vboot: Split partition and vblock verification from LoadKernel()

LoadKernel() was a big function which did everything from looping over
partitions on a drive to loading the data within them to calling the
low-level verification functions on that data.  Split it apart into more
manageable chunks.  This also reduces indentation of the inner parts of
the code, whic increases readability.

No outwardly-visible functionality changes.

BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge

Change-Id: Iea79e70163f5d9f1a9d0d897e4a9bacc925a742d
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/404919
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>

firmware/2lib/include/2return_codes.h

@@ -446,6 +446,48 @@ enum vb2_return_code {
 	/* Kernel preamble not loaded before calling vb2api_get_kernel_size() */
 	VB2_ERROR_API_GET_KERNEL_SIZE_PREAMBLE,
 
+	/* Unable to unpack kernel subkey in vb2_verify_vblock() */
+	VB2_ERROR_VBLOCK_KERNEL_SUBKEY,
+
+	/*
+	 * Got a self-signed kernel in vb2_verify_vblock(), but need an
+	 * officially signed one.
+	 */
+	VB2_ERROR_VBLOCK_SELF_SIGNED,
+
+	/* Invalid keyblock hash in vb2_verify_vblock() */
+	VB2_ERROR_VBLOCK_KEYBLOCK_HASH,
+
+	/* Invalid keyblock in vb2_verify_vblock() */
+	VB2_ERROR_VBLOCK_KEYBLOCK,
+
+	/* Wrong developer key hash in vb2_verify_vblock() */
+	VB2_ERROR_VBLOCK_DEV_KEY_HASH,
+
+	/* Work buffer too small in vb2_load_partition() */
+	VB2_ERROR_LOAD_PARTITION_WORKBUF,
+
+	/* Unable to read vblock in vb2_load_partition() */
+	VB2_ERROR_LOAD_PARTITION_READ_VBLOCK,
+
+	/* Unable to verify vblock in vb2_load_partition() */
+	VB2_ERROR_LOAD_PARTITION_VERIFY_VBLOCK,
+
+	/* Kernel body offset too large in vb2_load_partition() */
+	VB2_ERROR_LOAD_PARTITION_BODY_OFFSET,
+
+	/* Kernel body too big in vb2_load_partition() */
+	VB2_ERROR_LOAD_PARTITION_BODY_SIZE,
+
+	/* Unable to read kernel body in vb2_load_partition() */
+	VB2_ERROR_LOAD_PARTITION_READ_BODY,
+
+	/* Unable to unpack data key in vb2_load_partition() */
+	VB2_ERROR_LOAD_PARTITION_DATA_KEY,
+
+	/* Unable to verify body in vb2_load_partition() */
+	VB2_ERROR_LOAD_PARTITION_VERIFY_BODY,
+
         /**********************************************************************
 	 * API-level errors
 	 */

firmware/lib/include/load_kernel_fw.h

@@ -26,16 +26,6 @@ struct RollbackSpaceFwmp;
 
 typedef struct LoadKernelParams {
 	/* Inputs to LoadKernel() */
-	/*
-	 * Buffer for data shared between LoadFirmware() and LoadKernel().
-	 * Pass the same buffer which was passed to LoadFirmware().
-	 */
-	void *shared_data_blob;
-	/*
-	 * Size of shared data blob buffer, in bytes.  On output, this will
-	 * contain the actual data size placed into the buffer.
-	 */
-	uint64_t shared_data_size;
 	/* Pointer to GBB data */
 	void *gbb_data;
 	/* Size of GBB data in bytes */
@@ -67,11 +57,11 @@ typedef struct LoadKernelParams {
 	 * LOAD_KERNEL_SUCCESS
 	 */
 	/* Partition number to boot on current device (1...M) */
-	uint64_t partition_number;
+	uint32_t partition_number;
 	/* Address of bootloader image in RAM */
 	uint64_t bootloader_address;
 	/* Size of bootloader image in bytes */
-	uint64_t bootloader_size;
+	uint32_t bootloader_size;
 	/* UniquePartitionGuid for boot partition */
 	uint8_t  partition_guid[16];
 	/* Flags passed in by signer */
@@ -86,25 +76,4 @@ typedef struct LoadKernelParams {
  */
 VbError_t LoadKernel(LoadKernelParams *params, VbCommonParams *cparams);
 
-/*
- * The bootloader is loaded using the EFI LoadImage() and StartImage() calls.
- * Pass this struct via loaded_image->load_options.
- */
-typedef struct KernelBootloaderOptions {
-	/* Drive number of boot device (0...N) */
-	uint64_t drive_number;
-	/*
-	 * Partition number, as returned from LoadKernel() in
-	 * LoadKernelParams.partition_number
-	 */
-	uint64_t partition_number;
-	/*
-	 * Absolute bootloader start adddress, as returned from LoadKernel() in
-	 * LoadKernelParams.bootloader_start
-	 */
-	uint64_t original_address;
-	  /* UniquePartitionGuid for boot partition */
-	uint8_t partition_guid[16];
-} KernelBootloaderOptions;
-
 #endif  /* VBOOT_REFERENCE_LOAD_KERNEL_FW_H_ */

firmware/lib/vboot_api_kernel.c

@@ -1087,8 +1087,6 @@ VbError_t VbSelectAndLoadKernel(VbCommonParams *cparams,
 
 	/* Fill in params for calls to LoadKernel() */
 	memset(&p, 0, sizeof(p));
-	p.shared_data_blob = cparams->shared_data_blob;
-	p.shared_data_size = cparams->shared_data_size;
 	p.gbb_data = cparams->gbb_data;
 	p.gbb_size = cparams->gbb_size;
 	p.fwmp = &fwmp;
@@ -1295,9 +1293,9 @@ VbError_t VbSelectAndLoadKernel(VbCommonParams *cparams,
 
 	/* Save disk parameters */
 	kparams->disk_handle = p.disk_handle;
-	kparams->partition_number = (uint32_t)p.partition_number;
+	kparams->partition_number = p.partition_number;
 	kparams->bootloader_address = p.bootloader_address;
-	kparams->bootloader_size = (uint32_t)p.bootloader_size;
+	kparams->bootloader_size = p.bootloader_size;
 	kparams->flags = p.flags;
 	memcpy(kparams->partition_guid, p.partition_guid,
 	       sizeof(kparams->partition_guid));

tests/vboot_kernel_tests.c

@@ -138,22 +138,22 @@ static void ResetMocks(void)
 	gbb->minor_version = GBB_MINOR_VER;
 	gbb->flags = 0;
 
+	memset(&shared_data, 0, sizeof(shared_data));
+	VbSharedDataInit(shared, sizeof(shared_data));
+	shared->kernel_version_tpm = 0x20001;
+
 	memset(&cparams, '\0', sizeof(cparams));
 	cparams.gbb = gbb;
 	cparams.gbb_data = gbb;
 	cparams.gbb_size = sizeof(gbb_data);
+	cparams.shared_data_blob = shared;
 
 	memset(&vnc, 0, sizeof(vnc));
 	VbNvSetup(&vnc);
 	VbNvTeardown(&vnc);                   /* So CRC gets generated */
 
-	memset(&shared_data, 0, sizeof(shared_data));
-	VbSharedDataInit(shared, sizeof(shared_data));
-	shared->kernel_version_tpm = 0x20001;
-
 	memset(&lkp, 0, sizeof(lkp));
 	lkp.nv_context = &vnc;
-	lkp.shared_data_blob = shared;
 	lkp.gbb_data = gbb;
 	lkp.gbb_size = sizeof(gbb_data);
 	lkp.bytes_per_lba = 512;
@@ -579,11 +579,6 @@ static void InvalidParamsTest(void)
 	TEST_EQ(LoadKernel(&lkp, &cparams), VBERROR_INVALID_PARAMETER,
 		"Bad lba count");
 
-	ResetMocks();
-	lkp.bytes_per_lba = 128*1024;
-	TEST_EQ(LoadKernel(&lkp, &cparams), VBERROR_INVALID_PARAMETER,
-		"Huge lba size");
-
 	ResetMocks();
 	gpt_init_fail = 1;
 	TEST_EQ(LoadKernel(&lkp, &cparams), VBERROR_NO_KERNEL_FOUND,

tests/verify_kernel.c

@@ -90,8 +90,8 @@ int main(int argc, char *argv[])
 	/* TODO: optional TPM current kernel version */
 
 	/* Set up params */
-	params.shared_data_blob = shared_data;
+	cparams.shared_data_blob = shared_data;
-	params.shared_data_size = sizeof(shared_data);
+	cparams.shared_data_size = sizeof(shared_data);
 	params.disk_handle = (VbExDiskHandle_t)1;
 	params.bytes_per_lba = 512;
 	params.streaming_lba_count = disk_bytes / 512;
@@ -126,7 +126,7 @@ int main(int argc, char *argv[])
 	}
 
 	printf("Found a good kernel.\n");
-	printf("Partition number:   %d\n", (int)params.partition_number);
+	printf("Partition number:   %u\n", params.partition_number);
 	printf("Bootloader address: 0x%" PRIx64 "\n",
 	       params.bootloader_address);
 

utility/load_kernel_test.c

@@ -180,10 +180,10 @@ int main(int argc, char* argv[]) {
   }
 
   /* Initialize the shared data area */
-  lkp.shared_data_blob = malloc(VB_SHARED_DATA_REC_SIZE);
+  cparams.shared_data_blob = malloc(VB_SHARED_DATA_REC_SIZE);
-  lkp.shared_data_size = VB_SHARED_DATA_REC_SIZE;
+  cparams.shared_data_size = VB_SHARED_DATA_REC_SIZE;
-  shared = (VbSharedDataHeader*)lkp.shared_data_blob;
+  shared = (VbSharedDataHeader*)cparams.shared_data_blob;
-  if (0 != VbSharedDataInit(shared, lkp.shared_data_size)) {
+  if (0 != VbSharedDataInit(shared, cparams.shared_data_size)) {
     fprintf(stderr, "Unable to init shared data\n");
     return 1;
   }
@@ -226,9 +226,9 @@ int main(int argc, char* argv[]) {
   printf("LoadKernel() returned %d\n", rv);
 
   if (VBERROR_SUCCESS == rv) {
-    printf("Partition number:   %" PRIu64 "\n", lkp.partition_number);
+    printf("Partition number:   %u\n", lkp.partition_number);
     printf("Bootloader address: %" PRIu64 "\n", lkp.bootloader_address);
-    printf("Bootloader size:    %" PRIu64 "\n", lkp.bootloader_size);
+    printf("Bootloader size:    %u\n", lkp.bootloader_size);
     printf("Partition guid:     "
            "%02x%02x%02x%02x-%02x%02x-%02x%02x"
            "-%02x%02x-%02x%02x%02x%02x%02x%02x\n",