VBoot Reference: Output debug information using debug() instead of fprintf().

This should make it easier to switch off debug messages if needed.

TESTS=builds fine, autotest builds fine (using both arm/x86-generic)

Review URL: http://codereview.chromium.org/1607006

common/rollback_index.c

@@ -9,9 +9,9 @@
 #include "rollback_index.h"
 
 #include <stdint.h>
-#include <stdio.h>
 #include <tss/tcs.h>
 
+#include "utility.h"
 #include "tlcl.h"
 
 uint16_t g_firmware_key_version = 0;
@@ -23,7 +23,7 @@ static void InitializeSpaces(void) {
   uint16_t zero = 0;
   uint32_t perm = TPM_NV_PER_WRITE_STCLEAR | TPM_NV_PER_PPWRITE;
 
-  fprintf(stderr, "Initializing spaces\n");
+  debug("Initializing spaces\n");
   TlclSetNvLocked();  /* useful only the first time */
 
   TlclDefineSpace(FIRMWARE_KEY_VERSION_NV_INDEX, perm, sizeof(uint16_t));
@@ -78,7 +78,7 @@ void SetupTPM(void) {
   TlclSelftestfull();
   TlclAssertPhysicalPresence();
   if (!GetTPMRollbackIndices()) {
-    fprintf(stderr, "Ho Ho Ho! We must jump to recovery.");
+    debug("Ho Ho Ho! We must jump to recovery.");
     EnterRecovery();
   }
 }

cryptolib/Makefile

@@ -5,7 +5,7 @@
 TOP ?= ../
 SRCS = rsa.c sha1.c sha2.c padding.c rsa_utility.c sha_utility.c
 OBJS = $(SRCS:.c=.o)
-CFLAGS += -DUNROLL_LOOPS -DHAVE_ENDIAN_H -DHAVE_LITTLE_ENDIAN
+CFLAGS += -DUNROLL_LOOPS -DHAVE_ENDIAN_H -DHAVE_LITTLE_ENDIAN -DNDEBUG
 INCLUDES += -I./include/ -I$(TOP)/common/include/
 
 all: libcrypto.a

misclibs/file_keys.c

@@ -25,12 +25,12 @@ uint8_t* BufferFromFile(const char* input_file, uint64_t* len) {
   uint8_t* buf = NULL;
 
   if ((fd = open(input_file, O_RDONLY)) == -1) {
-    fprintf(stderr, "Couldn't open file.\n");
+    debug("Couldn't open file.\n");
     return NULL;
   }
 
   if (-1 == fstat(fd, &stat_fd)) {
-    fprintf(stderr, "Couldn't stat key file\n");
+    debug("Couldn't stat key file\n");
     return NULL;
   }
   *len = stat_fd.st_size;
@@ -41,7 +41,7 @@ uint8_t* BufferFromFile(const char* input_file, uint64_t* len) {
     return NULL;
 
   if (*len != read(fd, buf, *len)) {
-    fprintf(stderr, "Couldn't read key into a buffer.\n");
+    debug("Couldn't read key into a buffer.\n");
     return NULL;
   }
 
@@ -103,13 +103,13 @@ uint8_t* SignatureFile(const char* input_file, const char* key_file,
   cmd_out = popen(cmd, "r");
   Free(cmd);
   if (!cmd_out) {
-    fprintf(stderr, "Couldn't execute: %s\n", cmd);
+    debug("Couldn't execute: %s\n", cmd);
     return NULL;
   }
 
   signature = (uint8_t*) Malloc(signature_size);
   if (fread(signature, signature_size, 1, cmd_out) != 1) {
-    fprintf(stderr, "Couldn't read signature.\n");
+    debug("Couldn't read signature.\n");
     pclose(cmd_out);
     Free(signature);
     return NULL;

misclibs/signature_digest.c

@@ -31,7 +31,7 @@ uint8_t* SignatureDigest(const uint8_t* buf, uint64_t len, int algorithm) {
   uint8_t* digest = NULL;
 
   if (algorithm >= kNumAlgorithms) {
-    fprintf(stderr, "SignatureDigest() called with invalid algorithm!\n");
+    debug("SignatureDigest() called with invalid algorithm!\n");
   } else if ((digest = DigestBuf(buf, len, algorithm))) {
     info_digest = PrependDigestInfo(algorithm, digest);
   }
@@ -49,14 +49,14 @@ uint8_t* SignatureBuf(const uint8_t* buf, uint64_t len, const char* key_file,
                               digestinfo_size_map[algorithm]);
   key_fp  = fopen(key_file, "r");
   if (!key_fp) {
-    fprintf(stderr, "SignatureBuf(): Couldn't open key file: %s\n", key_file);
+    debug("SignatureBuf(): Couldn't open key file: %s\n", key_file);
     Free(signature_digest);
     return NULL;
   }
   if ((key = PEM_read_RSAPrivateKey(key_fp, NULL, NULL, NULL)))
     signature = (uint8_t*) Malloc(siglen_map[algorithm]);
   else
-    fprintf(stderr, "SignatureBuf(): Couldn't read private key from file: %s\n",
+    debug("SignatureBuf(): Couldn't read private key from file: %s\n",
             key_file);
   if (signature) {
     if (-1 == RSA_private_encrypt(signature_digest_len,  /* Input length. */
@@ -64,7 +64,7 @@ uint8_t* SignatureBuf(const uint8_t* buf, uint64_t len, const char* key_file,
                                   signature,  /* Output signature. */
                                   key,  /* Key to use. */
                                   RSA_PKCS1_PADDING))  /* Padding to use. */
-      fprintf(stderr, "SignatureBuf(): RSA_private_encrypt() failed.\n");
+      debug("SignatureBuf(): RSA_private_encrypt() failed.\n");
   }
   fclose(key_fp);
   if (key)

tests/Makefile

@@ -2,6 +2,7 @@
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
+TOP ?= ../
 CC ?= gcc
 CFLAGS ?= -Wall -DNDEBUG -O3 -Werror
 INCLUDES += -I./include \

tests/big_firmware_tests.c

@@ -33,7 +33,7 @@ int BigFirmwareTest(void) {
   RSAPublicKey* root_key = RSAPublicKeyFromFile(kRootKeyPublicFile);
   uint8_t* root_key_blob = BufferFromFile(kRootKeyPublicFile, &len);
   uint8_t* firmware_sign_key_buf= BufferFromFile(kFirmwareKeyPublicFile, &len);
-  fprintf(stderr, "Generating Big FirmwareImage...");
+  debug("Generating Big FirmwareImage...");
   FirmwareImage* image =
       GenerateTestFirmwareImage(0, /* RSA1024/SHA1 */
                                 firmware_sign_key_buf,
@@ -47,7 +47,7 @@ int BigFirmwareTest(void) {
     error_code = 1;
     goto cleanup;
   }
-  fprintf(stderr, "Done.\n");
+  debug("Done.\n");
   TEST_EQ(VerifyFirmwareImage(root_key, image),
           VERIFY_FIRMWARE_SUCCESS,
           "Big FirmwareImage Verification");

tests/big_kernel_tests.c

@@ -33,7 +33,7 @@ int BigKernelTest() {
   RSAPublicKey* firmware_key = RSAPublicKeyFromFile(kFirmwareKeyPublicFile);
   uint8_t* firmware_key_blob = BufferFromFile(kFirmwareKeyPublicFile, &len);
   uint8_t* kernel_sign_key_buf = BufferFromFile(kKernelKeyPublicFile, &len);
-  fprintf(stderr, "Generating Big KernelImage...");
+  debug("Generating Big KernelImage...");
   KernelImage* image =
       GenerateTestKernelImage(3,  /* RSA2048/SHA1 */
                               0,  /* RSA1024/SHA1 */
@@ -48,7 +48,7 @@ int BigKernelTest() {
     error_code = 1;
     goto cleanup;
   }
-  fprintf(stderr, "Done.\n");
+  debug("Done.\n");
   TEST_EQ(VerifyKernelImage(firmware_key, image, 0),
           VERIFY_FIRMWARE_SUCCESS,
           "Big KernelImage Verification");

tests/firmware_verify_benchmark.c

@@ -60,7 +60,7 @@ int SpeedTestAlgorithm(int algorithm) {
   snprintf(file_name, FILE_NAME_SIZE, "testkeys/key_rsa%d.keyb", key_size);
   firmware_sign_key = BufferFromFile(file_name, &len);
   if (!firmware_sign_key) {
-    fprintf(stderr, "Couldn't read pre-processed firmware signing key.\n");
+    debug("Couldn't read pre-processed firmware signing key.\n");
     error_code = 1;
     goto cleanup;
   }
@@ -75,7 +75,7 @@ int SpeedTestAlgorithm(int algorithm) {
                                                  "testkeys/key_rsa8192.pem",
                                                  firmware_sign_key_file);
     if (!firmware_blobs[i]) {
-      fprintf(stderr, "Couldn't generate test firmware images.\n");
+      debug("Couldn't generate test firmware images.\n");
       error_code = 1;
       goto cleanup;
     }
@@ -84,7 +84,7 @@ int SpeedTestAlgorithm(int algorithm) {
   /* Get pre-processed key used for verification. */
   root_key_blob = BufferFromFile("testkeys/key_rsa8192.keyb", &len);
   if (!root_key_blob) {
-    fprintf(stderr, "Couldn't read pre-processed rootkey.\n");
+    debug("Couldn't read pre-processed rootkey.\n");
     error_code = 1;
     goto cleanup;
   }
@@ -95,7 +95,7 @@ int SpeedTestAlgorithm(int algorithm) {
     for (j = 0; j < NUM_OPERATIONS; ++j) {
       if (VERIFY_FIRMWARE_SUCCESS !=
           VerifyFirmware(root_key_blob, firmware_blobs[i]))
-        fprintf(stderr, "Warning: Firmware Verification Failed.\n");
+        debug("Warning: Firmware Verification Failed.\n");
     }
     StopTimer(&ct);
     msecs = (float) GetDurationMsecs(&ct) / NUM_OPERATIONS;

tests/kernel_rollback_tests.c

@@ -58,7 +58,7 @@ void VerifyKernelDriverTest(void) {
    * the full blown kernel boot logic. Updates to the kernel attributes
    * in the paritition table are not tested.
    */
-  fprintf(stderr, "Kernel A boot priority(15) > Kernel B boot priority(1)\n");
+  debug("Kernel A boot priority(15) > Kernel B boot priority(1)\n");
   TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
                                &valid_kernelA, &valid_kernelB,
                                DEV_MODE_DISABLED),
@@ -84,7 +84,7 @@ void VerifyKernelDriverTest(void) {
           "(Corrupt Kernel A (current version)\n"
           " Corrupt Kernel B (current version) runs Recovery):");
 
-  fprintf(stderr, "\nSwapping boot priorities...\n"
+  debug("\nSwapping boot priorities...\n"
          "Kernel B boot priority(15) > Kernel A boot priority(1)\n");
   valid_kernelA.boot_priority = corrupt_kernelA.boot_priority = 1;
   valid_kernelB.boot_priority = corrupt_kernelB.boot_priority = 15;
@@ -113,7 +113,7 @@ void VerifyKernelDriverTest(void) {
           "(Corrupt Kernel A (current version)\n"
           " Corrupt Kernel B (current version) runs Recovery):");
 
-  fprintf(stderr, "\nUpdating stored version information. Obsoleting "
+  debug("\nUpdating stored version information. Obsoleting "
           "exiting kernel images.\n");
   g_kernel_key_version = 2;
   g_kernel_version = 2;
@@ -124,7 +124,7 @@ void VerifyKernelDriverTest(void) {
           "(Valid Kernel A (old version)\n"
           " Valid Kernel B (old version) runs Recovery):");
 
-  fprintf(stderr, "\nGenerating updated Kernel A blob with "
+  debug("\nGenerating updated Kernel A blob with "
           "new version.\n");
   Free(valid_kernelA.kernel_blob);
   valid_kernelA.kernel_blob = GenerateRollbackTestKernelBlob(3, 3, 0);

tests/kernel_verify_benchmark.c

@@ -73,7 +73,7 @@ int SpeedTestAlgorithm(int firmware_sign_algorithm,
            kernel_key_size);
   kernel_sign_key = BufferFromFile(file_name, &len);
   if (!kernel_sign_key) {
-    fprintf(stderr, "Couldn't read pre-processed public kernel signing key.\n");
+    debug("Couldn't read pre-processed public kernel signing key.\n");
     error_code = 1;
     goto cleanup;
   }
@@ -89,7 +89,7 @@ int SpeedTestAlgorithm(int firmware_sign_algorithm,
                                              firmware_sign_key_file,
                                              kernel_sign_key_file);
     if (!kernel_blobs[i]) {
-      fprintf(stderr, "Couldn't generate test firmware images.\n");
+      debug("Couldn't generate test firmware images.\n");
       error_code = 1;
       goto cleanup;
     }
@@ -100,7 +100,7 @@ int SpeedTestAlgorithm(int firmware_sign_algorithm,
            firmware_key_size);
   firmware_key_blob = BufferFromFile(file_name, &len);
   if (!firmware_key_blob) {
-    fprintf(stderr, "Couldn't read pre-processed firmware public key.\n");
+    debug("Couldn't read pre-processed firmware public key.\n");
     error_code = 1;
     goto cleanup;
   }
@@ -111,7 +111,7 @@ int SpeedTestAlgorithm(int firmware_sign_algorithm,
     for (j = 0; j < NUM_OPERATIONS; ++j) {
       if (VERIFY_KERNEL_SUCCESS !=
           VerifyKernel(firmware_key_blob, kernel_blobs[i], 0))
-        fprintf(stderr, "Warning: Kernel Verification Failed.\n");
+        debug("Warning: Kernel Verification Failed.\n");
     }
     StopTimer(&ct);
     msecs = (float) GetDurationMsecs(&ct) / NUM_OPERATIONS;

tests/rollback_index_mock.c

@@ -17,7 +17,7 @@ uint16_t g_kernel_version = 0;
 
 void SetupTPM(void) {
 #ifndef NDEBUG
-  fprintf(stderr, "Rollback Index Library Mock: TPM initialized.\n");
+  debug("Rollback Index Library Mock: TPM initialized.\n");
 #endif
 }
 
@@ -55,13 +55,13 @@ int WriteStoredVersion(int type, uint16_t version) {
       break;
   }
 #ifndef NDEBUG
-  fprintf(stderr, "Rollback Index Library Mock: Stored Version written.\n");
+  debug("Rollback Index Library Mock: Stored Version written.\n");
 #endif
   return 1;
 }
 
 void LockStoredVersion(int type) {
 #ifndef NDEBUG
-  fprintf(stderr, "Rollback Index Library Mock: Version Locked.\n");
+  debug("Rollback Index Library Mock: Version Locked.\n");
 #endif
 }

tests/rsa_verify_benchmark.c

@@ -36,7 +36,7 @@ int SpeedTestAlgorithm(int algorithm) {
   snprintf(file_name, FILE_NAME_SIZE, "testkeys/key_rsa%d.keyb", key_size);
   key = RSAPublicKeyFromFile(file_name);
   if (!key) {
-    fprintf(stderr, "Couldn't read RSA Public key from file: %s\n", file_name);
+    debug("Couldn't read RSA Public key from file: %s\n", file_name);
     error_code = 1;
     goto failure;
   }
@@ -46,7 +46,7 @@ int SpeedTestAlgorithm(int algorithm) {
            sha_strings[algorithm]);
   digest = BufferFromFile(file_name, &digest_len);
   if (!digest) {
-    fprintf(stderr, "Couldn't read digest file.\n");
+    debug("Couldn't read digest file.\n");
     error_code = 1;
     goto failure;
   }
@@ -56,7 +56,7 @@ int SpeedTestAlgorithm(int algorithm) {
            key_size, sha_strings[algorithm]);
   signature = BufferFromFile(file_name, &sig_len);
   if (!signature) {
-    fprintf(stderr, "Couldn't read signature file.\n");
+    debug("Couldn't read signature file.\n");
     error_code = 1;
     goto failure;
   }
@@ -64,7 +64,7 @@ int SpeedTestAlgorithm(int algorithm) {
   StartTimer(&ct);
   for (i = 0; i < NUM_OPERATIONS; i++) {
     if (!RSAVerify(key, signature, sig_len, algorithm, digest))
-      fprintf(stderr, "Warning: Signature Check Failed.\n");
+      debug("Warning: Signature Check Failed.\n");
   }
   StopTimer(&ct);
 

tests/test_common.c

@@ -67,13 +67,13 @@ FirmwareImage* GenerateTestFirmwareImage(int algorithm,
 
   /* Generate and populate signatures. */
   if (!AddFirmwareKeySignature(image, root_key_file)) {
-    fprintf(stderr, "Couldn't create key signature.\n");
+    debug("Couldn't create key signature.\n");
     FirmwareImageFree(image);
     return NULL;
   }
 
   if (!AddFirmwareSignature(image, firmware_key_file)) {
-    fprintf(stderr, "Couldn't create firmware and preamble signature.\n");
+    debug("Couldn't create firmware and preamble signature.\n");
     FirmwareImageFree(image);
     return NULL;
   }
@@ -178,13 +178,13 @@ KernelImage* GenerateTestKernelImage(int firmware_sign_algorithm,
 
   /* Generate and populate signatures. */
   if (!AddKernelKeySignature(image, firmware_key_file)) {
-    fprintf(stderr, "Couldn't create key signature.\n");
+    debug("Couldn't create key signature.\n");
     KernelImageFree(image);
     return NULL;
   }
 
   if (!AddKernelSignature(image, kernel_key_file)) {
-    fprintf(stderr, "Couldn't create kernel option and kernel signature.\n");
+    debug("Couldn't create kernel option and kernel signature.\n");
     KernelImageFree(image);
     return NULL;
   }