| 73e5eb38821d693244f841ce4f0a14546e5b6361 |
|
26-Jan-2015 |
Bill Richardson <wfrichar@chromium.org> |
vboot2: fix alignment issues on 32-bit architectures
We were assuming 8-byte alignment for buffers. That's not true on
32-bit architectures. We should make the alignment requirements
explicit (and correct) for all architectures.
BUG=chromium:452179
BRANCH=ToT
CQ-DEPEND=CL:243380
TEST=manual
USE=vboot2 FEATURES=test emerge-x86-alex vboot_reference
Change-Id: I120f23e9c5312d7c21ff9ebb6eea2bac1e430e37
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/243362
Reviewed-by: Randall Spangler <rspangler@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| 6f1b82ac14f341d9733d6e95d518b3ee352002ef |
|
03-Dec-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Move old struct handling to lib20/
This is part 4 of a series of changes to rearrange the vboot2 library
so that it's possible to start using the new-style data structs. This
change moves knowledge of the old vboot1 data structs into lib20; 2lib
now contains only code which is common to both vboot2.x libraries
(that is, code which is data structure version agnostic).
No functional changes; just rearranging code and tests.
BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag)
And compile firmware for veyron_pinky
CQ-DEPEND=CL:233051
Change-Id: I8f9e67157575e5be14952ef4809c3dfafd92596d
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/233021
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| 108d991c678f80c99967bd07035de7418c81a072 |
|
03-Dec-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Move knowledge of vboot 2.1 data structures inside lib21/
Code which compiles against fwlib2 no longer knows or cares about the
new data structures. This should shrink fwlib2 a bit. This is part 3
of 4 changes which split vboot 2.0 struct handling (old vboot1
structs) from vboot 2.1 struct handling (new style structs).
No functional changes; just shuffling around code.
BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag)
And compile firmware for veyron_pinky.
Change-Id: Ibccd7d1974e07f38b90c19c924ef3b1ffcb77d62
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/233020
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| c86f0415a0dd1ddea4497e18813a2dd00dd0e3f4 |
|
02-Dec-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Clean up signing data for unit tests
Signing is now simple enough (thanks to full utility lib support for
vboot2 data structs) that we don't need the vb2_convert_structs module
anymore. Also, use the utility lib function to create a firmware
preamble, rather than duplicating that code in the fwlib unit tests.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests, and build firmware for veyron_pinky
Change-Id: I1db402a08621f79274d2a69095aebc3e84f4328d
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/232755
/external/vboot_reference/tests/vb2_common_tests.c
|
| 45562fb05a63e5f5a373d38e068a7e1100c92e7e |
|
02-Dec-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Use calloc() in host lib and unit tests
This is cleaner than malloc() immediately followed by memset().
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Iac32ca54ba18ef6722c6e9c58d521d5337a816b2
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/232770
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| 9328bbff521625e788396ef9c5b26b79e6d1a7cb |
|
24-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add host lib function to create a vb2-style keyblock
Also add vb2_common_desc() helper function to return the description
for an object starting with a common struct header.
And use the new host lib function to create the keyblock for verifying
the firmware lib.
Add tests for everything new.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I1fadb3e249e771a692cc69b23620c6ddd46a48ac
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/231721
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| c644a8c0f2df024798ac0e60c6028261ed389a16 |
|
21-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add host library functions for signing to new struct format
Including signing with bare hashes, and signing an object with more
than one signature. With unit tests, even.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Iad0b9f9f6cca7129071aebf0cbc60c0daa94d382
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/231452
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| fb9a216dd677d97f3d6963f668a9b84d349ef339 |
|
20-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add host lib support for bare hash keys
And use them in the other vboot2 unit tests.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I0c3590649a0acf792e41e295ca4279ccba17a41f
Reviewed-on: https://chromium-review.googlesource.com/231345
Tested-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Randall Spangler <rspangler@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| 43e0a9ed6c0b332631442fcf581e7456d62e4532 |
|
05-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add code and tests for verifying vb2_fw_preamble2
This is the last low-level data structure verification code for the
new data structures. Subsequent changes are the next level up the
food chain.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I2e45106c27447eb624c1ed562e40b98088249742
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/228360
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| fe21172cc315b6249e78ee8bc17d1470e8b6b02b |
|
06-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Change preamble to contain a list of signatures
Use struct vb2_signature2 objects to hold the hashes of firmware
components, rather than a separate vb2_fw_preamble2_hash struct.
Better for code reuse.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Ia9e23c1488a884f2d6fab4c4be51b25d3ff25c2f
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/228241
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| ad105edeb2ff0f2fbafd15655d351e8bb7522a21 |
|
02-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: add code to verify vb2_keyblock2
Now supports multiple signatures per keyblock.
And associated unit tests.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I7f2ef216e3689a22ed86c34763f68345d4080e04
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/227181
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| b885c3bd3d35284af81a83c3f23be4f02ddfbf47 |
|
02-Nov-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: add support for verify data / digest using new signature struct
This adds the vb2_signature2 equivalents of vb2_verify_digest() and
vb2_verify_data(), including support for bare hash signatures.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I372c9e5f0be926a833e4ca8f84665cfb05907481
Reviewed-on: https://chromium-review.googlesource.com/226950
Tested-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Randall Spangler <rspangler@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| c0ce70b468cc469556d0f43c63a6d63ec8280c99 |
|
31-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: add support for new vb2_signature2 struct
And assocated unit tests.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I37fccafd8ccee5c0d55e3746c1611a8dff73145a
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/226939
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| 6b5b8f65d52bc91ca37e5cb484867251d81136b1 |
|
31-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: use common header size fields
Add functions for verifying object integrity using common header size
fields. Convert vb2_packed_key2 to use the the new functions. This
isn't much prettier for packed keys; the benefit is more obvious for
keyblocks (coming next).
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I0c09533368abb7ced3b5ac622a15e62832413b7f
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/226874
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| 6f7f5df816a8790d2464ee5bee3d46e30611da4c |
|
31-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: un-nest data structures
Originally, we designed the vboot data structures so that some of them
had sub-structures. Then the variable-length data for each of the
structures was at the end. So:
struct vb2_keyblock {
struct vb2_packed_key
struct vb2_signature
}
// Followed by variable-length data for keyblock
// Followed by variable-length data for packed key
// Followed by variable-length data for signature
This had the weird side effect that the header and data for the
sub-structs were not contiguous. That wasn't too bad before, but it
gets more complicated with the new data structures. Each structure
now can also have a description. And keyblocks can have a list of
signatures.
Structures also couldn't really know their own size, since a
sub-struct might have a 20-byte header, but then 2K of other data in
between that and the data for the sub-struct itself.
So, un-nest all the data structures. That is, the keyblock now
contains the offset of the signature struct, rather than the signature
struct itself. And then all the variable-length data for each struct
immediately follows the struct itself. So:
struct vb2_keyblock2 {
// Offset of packed key
// Offset of first signature
}
// Followed by variable-length data for keyblock
struct vb2_packed_key
// Followed by variable-length data for packed key
struct vb2_signature2
// Followed by variable-length data for signature (desc, sig data)
Verifying and traversing these objects is much more straightforward.
And each struct can now know its own size.
This first change rearranges the structures. Descriptions now
immediately follow the fixed size structure headers.
The next change adds better verification of the structures, using the
fixed_size and total_size fields in the common header.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Ieb9148d6f26c3e59ea542f3a95e59d8019ccee21
Reviewed-on: https://chromium-review.googlesource.com/226824
Tested-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Randall Spangler <rspangler@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| f6cfb974ce465cf977490fe26db9c8735da97571 |
|
24-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add verification for common vb2 struct header
All new-style structs have a common header. This adds a verification
function for that common header, and tests for it.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I668486e77f7200c10b43aa2d17b4dd6639e5538e
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/225459
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| 21f100c9d62bfb0d1ec2d26c132c82ce47ee9350 |
|
16-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: new data structures
These structures allow for simplication and feature expansion in
vboot. They are NOT backwards-compatible with old vboot1 structs.
This CL simply adds the new structs and unit tests for struct packing;
future CLs will add support for them in the firmware library and
futility.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I22532acf985dd74316bd30f17e750f993b6c53d7
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/224820
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| 6d03b527fe0107c3bb71d0bbaf6236fe980b0704 |
|
17-Oct-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: move vb2_safe_memcmp() from rsa to common
This will be needed by other algorithms, so should not live inside the
rsa module. Also added explicit unit tests for it.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I92c8c6484964a93d755ac2ee93b57511794540e9
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/224111
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| 2145721c3c1840561030b27d2207006b0139c16c |
|
06-Jun-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Use more specific error codes, part 2
Error codes reported by the aligment checks in common.c are now very
specific, and tests verify the proper errors are reported.
Changed args to vb2_member_inside() so I can force wraparounds.
BUG=chromium:370082
BRANCH=none
TEST=make clean && VBOOT2=1 COV=1 make
Change-Id: Ib135674e82005b76bce7a83a1f4a65a9c5296cf4
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/202937
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| 7141d73c149ee203a192f0cb45ca9bfa10c0ff8c |
|
16-May-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add common functions
This is the third of several CLs adding a more memory- and
code-efficient firmware verification library.
BUG=chromium:370082
BRANCH=none
TEST=make clean && COV=1 make
Change-Id: I3a5daa5438afc5598d3dfcf5a597ffb16eda8749
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/200140
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
/external/vboot_reference/tests/vb2_common_tests.c
|
| 786acdabcc15f023330d7c628aca9679e757a238 |
|
22-May-2014 |
Randall Spangler <rspangler@chromium.org> |
vboot2: Add workbuf functions
We'll try breaking this up into smaller pieces. This one's pretty
small - just the work buffer utility functions.
BUG=chromium:370082
BRANCH=none
TEST=make clean && VBOOT2=1 COV=1 make
Change-Id: I4c417438053c155d6f7f9725552066e9b059951c
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/201141
/external/vboot_reference/tests/vb2_common_tests.c
|