New tools to help debug vboot failures.
This adds some tools to help us figure out why a particular kernel isn't
booting. Often we suspect it's because it was signed with the wrong keys, or
has flags restricting its use to certain boot modes. This change adds some
tools to extract and display all the keys from the BIOS, and try them on the
various kernels. We also display the sha1sum of all the keys we find, to
make comparing them easier.
Change-Id: I38e447bf95cb6c3a0b87aa949611bb135f2f94b4
BUG=chromeos-partner:888
TEST=manual
To test, obtain a root shell, and run dev_debug_vboot. You should see lots
of useful information go by.
Review URL: http://codereview.chromium.org/3303018
diff --git a/host/include/host_misc.h b/host/include/host_misc.h
index abbfc0f..cbf9eaf 100644
--- a/host/include/host_misc.h
+++ b/host/include/host_misc.h
@@ -24,5 +24,7 @@
* Returns 0 if success, 1 if error. */
int WriteFile(const char* filename, const void *data, uint64_t size);
+/* Prints the sha1sum of the given VbPublicKey to stdout. */
+void PrintPubKeySha1Sum(VbPublicKey* key);
#endif /* VBOOT_REFERENCE_HOST_MISC_H_ */
diff --git a/host/lib/host_misc.c b/host/lib/host_misc.c
index d8f5297..91eaea2 100644
--- a/host/lib/host_misc.c
+++ b/host/lib/host_misc.c
@@ -66,3 +66,13 @@
fclose(f);
return 0;
}
+
+void PrintPubKeySha1Sum(VbPublicKey* key) {
+ uint8_t* buf = ((uint8_t *)key) + key->key_offset;
+ uint64_t buflen = key->key_size;
+ uint8_t* digest = DigestBuf(buf, buflen, SHA1_DIGEST_ALGORITHM);
+ int i;
+ for (i=0; i<SHA1_DIGEST_SIZE; i++)
+ printf("%02x", digest[i]);
+ Free(digest);
+}
diff --git a/utility/Makefile b/utility/Makefile
index 745cc9c..516e91a 100644
--- a/utility/Makefile
+++ b/utility/Makefile
@@ -31,7 +31,9 @@
vbutil_keyblock \
verify_data \
dev_make_keypair \
- dev_sign_file
+ dev_sign_file \
+ dump_fmap \
+ dev_debug_vboot
TARGET_BINS = $(addprefix ${BUILD_ROOT}/,$(TARGET_NAMES))
ALL_DEPS = $(addsuffix .d,${TARGET_BINS})
@@ -79,6 +81,11 @@
${BUILD_ROOT}/dev_make_keypair: dev_make_keypair
cp -f $< $@
+ chmod +x $@
+
+${BUILD_ROOT}/dev_debug_vboot: dev_debug_vboot
+ cp -f $< $@
+ chmod +x $@
${BUILD_ROOT}/tpmc: tpmc.c $(LIBS)
$(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS)
@@ -86,6 +93,9 @@
${BUILD_ROOT}/dev_sign_file: dev_sign_file.c $(LIBS)
$(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) -lcrypto
+${BUILD_ROOT}/dump_fmap: dump_fmap.c
+ $(CC) $(CFLAGS) $< -o $@
+
install: $(TARGET_BINS)
mkdir -p $(DESTDIR)
cp -f $(TARGET_BINS) $(DESTDIR)
diff --git a/utility/dev_debug_vboot b/utility/dev_debug_vboot
new file mode 100755
index 0000000..424e9e4
--- /dev/null
+++ b/utility/dev_debug_vboot
@@ -0,0 +1,67 @@
+#!/bin/sh
+# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+#
+
+TMPDIR=/tmp/debug_vboot
+BIOS=bios.rom
+# FIXME: support ARM
+HD_KERN_A=/dev/sda2
+HD_KERN_B=/dev/sda4
+tmp=$(rootdev -s -d)2
+if [ "$tmp" != "$HD_KERN_A" ]; then
+ USB_KERN_A="$tmp"
+fi
+
+
+[ -d ${TMPDIR} ] || mkdir -p ${TMPDIR}
+cd ${TMPDIR}
+
+echo "INFO: extracting BIOS image from flash"
+flashrom -r ${BIOS}
+
+echo "INFO: extracting kernel images from drives"
+dd if=${HD_KERN_A} of=hd_kern_a.blob
+dd if=${HD_KERN_B} of=hd_kern_b.blob
+if [ -n "$USB_KERN_A" ]; then
+ dd if=${USB_KERN_A} of=usb_kern_a.blob
+fi
+
+echo "INFO: extracting BIOS components"
+dump_fmap -x ${BIOS} || echo "FAILED"
+
+echo "INFO: pulling root and recovery keys from GBB"
+gbb_utility -g --rootkey rootkey.vbpubk --recoverykey recoverykey.vbpubk \
+ GBB_Area || echo "FAILED"
+echo "INFO: display root key"
+vbutil_key --unpack rootkey.vbpubk
+echo "INFO: display recovery key"
+vbutil_key --unpack recoverykey.vbpubk
+
+echo "TEST: verify firmware A with root key"
+vbutil_firmware --verify Firmware_A_Key --signpubkey rootkey.vbpubk \
+ --fv Firmware_A_Data --kernelkey kernel_subkey_a.vbpubk || echo "FAILED"
+echo "TEST: verify firmware B with root key"
+vbutil_firmware --verify Firmware_B_Key --signpubkey rootkey.vbpubk \
+ --fv Firmware_B_Data --kernelkey kernel_subkey_b.vbpubk || echo "FAILED"
+
+echo "TEST: verify HD kernel A with firmware A key"
+vbutil_kernel --verify hd_kern_a.blob --signpubkey kernel_subkey_a.vbpubk \
+ || echo "FAILED"
+echo "TEST: verify HD kernel B with firmware A key"
+vbutil_kernel --verify hd_kern_b.blob --signpubkey kernel_subkey_a.vbpubk \
+ || echo "FAILED"
+
+echo "TEST: verify HD kernel A with firmware B key"
+vbutil_kernel --verify hd_kern_a.blob --signpubkey kernel_subkey_b.vbpubk \
+ || echo "FAILED"
+echo "TEST: verify HD kernel B with firmware B key"
+vbutil_kernel --verify hd_kern_b.blob --signpubkey kernel_subkey_b.vbpubk \
+ || echo "FAILED"
+
+if [ -n "$USB_KERN_A" ]; then
+ echo "TEST: verify USB kernel A with recovery key"
+ vbutil_kernel --verify usb_kern_a.blob --signpubkey recoverykey.vbpubk \
+ || echo "FAILED"
+fi
diff --git a/utility/dump_fmap.c b/utility/dump_fmap.c
new file mode 100644
index 0000000..a0d24de
--- /dev/null
+++ b/utility/dump_fmap.c
@@ -0,0 +1,192 @@
+/*
+ * Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+#include <errno.h>
+#include <fcntl.h>
+#include <inttypes.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/mman.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+/* global variables */
+static int opt_extract = 0;
+static char *progname;
+static void *base_of_rom;
+
+/* FMAP structs. See http://code.google.com/p/flashmap/wiki/FmapSpec */
+#define FMAP_SIGLEN 8
+#define FMAP_NAMELEN 32
+#define FMAP_SEARCH_STRIDE 4
+typedef struct _FmapHeader {
+ char fmap_signature[FMAP_SIGLEN]; /* avoiding endian issues */
+ uint8_t fmap_ver_major;
+ uint8_t fmap_ver_minor;
+ uint64_t fmap_base;
+ uint32_t fmap_size;
+ char fmap_name[FMAP_NAMELEN];
+ uint16_t fmap_nareas;
+} __attribute__((packed)) FmapHeader;
+
+typedef struct _AreaHeader {
+ uint32_t area_offset;
+ uint32_t area_size;
+ char area_name[FMAP_NAMELEN];
+ uint16_t area_flags;
+} __attribute__((packed)) AreaHeader;
+
+
+/* Return 0 if successful */
+static int dump_fmap(void *ptr) {
+ int i,retval = 0;
+ char buf[80]; // DWR: magic number
+ FmapHeader *fmh = (FmapHeader *)ptr;
+ AreaHeader *ah = (AreaHeader *)(ptr + sizeof(FmapHeader));
+
+ snprintf(buf, FMAP_SIGLEN+1, "%s", fmh->fmap_signature);
+ printf("fmap_signature %s\n", buf);
+ printf("fmap_version: %d.%d\n", fmh->fmap_ver_major, fmh->fmap_ver_minor);
+ printf("fmap_base: 0x%" PRIx64 "\n", fmh->fmap_base);
+ printf("fmap_size: 0x%08x (%d)\n", fmh->fmap_size, fmh->fmap_size);
+ snprintf(buf, FMAP_NAMELEN+1, "%s", fmh->fmap_name);
+ printf("fmap_name: %s\n", buf);
+ printf("fmap_nareas: %d\n", fmh->fmap_nareas);
+
+ for (i=0; i<fmh->fmap_nareas; i++) {
+ printf("area: %d\n", i+1);
+ printf("area_offset: 0x%08x\n", ah->area_offset);
+ printf("area_size: 0x%08x (%d)\n", ah->area_size, ah->area_size);
+ snprintf(buf, FMAP_NAMELEN+1, "%s", ah->area_name);
+ printf("area_name: %s\n", buf);
+
+ if (opt_extract) {
+ char *s;
+ for (s=buf; *s; s++)
+ if (*s == ' ')
+ *s = '_';
+ FILE *fp = fopen(buf,"wb");
+ if (!fp) {
+ fprintf(stderr, "%s: can't open %s: %s\n",
+ progname, buf, strerror(errno));
+ retval = 1;
+ } else {
+ if (1 != fwrite(base_of_rom + ah->area_offset, ah->area_size, 1, fp)) {
+ fprintf(stderr, "%s: can't write %s: %s\n",
+ progname, buf, strerror(errno));
+ retval = 1;
+ } else {
+ printf("saved as \"%s\"\n", buf);
+ }
+ fclose(fp);
+ }
+ }
+
+ ah++;
+ }
+
+ return retval;
+}
+
+
+int main(int argc, char *argv[]) {
+ int c;
+ int errorcnt = 0;
+ struct stat sb;
+ int fd;
+ char *s;
+ size_t i;
+ int retval = 1;
+
+ progname = strrchr(argv[0], '/');
+ if (progname)
+ progname++;
+ else
+ progname = argv[0];
+
+ opterr = 0; /* quiet, you */
+ while ((c=getopt(argc, argv, ":x")) != -1) {
+ switch (c)
+ {
+ case 'x':
+ opt_extract = 1;
+ break;
+ case '?':
+ fprintf(stderr, "%s: unrecognized switch: -%c\n",
+ progname, optopt);
+ errorcnt++;
+ break;
+ case ':':
+ fprintf(stderr, "%s: missing argument to -%c\n",
+ progname, optopt);
+ errorcnt++;
+ break;
+ default:
+ errorcnt++;
+ break;
+ }
+ }
+
+ if (errorcnt || optind >= argc) {
+ fprintf(stderr,
+ "\nUsage: %s [-x] FLASHIMAGE\n\n"
+ "Display (and extract with -x) the FMAP components from a BIOS image"
+ "\n\n",
+ progname);
+ return 1;
+ }
+
+ if (0 != stat(argv[optind], &sb)) {
+ fprintf(stderr, "%s: can't stat %s: %s\n",
+ progname,
+ argv[optind],
+ strerror(errno));
+ return 1;
+ }
+
+ fd = open(argv[optind], O_RDONLY);
+ if (fd < 0) {
+ fprintf(stderr, "%s: can't open %s: %s\n",
+ progname,
+ argv[optind],
+ strerror(errno));
+ return 1;
+ }
+ printf("opened %s\n", argv[optind]);
+
+ base_of_rom = mmap(0, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
+ if (base_of_rom == (char *)-1) {
+ fprintf(stderr, "%s: can't mmap %s: %s\n",
+ progname,
+ argv[optind],
+ strerror(errno));
+ close(fd);
+ return 1;
+ }
+ close(fd); /* done with this now */
+
+ s = (char *)base_of_rom;
+ for (i=0; i<sb.st_size; i += FMAP_SEARCH_STRIDE) {
+ if (0 == strncmp(s, "__FMAP__", 8)) {
+ printf("hit at 0x%08x\n", (uint32_t)i);
+ retval = dump_fmap(s);
+ break;
+ }
+ s++;
+ }
+
+ if (0 != munmap(base_of_rom, sb.st_size)) {
+ fprintf(stderr, "%s: can't munmap %s: %s\n",
+ progname,
+ argv[optind],
+ strerror(errno));
+ return 1;
+ }
+
+ return retval;
+}
diff --git a/utility/vbutil_firmware.c b/utility/vbutil_firmware.c
index d58e2a3..9cff272 100644
--- a/utility/vbutil_firmware.c
+++ b/utility/vbutil_firmware.c
@@ -60,6 +60,9 @@
"For '--verify <file>', required OPTIONS are:\n"
" --signpubkey <file> Signing public key in .vbpubk format\n"
" --fv <file> Firmware volume to verify\n"
+ "\n"
+ "For '--verify <file>', optional OPTIONS are:\n"
+ " --kernelkey <file> Write the kernel subkey to this file\n"
"");
return 1;
}
@@ -157,14 +160,14 @@
return 0;
}
-
static int Verify(const char* infile, const char* signpubkey,
- const char* fv_file) {
+ const char* fv_file, const char* kernelkey_file) {
VbKeyBlockHeader* key_block;
VbFirmwarePreambleHeader* preamble;
VbPublicKey* data_key;
VbPublicKey* sign_key;
+ VbPublicKey* kernel_subkey;
RSAPublicKey* rsa;
uint8_t* blob;
uint64_t blob_size;
@@ -210,11 +213,15 @@
printf("Key block:\n");
data_key = &key_block->data_key;
printf(" Size: %" PRIu64 "\n", key_block->key_block_size);
+ printf(" Flags: %" PRIu64 " (ignored)\n",
+ key_block->key_block_flags);
printf(" Data key algorithm: %" PRIu64 " %s\n", data_key->algorithm,
(data_key->algorithm < kNumAlgorithms ?
algo_strings[data_key->algorithm] : "(invalid)"));
printf(" Data key version: %" PRIu64 "\n", data_key->key_version);
- printf(" Flags: %" PRIu64 "\n", key_block->key_block_flags);
+ printf(" Data key sha1sum: ");
+ PrintPubKeySha1Sum(data_key);
+ printf("\n");
rsa = PublicKeyToRSA(&key_block->data_key);
if (!rsa) {
@@ -235,12 +242,16 @@
printf(" Header version: %" PRIu32 ".%" PRIu32"\n",
preamble->header_version_major, preamble->header_version_minor);
printf(" Firmware version: %" PRIu64 "\n", preamble->firmware_version);
+ kernel_subkey = &preamble->kernel_subkey;
printf(" Kernel key algorithm: %" PRIu64 " %s\n",
- preamble->kernel_subkey.algorithm,
- (preamble->kernel_subkey.algorithm < kNumAlgorithms ?
- algo_strings[preamble->kernel_subkey.algorithm] : "(invalid)"));
+ kernel_subkey->algorithm,
+ (kernel_subkey->algorithm < kNumAlgorithms ?
+ algo_strings[kernel_subkey->algorithm] : "(invalid)"));
printf(" Kernel key version: %" PRIu64 "\n",
- preamble->kernel_subkey.key_version);
+ kernel_subkey->key_version);
+ printf(" Kernel key sha1sum: ");
+ PrintPubKeySha1Sum(kernel_subkey);
+ printf("\n");
printf(" Firmware body size: %" PRIu64 "\n",
preamble->body_signature.data_size);
@@ -252,6 +263,15 @@
return 1;
}
printf("Body verification succeeded.\n");
+
+ if (kernelkey_file) {
+ if (0 != PublicKeyWrite(kernelkey_file, kernel_subkey)) {
+ fprintf(stderr,
+ "vbutil_firmware: unable to write kernel subkey\n");
+ return 1;
+ }
+ }
+
return 0;
}
@@ -322,7 +342,7 @@
return Vblock(filename, key_block_file, signprivate, version, fv_file,
kernelkey_file);
case OPT_MODE_VERIFY:
- return Verify(filename, signpubkey, fv_file);
+ return Verify(filename, signpubkey, fv_file, kernelkey_file);
default:
printf("Must specify a mode.\n");
return PrintHelp();
diff --git a/utility/vbutil_kernel.c b/utility/vbutil_kernel.c
index 8019719..acf156f 100644
--- a/utility/vbutil_kernel.c
+++ b/utility/vbutil_kernel.c
@@ -661,11 +661,23 @@
if (verbose)
printf(" Signature: %s\n", sign_key ? "valid" : "ignored");
printf(" Size: 0x%" PRIx64 "\n", key_block->key_block_size);
+ printf(" Flags: %" PRIu64 " ", key_block->key_block_flags);
+ if (key_block->key_block_flags & KEY_BLOCK_FLAG_DEVELOPER_0)
+ printf(" !DEV");
+ if (key_block->key_block_flags & KEY_BLOCK_FLAG_DEVELOPER_1)
+ printf(" DEV");
+ if (key_block->key_block_flags & KEY_BLOCK_FLAG_RECOVERY_0)
+ printf(" !REC");
+ if (key_block->key_block_flags & KEY_BLOCK_FLAG_RECOVERY_1)
+ printf(" REC");
+ printf("\n");
printf(" Data key algorithm: %" PRIu64 " %s\n", data_key->algorithm,
(data_key->algorithm < kNumAlgorithms ?
algo_strings[data_key->algorithm] : "(invalid)"));
printf(" Data key version: %" PRIu64 "\n", data_key->key_version);
- printf(" Flags: %" PRIu64 "\n", key_block->key_block_flags);
+ printf(" Data key sha1sum: ");
+ PrintPubKeySha1Sum(data_key);
+ printf("\n");
rsa = PublicKeyToRSA(&key_block->data_key);
if (!rsa) {
diff --git a/utility/vbutil_key.c b/utility/vbutil_key.c
index c076bff..38d9000 100644
--- a/utility/vbutil_key.c
+++ b/utility/vbutil_key.c
@@ -108,15 +108,6 @@
}
-static void PrintDigest(const uint8_t* buf, uint64_t buflen) {
- uint8_t *digest = DigestBuf(buf, buflen, SHA1_DIGEST_ALGORITHM);
- int i;
- for (i=0; i<SHA1_DIGEST_SIZE; i++)
- printf("%02x", digest[i]);
- printf("\n");
- Free(digest);
-}
-
/* Unpack a .vbpubk or .vbprivk */
static int Unpack(const char *infile, const char *outfile) {
VbPublicKey* pubkey;
@@ -134,7 +125,8 @@
algo_strings[pubkey->algorithm] : "(invalid)"));
printf("Key Version: %" PRIu64 "\n", pubkey->key_version);
printf("Key sha1sum: ");
- PrintDigest(((uint8_t *)pubkey) + pubkey->key_offset, pubkey->key_size);
+ PrintPubKeySha1Sum(pubkey);
+ printf("\n");
if (outfile) {
if (0 != PublicKeyWrite(outfile, pubkey)) {
fprintf(stderr, "vbutil_key: Error writing key copy.\n");
@@ -146,7 +138,6 @@
return 0;
}
-
if ((privkey = PrivateKeyRead(infile))) {
printf("Private Key file: %s\n", infile);
printf("Algorithm: %" PRIu64 " %s\n", privkey->algorithm,
diff --git a/utility/vbutil_keyblock.c b/utility/vbutil_keyblock.c
index 7d5b7c1..ff1b44b 100644
--- a/utility/vbutil_keyblock.c
+++ b/utility/vbutil_keyblock.c
@@ -152,12 +152,24 @@
printf("Key block file: %s\n", infile);
printf("Flags: %" PRIu64 "\n", block->key_block_flags);
+ if (block->key_block_flags & KEY_BLOCK_FLAG_DEVELOPER_0)
+ printf(" !DEV");
+ if (block->key_block_flags & KEY_BLOCK_FLAG_DEVELOPER_1)
+ printf(" DEV");
+ if (block->key_block_flags & KEY_BLOCK_FLAG_RECOVERY_0)
+ printf(" !REC");
+ if (block->key_block_flags & KEY_BLOCK_FLAG_RECOVERY_1)
+ printf(" REC");
+ printf("\n");
data_key = &block->data_key;
printf("Data key algorithm: %" PRIu64 " %s\n", data_key->algorithm,
(data_key->algorithm < kNumAlgorithms ?
algo_strings[data_key->algorithm] : "(invalid)"));
printf("Data key version: %" PRIu64 "\n", data_key->key_version);
+ printf("Data key sha1sum: ");
+ PrintPubKeySha1Sum(data_key);
+ printf("\n");
if (datapubkey) {
if (0 != PublicKeyWrite(datapubkey, data_key)) {