + */ + *vmlinuz_header_address = preamble->vmlinuz_header_address; + *vmlinuz_header_size = preamble->vmlinuz_header_size; + } + return VBOOT_SUCCESS; +} + +int VerifyVmlinuzInsideKBlob(uint64_t kblob, uint64_t kblob_size, + uint64_t header, uint64_t header_size) +{ + uint64_t end = header-kblob; + if (end > kblob_size) + return VBOOT_PREAMBLE_INVALID; + if (UINT64_MAX - end < header_size) + return VBOOT_PREAMBLE_INVALID; + if (end + header_size > kblob_size) + return VBOOT_PREAMBLE_INVALID; + + return VBOOT_SUCCESS; +} + uint64_t VbSharedDataReserve(VbSharedDataHeader *header, uint64_t size) { uint64_t offs = header->data_used; |