From 0b8f35c6a56a0e645254dd7f07ca68e01c8ee629 Mon Sep 17 00:00:00 2001 From: Bill Richardson Date: Wed, 26 May 2010 09:18:38 -0700 Subject: [PATCH] Rearrange vboot_reference directories to isolate external components. This creates a new vboot_firmware subdirectory, and which contains the entirety of the BIOS code. There shouldn't be anything in this directory that is NOT required by the BIOS. Review URL: http://codereview.chromium.org/2219004 --- Makefile | 8 ++- README | 44 +++------------ cgptlib/tests/Makefile | 2 +- common/Makefile | 18 ------ cryptolib/Makefile | 23 -------- misclibs/Makefile | 2 +- tests/Makefile | 18 +++--- utility/Makefile | 26 ++++----- utility/cgpt/Makefile | 3 +- vboot_firmware/Makefile | 44 +++++++++++++++ vboot_firmware/README | 6 ++ .../include/boot_device.h | 0 .../include/firmware_image_fw.h | 0 .../include/kernel_image_fw.h | 0 .../include/load_kernel_fw.h | 2 +- .../include/rollback_index.h | 0 {common => vboot_firmware}/include/tlcl.h | 0 {common => vboot_firmware}/include/utility.h | 0 vboot_firmware/lib/cryptolib/README | 3 + .../lib/cryptolib}/include/cryptolib.h | 0 .../lib/cryptolib}/include/padding.h | 0 .../lib/cryptolib}/include/rsa.h | 0 .../lib/cryptolib}/include/sha.h | 0 .../lib/cryptolib}/padding.c | 0 .../lib/cryptolib}/rsa.c | 0 .../lib/cryptolib}/rsa_utility.c | 0 .../lib/cryptolib}/sha1.c | 0 .../lib/cryptolib}/sha2.c | 0 .../lib/cryptolib}/sha_utility.c | 0 .../lib}/firmware_image_fw.c | 0 .../lib}/include/tss_constants.h | 0 .../lib}/kernel_image_fw.c | 0 .../lib}/rollback_index.c | 0 .../tlcl_stub.c => vboot_firmware/lib/tlcl.c | 0 vboot_firmware/linktest/main.c | 55 +++++++++++++++++++ .../stub}/boot_device_stub.c | 0 .../stub}/utility_stub.c | 0 vfirmware/Makefile | 4 +- vkernel/Makefile | 4 +- 39 files changed, 146 insertions(+), 116 deletions(-) delete mode 100644 common/Makefile delete mode 100644 cryptolib/Makefile create mode 100644 vboot_firmware/Makefile create mode 100644 vboot_firmware/README rename {common => vboot_firmware}/include/boot_device.h (100%) rename {vfirmware => vboot_firmware}/include/firmware_image_fw.h (100%) rename {vkernel => vboot_firmware}/include/kernel_image_fw.h (100%) rename {fwapi => vboot_firmware}/include/load_kernel_fw.h (98%) rename {common => vboot_firmware}/include/rollback_index.h (100%) rename {common => vboot_firmware}/include/tlcl.h (100%) rename {common => vboot_firmware}/include/utility.h (100%) create mode 100644 vboot_firmware/lib/cryptolib/README rename {cryptolib => vboot_firmware/lib/cryptolib}/include/cryptolib.h (100%) rename {cryptolib => vboot_firmware/lib/cryptolib}/include/padding.h (100%) rename {cryptolib => vboot_firmware/lib/cryptolib}/include/rsa.h (100%) rename {cryptolib => vboot_firmware/lib/cryptolib}/include/sha.h (100%) rename {cryptolib => vboot_firmware/lib/cryptolib}/padding.c (100%) rename {cryptolib => vboot_firmware/lib/cryptolib}/rsa.c (100%) rename {cryptolib => vboot_firmware/lib/cryptolib}/rsa_utility.c (100%) rename {cryptolib => vboot_firmware/lib/cryptolib}/sha1.c (100%) rename {cryptolib => vboot_firmware/lib/cryptolib}/sha2.c (100%) rename {cryptolib => vboot_firmware/lib/cryptolib}/sha_utility.c (100%) rename {vfirmware => vboot_firmware/lib}/firmware_image_fw.c (100%) rename {common => vboot_firmware/lib}/include/tss_constants.h (100%) rename {vkernel => vboot_firmware/lib}/kernel_image_fw.c (100%) rename {common => vboot_firmware/lib}/rollback_index.c (100%) rename common/tlcl_stub.c => vboot_firmware/lib/tlcl.c (100%) create mode 100644 vboot_firmware/linktest/main.c rename {common => vboot_firmware/stub}/boot_device_stub.c (100%) rename {common => vboot_firmware/stub}/utility_stub.c (100%) diff --git a/Makefile b/Makefile index 268b81f7ad..93f49dadee 100644 --- a/Makefile +++ b/Makefile @@ -5,13 +5,15 @@ export CC ?= gcc export CFLAGS = -Wall -DNDEBUG -O3 -Werror export TOP = $(shell pwd) +export FWDIR=$(TOP)/vboot_firmware export INCLUDES = \ - -I$(TOP)/common/include \ - -I$(TOP)/cryptolib/include \ + -I$(FWDIR)/include \ -I$(TOP)/misclibs/include \ -I$(TOP)/cgptlib -SUBDIRS=common cgptlib cryptolib misclibs vfirmware vkernel utility tests +export FWLIB=$(FWDIR)/vboot_fw.a + +SUBDIRS=vboot_firmware cgptlib misclibs vfirmware vkernel utility tests all: set -e; \ diff --git a/README b/README index c2df44bf3f..e350be65a2 100644 --- a/README +++ b/README @@ -7,26 +7,21 @@ Directory Structure The source is organized into distinct modules - -cryptolib/ - Contains the implementation for the crypto library. This -includes implementations for SHA1, SHA256, SHA512, and RSA signature -verification (for PKCS #1 v1.5 signatures). +vboot_firmware/ - Contains ONLY the code required by the BIOS to validate +the secure boot components. There shouldn't be any code in here that signs +or generates images. BIOS should require ONLY this directory to implement +secure boot. Refer to vboot_firmware/README for futher details. -common/ - Utility functions and stub implementations for wrapper -functions used in the verification code. These stub implementations -will need to be replaced with appropriate firmware equivalents. +cgptlib/ - Work in progress for handling GPT headers. Parts of this will no +doubt be migrated into vboot_firmware/ misclibs/ - Miscellaneous functions used by userland utilities. utility/ - Utilities for generating and verifying signed firmware and kernel images, as well as arbitrary blobs. -vfirmware/ and vkernel/ - The main firmware and kernel image -verification modules. It has functions for verifying and manipulating -signed firmware and kernel images. The main files of interest are: - vfirmware/firmware_image_fw.c (verification Functions used in Firmware) - vfirmware/firmware_image.c (functions for userland tools) - vkernel/kernel_image_fw.c (verification functions used in Firmware) - vkernel/kernel_image.c (functions for userland tools) +vfirmware/ and vkernel/ - Functions for generating, verifying, and +manipulating signed firmware and kernel images. tests/ - User-land tests and benchmarks that test the reference implementation. Please have a look at these if you'd like to @@ -49,29 +44,6 @@ dumpRSAPublicKey.c Dump RSA Public key (from a DER-encoded X509 verify_data.c Verify a given signature on a given file. ----------- -What is required for a minimal verified boot implementation ----------- - -1) cryptolib/ - as a separate module since it will be used by others -parts of the verified boot process. - -2) common/ - this contains the interface for dealing with memory allocation -and interacting with the TPM. The stubs will need to be replaced with their -firmware-level equivalents. - -3) Verified Firmware and Kernel image verification - This is the core -of the verified boot implementation. They are implemented under vfirmware -and vkernel (for firmware and kernel image verification respectively). - -firmware_image_fw.c and kernel_image_fw.c : Contain verification logic - used in the firmware. Needed. - -firmware_image.c and kernel_image.c : High level functions used by userland - tools. NOT needed in the firmware. - -cryptolib/, common/, vfirmware/firmware_image_fw.c are part of the RO firmware. -vkernel/kernel_image_fw.c is part of the RW firmware (it verifies the OS kernel). ---------- Generating a signed firmware image: diff --git a/cgptlib/tests/Makefile b/cgptlib/tests/Makefile index ecd166c13a..ca2a170ce0 100644 --- a/cgptlib/tests/Makefile +++ b/cgptlib/tests/Makefile @@ -4,7 +4,7 @@ TOP ?= ../../ CFLAGS += -Wall -DNDEBUG -Werror -ansi -LIBS = $(TOP)/cgptlib/libcgpt.a $(TOP)/common/libcommon.a +LIBS = $(TOP)/cgptlib/libcgpt.a $(FWLIB) OBJS = cgptlib_test.o quick_sort_test.o crc32_test.o OUT = cgptlib_test diff --git a/common/Makefile b/common/Makefile deleted file mode 100644 index fa52657e71..0000000000 --- a/common/Makefile +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. -# Use of this source code is governed by a BSD-style license that can be -# found in the LICENSE file. - -SRCS = boot_device_stub.c rollback_index.c tlcl_stub.c utility_stub.c -OBJS = $(SRCS:.c=.o) -INCLUDES += -I./include/ - -all: libcommon.a - -libcommon.a: $(OBJS) - ar rs $@ $^ - -.c.o: $(OBJS) - $(CC) $(CFLAGS) $(INCLUDES) -c $< -o $@ - -clean: - rm -f $(OBJS) libcommon.a diff --git a/cryptolib/Makefile b/cryptolib/Makefile deleted file mode 100644 index 4c337eb640..0000000000 --- a/cryptolib/Makefile +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. -# Use of this source code is governed by a BSD-style license that can be -# found in the LICENSE file. - -TOP ?= ../ -SRCS = rsa.c sha1.c sha2.c padding.c rsa_utility.c sha_utility.c -OBJS = $(SRCS:.c=.o) -CFLAGS += -DUNROLL_LOOPS -DHAVE_ENDIAN_H -DHAVE_LITTLE_ENDIAN -DNDEBUG -INCLUDES += -I./include/ -I$(TOP)/common/include/ - -all: libcrypto.a - -libcrypto.a: $(OBJS) - ar rs libcrypto.a $(OBJS) - -padding.c: $(TOP)/scripts/genpadding.sh - $(TOP)/scripts/genpadding.sh >$@ - -.c.o: $(OBJS) - $(CC) $(CFLAGS) -ansi $(INCLUDES) -c $< -o $@ - -clean: - rm -f $(OBJS) libcrypto.a diff --git a/misclibs/Makefile b/misclibs/Makefile index 5aba67e8ec..261158b06d 100644 --- a/misclibs/Makefile +++ b/misclibs/Makefile @@ -6,7 +6,7 @@ TOP ?= ../ CC ?= gcc INCLUDES += -I./include \ -I$(TOP)/common/include \ - -I$(TOP)/cryptolib/include \ + -I$(TOP)/vboot_firmware/lib/cryptolib/include \ -I$(TOP)/vfirmware/include \ -I$(TOP)/vkernel/include diff --git a/tests/Makefile b/tests/Makefile index 80a7c6a7d8..3b26005c86 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -6,18 +6,14 @@ TOP ?= ../ CC ?= gcc CFLAGS ?= -Wall -DNDEBUG -O3 -Werror INCLUDES += -I./include \ - -I../cryptolib/include \ - -I../common/include \ + -I$(FWDIR)/lib/cryptolib/include \ -I../misclibs/include \ -I../vfirmware/include\ -I../vkernel/include -BASE_LIBS = $(TOP)/cryptolib/libcrypto.a $(TOP)/common/libcommon.a IMAGE_LIBS = $(TOP)/vfirmware/firmware_image.o \ - $(TOP)/vfirmware/firmware_image_fw.o \ - $(TOP)/vkernel/kernel_image.o \ - $(TOP)/vkernel/kernel_image_fw.o + $(TOP)/vkernel/kernel_image.o UTIL_LIBS = $(TOP)/misclibs/file_keys.o $(TOP)/misclibs/signature_digest.o -LIBS = $(IMAGE_LIBS) $(UTIL_LIBS) -lcrypto $(BASE_LIBS) +LIBS = $(IMAGE_LIBS) $(UTIL_LIBS) $(FWLIB) -lcrypto TEST_BINS = big_firmware_tests \ big_kernel_tests \ @@ -75,18 +71,18 @@ kernel_verify_benchmark: kernel_verify_benchmark.c timer_utils.c \ $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ -lrt $(LIBS) rsa_padding_test: rsa_padding_test.c - $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ $(UTIL_LIBS) $(BASE_LIBS) \ + $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ $(UTIL_LIBS) $(FWLIB) \ -lcrypto rsa_verify_benchmark: rsa_verify_benchmark.c timer_utils.c - $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ -lrt $(UTIL_LIBS) $(BASE_LIBS) \ + $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ -lrt $(UTIL_LIBS) $(FWLIB) \ -lcrypto sha_benchmark: sha_benchmark.c timer_utils.c - $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ -lrt $(BASE_LIBS) + $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ -lrt $(FWLIB) sha_tests: sha_tests.c - $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ $(BASE_LIBS) + $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ $(FWLIB) verify_firmware_fuzz_driver: verify_firmware_fuzz_driver.c \ rollback_index_mock.c diff --git a/utility/Makefile b/utility/Makefile index 86bd35d546..78b967adf5 100644 --- a/utility/Makefile +++ b/utility/Makefile @@ -6,8 +6,7 @@ TOP ?= ../ CC ?= gcc CXX ?= g++ INCLUDES += -I./include \ - -I../cryptolib/include \ - -I../common/include \ + -I$(FWDIR)/lib/cryptolib/include \ -I../misclibs/include \ -I../vfirmware/include\ -I../vkernel/include @@ -15,10 +14,7 @@ CFLAGS ?= -Wall -DNDEBUG -O3 -Werror $(INCLUDES) LIBS = $(TOP)/misclibs/file_keys.o \ $(TOP)/misclibs/signature_digest.o \ $(TOP)/vfirmware/firmware_image.o \ - $(TOP)/vfirmware/firmware_image_fw.o \ - $(TOP)/vkernel/kernel_image.o \ - $(TOP)/vkernel/kernel_image_fw.o -FIRMWARELIBS = $(TOP)/cryptolib/libcrypto.a $(TOP)/common/libcommon.a + $(TOP)/vkernel/kernel_image.o SUBDIRS = cgpt TARGET_BINS = dumpRSAPublicKey \ @@ -39,21 +35,19 @@ subdirs: dumpRSAPublicKey: dumpRSAPublicKey.c $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ -lcrypto -firmware_utility: firmware_utility.cc $(LIBS) $(FIRMWARELIBS) +firmware_utility: firmware_utility.cc $(LIBS) $(FWLIB) $(CXX) $(CFLAGS) $(INCLUDES) -ggdb -D__STDC_LIMIT_MACROS $< \ - -o $@ $(FIRMWARELIBS) $(LIBS) $(TOP)/common/libcommon.a \ - -lcrypto + -o $@ $(LIBS) $(FWLIB) -lcrypto -kernel_utility: kernel_utility.cc $(LIBS) $(FIRMWARELIBS) +kernel_utility: kernel_utility.cc $(LIBS) $(FWLIB) $(CXX) $(CFLAGS) $(INCLUDES) -ggdb -D__STDC_LIMIT_MACROS $< \ - -o $@ $(FIRMWARELIBS) $(LIBS) $(TOP)/common/libcommon.a \ - -lcrypto + -o $@ $(LIBS) $(FWLIB) -lcrypto -signature_digest_utility: signature_digest_utility.c $(LIBS) $(FIRMWARELIBS) - $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) $(FIRMWARELIBS) -lcrypto +signature_digest_utility: signature_digest_utility.c $(LIBS) $(FWLIB) + $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) $(FWLIB) -lcrypto -verify_data: verify_data.c $(LIBS) $(FIRMWARELIBS) - $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) $(FIRMWARELIBS) -lcrypto +verify_data: verify_data.c $(LIBS) $(FWLIB) + $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) $(FWLIB) -lcrypto clean: set -e; \ diff --git a/utility/cgpt/Makefile b/utility/cgpt/Makefile index cc3221c65f..e678c03e8a 100644 --- a/utility/cgpt/Makefile +++ b/utility/cgpt/Makefile @@ -6,8 +6,7 @@ TOP ?= ../../ CC ?= cc INCLUDES += -I$(TOP)/common/include CFLAGS += -Wall -Werror -ggdb -LIBS += $(TOP)/common/libcommon.a \ - $(TOP)/cgptlib/libcgpt.a +LIBS += $(TOP)/cgptlib/libcgpt.a $(FWLIB) all: cgpt diff --git a/vboot_firmware/Makefile b/vboot_firmware/Makefile new file mode 100644 index 0000000000..16669f5017 --- /dev/null +++ b/vboot_firmware/Makefile @@ -0,0 +1,44 @@ +# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +LIBNAME = vboot_fw.a + +CC ?= gcc +CFLAGS = -Wall -DNDEBUG -O3 -Werror + +FWTOP := $(shell pwd) +LIBDIR = $(FWTOP)/lib +STUBDIR = $(FWTOP)/stub +TESTDIR = $(FWTOP)/linktest + +INC = \ + -I$(FWTOP)/include \ + -I$(LIBDIR)/include \ + -I$(LIBDIR)/cryptolib/include + + +LIB_SRCS := $(shell find $(LIBDIR) -iname '*.c') +LIB_OBJS := $(LIB_SRCS:%.c=%.o) + +STUB_SRCS := $(shell find $(STUBDIR) -iname '*.c') +STUB_OBJS := $(STUB_SRCS:%.c=%.o) + + +test : $(LIBNAME) + $(CC) $(CFLAGS) $(INC) -o $(TESTDIR)/a.out $(TESTDIR)/main.c $(LIBNAME) + +$(LIBNAME) : $(LIB_OBJS) $(STUB_OBJS) + rm -f $@ + ar qc $@ $^ + +%o : %c + $(CC) $(CFLAGS) $(INC) -c -o $@ $< + +clean: FORCE + rm -f $(LIBNAME) $(LIB_OBJS) $(STUB_OBJS) $(TESTDIR)/a.out + +FORCE: + + +.PHONY: FORCE diff --git a/vboot_firmware/README b/vboot_firmware/README new file mode 100644 index 0000000000..2b0bff509b --- /dev/null +++ b/vboot_firmware/README @@ -0,0 +1,6 @@ + +lib/ is stuff that the BIOS needs to link with. + +stub/ is stuff to be implemented by the BIOS. + +include/ describes the interfaces between the two parts. diff --git a/common/include/boot_device.h b/vboot_firmware/include/boot_device.h similarity index 100% rename from common/include/boot_device.h rename to vboot_firmware/include/boot_device.h diff --git a/vfirmware/include/firmware_image_fw.h b/vboot_firmware/include/firmware_image_fw.h similarity index 100% rename from vfirmware/include/firmware_image_fw.h rename to vboot_firmware/include/firmware_image_fw.h diff --git a/vkernel/include/kernel_image_fw.h b/vboot_firmware/include/kernel_image_fw.h similarity index 100% rename from vkernel/include/kernel_image_fw.h rename to vboot_firmware/include/kernel_image_fw.h diff --git a/fwapi/include/load_kernel_fw.h b/vboot_firmware/include/load_kernel_fw.h similarity index 98% rename from fwapi/include/load_kernel_fw.h rename to vboot_firmware/include/load_kernel_fw.h index 0c7f1bf8be..1c7ed0714f 100644 --- a/fwapi/include/load_kernel_fw.h +++ b/vboot_firmware/include/load_kernel_fw.h @@ -38,7 +38,7 @@ typedef struct LoadKernelParams { uint64_t bootloader_size; /* Size of bootloader image in bytes */ } LoadKernelParams; -uintn_t LoadKernel(LoadKernelParams* params); +uint64_t LoadKernel(LoadKernelParams* params); /* Attempts to load the kernel from the current device. * * Returns LOAD_KERNEL_SUCCESS if successful, error code on failure. */ diff --git a/common/include/rollback_index.h b/vboot_firmware/include/rollback_index.h similarity index 100% rename from common/include/rollback_index.h rename to vboot_firmware/include/rollback_index.h diff --git a/common/include/tlcl.h b/vboot_firmware/include/tlcl.h similarity index 100% rename from common/include/tlcl.h rename to vboot_firmware/include/tlcl.h diff --git a/common/include/utility.h b/vboot_firmware/include/utility.h similarity index 100% rename from common/include/utility.h rename to vboot_firmware/include/utility.h diff --git a/vboot_firmware/lib/cryptolib/README b/vboot_firmware/lib/cryptolib/README new file mode 100644 index 0000000000..e576bb7bc4 --- /dev/null +++ b/vboot_firmware/lib/cryptolib/README @@ -0,0 +1,3 @@ +This contains the implementation for the crypto library. This includes +implementations for SHA1, SHA256, SHA512, and RSA signature verification +(for PKCS #1 v1.5 signatures). diff --git a/cryptolib/include/cryptolib.h b/vboot_firmware/lib/cryptolib/include/cryptolib.h similarity index 100% rename from cryptolib/include/cryptolib.h rename to vboot_firmware/lib/cryptolib/include/cryptolib.h diff --git a/cryptolib/include/padding.h b/vboot_firmware/lib/cryptolib/include/padding.h similarity index 100% rename from cryptolib/include/padding.h rename to vboot_firmware/lib/cryptolib/include/padding.h diff --git a/cryptolib/include/rsa.h b/vboot_firmware/lib/cryptolib/include/rsa.h similarity index 100% rename from cryptolib/include/rsa.h rename to vboot_firmware/lib/cryptolib/include/rsa.h diff --git a/cryptolib/include/sha.h b/vboot_firmware/lib/cryptolib/include/sha.h similarity index 100% rename from cryptolib/include/sha.h rename to vboot_firmware/lib/cryptolib/include/sha.h diff --git a/cryptolib/padding.c b/vboot_firmware/lib/cryptolib/padding.c similarity index 100% rename from cryptolib/padding.c rename to vboot_firmware/lib/cryptolib/padding.c diff --git a/cryptolib/rsa.c b/vboot_firmware/lib/cryptolib/rsa.c similarity index 100% rename from cryptolib/rsa.c rename to vboot_firmware/lib/cryptolib/rsa.c diff --git a/cryptolib/rsa_utility.c b/vboot_firmware/lib/cryptolib/rsa_utility.c similarity index 100% rename from cryptolib/rsa_utility.c rename to vboot_firmware/lib/cryptolib/rsa_utility.c diff --git a/cryptolib/sha1.c b/vboot_firmware/lib/cryptolib/sha1.c similarity index 100% rename from cryptolib/sha1.c rename to vboot_firmware/lib/cryptolib/sha1.c diff --git a/cryptolib/sha2.c b/vboot_firmware/lib/cryptolib/sha2.c similarity index 100% rename from cryptolib/sha2.c rename to vboot_firmware/lib/cryptolib/sha2.c diff --git a/cryptolib/sha_utility.c b/vboot_firmware/lib/cryptolib/sha_utility.c similarity index 100% rename from cryptolib/sha_utility.c rename to vboot_firmware/lib/cryptolib/sha_utility.c diff --git a/vfirmware/firmware_image_fw.c b/vboot_firmware/lib/firmware_image_fw.c similarity index 100% rename from vfirmware/firmware_image_fw.c rename to vboot_firmware/lib/firmware_image_fw.c diff --git a/common/include/tss_constants.h b/vboot_firmware/lib/include/tss_constants.h similarity index 100% rename from common/include/tss_constants.h rename to vboot_firmware/lib/include/tss_constants.h diff --git a/vkernel/kernel_image_fw.c b/vboot_firmware/lib/kernel_image_fw.c similarity index 100% rename from vkernel/kernel_image_fw.c rename to vboot_firmware/lib/kernel_image_fw.c diff --git a/common/rollback_index.c b/vboot_firmware/lib/rollback_index.c similarity index 100% rename from common/rollback_index.c rename to vboot_firmware/lib/rollback_index.c diff --git a/common/tlcl_stub.c b/vboot_firmware/lib/tlcl.c similarity index 100% rename from common/tlcl_stub.c rename to vboot_firmware/lib/tlcl.c diff --git a/vboot_firmware/linktest/main.c b/vboot_firmware/linktest/main.c new file mode 100644 index 0000000000..e2eb4d1316 --- /dev/null +++ b/vboot_firmware/linktest/main.c @@ -0,0 +1,55 @@ +#include + +#include "firmware_image_fw.h" +#include "kernel_image_fw.h" +#include "load_kernel_fw.h" +#include "rollback_index.h" +#include "tlcl.h" + +int main(void) +{ + + // firmware_image_fw.h + VerifyFirmwareHeader(0, 0, 0, 0); + VerifyFirmwarePreamble(0, 0, 0, 0); + VerifyFirmwareData(0, 0, 0, 0, 0); + VerifyFirmware(0, 0, 0); + GetLogicalFirmwareVersion(0); + VerifyFirmwareDriver_f(0, 0, 0, 0, 0); + + // kernel_image_fw.h + VerifyKernelHeader(0, 0, 0, 0, 0, 0); + VerifyKernelConfig(0, 0, 0, 0); + VerifyKernelData(0, 0, 0, 0, 0); + VerifyKernel(0, 0, 0); + GetLogicalKernelVersion(0); + VerifyKernelDriver_f(0, 0, 0, 0); + + // load_kernel_fw.h + // FIXME: LoadKernel(0); + + // rollback_index.h + SetupTPM(); + GetStoredVersion(0); + WriteStoredVersion(0, 0); + LockStoredVersion(0); + + // tlcl.h + TlclLibinit(); + TlclStartup(); + TlclSelftestfull(); + TlclDefineSpace(0, 0, 0); + TlclWrite(0, 0, 0); + TlclRead(0, 0, 0); + TlclWriteLock(0); + TlclReadLock(0); + TlclAssertPhysicalPresence(); + TlclSetNvLocked(); + TlclIsOwned(); + TlclForceClear(); + TlclPhysicalEnable(); + TlclPhysicalSetDeactivated(0); + TlclGetFlags(0, 0); + + return 0; +} diff --git a/common/boot_device_stub.c b/vboot_firmware/stub/boot_device_stub.c similarity index 100% rename from common/boot_device_stub.c rename to vboot_firmware/stub/boot_device_stub.c diff --git a/common/utility_stub.c b/vboot_firmware/stub/utility_stub.c similarity index 100% rename from common/utility_stub.c rename to vboot_firmware/stub/utility_stub.c diff --git a/vfirmware/Makefile b/vfirmware/Makefile index a915c316b6..be90dd5ee7 100644 --- a/vfirmware/Makefile +++ b/vfirmware/Makefile @@ -4,11 +4,11 @@ CC ?= gcc INCLUDES += -I./include \ - -I../cryptolib/include \ + -I$(FWDIR)/lib/cryptolib/include \ -I../common/include \ -I../misclibs/include CFLAGS ?= -Wall -DNDEBUG -O3 -Werror -FIRMWARE_OUT = firmware_image_fw.o firmware_image.o +FIRMWARE_OUT = firmware_image.o all: $(FIRMWARE_OUT) diff --git a/vkernel/Makefile b/vkernel/Makefile index fa69fc9e8d..f7dfd359d6 100644 --- a/vkernel/Makefile +++ b/vkernel/Makefile @@ -4,11 +4,11 @@ CC ?= gcc INCLUDES += -I./include \ - -I../cryptolib/include \ + -I$(FWDIR)/lib/cryptolib/include \ -I../common/include \ -I../misclibs/include CFLAGS ?= -Wall -DNDEBUG -O3 -Werror -KERNEL_OUT = kernel_image_fw.o kernel_image.o +KERNEL_OUT = kernel_image.o all: $(KERNEL_OUT)