mirror of
https://github.com/Telecominfraproject/OpenCellular.git
synced 2025-11-26 19:25:02 +00:00
475bf447cc
BUG=chromium-os:4521
TEST=manual
This patch set adds two e820 memory map entries to kernel's zeropage to
trick kernel into booting; otherwise kernel will choke on missing e820
memory map.
The added e820 memory map entries should let kernel boot and should not
make the memory map differ from that without the added entries.
Test Procedure:
1. Boot your test machine and save dmesg output, referred to as LOG1.
2. Apply the following one-line patch and then compile and install
kernel.
3. Apply this patch set and re-build zeropage on kernel partition.
4. Boot the test machine and save dmesg output, referred to as LOG2.
LOG1 would contain the following messages (the exactly addresses of
memory map should differ slightly).
...
[ 0.000000] BIOS-provided physical RAM map:
[ 0.000000] bootconsole [earlyser0] enabled
...
[ 0.000000] modified physical RAM map:
[ 0.000000] modified: 0000000000000000 - 0000000000002000 (usable)
[ 0.000000] modified: 0000000000002000 - 0000000000006000 (reserved)
[ 0.000000] modified: 0000000000006000 - 000000000008f000 (usable)
[ 0.000000] modified: 000000000008f000 - 0000000000090000 (ACPI NVS)
[ 0.000000] modified: 0000000000090000 - 00000000000a0000 (usable)
[ 0.000000] modified: 0000000000100000 - 0000000000f00000 (usable)
[ 0.000000] modified: 0000000001000000 - 000000003f33f000 (usable)
[ 0.000000] modified: 000000003f33f000 - 000000003f4bf000 (reserved)
[ 0.000000] modified: 000000003f4bf000 - 000000003f5bf000 (ACPI NVS)
[ 0.000000] modified: 000000003f5bf000 - 000000003f5f7000 (ACPI data)
[ 0.000000] modified: 000000003f5f7000 - 000000003f600000 (usable)
[ 0.000000] modified: 00000000fed1c000 - 00000000fed20000 (reserved)
[ 0.000000] modified: 00000000ffc00000 - 0000000100000000 (reserved)
LOG2 would contain the following messages (the exactly addresses of
memory map should differ slightly).
...
[ 0.000000] BIOS-provided physical RAM map:
[ 0.000000] BIOS-e820: 0000000000000000 - 0000000000001000 (usable)
[ 0.000000] BIOS-e820: 00000000fffff000 - 0000000100000000 (reserved)
[ 0.000000] bootconsole [earlyser0] enabled
...
[ 0.000000] modified physical RAM map:
[ 0.000000] modified: 0000000000000000 - 0000000000002000 (usable)
[ 0.000000] modified: 0000000000002000 - 0000000000006000 (reserved)
[ 0.000000] modified: 0000000000006000 - 000000000008f000 (usable)
[ 0.000000] modified: 000000000008f000 - 0000000000090000 (ACPI NVS)
[ 0.000000] modified: 0000000000090000 - 00000000000a0000 (usable)
[ 0.000000] modified: 0000000000100000 - 0000000000f00000 (usable)
[ 0.000000] modified: 0000000001000000 - 000000003f33f000 (usable)
[ 0.000000] modified: 000000003f33f000 - 000000003f4bf000 (reserved)
[ 0.000000] modified: 000000003f4bf000 - 000000003f5bf000 (ACPI NVS)
[ 0.000000] modified: 000000003f5bf000 - 000000003f5f7000 (ACPI data)
[ 0.000000] modified: 000000003f5f7000 - 000000003f600000 (usable)
[ 0.000000] modified: 00000000fed1c000 - 00000000fed20000 (reserved)
[ 0.000000] modified: 00000000ffc00000 - 0000000100000000 (reserved)
Test result:
1. Compare the first paragraph of excerpts from LOG1 and LOG2:
This shows that the fake e820 memory map entries are successfully
added.
2. Compare the second paragraphs of excerpts from LOG1 and LOG2:
This shows that the added entries do not modify the memory map.
diff --git a/arch/x86/kernel/e820.c b/arch/x86/kernel/e820.c
index 49706d0..c9075ee 100644
--- a/arch/x86/kernel/e820.c
+++ b/arch/x86/kernel/e820.c
@@ -425,7 +425,7 @@ static int __init append_e820_map(struct e820entry
*biosmap, int nr_map)
{
/* Only one memory region (or negative)? Ignore it */
if (nr_map < 2)
- return no_e820_map_return();
+ return -1;
return __append_e820_map(biosmap, nr_map);
}
Review URL: http://codereview.chromium.org/3176019
This directory contains a reference implementation for Chrome OS
verified boot in firmware.
----------
Directory Structure
----------
The source is organized into distinct modules -
firmware/ - Contains ONLY the code required by the BIOS to validate
the secure boot components. There shouldn't be any code in here that
signs or generates images. BIOS should require ONLY this directory to
implement secure boot. Refer to firmware/README for futher details.
cgpt/ - Utility to read/write/modify GPT partitions. Much like the
gpt tool, but with support for Chrome OS extensiosn.
host/ - Miscellaneous functions used by userland utilities.
utility/ - Utilities for generating and verifying signed
firmware and kernel images, as well as arbitrary blobs.
tests/ - User-land tests and benchmarks that test the reference
implementation. Please have a look at these if you'd like to
understand how to use the reference implementation.
build/ - a directory where the generated files go to.
--------------------
Building and testing
--------------------
The suite can be built on the host or in the chroot environment.
Building on the host could fail if certain packages are not installed. If
there are host environment build problems due to missing .h files, try
researching what packages the files belong to and install the missing packages
before reporting a problem.
To build the software run
make
in the top level directory. The build output is placed in the ./build
directory.
To run the tests either invoke
RUNTESTS=1 make
in the top level directory or
cd tests
BUILD=../build make runtests
----------
Some useful utilities:
----------
vbutil_key Convert a public key into .vbpubk format
vbutil_keyblock Wrap a public key inside a signature and checksum
vbutil_firmware Create a .vblock with signature info for a
firmware image
vbutil_kernel Pack a kernel image, bootloader, and config into
a signed binary
dumpRSAPublicKey Dump RSA Public key (from a DER-encoded X509
certificate) in a format suitable for
use by RSAVerify* functions in
crypto/.
verify_data.c Verify a given signature on a given file.
----------
Generating a signed firmware image:
----------
* Step 1: Generate RSA root and signing keys.
# Root key is always 8192 bits.
$ openssl genrsa -F4 -out root_key.pem 8192
# Signing key can be between 1024-8192 bits.
$ openssl genrsa -F4 -out signing_key.pem <1024|2048|4096|8192>
Note: The -F4 option must be specified to generate RSA keys with
a public exponent of 65535. RSA keys with 3 as a public
exponent (the default) won't work.
* Step 2: Generate pre-processed public versions of the above keys using
utility/dumpRSAPublicKey
# dumpRSAPublicKey expects an x509 certificate as input.
$ openssl req -batch -new -x509 -key root_key.pem -out root_key.crt
$ openssl req -batch -new -x509 -key signing_key.pem -out signing_key.crt
$ utility/dumpRSAPublicKey root_key.crt > root_key.keyb
$ utility/dumpRSAPublicKey signing_key.crt > signing_key.keyb
************** TODO: STUFF PAST HERE IS OUT OF DATE ***************
At this point we have all the requisite keys needed to generate a signed
firmware image.
.pem RSA Public/Private Key Pair
.crt X509 Key Certificate
.keyb Pre-processed RSA Public Key
* Step 3: Use utility/firmware_utility to generate a signed firmare blob.
$ utility/firmware_utility --generate \
--root_key root_key.pem \
--firmware_sign_key signing_key.pem \
--firmware_sign_key_pub signing_key.keyb \
--firmware_sign_algorithm <algoid> \
--firmware_key_version 1 \
--firmware_version 1 \
--in <firmware blob file> \
--out <output file>
Where <algoid> is based on the signature algorithm to use for firmware
signining. The list of <algoid> specifications can be output by running
'utility/firmware_utility' without any arguments.
Note: --firmware_key_version and --firmware_version are part of a signed
image and are used to prevent rollbacks to older version. For testing,
they can just be set valid values.
* Step 4: Verify that this image verifies.
$ utility/firmware_utility --verify \
--in <signed firmware image>
--root_key_pub root_key.keyb
Verification SUCCESS.
Note: The verification functions expects a pointer to the
pre-processed public root key as input. For testing purposes,
root_key.keyb can be stored in RW part of the firmware. For the
final firmware, this will be a fixed public key which cannot be
changed and must be stored in RO firmware.
----------
Generating a signed kernel image:
----------
The steps for generating a signed kernel image are similar to that of
a firmware image. Since verification is chained - RO firmware verifies
RW firmware which verifies the kernel, only the keys change. An additional
kernel signing key must be generated. The firmware signing generated above
is the root key equivalent for signed kernel images.