diff options
author | Wim Vervoorn <wvervoorn@eltan.com> | 2020-01-27 15:47:44 +0100 |
---|---|---|
committer | Patrick Georgi <pgeorgi@google.com> | 2020-02-05 09:31:42 +0000 |
commit | 821004776ffbf2a7d0bc321bdf094cff13dfcc09 (patch) | |
tree | cf6eae2211d599533a35147a713a446b6d4b8bd8 /src/vendorcode/eltan/security/verified_boot | |
parent | 7a4983d1d2731cf3ea82016b6b8009668c1fc3f2 (diff) | |
download | coreboot-821004776ffbf2a7d0bc321bdf094cff13dfcc09.tar.xz |
vendorcode/eltan/security: Switch to vb2 vboot library
The eltan verified_boot is using the vboot 2.1 data structures and code,
as well as the fwlib21 build target, they are all deprecated. Refer to
CB:37654 for more information.
The verified_boot code is updated to use the vb2 structures and code and
make sure only public functions are used.
BUG=N/A
TEST=build
Change-Id: I1e1a7bce6110fe35221a4d7a47c1eb7c7074c318
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38590
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
Diffstat (limited to 'src/vendorcode/eltan/security/verified_boot')
4 files changed, 56 insertions, 40 deletions
diff --git a/src/vendorcode/eltan/security/verified_boot/Kconfig b/src/vendorcode/eltan/security/verified_boot/Kconfig index ab254c48d9..d6ff541744 100644 --- a/src/vendorcode/eltan/security/verified_boot/Kconfig +++ b/src/vendorcode/eltan/security/verified_boot/Kconfig @@ -18,6 +18,7 @@ config VENDORCODE_ELTAN_VBOOT bool "Enable Verified Boot" depends on !VBOOT default n + select VBOOT_LIB config VENDORCODE_ELTAN_VBOOT_SIGNED_MANIFEST bool "Enable Signed Manifest" @@ -57,11 +58,10 @@ config VENDORCODE_ELTAN_VBOOT_KEY_LOCATION config VENDORCODE_ELTAN_VBOOT_KEY_FILE string "Verified boot Key File" depends on VENDORCODE_ELTAN_VBOOT_SIGNED_MANIFEST - default "3rdparty/eltan/verified_boot/Keys/key.vbpubk2" + default "3rdparty/eltan/verified_boot/Keys/key.vbpubk" config VENDORCODE_ELTAN_VBOOT_KEY_SIZE int - default 610 if VENDORCODE_ELTAN_VBOOT_USE_SHA512 - default 576 + default 552 endmenu # Verified Boot (verified_boot) diff --git a/src/vendorcode/eltan/security/verified_boot/Makefile.inc b/src/vendorcode/eltan/security/verified_boot/Makefile.inc index 97d8f81c91..827535b963 100644 --- a/src/vendorcode/eltan/security/verified_boot/Makefile.inc +++ b/src/vendorcode/eltan/security/verified_boot/Makefile.inc @@ -17,6 +17,7 @@ ifneq ($(filter y,$(CONFIG_VENDORCODE_ELTAN_VBOOT) $(CONFIG_VENDORCODE_ELTAN_MBO CPPFLAGS_common += -I$(src)/security/vboot +bootblock-y += ../../../../security/vboot/vboot_logic.c bootblock-y += vboot_check.c postcar-y += vboot_check.c romstage-y += vboot_check.c diff --git a/src/vendorcode/eltan/security/verified_boot/vboot_check.c b/src/vendorcode/eltan/security/verified_boot/vboot_check.c index 461a847b71..2edd8f9a74 100644 --- a/src/vendorcode/eltan/security/verified_boot/vboot_check.c +++ b/src/vendorcode/eltan/security/verified_boot/vboot_check.c @@ -13,6 +13,9 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. */ + +#define NEED_VB20_INTERNALS + #include <boot_device.h> #include <bootmem.h> #include <cbfs.h> @@ -32,12 +35,17 @@ int verified_boot_check_manifest(void) { uint8_t *buffer; - uint8_t sig_buffer[1024]; /* used to build vb21_signature */ - size_t size = 0; - struct vb2_public_key key; - struct vb2_workbuf wb; - struct vb21_signature *vb2_sig_hdr = (struct vb21_signature *)sig_buffer; - uint8_t wb_buffer[1024]; + struct vb2_context *ctx; + struct vb2_kernel_preamble *pre; + static struct vb2_shared_data *sd; + size_t size; + uint8_t wb_buffer[2800]; + + if (vb2api_init(&wb_buffer, sizeof(wb_buffer), &ctx)) { + goto fail; + } + + sd = vb2_get_sd(ctx); buffer = cbfs_boot_map_with_leak(RSA_PUBLICKEY_FILE_NAME, CBFS_TYPE_RAW, &size); if (!buffer || !size) { @@ -46,48 +54,61 @@ int verified_boot_check_manifest(void) } if ((size != CONFIG_VENDORCODE_ELTAN_VBOOT_KEY_SIZE) || - (buffer != (void *)CONFIG_VENDORCODE_ELTAN_VBOOT_KEY_LOCATION)) { + (buffer != (void *)CONFIG_VENDORCODE_ELTAN_VBOOT_KEY_LOCATION)) { printk(BIOS_ERR, "ERROR: Illegal public key!\n"); goto fail; } - if (vb21_unpack_key(&key, buffer, size)) { - printk(BIOS_ERR, "ERROR: Invalid public key!\n"); + /* + * Check if all items will fit into workbuffer: + * vb2_shared data, Public Key, Preamble data + */ + if ((sd->workbuf_used + size + sizeof(struct vb2_kernel_preamble) + + ((CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_ITEMS * DIGEST_SIZE) + (2048/8))) > + sizeof(wb_buffer)) { + printk(BIOS_ERR, "ERROR: Work buffer too small\n"); goto fail; } + /* Add public key */ + sd->data_key_offset = sd->workbuf_used; + sd->data_key_size = size; + sd->workbuf_used += sd->data_key_size; + memcpy((void *)((void *)sd + (long)sd->data_key_offset), (uint8_t *)buffer, size); + + /* Fill preamble area */ + sd->preamble_size = sizeof(struct vb2_kernel_preamble); + sd->preamble_offset = sd->data_key_offset + sd->data_key_size; + sd->workbuf_used += sd->preamble_size; + pre = (struct vb2_kernel_preamble *)((void *)sd + (long)sd->preamble_offset); + + pre->flags = VB2_FIRMWARE_PREAMBLE_DISALLOW_HWCRYPTO; + + /* Fill body_signature (vb2_structure). RSA2048 key is used */ cbfs_boot_map_with_leak("oemmanifest.bin", CBFS_TYPE_RAW, &size); - if (size != (CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_ITEMS * DIGEST_SIZE) + - vb2_rsa_sig_size(VB2_SIG_RSA2048)) { + if (size != ((CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_ITEMS * DIGEST_SIZE) + (2048/8))) { printk(BIOS_ERR, "ERROR: Incorrect manifest size!\n"); goto fail; } - - /* prepare work buffer structure */ - wb.buf = (uint8_t *)&wb_buffer; - wb.size = sizeof(wb_buffer); - - /* Build vb2_sig_hdr buffer */ - vb2_sig_hdr->sig_offset = sizeof(struct vb21_signature) + - (CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_ITEMS * DIGEST_SIZE); - vb2_sig_hdr->sig_alg = VB2_SIG_RSA2048; - vb2_sig_hdr->sig_size = vb2_rsa_sig_size(VB2_SIG_RSA2048); - vb2_sig_hdr->hash_alg = HASH_ALG; - vb2_sig_hdr->data_size = CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_ITEMS * DIGEST_SIZE; - memcpy(&sig_buffer[sizeof(struct vb21_signature)], + pre->body_signature.data_size = CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_ITEMS * + DIGEST_SIZE; + pre->body_signature.sig_offset = sizeof(struct vb2_signature) + + pre->body_signature.data_size; + pre->body_signature.sig_size = size - pre->body_signature.data_size; + sd->workbuf_used += size; + memcpy((void *)((void *)&pre->body_signature + (long)sizeof(struct vb2_signature)), (uint8_t *)CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_LOC, size); - if (vb21_verify_data(&sig_buffer[sizeof(struct vb21_signature)], vb2_sig_hdr->data_size, - (struct vb21_signature *)&sig_buffer, &key, &wb)) { - printk(BIOS_ERR, "ERROR: Signature verification failed for hash table\n"); + + if (vb2api_verify_kernel_data(ctx, (void *)CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_LOC, + pre->body_signature.data_size)) goto fail; - } printk(BIOS_INFO, "%s: Successfully verified hash_table signature.\n", __func__); return 0; fail: - die("HASH table verification failed!\n"); + die("ERROR: HASH table verification failed!\n"); return -1; } @@ -131,20 +152,14 @@ static void verified_boot_check_buffer(const char *name, void *start, size_t siz uint32_t hash_index, int32_t pcr) { uint8_t digest[DIGEST_SIZE]; - int hash_algorithm; vb2_error_t status; printk(BIOS_DEBUG, "%s: %s HASH verification buffer %p size %d\n", __func__, name, start, (int)size); if (start && size) { - if (CONFIG(VENDORCODE_ELTAN_VBOOT_USE_SHA512)) - hash_algorithm = VB2_HASH_SHA512; - else - hash_algorithm = VB2_HASH_SHA256; - status = cb_sha_little_endian(hash_algorithm, (const uint8_t *)start, size, - digest); + status = vb2_digest_buffer((const uint8_t *)start, size, HASH_ALG, digest, DIGEST_SIZE); if ((CONFIG(VENDORCODE_ELTAN_VBOOT) && memcmp((void *)( (uint8_t *)CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_LOC + sizeof(digest) * hash_index), digest, sizeof(digest))) || status) { diff --git a/src/vendorcode/eltan/security/verified_boot/vboot_check.h b/src/vendorcode/eltan/security/verified_boot/vboot_check.h index bd284925ae..d4f3b5ef9c 100644 --- a/src/vendorcode/eltan/security/verified_boot/vboot_check.h +++ b/src/vendorcode/eltan/security/verified_boot/vboot_check.h @@ -23,7 +23,7 @@ #include <lib.h> #include CONFIG_VENDORCODE_ELTAN_VBOOT_MANIFEST #include <console/console.h> -#include <cb_sha.h> +#include <vb2_sha.h> #include <string.h> #include <program_loading.h> #include <mboot.h> |