2misc.c revision 5b63803f6cfd55edb8cafa598aed9b9ec9d5211c
1/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. 2 * Use of this source code is governed by a BSD-style license that can be 3 * found in the LICENSE file. 4 * 5 * Misc functions which need access to vb2_context but are not public APIs 6 */ 7 8#include "2sysincludes.h" 9#include "2api.h" 10#include "2common.h" 11#include "2misc.h" 12#include "2nvstorage.h" 13#include "2secdata.h" 14#include "2sha.h" 15#include "2rsa.h" 16 17void vb2_workbuf_from_ctx(struct vb2_context *ctx, struct vb2_workbuf *wb) 18{ 19 vb2_workbuf_init(wb, ctx->workbuf + ctx->workbuf_used, 20 ctx->workbuf_size - ctx->workbuf_used); 21} 22 23int vb2_read_gbb_header(struct vb2_context *ctx, struct vb2_gbb_header *gbb) 24{ 25 static const uint8_t expect_sig[VB2_GBB_SIGNATURE_SIZE] = 26 VB2_GBB_SIGNATURE; 27 int rv; 28 29 /* Read the entire header */ 30 rv = vb2ex_read_resource(ctx, VB2_RES_GBB, 0, gbb, sizeof(*gbb)); 31 if (rv) 32 return rv; 33 34 /* Make sure it's really a GBB */ 35 if (memcmp(gbb->signature, expect_sig, sizeof(expect_sig))) 36 return VB2_ERROR_GBB_MAGIC; 37 38 /* Check for compatible version */ 39 if (gbb->major_version != VB2_GBB_MAJOR_VER) 40 return VB2_ERROR_GBB_VERSION; 41 42 /* Current code is not backwards-compatible to 1.0 headers */ 43 if (gbb->minor_version < VB2_GBB_MINOR_VER) 44 return VB2_ERROR_GBB_TOO_OLD; 45 46 /* 47 * Header size should be at least as big as we expect. It could be 48 * bigger, if the header has grown. 49 */ 50 if (gbb->header_size < sizeof(*gbb)) 51 return VB2_ERROR_GBB_HEADER_SIZE; 52 53 return VB2_SUCCESS; 54} 55 56void vb2_fail(struct vb2_context *ctx, uint8_t reason, uint8_t subcode) 57{ 58 struct vb2_shared_data *sd = vb2_get_sd(ctx); 59 60 /* If NV data hasn't been initialized, initialize it now */ 61 if (!(sd->status & VB2_SD_STATUS_NV_INIT)) 62 vb2_nv_init(ctx); 63 64 /* See if we were far enough in the boot process to choose a slot */ 65 if (sd->status & VB2_SD_STATUS_CHOSE_SLOT) { 66 67 /* Boot failed */ 68 vb2_nv_set(ctx, VB2_NV_FW_RESULT, VB2_FW_RESULT_FAILURE); 69 70 /* Use up remaining tries */ 71 vb2_nv_set(ctx, VB2_NV_TRY_COUNT, 0); 72 73 /* 74 * Try the other slot next time. We'll alternate 75 * between slots, which may help if one or both slots is 76 * flaky. 77 */ 78 vb2_nv_set(ctx, VB2_NV_TRY_NEXT, 1 - sd->fw_slot); 79 80 /* 81 * If we didn't try the other slot last boot, or we tried it 82 * and it didn't fail, try it next boot. 83 */ 84 if (sd->last_fw_slot != 1 - sd->fw_slot || 85 sd->last_fw_result != VB2_FW_RESULT_FAILURE) 86 return; 87 } 88 89 /* 90 * If we're still here, we failed before choosing a slot, or both 91 * this slot and the other slot failed in successive boots. So we 92 * need to go to recovery. 93 * 94 * Set a recovery reason and subcode only if they're not already set. 95 * If recovery is already requested, it's a more specific error code 96 * than later code is providing and we shouldn't overwrite it. 97 */ 98 VB2_DEBUG("Both slots are bad. Need recovery\n"); 99 if (!vb2_nv_get(ctx, VB2_NV_RECOVERY_REQUEST)) { 100 vb2_nv_set(ctx, VB2_NV_RECOVERY_REQUEST, reason); 101 vb2_nv_set(ctx, VB2_NV_RECOVERY_SUBCODE, subcode); 102 } 103} 104 105int vb2_init_context(struct vb2_context *ctx) 106{ 107 struct vb2_shared_data *sd = vb2_get_sd(ctx); 108 109 /* Don't do anything if the context has already been initialized */ 110 if (ctx->workbuf_used) 111 return VB2_SUCCESS; 112 113 /* 114 * Workbuf had better be big enough for our shared data struct and 115 * aligned. Not much we can do if it isn't; we'll die before we can 116 * store a recovery reason. 117 */ 118 if (ctx->workbuf_size < sizeof(*sd)) 119 return VB2_ERROR_INITCTX_WORKBUF_SMALL; 120 if (!vb_aligned(ctx->workbuf, VB2_WORKBUF_ALIGN)) 121 return VB2_ERROR_INITCTX_WORKBUF_ALIGN; 122 123 /* Initialize the shared data at the start of the work buffer */ 124 memset(sd, 0, sizeof(*sd)); 125 ctx->workbuf_used = sizeof(*sd); 126 return VB2_SUCCESS; 127} 128 129void vb2_check_recovery(struct vb2_context *ctx) 130{ 131 struct vb2_shared_data *sd = vb2_get_sd(ctx); 132 133 /* 134 * Read the current recovery request, unless there's already been a 135 * failure earlier in the boot process. 136 */ 137 if (!sd->recovery_reason) 138 sd->recovery_reason = vb2_nv_get(ctx, VB2_NV_RECOVERY_REQUEST); 139 140 /* Clear the recovery request so we don't get stuck in recovery mode */ 141 if (sd->recovery_reason) { 142 vb2_nv_set(ctx, VB2_NV_RECOVERY_REQUEST, 143 VB2_RECOVERY_NOT_REQUESTED); 144 /* 145 * Note that we ignore failures clearing the request. We only 146 * hit this code path if recovery mode has already been 147 * requested, so what more can we do? Don't want to obscure 148 * the original reason for going into recovery mode. 149 */ 150 } 151 152 /* If forcing recovery, override recovery reason */ 153 if (ctx->flags & VB2_CONTEXT_FORCE_RECOVERY_MODE) { 154 sd->recovery_reason = VB2_RECOVERY_RO_MANUAL; 155 sd->flags = VB2_SD_FLAG_MANUAL_RECOVERY; 156 } 157 158 /* If recovery reason is non-zero, tell caller we need recovery mode */ 159 if (sd->recovery_reason) 160 ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; 161} 162 163int vb2_fw_parse_gbb(struct vb2_context *ctx) 164{ 165 struct vb2_shared_data *sd = vb2_get_sd(ctx); 166 struct vb2_gbb_header *gbb; 167 struct vb2_workbuf wb; 168 int rv; 169 170 vb2_workbuf_from_ctx(ctx, &wb); 171 172 /* Read GBB into next chunk of work buffer */ 173 gbb = vb2_workbuf_alloc(&wb, sizeof(*gbb)); 174 if (!gbb) 175 return VB2_ERROR_GBB_WORKBUF; 176 177 rv = vb2_read_gbb_header(ctx, gbb); 178 if (rv) 179 return rv; 180 181 /* Extract the only things we care about at firmware time */ 182 sd->gbb_flags = gbb->flags; 183 sd->gbb_rootkey_offset = gbb->rootkey_offset; 184 sd->gbb_rootkey_size = gbb->rootkey_size; 185 186 return VB2_SUCCESS; 187} 188 189int vb2_check_dev_switch(struct vb2_context *ctx) 190{ 191 struct vb2_shared_data *sd = vb2_get_sd(ctx); 192 uint32_t flags; 193 uint32_t old_flags; 194 int is_dev = 0; 195 int rv; 196 197 /* Read secure flags */ 198 rv = vb2_secdata_get(ctx, VB2_SECDATA_FLAGS, &flags); 199 if (rv) 200 return rv; 201 202 old_flags = flags; 203 204 /* Handle dev disable request */ 205 if (vb2_nv_get(ctx, VB2_NV_DISABLE_DEV_REQUEST)) { 206 flags &= ~VB2_SECDATA_FLAG_DEV_MODE; 207 208 /* Clear the request */ 209 vb2_nv_set(ctx, VB2_NV_DISABLE_DEV_REQUEST, 0); 210 } 211 212 /* Check virtual dev switch */ 213 if (flags & VB2_SECDATA_FLAG_DEV_MODE) 214 is_dev = 1; 215 216 /* Handle forcing dev mode via physical switch */ 217 if (ctx->flags & VB2_CONTEXT_FORCE_DEVELOPER_MODE) 218 is_dev = 1; 219 220 /* Check if GBB is forcing dev mode */ 221 if (sd->gbb_flags & VB2_GBB_FLAG_FORCE_DEV_SWITCH_ON) 222 is_dev = 1; 223 224 /* Handle whichever mode we end up in */ 225 if (is_dev) { 226 /* Developer mode */ 227 sd->flags |= VB2_SD_DEV_MODE_ENABLED; 228 ctx->flags |= VB2_CONTEXT_DEVELOPER_MODE; 229 230 flags |= VB2_SECDATA_FLAG_LAST_BOOT_DEVELOPER; 231 } else { 232 /* Normal mode */ 233 flags &= ~VB2_SECDATA_FLAG_LAST_BOOT_DEVELOPER; 234 235 /* 236 * Disable dev_boot_* flags. This ensures they will be 237 * initially disabled if the user later transitions back into 238 * developer mode. 239 */ 240 vb2_nv_set(ctx, VB2_NV_DEV_BOOT_USB, 0); 241 vb2_nv_set(ctx, VB2_NV_DEV_BOOT_LEGACY, 0); 242 vb2_nv_set(ctx, VB2_NV_DEV_BOOT_SIGNED_ONLY, 0); 243 } 244 245 if (flags != old_flags) { 246 /* 247 * Just changed dev mode state. Clear TPM owner. This must be 248 * done here instead of simply passing a flag to 249 * vb2_check_tpm_clear(), because we don't want to update 250 * last_boot_developer and then fail to clear the TPM owner. 251 */ 252 rv = vb2ex_tpm_clear_owner(ctx); 253 if (rv) { 254 /* 255 * Note that this truncates rv to 8 bit. Which is not 256 * as useful as the full error code, but we don't have 257 * NVRAM space to store the full 32-bit code. 258 */ 259 vb2_fail(ctx, VB2_RECOVERY_TPM_CLEAR_OWNER, rv); 260 return rv; 261 } 262 263 /* Save new flags */ 264 rv = vb2_secdata_set(ctx, VB2_SECDATA_FLAGS, flags); 265 if (rv) 266 return rv; 267 } 268 269 return VB2_SUCCESS; 270} 271 272int vb2_check_tpm_clear(struct vb2_context *ctx) 273{ 274 int rv; 275 276 /* Check if we've been asked to clear the owner */ 277 if (!vb2_nv_get(ctx, VB2_NV_CLEAR_TPM_OWNER_REQUEST)) 278 return VB2_SUCCESS; /* No need to clear */ 279 280 /* Request applies one time only */ 281 vb2_nv_set(ctx, VB2_NV_CLEAR_TPM_OWNER_REQUEST, 0); 282 283 /* Try clearing */ 284 rv = vb2ex_tpm_clear_owner(ctx); 285 if (rv) { 286 /* 287 * Note that this truncates rv to 8 bit. Which is not as 288 * useful as the full error code, but we don't have NVRAM space 289 * to store the full 32-bit code. 290 */ 291 vb2_fail(ctx, VB2_RECOVERY_TPM_CLEAR_OWNER, rv); 292 return rv; 293 } 294 295 /* Clear successful */ 296 vb2_nv_set(ctx, VB2_NV_CLEAR_TPM_OWNER_DONE, 1); 297 return VB2_SUCCESS; 298} 299 300int vb2_select_fw_slot(struct vb2_context *ctx) 301{ 302 struct vb2_shared_data *sd = vb2_get_sd(ctx); 303 uint32_t tries; 304 305 /* Get result of last boot */ 306 sd->last_fw_slot = vb2_nv_get(ctx, VB2_NV_FW_TRIED); 307 sd->last_fw_result = vb2_nv_get(ctx, VB2_NV_FW_RESULT); 308 309 /* Clear result, since we don't know what will happen this boot */ 310 vb2_nv_set(ctx, VB2_NV_FW_RESULT, VB2_FW_RESULT_UNKNOWN); 311 312 /* Get slot to try */ 313 sd->fw_slot = vb2_nv_get(ctx, VB2_NV_TRY_NEXT); 314 315 /* Check try count */ 316 tries = vb2_nv_get(ctx, VB2_NV_TRY_COUNT); 317 318 if (sd->last_fw_result == VB2_FW_RESULT_TRYING && 319 sd->last_fw_slot == sd->fw_slot && 320 tries == 0) { 321 /* 322 * We used up our last try on the previous boot, so fall back 323 * to the other slot this boot. 324 */ 325 sd->fw_slot = 1 - sd->fw_slot; 326 vb2_nv_set(ctx, VB2_NV_TRY_NEXT, sd->fw_slot); 327 } 328 329 if (tries > 0) { 330 /* Still trying this firmware */ 331 vb2_nv_set(ctx, VB2_NV_FW_RESULT, VB2_FW_RESULT_TRYING); 332 333 /* Decrement non-zero try count */ 334 vb2_nv_set(ctx, VB2_NV_TRY_COUNT, tries - 1); 335 } 336 337 /* Set context flag if we're using slot B */ 338 if (sd->fw_slot) 339 ctx->flags |= VB2_CONTEXT_FW_SLOT_B; 340 341 /* Set status flag */ 342 sd->status |= VB2_SD_STATUS_CHOSE_SLOT; 343 344 return VB2_SUCCESS; 345} 346 347int vb2_verify_fw_keyblock(struct vb2_context *ctx) 348{ 349 struct vb2_shared_data *sd = vb2_get_sd(ctx); 350 struct vb2_workbuf wb; 351 352 uint8_t *key_data; 353 uint32_t key_size; 354 struct vb2_packed_key *packed_key; 355 struct vb2_public_key root_key; 356 357 struct vb2_keyblock *kb; 358 uint32_t block_size; 359 360 uint32_t sec_version; 361 int rv; 362 363 vb2_workbuf_from_ctx(ctx, &wb); 364 365 /* Read the root key */ 366 key_size = sd->gbb_rootkey_size; 367 key_data = vb2_workbuf_alloc(&wb, key_size); 368 if (!key_data) 369 return VB2_ERROR_FW_KEYBLOCK_WORKBUF_ROOT_KEY; 370 371 rv = vb2ex_read_resource(ctx, VB2_RES_GBB, sd->gbb_rootkey_offset, 372 key_data, key_size); 373 if (rv) 374 return rv; 375 376 /* Unpack the root key */ 377 rv = vb2_unpack_key(&root_key, key_data, key_size); 378 if (rv) 379 return rv; 380 381 /* Load the firmware keyblock header after the root key */ 382 kb = vb2_workbuf_alloc(&wb, sizeof(*kb)); 383 if (!kb) 384 return VB2_ERROR_FW_KEYBLOCK_WORKBUF_HEADER; 385 386 rv = vb2ex_read_resource(ctx, VB2_RES_FW_VBLOCK, 0, kb, sizeof(*kb)); 387 if (rv) 388 return rv; 389 390 block_size = kb->keyblock_size; 391 392 /* 393 * Load the entire keyblock, now that we know how big it is. Note that 394 * we're loading the entire keyblock instead of just the piece after 395 * the header. That means we re-read the header. But that's a tiny 396 * amount of data, and it makes the code much more straightforward. 397 */ 398 kb = vb2_workbuf_realloc(&wb, sizeof(*kb), block_size); 399 if (!kb) 400 return VB2_ERROR_FW_KEYBLOCK_WORKBUF; 401 402 rv = vb2ex_read_resource(ctx, VB2_RES_FW_VBLOCK, 0, kb, block_size); 403 if (rv) 404 return rv; 405 406 /* Verify the keyblock */ 407 rv = vb2_verify_keyblock(kb, block_size, &root_key, &wb); 408 if (rv) 409 return rv; 410 411 /* Read the secure key version */ 412 rv = vb2_secdata_get(ctx, VB2_SECDATA_VERSIONS, &sec_version); 413 if (rv) 414 return rv; 415 416 /* Key version is the upper 16 bits of the composite firmware version */ 417 if (kb->data_key.key_version > 0xffff) 418 return VB2_ERROR_FW_KEYBLOCK_VERSION_RANGE; 419 if (kb->data_key.key_version < (sec_version >> 16)) 420 return VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK; 421 422 sd->fw_version = kb->data_key.key_version << 16; 423 424 /* 425 * Save the data key in the work buffer. This overwrites the root key 426 * we read above. That's ok, because now that we have the data key we 427 * no longer need the root key. 428 */ 429 packed_key = (struct vb2_packed_key *)key_data; 430 431 packed_key->algorithm = kb->data_key.algorithm; 432 packed_key->key_version = kb->data_key.key_version; 433 packed_key->key_size = kb->data_key.key_size; 434 435 /* 436 * Use memmove() instead of memcpy(). In theory, the destination will 437 * never overlap because with the source because the root key is likely 438 * to be at least as large as the data key, but there's no harm here in 439 * being paranoid. 440 */ 441 memmove(key_data + packed_key->key_offset, 442 (uint8_t*)&kb->data_key + kb->data_key.key_offset, 443 packed_key->key_size); 444 445 /* Save the packed key offset and size */ 446 sd->workbuf_data_key_offset = vb2_offset_of(ctx->workbuf, key_data); 447 sd->workbuf_data_key_size = 448 packed_key->key_offset + packed_key->key_size; 449 450 /* Preamble follows the keyblock in the vblock */ 451 sd->vblock_preamble_offset = kb->keyblock_size; 452 453 /* Data key will persist in the workbuf after we return */ 454 ctx->workbuf_used = sd->workbuf_data_key_offset + 455 sd->workbuf_data_key_size; 456 457 return VB2_SUCCESS; 458} 459 460// TODO: Terrible that this and the low-level verification want to have the 461// same function name. Pick a better name... 462int vb2_verify_fw_preamble2(struct vb2_context *ctx) 463{ 464 struct vb2_shared_data *sd = vb2_get_sd(ctx); 465 struct vb2_workbuf wb; 466 467 uint8_t *key_data = ctx->workbuf + sd->workbuf_data_key_offset; 468 uint32_t key_size = sd->workbuf_data_key_size; 469 struct vb2_public_key data_key; 470 471 /* Preamble goes in the next unused chunk of work buffer */ 472 struct vb2_fw_preamble *pre; 473 uint32_t pre_size; 474 475 uint32_t sec_version; 476 int rv; 477 478 vb2_workbuf_from_ctx(ctx, &wb); 479 480 /* Unpack the firmware data key */ 481 if (!sd->workbuf_data_key_size) 482 return VB2_ERROR_FW_PREAMBLE2_DATA_KEY; 483 484 rv = vb2_unpack_key(&data_key, key_data, key_size); 485 if (rv) 486 return rv; 487 488 /* Load the firmware preamble header */ 489 pre = vb2_workbuf_alloc(&wb, sizeof(*pre)); 490 if (!pre) 491 return VB2_ERROR_FW_PREAMBLE2_WORKBUF_HEADER; 492 493 rv = vb2ex_read_resource(ctx, VB2_RES_FW_VBLOCK, 494 sd->vblock_preamble_offset, 495 pre, sizeof(*pre)); 496 if (rv) 497 return rv; 498 499 pre_size = pre->preamble_size; 500 501 /* Load the entire firmware preamble, now that we know how big it is */ 502 pre = vb2_workbuf_realloc(&wb, sizeof(*pre), pre_size); 503 if (!pre) 504 return VB2_ERROR_FW_PREAMBLE2_WORKBUF; 505 506 rv = vb2ex_read_resource(ctx, VB2_RES_FW_VBLOCK, 507 sd->vblock_preamble_offset, 508 pre, pre_size); 509 if (rv) 510 return rv; 511 512 /* Work buffer now contains the data subkey data and the preamble */ 513 514 /* Verify the preamble */ 515 rv = vb2_verify_fw_preamble(pre, pre_size, &data_key, &wb); 516 if (rv) 517 return rv; 518 519 /* Read the secure key version */ 520 rv = vb2_secdata_get(ctx, VB2_SECDATA_VERSIONS, &sec_version); 521 if (rv) 522 return rv; 523 524 /* 525 * Firmware version is the lower 16 bits of the composite firmware 526 * version. 527 */ 528 if (pre->firmware_version > 0xffff) 529 return VB2_ERROR_FW_PREAMBLE2_VERSION_RANGE; 530 531 /* Combine with the key version from vb2_verify_fw_keyblock() */ 532 sd->fw_version |= pre->firmware_version; 533 if (sd->fw_version < sec_version) 534 return VB2_ERROR_FW_PREAMBLE2_VERSION_ROLLBACK; 535 536 /* 537 * If this is a newer version than in secure storage, and we 538 * successfully booted the same slot last boot, roll forward the 539 * version in secure storage. 540 */ 541 if (sd->fw_version > sec_version && 542 sd->last_fw_slot == sd->fw_slot && 543 sd->last_fw_result == VB2_FW_RESULT_SUCCESS) { 544 545 rv = vb2_secdata_set(ctx, VB2_SECDATA_VERSIONS, sd->fw_version); 546 if (rv) 547 return rv; 548 } 549 550 /* Keep track of where we put the preamble */ 551 sd->workbuf_preamble_offset = vb2_offset_of(ctx->workbuf, pre); 552 sd->workbuf_preamble_size = pre_size; 553 554 /* Preamble will persist in work buffer after we return */ 555 ctx->workbuf_used = sd->workbuf_preamble_offset + pre_size; 556 557 return VB2_SUCCESS; 558} 559