Revert "Verified boot wrapper - replace utility functions"

This reverts commit bd81b3a7d3. Change-Id: I2be2c076a37bf0e49569248691fceac417254f0b Reviewed-on: http://gerrit.chromium.org/gerrit/3295 Reviewed-by: mukesh agrawal <quiche@chromium.org> Tested-by: mukesh agrawal <quiche@chromium.org>
2025-11-24 18:25:10 +00:00 · 2011-06-27 20:00:52 -07:00
parent 1c1a883bc7
commit a7b9481f34
15 changed files with 137 additions and 83 deletions
--- a/firmware/lib/cgptlib/cgptlib.c
+++ b/firmware/lib/cgptlib/cgptlib.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+/* Copyright (c) 2010-2011 The Chromium OS Authors. All rights reserved.
 * Use of this source code is governed by a BSD-style license that can be
 * found in the LICENSE file.
 */
@@ -8,7 +8,6 @@
 #include "crc32.h"
 #include "gpt.h"
 #include "utility.h"
-#include "vboot_api.h"

 int GptInit(GptData *gpt) {
  int retval;
--- a/firmware/lib/cryptolib/include/sha.h
+++ b/firmware/lib/cryptolib/include/sha.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
 * Use of this source code is governed by a BSD-style license that can be
 * found in the LICENSE file.
 */
@@ -107,7 +107,7 @@ typedef struct DigestContext {

 /* Initialize a digest context for use with signature algorithm [algorithm]. */
 void DigestInit(DigestContext* ctx, int sig_algorithm);
-void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint32_t len);
+void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint64_t len);

 /* Caller owns the returned digest and must free it. */
 uint8_t* DigestFinal(DigestContext* ctx);
--- a/firmware/lib/cryptolib/rsa.c
+++ b/firmware/lib/cryptolib/rsa.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
 * Use of this source code is governed by a BSD-style license that can be
 * found in the LICENSE file.
 */
@@ -9,7 +9,6 @@
 */

 #include "cryptolib.h"
-#include "vboot_api.h"
 #include "utility.h"

 /* a[] -= mod */
@@ -78,9 +77,9 @@ static void montMul(const RSAPublicKey *key,
 */
 static void modpowF4(const RSAPublicKey *key,
                    uint8_t* inout) {
-  uint32_t* a = (uint32_t*) VbExMalloc(key->len * sizeof(uint32_t));
-  uint32_t* aR = (uint32_t*) VbExMalloc(key->len * sizeof(uint32_t));
-  uint32_t* aaR = (uint32_t*) VbExMalloc(key->len * sizeof(uint32_t));
+  uint32_t* a = (uint32_t*) Malloc(key->len * sizeof(uint32_t));
+  uint32_t* aR = (uint32_t*) Malloc(key->len * sizeof(uint32_t));
+  uint32_t* aaR = (uint32_t*) Malloc(key->len * sizeof(uint32_t));

  uint32_t* aaa = aaR;  /* Re-use location. */
  int i;
@@ -117,9 +116,9 @@ static void modpowF4(const RSAPublicKey *key,
    *inout++ = (uint8_t)(tmp >>  0);
  }

-  VbExFree(a);
-  VbExFree(aR);
-  VbExFree(aaR);
+  Free(a);
+  Free(aR);
+  Free(aaR);
 }

 /* Verify a RSA PKCS1.5 signature against an expected hash.
@@ -153,7 +152,7 @@ int RSAVerify(const RSAPublicKey *key,
    return 0;
  }

-  buf = (uint8_t*) VbExMalloc(sig_len);
+  buf = (uint8_t*) Malloc(sig_len);
  if (!buf)
    return 0;
  Memcpy(buf, sig, sig_len);
@@ -178,7 +177,7 @@ int RSAVerify(const RSAPublicKey *key,
    VBDEBUG(("In RSAVerify(): Hash check failed!\n"));
    success  = 0;
  }
-  VbExFree(buf);
+  Free(buf);

  return success;
 }
--- a/firmware/lib/cryptolib/rsa_utility.c
+++ b/firmware/lib/cryptolib/rsa_utility.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
 * Use of this source code is governed by a BSD-style license that can be
 * found in the LICENSE file.
 *
@@ -8,12 +8,11 @@
 #include "cryptolib.h"
 #include "stateful_util.h"
 #include "utility.h"
-#include "vboot_api.h"

 uint64_t RSAProcessedKeySize(uint64_t algorithm, uint64_t* out_size) {
-  int key_len; /* Key length in bytes.  (int type matches siglen_map) */
+  uint64_t key_len; /* Key length in bytes. */
  if (algorithm < kNumAlgorithms) {
-    key_len = siglen_map[algorithm];
+    key_len =  siglen_map[algorithm];
    /* Total size needed by a RSAPublicKey structure is =
     *  2 * key_len bytes for the  n and rr arrays
     *  + sizeof len + sizeof n0inv.
@@ -25,7 +24,7 @@ uint64_t RSAProcessedKeySize(uint64_t algorithm, uint64_t* out_size) {
 }

 RSAPublicKey* RSAPublicKeyNew(void) {
-  RSAPublicKey* key = (RSAPublicKey*) VbExMalloc(sizeof(RSAPublicKey));
+  RSAPublicKey* key = (RSAPublicKey*) Malloc(sizeof(RSAPublicKey));
  key->n = NULL;
  key->rr = NULL;
  return key;
@@ -33,9 +32,9 @@ RSAPublicKey* RSAPublicKeyNew(void) {

 void RSAPublicKeyFree(RSAPublicKey* key) {
  if (key) {
-    VbExFree(key->n);
-    VbExFree(key->rr);
-    VbExFree(key);
+    Free(key->n);
+    Free(key->rr);
+    Free(key);
  }
 }

@@ -60,8 +59,8 @@ RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, uint64_t len) {
    return NULL;
  }

-  key->n = (uint32_t*) VbExMalloc(key_len);
-  key->rr = (uint32_t*) VbExMalloc(key_len);
+  key->n = (uint32_t*) Malloc(key_len);
+  key->rr = (uint32_t*) Malloc(key_len);

  StatefulMemcpy(&st, &key->n0inv, sizeof(key->n0inv));
  StatefulMemcpy(&st, key->n, key_len);
@@ -107,7 +106,7 @@ int RSAVerifyBinary_f(const uint8_t* key_blob,
  success = RSAVerify(verification_key, sig, (uint32_t)sig_size,
                      (uint8_t)algorithm, digest);

-  VbExFree(digest);
+  Free(digest);
  if (!key)
    RSAPublicKeyFree(verification_key);  /* Only free if we allocated it. */
  return success;
--- a/firmware/lib/cryptolib/sha_utility.c
+++ b/firmware/lib/cryptolib/sha_utility.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
 * Use of this source code is governed by a BSD-style license that can be
 * found in the LICENSE file.
 *
@@ -7,27 +7,26 @@

 #include "cryptolib.h"
 #include "utility.h"
-#include "vboot_api.h"

 void DigestInit(DigestContext* ctx, int sig_algorithm) {
  ctx->algorithm = hash_type_map[sig_algorithm];
  switch(ctx->algorithm) {
    case SHA1_DIGEST_ALGORITHM:
-      ctx->sha1_ctx = (SHA1_CTX*) VbExMalloc(sizeof(SHA1_CTX));
+      ctx->sha1_ctx = (SHA1_CTX*) Malloc(sizeof(SHA1_CTX));
      SHA1_init(ctx->sha1_ctx);
      break;
    case SHA256_DIGEST_ALGORITHM:
-      ctx->sha256_ctx = (SHA256_CTX*) VbExMalloc(sizeof(SHA256_CTX));
+      ctx->sha256_ctx = (SHA256_CTX*) Malloc(sizeof(SHA256_CTX));
      SHA256_init(ctx->sha256_ctx);
      break;
    case SHA512_DIGEST_ALGORITHM:
-      ctx->sha512_ctx = (SHA512_CTX*) VbExMalloc(sizeof(SHA512_CTX));
+      ctx->sha512_ctx = (SHA512_CTX*) Malloc(sizeof(SHA512_CTX));
      SHA512_init(ctx->sha512_ctx);
      break;
  };
 }

-void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint32_t len) {
+void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint64_t len) {
  switch(ctx->algorithm) {
    case SHA1_DIGEST_ALGORITHM:
      SHA1_update(ctx->sha1_ctx, data, len);
@@ -45,27 +44,26 @@ uint8_t* DigestFinal(DigestContext* ctx) {
  uint8_t* digest = NULL;
  switch(ctx->algorithm) {
    case SHA1_DIGEST_ALGORITHM:
-      digest = (uint8_t*) VbExMalloc(SHA1_DIGEST_SIZE);
+      digest = (uint8_t*) Malloc(SHA1_DIGEST_SIZE);
      Memcpy(digest, SHA1_final(ctx->sha1_ctx), SHA1_DIGEST_SIZE);
-      VbExFree(ctx->sha1_ctx);
+      Free(ctx->sha1_ctx);
      break;
    case SHA256_DIGEST_ALGORITHM:
-      digest = (uint8_t*) VbExMalloc(SHA256_DIGEST_SIZE);
+      digest = (uint8_t*) Malloc(SHA256_DIGEST_SIZE);
      Memcpy(digest, SHA256_final(ctx->sha256_ctx), SHA256_DIGEST_SIZE);
-      VbExFree(ctx->sha256_ctx);
+      Free(ctx->sha256_ctx);
      break;
    case SHA512_DIGEST_ALGORITHM:
-      digest = (uint8_t*) VbExMalloc(SHA512_DIGEST_SIZE);
+      digest = (uint8_t*) Malloc(SHA512_DIGEST_SIZE);
      Memcpy(digest, SHA512_final(ctx->sha512_ctx), SHA512_DIGEST_SIZE);
-      VbExFree(ctx->sha512_ctx);
+      Free(ctx->sha512_ctx);
      break;
  };
  return digest;
 }

 uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm) {
-  /* Allocate enough space for the largest digest */
-  uint8_t* digest = (uint8_t*) VbExMalloc(SHA512_DIGEST_SIZE);
+  uint8_t* digest = (uint8_t*) Malloc(SHA512_DIGEST_SIZE); /* Use the max. */
  /* Define an array mapping [sig_algorithm] to function pointers to the
   * SHA{1|256|512} functions.
   */
--- a/firmware/lib/rollback_index.c
+++ b/firmware/lib/rollback_index.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+/* Copyright (c) 2010-2011 The Chromium OS Authors. All rights reserved.
 * Use of this source code is governed by a BSD-style license that can be
 * found in the LICENSE file.
 *
@@ -7,11 +7,11 @@
 */

 #include "rollback_index.h"
+
 #include "tlcl.h"
 #include "tpm_bootmode.h"
 #include "tss_constants.h"
 #include "utility.h"
-#include "vboot_api.h"

 static int g_rollback_recovery_mode = 0;

--- a/firmware/lib/tpm_bootmode.c
+++ b/firmware/lib/tpm_bootmode.c
@@ -9,7 +9,6 @@

 #include "tlcl.h"
 #include "utility.h"
-#include "vboot_api.h"

 /* TPM PCR to use for storing boot mode measurements. */
 #define BOOT_MODE_PCR 0
--- a/firmware/lib/tpm_lite/tlcl.c
+++ b/firmware/lib/tpm_lite/tlcl.c
@@ -19,7 +19,6 @@
 #include "tlcl_internal.h"
 #include "tlcl_structures.h"
 #include "utility.h"
-#include "vboot_api.h"

 /* Sets the size field of a TPM command. */
 static INLINE void SetTpmCommandSize(uint8_t* buffer, uint32_t size) {
--- a/firmware/lib/vboot_common.c
+++ b/firmware/lib/vboot_common.c
@@ -7,7 +7,6 @@
 */


-#include "vboot_api.h"
 #include "vboot_common.h"
 #include "utility.h"

@@ -232,7 +231,7 @@ int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size,
                                SHA512_DIGEST_ALGORITHM);
    rv = SafeMemcmp(header_checksum, GetSignatureDataC(sig),
                    SHA512_DIGEST_SIZE);
-    VbExFree(header_checksum);
+    Free(header_checksum);
    if (rv) {
      VBDEBUG(("Invalid key block hash.\n"));
      return VBOOT_KEY_BLOCK_HASH;
--- a/firmware/lib/vboot_firmware.c
+++ b/firmware/lib/vboot_firmware.c
@@ -11,7 +11,6 @@
 #include "rollback_index.h"
 #include "tpm_bootmode.h"
 #include "utility.h"
-#include "vboot_api.h"
 #include "vboot_common.h"
 #include "vboot_nvstorage.h"

@@ -78,7 +77,7 @@ int LoadFirmware(LoadFirmwareParams* params) {
    recovery = VBNV_RECOVERY_RO_SHARED_DATA;
    goto LoadFirmwareExit;
  }
-  shared->timer_load_firmware_enter = VbExGetTimer();
+  shared->timer_load_firmware_enter = VbGetTimer();

  /* Handle test errors */
  VbNvGet(vnc, VBNV_TEST_ERROR_FUNC, &test_err);
@@ -137,7 +136,7 @@ int LoadFirmware(LoadFirmwareParams* params) {
  }

  /* Allocate our internal data */
-  lfi = (VbLoadFirmwareInternal*)VbExMalloc(sizeof(VbLoadFirmwareInternal));
+  lfi = (VbLoadFirmwareInternal*)Malloc(sizeof(VbLoadFirmwareInternal));
  if (!lfi)
    return LOAD_FIRMWARE_RECOVERY;

@@ -276,7 +275,7 @@ int LoadFirmware(LoadFirmwareParams* params) {
      VBDEBUG(("Firmware body verification failed.\n"));
      *check_result = VBSD_LF_CHECK_VERIFY_BODY;
      RSAPublicKeyFree(data_key);
-      VbExFree(body_digest);
+      Free(body_digest);
      VBPERFEND("VB_VFD");
      continue;
    }
@@ -284,7 +283,7 @@ int LoadFirmware(LoadFirmwareParams* params) {

    /* Done with the digest and data key, so can free them now */
    RSAPublicKeyFree(data_key);
-    VbExFree(body_digest);
+    Free(body_digest);

    /* If we're still here, the firmware is valid. */
    VBDEBUG(("Firmware %d is valid.\n", index));
@@ -328,7 +327,7 @@ int LoadFirmware(LoadFirmwareParams* params) {
  }

  /* Free internal data */
-  VbExFree(lfi);
+  Free(lfi);
  params->load_firmware_internal = NULL;

  /* Handle finding good firmware */
@@ -391,7 +390,7 @@ LoadFirmwareExit:
          recovery : VBNV_RECOVERY_NOT_REQUESTED);
  VbNvTeardown(vnc);

-  shared->timer_load_firmware_exit = VbExGetTimer();
+  shared->timer_load_firmware_exit = VbGetTimer();

  /* Note that we don't reduce params->shared_data_size to shared->data_used,
   * since we want to leave space for LoadKernel() to add to the shared data
--- a/firmware/lib/vboot_kernel.c
+++ b/firmware/lib/vboot_kernel.c
@@ -6,6 +6,8 @@
 * (Firmware portion)
 */

+#include "vboot_kernel.h"
+
 #include "boot_device.h"
 #include "cgptlib.h"
 #include "cgptlib_internal.h"
@@ -13,9 +15,7 @@
 #include "load_kernel_fw.h"
 #include "rollback_index.h"
 #include "utility.h"
-#include "vboot_api.h"
 #include "vboot_common.h"
-#include "vboot_kernel.h"

 #define KBUF_SIZE 65536  /* Bytes to read at start of kernel partition */
 #define LOWEST_TPM_VERSION 0xffffffff
@@ -40,10 +40,10 @@ int AllocAndReadGptData(GptData* gptdata) {
  gptdata->modified = 0;

  /* Allocate all buffers */
-  gptdata->primary_header = (uint8_t*)VbExMalloc(gptdata->sector_bytes);
-  gptdata->secondary_header = (uint8_t*)VbExMalloc(gptdata->sector_bytes);
-  gptdata->primary_entries = (uint8_t*)VbExMalloc(TOTAL_ENTRIES_SIZE);
-  gptdata->secondary_entries = (uint8_t*)VbExMalloc(TOTAL_ENTRIES_SIZE);
+  gptdata->primary_header = (uint8_t*)Malloc(gptdata->sector_bytes);
+  gptdata->secondary_header = (uint8_t*)Malloc(gptdata->sector_bytes);
+  gptdata->primary_entries = (uint8_t*)Malloc(TOTAL_ENTRIES_SIZE);
+  gptdata->secondary_entries = (uint8_t*)Malloc(TOTAL_ENTRIES_SIZE);

  if (gptdata->primary_header == NULL || gptdata->secondary_header == NULL ||
      gptdata->primary_entries == NULL || gptdata->secondary_entries == NULL)
@@ -79,7 +79,7 @@ int WriteAndFreeGptData(GptData* gptdata) {
      if (0 != BootDeviceWriteLBA(1, 1, gptdata->primary_header))
        return 1;
    }
-    VbExFree(gptdata->primary_header);
+    Free(gptdata->primary_header);
  }

  if (gptdata->primary_entries) {
@@ -89,7 +89,7 @@ int WriteAndFreeGptData(GptData* gptdata) {
                                  gptdata->primary_entries))
        return 1;
    }
-    VbExFree(gptdata->primary_entries);
+    Free(gptdata->primary_entries);
  }

  if (gptdata->secondary_entries) {
@@ -99,7 +99,7 @@ int WriteAndFreeGptData(GptData* gptdata) {
                                  entries_sectors, gptdata->secondary_entries))
        return 1;
    }
-    VbExFree(gptdata->secondary_entries);
+    Free(gptdata->secondary_entries);
  }

  if (gptdata->secondary_header) {
@@ -109,7 +109,7 @@ int WriteAndFreeGptData(GptData* gptdata) {
                                  gptdata->secondary_header))
        return 1;
    }
-    VbExFree(gptdata->secondary_header);
+    Free(gptdata->secondary_header);
  }

  /* Success */
@@ -142,7 +142,7 @@ int LoadKernel(LoadKernelParams* params) {

  int retval = LOAD_KERNEL_RECOVERY;
  int recovery = VBNV_RECOVERY_RO_UNSPECIFIED;
-  uint64_t timer_enter = VbExGetTimer();
+  uint64_t timer_enter = VbGetTimer();

  /* Setup NV storage */
  VbNvSetup(vnc);
@@ -300,7 +300,7 @@ int LoadKernel(LoadKernelParams* params) {
    }

    /* Allocate kernel header buffers */
-    kbuf = (uint8_t*)VbExMalloc(KBUF_SIZE);
+    kbuf = (uint8_t*)Malloc(KBUF_SIZE);
    if (!kbuf)
      break;

@@ -585,7 +585,7 @@ int LoadKernel(LoadKernelParams* params) {

  /* Free kernel buffer */
  if (kbuf)
-    VbExFree(kbuf);
+    Free(kbuf);

  /* Write and free GPT data */
  WriteAndFreeGptData(&gpt);
@@ -665,7 +665,7 @@ LoadKernelExit:

    /* Save timer values */
    shared->timer_load_kernel_enter = timer_enter;
-    shared->timer_load_kernel_exit = VbExGetTimer();
+    shared->timer_load_kernel_exit = VbGetTimer();
    /* Store how much shared data we used, if any */
    params->shared_data_size = shared->data_used;
  }