Fixes to compiler warnings in MSVC

Review URL: http://codereview.chromium.org/2851015
diff --git a/firmware/include/sysincludes.h b/firmware/include/sysincludes.h
index 13c0914..b98cae0 100644
--- a/firmware/include/sysincludes.h
+++ b/firmware/include/sysincludes.h
@@ -26,6 +26,10 @@
 #include <memory.h>
 #endif
 
+/* 64-bit operations, for platforms where they need to be function calls */
+#define UINT64_RSHIFT(v, shiftby) (((uint64_t)(v)) >> (shiftby))
+#define UINT64_MULT32(v, multby)  (((uint64_t)(v)) * ((uint32_t)(multby)))
+
 #else
 #include "stub/biosincludes.h"
 #endif
diff --git a/firmware/lib/cgptlib/cgptlib.c b/firmware/lib/cgptlib/cgptlib.c
index 4d2ee6c..8b3b648 100644
--- a/firmware/lib/cgptlib/cgptlib.c
+++ b/firmware/lib/cgptlib/cgptlib.c
@@ -22,8 +22,10 @@
   gpt->current_priority = 999;
 
   retval = GptSanityCheck(gpt);
-  if (GPT_SUCCESS != retval)
+  if (GPT_SUCCESS != retval) {
+    debug("GptInit() failed sanity check\n");
     return retval;
+  }
 
   GptRepair(gpt);
   return GPT_SUCCESS;
@@ -36,7 +38,7 @@
   GptEntry* e;
   int new_kernel = CGPT_KERNEL_ENTRY_NOT_FOUND;
   int new_prio = 0;
-  int i;
+  uint32_t i;
 
   /* If we already found a kernel, continue the scan at the current
    * kernel's prioity, in case there is another kernel with the same
@@ -46,12 +48,16 @@
       e = entries + i;
       if (!IsKernelEntry(e))
         continue;
+      debug("GptNextKernelEntry looking at same prio partition %d\n", i);
+      debug("GptNextKernelEntry s%d t%d p%d\n",
+            GetEntrySuccessful(e), GetEntryTries(e), GetEntryPriority(e));
       if (!(GetEntrySuccessful(e) || GetEntryTries(e)))
         continue;
       if (GetEntryPriority(e) == gpt->current_priority) {
         gpt->current_kernel = i;
         *start_sector = e->starting_lba;
         *size = e->ending_lba - e->starting_lba + 1;
+        debug("GptNextKernelEntry likes that one\n");
         return GPT_SUCCESS;
       }
     }
@@ -63,6 +69,9 @@
     int current_prio = GetEntryPriority(e);
     if (!IsKernelEntry(e))
       continue;
+    debug("GptNextKernelEntry looking at new prio partition %d\n", i);
+    debug("GptNextKernelEntry s%d t%d p%d\n",
+          GetEntrySuccessful(e), GetEntryTries(e), GetEntryPriority(e));
     if (!(GetEntrySuccessful(e) || GetEntryTries(e)))
       continue;
     if (current_prio >= gpt->current_priority)
@@ -79,9 +88,12 @@
   gpt->current_kernel = new_kernel;
   gpt->current_priority = new_prio;
 
-  if (CGPT_KERNEL_ENTRY_NOT_FOUND == new_kernel)
+  if (CGPT_KERNEL_ENTRY_NOT_FOUND == new_kernel) {
+    debug("GptNextKernelEntry no more kernels\n");
     return GPT_ERROR_NO_VALID_KERNEL;
+  }
 
+  debug("GptNextKernelEntry likes that one\n");
   e = entries + new_kernel;
   *start_sector = e->starting_lba;
   *size = e->ending_lba - e->starting_lba + 1;
diff --git a/firmware/lib/cgptlib/cgptlib_internal.c b/firmware/lib/cgptlib/cgptlib_internal.c
index 85b4906..a436d8f 100644
--- a/firmware/lib/cgptlib/cgptlib_internal.c
+++ b/firmware/lib/cgptlib/cgptlib_internal.c
@@ -119,7 +119,7 @@
 
   GptEntry* entry;
   uint32_t crc32;
-  int i;
+  uint32_t i;
 
   /* Check CRC before examining entries. */
   crc32 = Crc32((const uint8_t *)entries,
diff --git a/firmware/lib/cryptolib/include/rsa.h b/firmware/lib/cryptolib/include/rsa.h
index 2d3ee95..b6a83a1 100644
--- a/firmware/lib/cryptolib/include/rsa.h
+++ b/firmware/lib/cryptolib/include/rsa.h
@@ -35,7 +35,7 @@
  */
 int RSAVerify(const RSAPublicKey *key,
               const uint8_t* sig,
-              const int sig_len,
+              const uint32_t sig_len,
               const uint8_t sig_type,
               const uint8_t* hash);
 
diff --git a/firmware/lib/cryptolib/rsa.c b/firmware/lib/cryptolib/rsa.c
index bfc6446..930d91b 100644
--- a/firmware/lib/cryptolib/rsa.c
+++ b/firmware/lib/cryptolib/rsa.c
@@ -14,7 +14,7 @@
 /* a[] -= mod */
 static void subM(const RSAPublicKey *key, uint32_t *a) {
   int64_t A = 0;
-  int i;
+  uint32_t i;
   for (i = 0; i < key->len; ++i) {
     A += (uint64_t)a[i] - key->n[i];
     a[i] = (uint32_t)A;
@@ -24,7 +24,7 @@
 
 /* return a[] >= mod */
 static int geM(const RSAPublicKey *key, uint32_t *a) {
-  int i;
+  uint32_t i;
   for (i = key->len; i;) {
     --i;
     if (a[i] < key->n[i]) return 0;
@@ -38,14 +38,14 @@
                        uint32_t* c,
                        const uint32_t a,
                        const uint32_t* b) {
-  uint64_t A = (uint64_t)a * b[0] + c[0];
+  uint64_t A = UINT64_MULT32(a, b[0]) + c[0];
   uint32_t d0 = (uint32_t)A * key->n0inv;
-  uint64_t B = (uint64_t)d0 * key->n[0] + (uint32_t)A;
-  int i;
+  uint64_t B = UINT64_MULT32(d0, key->n[0]) + (uint32_t)A;
+  uint32_t i;
 
   for (i = 1; i < key->len; ++i) {
-    A = (A >> 32) + (uint64_t)a * b[i] + c[i];
-    B = (B >> 32) + (uint64_t)d0 * key->n[i] + (uint32_t)A;
+    A = (A >> 32) + UINT64_MULT32(a, b[i]) + c[i];
+    B = (B >> 32) + UINT64_MULT32(d0, key->n[i]) + (uint32_t)A;
     c[i - 1] = (uint32_t)B;
   }
 
@@ -63,7 +63,7 @@
                     uint32_t* c,
                     uint32_t* a,
                     uint32_t* b) {
-  int i;
+  uint32_t i;
   for (i = 0; i < key->len; ++i) {
     c[i] = 0;
   }
@@ -85,7 +85,7 @@
   int i;
 
   /* Convert from big endian byte array to little endian word array. */
-  for (i = 0; i < key->len; ++i) {
+  for (i = 0; i < (int)key->len; ++i) {
     uint32_t tmp =
         (inout[((key->len - 1 - i) * 4) + 0] << 24) |
         (inout[((key->len - 1 - i) * 4) + 1] << 16) |
@@ -108,12 +108,12 @@
   }
 
   /* Convert to bigendian byte array */
-  for (i = key->len - 1; i >= 0; --i) {
+  for (i = (int)key->len - 1; i >= 0; --i) {
     uint32_t tmp = aaa[i];
-    *inout++ = tmp >> 24;
-    *inout++ = tmp >> 16;
-    *inout++ = tmp >> 8;
-    *inout++ = tmp >> 0;
+    *inout++ = (uint8_t)(tmp >> 24);
+    *inout++ = (uint8_t)(tmp >> 16);
+    *inout++ = (uint8_t)(tmp >>  8);
+    *inout++ = (uint8_t)(tmp >>  0);
   }
 
   Free(a);
@@ -126,7 +126,7 @@
  */
 int RSAVerify(const RSAPublicKey *key,
               const uint8_t *sig,
-              const int sig_len,
+              const uint32_t sig_len,
               const uint8_t sig_type,
               const uint8_t *hash) {
   int i;
diff --git a/firmware/lib/cryptolib/rsa_utility.c b/firmware/lib/cryptolib/rsa_utility.c
index f15b97e..c3cf50e 100644
--- a/firmware/lib/cryptolib/rsa_utility.c
+++ b/firmware/lib/cryptolib/rsa_utility.c
@@ -94,7 +94,8 @@
     return 0; /* Both can't be NULL or non-NULL. */
 
   digest = DigestBuf(buf, len, algorithm);
-  success = RSAVerify(verification_key, sig, sig_size, algorithm, digest);
+  success = RSAVerify(verification_key, sig, (uint32_t)sig_size,
+                      (uint8_t)algorithm, digest);
 
   Free(digest);
   if (!key)
@@ -126,7 +127,8 @@
   else
     return 0; /* Both can't be NULL or non-NULL. */
 
-  success = RSAVerify(verification_key, sig, sig_size, algorithm, digest);
+  success = RSAVerify(verification_key, sig, (uint32_t)sig_size,
+                      (uint8_t)algorithm, digest);
 
   if (!key)
     RSAPublicKeyFree(verification_key);  /* Only free if we allocated it. */
diff --git a/firmware/lib/cryptolib/sha1.c b/firmware/lib/cryptolib/sha1.c
index 70653ba..897742c 100644
--- a/firmware/lib/cryptolib/sha1.c
+++ b/firmware/lib/cryptolib/sha1.c
@@ -224,7 +224,7 @@
 }
 
 void SHA1_update(SHA1_CTX *ctx, const uint8_t *data, uint64_t len) {
-  int i = ctx->count % sizeof(ctx->buf);
+  int i = (int)(ctx->count % sizeof(ctx->buf));
   const uint8_t* p = (const uint8_t*) data;
 
   ctx->count += len;
@@ -239,7 +239,7 @@
 }
 uint8_t* SHA1_final(SHA1_CTX *ctx) {
   uint8_t *p = ctx->buf;
-  uint64_t cnt = ctx->count * 8;
+  uint64_t cnt = ctx->count << 3;
   int i;
 
   SHA1_update(ctx, (uint8_t*)"\x80", 1);
@@ -247,16 +247,16 @@
     SHA1_update(ctx, (uint8_t*)"\0", 1);
   }
   for (i = 0; i < 8; ++i) {
-    uint8_t tmp = cnt >> ((7 - i) * 8);
+    uint8_t tmp = (uint8_t)UINT64_RSHIFT(cnt, (7 - i) * 8);
     SHA1_update(ctx, &tmp, 1);
   }
 
   for (i = 0; i < 5; i++) {
     uint32_t tmp = ctx->state[i];
-    *p++ = tmp >> 24;
-    *p++ = tmp >> 16;
-    *p++ = tmp >> 8;
-    *p++ = tmp >> 0;
+    *p++ = (uint8_t)(tmp >> 24);
+    *p++ = (uint8_t)(tmp >> 16);
+    *p++ = (uint8_t)(tmp >> 8);
+    *p++ = (uint8_t)(tmp >> 0);
   }
 
   return ctx->buf;
diff --git a/firmware/lib/cryptolib/sha2.c b/firmware/lib/cryptolib/sha2.c
index e7f7888..aa26917 100644
--- a/firmware/lib/cryptolib/sha2.c
+++ b/firmware/lib/cryptolib/sha2.c
@@ -72,14 +72,14 @@
 
 #define UNPACK64(x, str)                        \
   {                                             \
-    *((str) + 7) = (uint8_t) ((x)      );       \
-    *((str) + 6) = (uint8_t) ((x) >>  8);       \
-    *((str) + 5) = (uint8_t) ((x) >> 16);       \
-    *((str) + 4) = (uint8_t) ((x) >> 24);       \
-    *((str) + 3) = (uint8_t) ((x) >> 32);       \
-    *((str) + 2) = (uint8_t) ((x) >> 40);       \
-    *((str) + 1) = (uint8_t) ((x) >> 48);       \
-    *((str) + 0) = (uint8_t) ((x) >> 56);       \
+    *((str) + 7) = (uint8_t) x;                 \
+    *((str) + 6) = (uint8_t) UINT64_RSHIFT(x,  8); \
+    *((str) + 5) = (uint8_t) UINT64_RSHIFT(x, 16); \
+    *((str) + 4) = (uint8_t) UINT64_RSHIFT(x, 24); \
+    *((str) + 3) = (uint8_t) UINT64_RSHIFT(x, 32); \
+    *((str) + 2) = (uint8_t) UINT64_RSHIFT(x, 40); \
+    *((str) + 1) = (uint8_t) UINT64_RSHIFT(x, 48); \
+    *((str) + 0) = (uint8_t) UINT64_RSHIFT(x, 56); \
   }
 
 #define PACK64(str, x)                          \
@@ -338,16 +338,16 @@
     const uint8_t *shifted_data;
 
     tmp_len = SHA256_BLOCK_SIZE - ctx->len;
-    rem_len = len < tmp_len ? len : tmp_len;
+    rem_len = len < tmp_len ? (unsigned int)len : tmp_len;
 
     Memcpy(&ctx->block[ctx->len], data, rem_len);
 
     if (ctx->len + len < SHA256_BLOCK_SIZE) {
-        ctx->len += len;
+        ctx->len += (uint32_t)len;
         return;
     }
 
-    new_len = len - rem_len;
+    new_len = (unsigned int)len - rem_len;
     block_nb = new_len / SHA256_BLOCK_SIZE;
 
     shifted_data = data + rem_len;
@@ -526,16 +526,16 @@
     const uint8_t* shifted_data;
 
     tmp_len = SHA512_BLOCK_SIZE - ctx->len;
-    rem_len = len < tmp_len ? len : tmp_len;
+    rem_len = len < tmp_len ? (unsigned int)len : tmp_len;
 
     Memcpy(&ctx->block[ctx->len], data, rem_len);
 
     if (ctx->len + len < SHA512_BLOCK_SIZE) {
-        ctx->len += len;
+        ctx->len += (uint32_t)len;
         return;
     }
 
-    new_len = len - rem_len;
+    new_len = (unsigned int)len - rem_len;
     block_nb = new_len / SHA512_BLOCK_SIZE;
 
     shifted_data = data + rem_len;
diff --git a/firmware/lib/include/stateful_util.h b/firmware/lib/include/stateful_util.h
index e782ed8..5630534 100644
--- a/firmware/lib/include/stateful_util.h
+++ b/firmware/lib/include/stateful_util.h
@@ -14,7 +14,7 @@
 
 /* Track remaining data to be read in a buffer. */
 typedef struct MemcpyState {
-  void* remaining_buf;
+  uint8_t* remaining_buf;
   uint64_t remaining_len;  /* Remaining length of the buffer. */
   uint8_t overrun;  /* Flag set to 1 when an overrun occurs. */
 } MemcpyState;
diff --git a/firmware/lib/rollback_index.c b/firmware/lib/rollback_index.c
index cb86e89..728087a 100644
--- a/firmware/lib/rollback_index.c
+++ b/firmware/lib/rollback_index.c
@@ -121,15 +121,15 @@
     RETURN_ON_FAILURE(TlclRead(FIRMWARE_VERSIONS_NV_INDEX,
                                (uint8_t*) &firmware_versions,
                                sizeof(firmware_versions)));
-    g_firmware_key_version = firmware_versions >> 16;
-    g_firmware_version = firmware_versions && 0xffff;
+    g_firmware_key_version = (uint16_t) (firmware_versions >> 16);
+    g_firmware_version = (uint16_t) (firmware_versions & 0xffff);
     break;
   case KERNEL_VERSIONS:
     RETURN_ON_FAILURE(TlclRead(KERNEL_VERSIONS_NV_INDEX,
                                (uint8_t*) &kernel_versions,
                                sizeof(kernel_versions)));
-    g_kernel_key_version = kernel_versions >> 16;
-    g_kernel_version = kernel_versions && 0xffff;
+    g_kernel_key_version = (uint16_t) (kernel_versions >> 16);
+    g_kernel_version = (uint16_t) (kernel_versions & 0xffff);
     break;
   }
 
diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c
index f76eed4..a944c70 100644
--- a/firmware/lib/vboot_common.c
+++ b/firmware/lib/vboot_common.c
@@ -112,16 +112,16 @@
     debug("Invalid algorithm.\n");
     return NULL;
   }
-  if (RSAProcessedKeySize(key->algorithm) != key->key_size) {
+  if (RSAProcessedKeySize((int)key->algorithm) != (int)key->key_size) {
     debug("Wrong key size for algorithm\n");
     return NULL;
   }
 
-  rsa = RSAPublicKeyFromBuf(GetPublicKeyDataC(key), key->key_size);
+  rsa = RSAPublicKeyFromBuf(GetPublicKeyDataC(key), (int)key->key_size);
   if (!rsa)
     return NULL;
 
-  rsa->algorithm = key->algorithm;
+  rsa->algorithm = (int)key->algorithm;
   return rsa;
 }
 
@@ -190,7 +190,8 @@
       return VBOOT_KEY_BLOCK_INVALID;
     }
 
-    if (!((rsa = PublicKeyToRSA(key)))) {
+    rsa = PublicKeyToRSA(key);
+    if (!rsa) {
       debug("Invalid public key\n");
       return VBOOT_PUBLIC_KEY_INVALID;
     }
diff --git a/firmware/lib/vboot_firmware.c b/firmware/lib/vboot_firmware.c
index 88d6bb6..2fb1f6c 100644
--- a/firmware/lib/vboot_firmware.c
+++ b/firmware/lib/vboot_firmware.c
@@ -48,6 +48,8 @@
   params->kernel_sign_key_blob = NULL;
   params->kernel_sign_key_size = 0;
 
+  debug("LoadFirmware started...\n");
+
   /* Must have a root key */
   if (!root_key)
     return LOAD_FIRMWARE_RECOVERY;
@@ -64,7 +66,7 @@
   lfi = (VbLoadFirmwareInternal*)Malloc(sizeof(VbLoadFirmwareInternal));
   if (!lfi)
     return LOAD_FIRMWARE_RECOVERY;
-  params->load_firmware_internal = lfi;
+  params->load_firmware_internal = (uint8_t*)lfi;
 
   /* Loop over indices */
   for (index = 0; index < 2; index++) {
@@ -192,8 +194,8 @@
         (lowest_key_version == tpm_key_version &&
          lowest_fw_version > tpm_fw_version)) {
       if (0 != WriteStoredVersions(FIRMWARE_VERSIONS,
-                                   lowest_key_version,
-                                   lowest_fw_version))
+                                   (uint16_t)lowest_key_version,
+                                   (uint16_t)lowest_fw_version))
         return LOAD_FIRMWARE_RECOVERY;
     }
 
diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c
index 1440eb4..ea0fc29 100644
--- a/firmware/lib/vboot_kernel.c
+++ b/firmware/lib/vboot_kernel.c
@@ -147,7 +147,7 @@
 
   do {
     /* Read GPT data */
-    gpt.sector_bytes = blba;
+    gpt.sector_bytes = (uint32_t)blba;
     gpt.drive_sectors = params->ending_lba + 1;
     if (0 != AllocAndReadGptData(&gpt)) {
       debug("Unable to read GPT data\n");
@@ -306,14 +306,18 @@
       /* If we're still here, the kernel is valid. */
       /* Save the first good partition we find; that's the one we'll boot */
       debug("Partiton is good.\n");
-      good_partition = gpt.current_kernel;
+      /* TODO: GPT partitions start at 1, but cgptlib starts them at 0.
+       * Adjust here, until cgptlib is fixed. */
+      good_partition = gpt.current_kernel + 1;
       params->partition_number = gpt.current_kernel;
       params->bootloader_address = preamble->bootloader_address;
       params->bootloader_size = preamble->bootloader_size;
       /* If we're in developer or recovery mode, there's no rollback
        * protection, so we can stop at the first valid kernel. */
-      if (!is_normal)
+      if (!is_normal) {
+        debug("Boot_flags = !is_normal\n");
         break;
+      }
 
       /* Otherwise, we're in normal boot mode, so we do care about the
        * key index in the TPM.  If the good partition's key version is
@@ -321,8 +325,10 @@
        * can stop now.  Otherwise, we'll check all the other headers
        * to see if they contain a newer key. */
       if (key_version == tpm_key_version &&
-          preamble->kernel_version == tpm_kernel_version)
+          preamble->kernel_version == tpm_kernel_version) {
+        debug("Same key version\n");
         break;
+      }
     } /* while(GptNextKernelEntry) */
   } while(0);
 
@@ -335,6 +341,7 @@
 
   /* Handle finding a good partition */
   if (good_partition >= 0) {
+    debug("Good_partition >= 0\n");
 
     /* See if we need to update the TPM */
     if (is_normal) {
@@ -344,12 +351,13 @@
        * forward.  In recovery mode, the TPM stays PP-unlocked, so
        * anything we write gets blown away by the firmware when we go
        * back to normal mode. */
+      debug("Boot_flags = is_normal\n");
       if ((lowest_key_version > tpm_key_version) ||
           (lowest_key_version == tpm_key_version &&
            lowest_kernel_version > tpm_kernel_version)) {
         if (0 != WriteStoredVersions(KERNEL_VERSIONS,
-                                     lowest_key_version,
-                                     lowest_kernel_version))
+                                     (uint16_t)lowest_key_version,
+                                     (uint16_t)lowest_kernel_version))
           return LOAD_KERNEL_RECOVERY;
       }
     }
@@ -363,6 +371,7 @@
        *
        * If we're already in recovery mode, we need to leave PP unlocked,
        * so don't lock the kernel versions. */
+      debug("Lock kernel versions\n");
       if (0 != LockKernelVersionsByLockingPP())
         return LOAD_KERNEL_RECOVERY;
     }