From fc70d72aaab4d558e39ec43832375267603bfd93 Mon Sep 17 00:00:00 2001 From: Gaurav Shah Date: Wed, 31 Mar 2010 13:26:55 -0700 Subject: [PATCH] VBoot Reference: Refactoring Part 3 Refactor and restructure reference code into individual self-contain modules. I have revamped the way the code is structured to make it easy to determine which parts belong in the firmware and which are used by userland tools. common/ - common utilities and stub functions (Firmware) cryptolib/ - crypto library (Firmware) misclibs/ - miscellaneous userland libraries (Userland) sctips/ - Miscellaenous scripts (Userland) tests/ - Tests (Userland) vfirmware/ - Verified Firmware Implementation vfirmware/firmware_image_fw.c (Firmware) vfirmware/firmware_image.c (Userland) vkernel/ - Verified Kernel Implementation vkernel/kernel_image_fw.c (Firmware) vkernel/kernel_image.c (Userland) Review URL: http://codereview.chromium.org/1581005 --- Makefile | 8 ++-- README | 2 +- common/Makefile | 3 +- {include => common/include}/rollback_index.h | 0 {include => common/include}/tlcl.h | 0 {include => common/include}/utility.h | 0 {utils => common}/rollback_index.c | 0 {crypto => cryptolib}/Makefile | 6 ++- {include => cryptolib/include}/cryptolib.h | 0 {include => cryptolib/include}/padding.h | 0 {include => cryptolib/include}/rsa.h | 0 {include => cryptolib/include}/sha.h | 0 {crypto => cryptolib}/padding.c | 0 {crypto => cryptolib}/rsa.c | 0 {crypto => cryptolib}/rsa_utility.c | 0 {crypto => cryptolib}/sha1.c | 0 {crypto => cryptolib}/sha2.c | 0 {crypto => cryptolib}/sha_utility.c | 0 misclibs/Makefile | 24 ++++++++++ {utils => misclibs}/file_keys.c | 0 {include => misclibs/include}/file_keys.h | 0 .../include}/signature_digest.h | 0 {utils => misclibs}/signature_digest.c | 0 {crypto => scripts}/genpadding.sh | 0 {utils => scripts}/sign_data.sh | 0 tests/Makefile | 21 +++++---- tests/common.sh | 2 +- {utils => utility}/Makefile | 44 ++++++++----------- {utils => utility}/dumpRSAPublicKey.c | 0 {utils => utility}/firmware_utility.cc | 0 .../include}/firmware_utility.h | 0 {include => utility/include}/kernel_utility.h | 0 {include => utility/include}/verify_data.h | 0 {utils => utility}/kernel_utility.cc | 0 {utils => utility}/signature_digest_utility.c | 0 {utils => utility}/verify_data.c | 2 +- vfirmware/Makefile | 19 ++++++++ {utils => vfirmware}/firmware_image.c | 0 {utils => vfirmware}/firmware_image_fw.c | 0 .../include}/firmware_image.h | 0 .../include}/firmware_image_fw.h | 0 vkernel/Makefile | 19 ++++++++ {include => vkernel/include}/kernel_image.h | 0 .../include}/kernel_image_fw.h | 0 {utils => vkernel}/kernel_image.c | 0 {utils => vkernel}/kernel_image_fw.c | 0 46 files changed, 106 insertions(+), 44 deletions(-) rename {include => common/include}/rollback_index.h (100%) rename {include => common/include}/tlcl.h (100%) rename {include => common/include}/utility.h (100%) rename {utils => common}/rollback_index.c (100%) rename {crypto => cryptolib}/Makefile (78%) rename {include => cryptolib/include}/cryptolib.h (100%) rename {include => cryptolib/include}/padding.h (100%) rename {include => cryptolib/include}/rsa.h (100%) rename {include => cryptolib/include}/sha.h (100%) rename {crypto => cryptolib}/padding.c (100%) rename {crypto => cryptolib}/rsa.c (100%) rename {crypto => cryptolib}/rsa_utility.c (100%) rename {crypto => cryptolib}/sha1.c (100%) rename {crypto => cryptolib}/sha2.c (100%) rename {crypto => cryptolib}/sha_utility.c (100%) create mode 100644 misclibs/Makefile rename {utils => misclibs}/file_keys.c (100%) rename {include => misclibs/include}/file_keys.h (100%) rename {include => misclibs/include}/signature_digest.h (100%) rename {utils => misclibs}/signature_digest.c (100%) rename {crypto => scripts}/genpadding.sh (100%) rename {utils => scripts}/sign_data.sh (100%) rename {utils => utility}/Makefile (62%) rename {utils => utility}/dumpRSAPublicKey.c (100%) rename {utils => utility}/firmware_utility.cc (100%) rename {include => utility/include}/firmware_utility.h (100%) rename {include => utility/include}/kernel_utility.h (100%) rename {include => utility/include}/verify_data.h (100%) rename {utils => utility}/kernel_utility.cc (100%) rename {utils => utility}/signature_digest_utility.c (100%) rename {utils => utility}/verify_data.c (98%) create mode 100644 vfirmware/Makefile rename {utils => vfirmware}/firmware_image.c (100%) rename {utils => vfirmware}/firmware_image_fw.c (100%) rename {include => vfirmware/include}/firmware_image.h (100%) rename {include => vfirmware/include}/firmware_image_fw.h (100%) create mode 100644 vkernel/Makefile rename {include => vkernel/include}/kernel_image.h (100%) rename {include => vkernel/include}/kernel_image_fw.h (100%) rename {utils => vkernel}/kernel_image.c (100%) rename {utils => vkernel}/kernel_image_fw.c (100%) diff --git a/Makefile b/Makefile index 9d80a43d49..4db96faeca 100644 --- a/Makefile +++ b/Makefile @@ -5,10 +5,12 @@ export CC ?= gcc export CFLAGS = -Wall -DNDEBUG -O3 -Werror export TOP = $(shell pwd) -export INCLUDEDIR = $(TOP)/include -export INCLUDES = -I$(INCLUDEDIR) +export INCLUDES = \ + -I$(TOP)/common/include \ + -I$(TOP)/cryptolib/include \ + -I$(TOP)/misclibs/include -SUBDIRS=common crypto utils tests +SUBDIRS=common cryptolib misclibs vfirmware vkernel utility tests all: for i in $(SUBDIRS); do \ diff --git a/README b/README index 94d6b2ed45..cfe461d0e3 100644 --- a/README +++ b/README @@ -9,7 +9,7 @@ include/ - Contains all the code headers. firmware_image.h and kernel_image.h contains the structures that represent a verified boot firmware and kernel image. Note that the -crypto/ - Contains the implementation for the crypto library. This +cryptolib/ - Contains the implementation for the crypto library. This includes implementations for SHA1, SHA256, SHA512, and RSA signature verification (for PKCS #1 v1.5 signatures). diff --git a/common/Makefile b/common/Makefile index b9b4a5129b..c3cd857d52 100644 --- a/common/Makefile +++ b/common/Makefile @@ -2,8 +2,9 @@ # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. -SRCS = utility_stub.c tlcl_stub.c +SRCS = rollback_index.c tlcl_stub.c utility_stub.c OBJS = $(SRCS:.c=.o) +INCLUDES += -I./include/ all: libcommon.a diff --git a/include/rollback_index.h b/common/include/rollback_index.h similarity index 100% rename from include/rollback_index.h rename to common/include/rollback_index.h diff --git a/include/tlcl.h b/common/include/tlcl.h similarity index 100% rename from include/tlcl.h rename to common/include/tlcl.h diff --git a/include/utility.h b/common/include/utility.h similarity index 100% rename from include/utility.h rename to common/include/utility.h diff --git a/utils/rollback_index.c b/common/rollback_index.c similarity index 100% rename from utils/rollback_index.c rename to common/rollback_index.c diff --git a/crypto/Makefile b/cryptolib/Makefile similarity index 78% rename from crypto/Makefile rename to cryptolib/Makefile index bd2eabd3be..6fe364abea 100644 --- a/crypto/Makefile +++ b/cryptolib/Makefile @@ -2,17 +2,19 @@ # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. +TOP ?= ../ SRCS = rsa.c sha1.c sha2.c padding.c rsa_utility.c sha_utility.c OBJS = $(SRCS:.c=.o) CFLAGS += -DUNROLL_LOOPS -DHAVE_ENDIAN_H -DHAVE_LITTLE_ENDIAN +INCLUDES += -I./include/ -I$(TOP)/common/include/ all: libcrypto.a libcrypto.a: $(OBJS) ar rs libcrypto.a $(OBJS) -padding.c: genpadding.sh - ./genpadding.sh >$@ +padding.c: $(TOP)/scripts/genpadding.sh + $(TOP)/scripts/genpadding.sh >$@ .c.o: $(OBJS) $(CC) $(CFLAGS) -ansi $(INCLUDES) -c $< -o $@ diff --git a/include/cryptolib.h b/cryptolib/include/cryptolib.h similarity index 100% rename from include/cryptolib.h rename to cryptolib/include/cryptolib.h diff --git a/include/padding.h b/cryptolib/include/padding.h similarity index 100% rename from include/padding.h rename to cryptolib/include/padding.h diff --git a/include/rsa.h b/cryptolib/include/rsa.h similarity index 100% rename from include/rsa.h rename to cryptolib/include/rsa.h diff --git a/include/sha.h b/cryptolib/include/sha.h similarity index 100% rename from include/sha.h rename to cryptolib/include/sha.h diff --git a/crypto/padding.c b/cryptolib/padding.c similarity index 100% rename from crypto/padding.c rename to cryptolib/padding.c diff --git a/crypto/rsa.c b/cryptolib/rsa.c similarity index 100% rename from crypto/rsa.c rename to cryptolib/rsa.c diff --git a/crypto/rsa_utility.c b/cryptolib/rsa_utility.c similarity index 100% rename from crypto/rsa_utility.c rename to cryptolib/rsa_utility.c diff --git a/crypto/sha1.c b/cryptolib/sha1.c similarity index 100% rename from crypto/sha1.c rename to cryptolib/sha1.c diff --git a/crypto/sha2.c b/cryptolib/sha2.c similarity index 100% rename from crypto/sha2.c rename to cryptolib/sha2.c diff --git a/crypto/sha_utility.c b/cryptolib/sha_utility.c similarity index 100% rename from crypto/sha_utility.c rename to cryptolib/sha_utility.c diff --git a/misclibs/Makefile b/misclibs/Makefile new file mode 100644 index 0000000000..5aba67e8ec --- /dev/null +++ b/misclibs/Makefile @@ -0,0 +1,24 @@ +# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +TOP ?= ../ +CC ?= gcc +INCLUDES += -I./include \ + -I$(TOP)/common/include \ + -I$(TOP)/cryptolib/include \ + -I$(TOP)/vfirmware/include \ + -I$(TOP)/vkernel/include + +CFLAGS ?= -Wall -DNDEBUG -O3 -Werror $(INCLUDES) +TOP ?= ../ + +MISCLIB_OUT = file_keys.o signature_digest.o + +all: $(MISCLIB_OUT) + +.c.o: + $(CC) $(CFLAGS) $(INCLUDES) -c $< -o $@ + +clean: + rm -f $(MISCLIB_OUT) diff --git a/utils/file_keys.c b/misclibs/file_keys.c similarity index 100% rename from utils/file_keys.c rename to misclibs/file_keys.c diff --git a/include/file_keys.h b/misclibs/include/file_keys.h similarity index 100% rename from include/file_keys.h rename to misclibs/include/file_keys.h diff --git a/include/signature_digest.h b/misclibs/include/signature_digest.h similarity index 100% rename from include/signature_digest.h rename to misclibs/include/signature_digest.h diff --git a/utils/signature_digest.c b/misclibs/signature_digest.c similarity index 100% rename from utils/signature_digest.c rename to misclibs/signature_digest.c diff --git a/crypto/genpadding.sh b/scripts/genpadding.sh similarity index 100% rename from crypto/genpadding.sh rename to scripts/genpadding.sh diff --git a/utils/sign_data.sh b/scripts/sign_data.sh similarity index 100% rename from utils/sign_data.sh rename to scripts/sign_data.sh diff --git a/tests/Makefile b/tests/Makefile index 99e2d3a490..b14f74f6e0 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -4,15 +4,18 @@ CC ?= gcc CFLAGS ?= -Wall -DNDEBUG -O3 -Werror -INCLUDES ?= -I../include/ -TOP ?= ../ - -BASE_LIBS = $(TOP)/crypto/libcrypto.a $(TOP)/common/libcommon.a -IMAGE_LIBS = $(TOP)/utils/firmware_image.o \ - $(TOP)/utils/firmware_image_fw.o \ - $(TOP)/utils/kernel_image.o \ - $(TOP)/utils/kernel_image_fw.o -UTIL_LIBS = $(TOP)/utils/file_keys.o $(TOP)/utils/signature_digest.o +INCLUDES += -I./include \ + -I../cryptolib/include \ + -I../common/include \ + -I../misclibs/include \ + -I../vfirmware/include\ + -I../vkernel/include +BASE_LIBS = $(TOP)/cryptolib/libcrypto.a $(TOP)/common/libcommon.a +IMAGE_LIBS = $(TOP)/vfirmware/firmware_image.o \ + $(TOP)/vfirmware/firmware_image_fw.o \ + $(TOP)/vkernel/kernel_image.o \ + $(TOP)/vkernel/kernel_image_fw.o +UTIL_LIBS = $(TOP)/misclibs/file_keys.o $(TOP)/misclibs/signature_digest.o LIBS = $(IMAGE_LIBS) $(UTIL_LIBS) -lcrypto $(BASE_LIBS) TEST_BINS = big_firmware_tests \ diff --git a/tests/common.sh b/tests/common.sh index 82fdb85081..421f6290de 100755 --- a/tests/common.sh +++ b/tests/common.sh @@ -15,7 +15,7 @@ else SCRIPT_DIR="`pwd`"/"`dirname $0`" fi -UTIL_DIR=`dirname ${SCRIPT_DIR}`/utils +UTIL_DIR=`dirname ${SCRIPT_DIR}`/utility TEST_DIR=${SCRIPT_DIR} TESTKEY_DIR=${SCRIPT_DIR}/testkeys TESTCASE_DIR=${SCRIPT_DIR}/testcases diff --git a/utils/Makefile b/utility/Makefile similarity index 62% rename from utils/Makefile rename to utility/Makefile index 81de74f104..a5f6f584ea 100644 --- a/utils/Makefile +++ b/utility/Makefile @@ -2,24 +2,25 @@ # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. +TOP ?= ../ CC ?= gcc CXX ?= g++ -CFLAGS ?= -Wall -DNDEBUG -O3 -Werror -INCLUDES ?= -I../include/ -TOP ?= ../ +INCLUDES += -I./include \ + -I../cryptolib/include \ + -I../common/include \ + -I../misclibs/include \ + -I../vfirmware/include\ + -I../vkernel/include +CFLAGS ?= -Wall -DNDEBUG -O3 -Werror $(INCLUDES) +LIBS = $(TOP)/misclibs/file_keys.o \ + $(TOP)/misclibs/signature_digest.o \ + $(TOP)/vfirmware/firmware_image.o \ + $(TOP)/vfirmware/firmware_image_fw.o \ + $(TOP)/vkernel/kernel_image.o \ + $(TOP)/vkernel/kernel_image_fw.o +FIRMWARELIBS = $(TOP)/cryptolib/libcrypto.a $(TOP)/common/libcommon.a -LIBS = file_keys.o \ - firmware_image.o \ - firmware_image_fw.o \ - kernel_image.o \ - kernel_image_fw.o \ - rollback_index.o \ - signature_digest.o - -FIRMWARELIBS = $(TOP)/crypto/libcrypto.a $(TOP)/common/libcommon.a - -TARGET_BINS = $(LIBS) \ - dumpRSAPublicKey \ +TARGET_BINS = dumpRSAPublicKey \ firmware_utility \ kernel_utility \ signature_digest_utility \ @@ -27,23 +28,14 @@ TARGET_BINS = $(LIBS) \ all: $(TARGET_BINS) -.c.o: - $(CC) $(CFLAGS) $(INCLUDES) -c $< -o $@ - dumpRSAPublicKey: dumpRSAPublicKey.c - $(CC) $(CFLAGS) $< -o $@ -lcrypto - -firmware_image_fw.o: firmware_image_fw.c - $(CC) $(CFLAGS) -ansi $(INCLUDES) -c $^ -o $@ + $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ -lcrypto firmware_utility: firmware_utility.cc $(LIBS) $(FIRMWARELIBS) $(CXX) $(CFLAGS) $(INCLUDES) -ggdb -D__STDC_LIMIT_MACROS $< \ -o $@ $(FIRMWARELIBS) $(LIBS) $(TOP)/common/libcommon.a \ -lcrypto -kernel_image_fw.o: kernel_image_fw.c - $(CC) $(CFLAGS) -ansi $(INCLUDES) -c $< -o $@ - kernel_utility: kernel_utility.cc $(LIBS) $(FIRMWARELIBS) $(CXX) $(CFLAGS) $(INCLUDES) -ggdb -D__STDC_LIMIT_MACROS $< \ -o $@ $(FIRMWARELIBS) $(LIBS) $(TOP)/common/libcommon.a \ @@ -56,5 +48,5 @@ verify_data: verify_data.c $(LIBS) $(FIRMWARELIBS) $(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) $(FIRMWARELIBS) -lcrypto clean: - rm -f $(TARGET_BINS) $(LIBS) + rm -f $(TARGET_BINS) diff --git a/utils/dumpRSAPublicKey.c b/utility/dumpRSAPublicKey.c similarity index 100% rename from utils/dumpRSAPublicKey.c rename to utility/dumpRSAPublicKey.c diff --git a/utils/firmware_utility.cc b/utility/firmware_utility.cc similarity index 100% rename from utils/firmware_utility.cc rename to utility/firmware_utility.cc diff --git a/include/firmware_utility.h b/utility/include/firmware_utility.h similarity index 100% rename from include/firmware_utility.h rename to utility/include/firmware_utility.h diff --git a/include/kernel_utility.h b/utility/include/kernel_utility.h similarity index 100% rename from include/kernel_utility.h rename to utility/include/kernel_utility.h diff --git a/include/verify_data.h b/utility/include/verify_data.h similarity index 100% rename from include/verify_data.h rename to utility/include/verify_data.h diff --git a/utils/kernel_utility.cc b/utility/kernel_utility.cc similarity index 100% rename from utils/kernel_utility.cc rename to utility/kernel_utility.cc diff --git a/utils/signature_digest_utility.c b/utility/signature_digest_utility.c similarity index 100% rename from utils/signature_digest_utility.c rename to utility/signature_digest_utility.c diff --git a/utils/verify_data.c b/utility/verify_data.c similarity index 98% rename from utils/verify_data.c rename to utility/verify_data.c index e6cc8529f2..c9da240148 100644 --- a/utils/verify_data.c +++ b/utility/verify_data.c @@ -21,7 +21,7 @@ /* ANSI Color coding sequences. */ #define COL_GREEN "\e[1;32m" -#define COL_RED "\e[0;31m]" +#define COL_RED "\e[0;31m" #define COL_STOP "\e[m" uint8_t* read_signature(char* input_file, int len) { diff --git a/vfirmware/Makefile b/vfirmware/Makefile new file mode 100644 index 0000000000..a915c316b6 --- /dev/null +++ b/vfirmware/Makefile @@ -0,0 +1,19 @@ +# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +CC ?= gcc +INCLUDES += -I./include \ + -I../cryptolib/include \ + -I../common/include \ + -I../misclibs/include +CFLAGS ?= -Wall -DNDEBUG -O3 -Werror +FIRMWARE_OUT = firmware_image_fw.o firmware_image.o + +all: $(FIRMWARE_OUT) + +.c.o: + $(CC) $(CFLAGS) $(INCLUDES) -c $< -o $@ + +clean: + rm -f $(FIRMWARE_OUT) diff --git a/utils/firmware_image.c b/vfirmware/firmware_image.c similarity index 100% rename from utils/firmware_image.c rename to vfirmware/firmware_image.c diff --git a/utils/firmware_image_fw.c b/vfirmware/firmware_image_fw.c similarity index 100% rename from utils/firmware_image_fw.c rename to vfirmware/firmware_image_fw.c diff --git a/include/firmware_image.h b/vfirmware/include/firmware_image.h similarity index 100% rename from include/firmware_image.h rename to vfirmware/include/firmware_image.h diff --git a/include/firmware_image_fw.h b/vfirmware/include/firmware_image_fw.h similarity index 100% rename from include/firmware_image_fw.h rename to vfirmware/include/firmware_image_fw.h diff --git a/vkernel/Makefile b/vkernel/Makefile new file mode 100644 index 0000000000..fa69fc9e8d --- /dev/null +++ b/vkernel/Makefile @@ -0,0 +1,19 @@ +# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +CC ?= gcc +INCLUDES += -I./include \ + -I../cryptolib/include \ + -I../common/include \ + -I../misclibs/include +CFLAGS ?= -Wall -DNDEBUG -O3 -Werror +KERNEL_OUT = kernel_image_fw.o kernel_image.o + +all: $(KERNEL_OUT) + +.c.o: + $(CC) $(CFLAGS) $(INCLUDES) -c $< -o $@ + +clean: + rm -f $(KERNEL_OUT) diff --git a/include/kernel_image.h b/vkernel/include/kernel_image.h similarity index 100% rename from include/kernel_image.h rename to vkernel/include/kernel_image.h diff --git a/include/kernel_image_fw.h b/vkernel/include/kernel_image_fw.h similarity index 100% rename from include/kernel_image_fw.h rename to vkernel/include/kernel_image_fw.h diff --git a/utils/kernel_image.c b/vkernel/kernel_image.c similarity index 100% rename from utils/kernel_image.c rename to vkernel/kernel_image.c diff --git a/utils/kernel_image_fw.c b/vkernel/kernel_image_fw.c similarity index 100% rename from utils/kernel_image_fw.c rename to vkernel/kernel_image_fw.c