scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-24 02:05:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,662 Commits 52 Branches 2 Tags
dcbd8103376589dac48f896f3654a93b6943584c
Commit Graph

19 Commits

Author SHA1 Message Date
Daisuke Nojiri
dc96c6c018 bdb: Add bdb_get_hash_by_index 
bdb_get_hash_by_index returns a hash entry from a BDB using an index.
bdb_get_hash is also renamed to bdb_get_hash_by_type. bdb_get_hash
is deprecated. Callers are expected to call bdb_get_hash_by_index(buf, 0)
instead.

BUG=none
BRANCH=none
TEST=make runtests

Change-Id: Id99926123c0ac9094574eb057c63f79eceda2867
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/392947
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2016-10-11 10:56:54 -07:00
Daisuke Nojiri
9928e2ffc2 bdb: Add 'bdb --resign' to futility 
'resign' sub-command signs a BDB using keys provided. It can resign only
the data key, the hashes, or both. Required keys vary depending on what
part of BDB is invalid and on what public key is specified in the command
line. It then detects what key is needed based on
the verification result and fails if the required key is not provided.

BUG=chromium:649554
BRANCH=none
TEST=make runtests. Ran futility bdb --create, --add, --resign, --verify

Change-Id: I589a5972f1d7e5066eb56e1c5efb4ee7089d41cd
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/387118
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2016-10-04 21:19:09 -07:00
Daisuke Nojiri
351bc294ed bdb: Add 'bdb --add' to futility 
futility bdb --add appends a new hash entry to the given BDB.
The resulting BDB does not have a valid signature and is expected to
be resigned by 'resign' sub-command after all hashes are added.

BUG=chromium:649554
BRANCH=none
TEST=make runtest. Ran futility bdb --add, then --resign, then --verify
(to be implemented)

Change-Id: Icdf185f8ac268a23bb3954f5e78df6f80e749e18
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/387117
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2016-10-04 00:33:20 -07:00
Daisuke Nojiri
84928a0baa bdb: Assign different codes for data validation errors 
This patch adds BDB_ERROR_DATA_CHECK_SIG and BD_ERROR_DATA_SIGNED_SIZE
to distiniguish data signature validation errors.

'futility bdb --resign' uses these to decide whether to resign is needed
or not.

BUG=chromium:649554
BRANCH=none
TEST=make runtests

Change-Id: I19137801ece2424ae575092c51d02664c8b73ba3
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/386795
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2016-10-04 00:33:18 -07:00
Daisuke Nojiri
8130e50341 bdb: Add bdb_extend 
bdb_extend prints out secrets derived from the given BDS based on
the given BDB.

BUG=chromium:649555
BRANCH=none
TEST=make runtests. Ran bdb_extend -s bds.bin -b bdb.bin (with/without -m)

Change-Id: I8d9f73468992dad4cb93a422c0eae0977be9a16f
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/385539
 2016-10-01 00:01:13 -07:00
Daisuke Nojiri
3b44f30597 bdb: Add functions to get attributes of BDB components 
These APIs return size and offsets of BDB components. They help code
look more descriptive.

BUG=none
BRANCH=none
TEST=make runtests

Change-Id: I29326e249d9f2b88d5716f878f8415703f63360c
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/388813
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2016-10-01 00:01:12 -07:00
Daisuke Nojiri
626e0b034d bdb: Add secret deriving code for SP-RO 
This patch adds code which dervies secrets from BDS. It's supposed to be
done by SP-RO, hence the code is mostly useful for testing (or emulation).

vba_extend_secrets_ro takes a function pointer to a hash extend
function. It'll be used to try different sha256 extend algorithms.

BUG=chromium:649555
BRANCH=none
TEST=make runtests

Change-Id: I8fef6b851fb84686d8bcdd948b36160016687c51
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/384354
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2016-10-01 00:01:10 -07:00
Daisuke Nojiri
01fb293825 bdb: Make bdb_verify accept null pointer for key digest 
If key digest matching is not required (i.e. verify-bdb-key efuse
flag is not set), bdb_verify skips digest matching. This change makes
bdb_verify accept null pointer for the key digest parameter.

BUG=chromium:649555
BRANCH=none
TEST=make runtests

Change-Id: I14e5bd02526684b7b7bca1e1701cf04056df83ea
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/385538
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2016-10-01 00:01:09 -07:00
Daisuke Nojiri
10d5cfe461 bdb: Define RSA symbols non-weakly 
Defining these symbols weakly causes the output executable to hit
segmentation fault because ld chooses *UND* symbols over the definition
when they appear in *.a archive:

$ objdump -t build/libvboot_utilbdb.a
bdb.o:
0000000000000000 w   *UND* 0000000000000000 bdb_rsa4096_verify
...
rsa.o
000000000000061f w F .text 0000000000000111 bdb_rsa4096_verify
...

This happens regardless whether the symbol is referenced or not;
or whether the object defining the symbol appears earlier than the
reference or not.

BUG=none
BRANCH=none
TEST=make runtests

Change-Id: Ib53a9010f2afdc2ba59369fb145aef4381db30d3
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/387905
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2016-09-26 11:59:18 -07:00
Randall Spangler
1589f94dc1 Fix coverity warnings in firmware 
Assorted minor code issues, which we should fix so any new errors stand
out more.

BUG=chromium:643769
BRANCH=none
TEST=make runtests

Change-Id: I84182df0d0e222f4f60206c621ec62e1ee283adb
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/380697
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
 2016-09-06 22:02:13 -07:00
Daisuke Nojiri
d5820a79fc bdb: Add nvmrw_get and nvmrw_set 
These internal APIs are used to get and set values in NVM-RW variables.

BUG=chrome-os-partner:51907
BRANCH=tot
TEST=make runtests

Change-Id: Ibae1836cb569fe89dd2c8249f76c66b78b1c2cf4
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/356691
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2016-07-11 14:43:59 -07:00
Daisuke Nojiri
7fbebd98be bdb: Add secrets library 
The secrets library clears, extends, and derives secrets which are used
by vboot SoC.

BUG=chrome-os-partner:51907
BRANCH=tot
TEST=make runtests

Change-Id: I38c93fd450364792cebc942694f848e10d0e9502
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/349252
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2016-06-23 15:15:12 -07:00
Daisuke Nojiri
7931177cc3 bdb: Add vba_update_buc 
vba_update_buc writes a BUC (boot unlock code) to NVM-RW. It will be called
by AP-RW to update a BUC.

BUG=chrome-os-partner:51907
BRANCH=tot
TEST=make runtests

Change-Id: Ic91f34b60b11ebce948bce01993ddb44519a59b8
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/346233
 2016-06-22 20:01:58 -07:00
Daisuke Nojiri
6b5c4e961f bdb: Add NVM library 
This patch adds NVM library, which verifies, updates, and syncs NVM-RW of
vboot SoC.

BUG=chrome-os-partner:51907
BRANCH=tot
TEST=make runtests

Change-Id: I5adc399f9e582bd9ea7d9ee73482ed9a924837e0
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/343121
Reviewed-by: Daisuke Nojiri <dnojiri@google.com>
 2016-05-20 20:49:34 -07:00
Daisuke Nojiri
85dbb34420 bdb: Add vba_bdb_init 
vba_bdb_init initializes the vboot context and decides what to do next
based on the vboot register content. Possible actions are:
1. proceed to verify the current slot
2. reset to try the other slot
3. reset to recovery mode

bdb_sprw_test demonstrates these actions.

BUG=chrome-os-partner:51907
BRANCH=tot
TEST=make runtests

Change-Id: If72cdd575d09b9162a871f088064ca853b7fd74d
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/342604
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2016-05-07 03:32:47 -07:00
Daisuke Nojiri
8917b808ce bdb: Add vboot_register.h 
vboot_register.h lists definitions for vboot registers. Vboot registers
are used to transfer information between modules (coreboot & depthcharge)
or boots.

BUG=chrome-os-partner:51907
BRANCH=tot
TEST=make runtests

Change-Id: Ie0876fefb43d3e79a8f96e8f25f99f798892a056
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/342603
 2016-05-07 03:32:46 -07:00
Daisuke Nojiri
8fc5916c7f bdb: Rename subkey to datakey 
This patch replaces subkey with datakey to make name use consistent
with the design document.

BUG=chrome-os-partner:51908
BRANCH=tot
TEST=make runtests

Change-Id: I3690abd51e6c18c5a1094a8449f375d803c7e0b2
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/342199
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2016-05-04 11:34:09 -07:00
Daisuke Nojiri
edc3c8e440 bdb: Replace sha functions with vb2 library 
BDB has its own implementation of SHA256. This patch replaces it with
the one implemented in vb2 library.

BUG=chrome-os-partner:51908
BRANCH=tot
TEST=build runtests

Change-Id: Ida19dd49153a038fc2b2ce481cedf828818aaeaa
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/342121
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2016-05-04 11:34:08 -07:00
Daisuke Nojiri
ef4ae8953c bdb: Copy files from bdb to firmware/bdb 
Test files are copied to tests/ and the rest are copied to firmware/bdb/.

BUG=chrome-os-partner:51908
BRANCH=tot
TEST=make runtests

Change-Id: I19f66c398e69037f00812a789854340a9690fef5
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/342090
Reviewed-by: Randall Spangler <rspangler@chromium.org>
 2016-05-04 11:34:08 -07:00