blob: dee6b1398ab7f2376b1365bc3b70eb1ac34ecc04 [file] [log] [blame]
Randall Spangler6f1b82a2014-12-03 12:29:37 -08001/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 *
5 * Misc functions which need access to vb2_context but are not public APIs
6 */
7
8#include "2sysincludes.h"
9#include "2api.h"
10#include "2misc.h"
11#include "2nvstorage.h"
12#include "2secdata.h"
13#include "2sha.h"
14#include "2rsa.h"
15#include "vb2_common.h"
16
Vadim Bendeburyc1a96b02015-04-07 17:07:33 -070017/*
18 * The blob below is the sha1 digest calculated over the packed developer
19 * root public key structure.
20 */
21
22static const uint8_t dev_key_digest[] = {
23 0xb1, 0x1d, 0x74, 0xed, 0xd2, 0x86, 0xc1, 0x44,
24 0xe1, 0x13, 0x5b, 0x49, 0xe7, 0xf0, 0xbc, 0x20,
25 0xcf, 0x04, 0x1f, 0x10,
26};
27
Randall Spanglerb87d1ec2015-05-19 12:45:20 -070028/**
29 * Determine if the root key is the developer key checked into the
30 * vboot_reference repository. Has no effect on boot; just logs this to the
31 * debug console.
32 *
33 * @param root Root key
34 */
Vadim Bendeburyc1a96b02015-04-07 17:07:33 -070035static void vb2_report_dev_firmware(struct vb2_public_key *root)
36{
37 struct vb2_digest_context dc;
38 uint8_t digest[sizeof(dev_key_digest)];
39 int size = root->arrsize * 4;
40
41 if (!root->arrsize)
42 return; /* Must be a test run. */
43
44 if (vb2_digest_init(&dc, VB2_HASH_SHA1) != VB2_SUCCESS)
45 return;
46
47 if (vb2_digest_extend(&dc, (uint8_t *)&root->arrsize,
48 sizeof(root->arrsize)) != VB2_SUCCESS)
49 return;
50
51 if (vb2_digest_extend(&dc, (uint8_t *)&root->n0inv,
52 sizeof(root->n0inv)) != VB2_SUCCESS)
53 return;
54
55 if (vb2_digest_extend(&dc, (uint8_t *)root->n, size) != VB2_SUCCESS)
56 return;
57
58 if (vb2_digest_extend(&dc, (uint8_t *)root->rr, size) != VB2_SUCCESS)
59 return;
60
61 if (vb2_digest_finalize(&dc, digest, sizeof(digest)) != VB2_SUCCESS)
62 return;
63
64 if (!memcmp(digest, dev_key_digest, sizeof(dev_key_digest)))
65 VB2_DEBUG("This is developer signed firmware\n");
66}
67
Randall Spangler6f1b82a2014-12-03 12:29:37 -080068int vb2_load_fw_keyblock(struct vb2_context *ctx)
69{
70 struct vb2_shared_data *sd = vb2_get_sd(ctx);
71 struct vb2_workbuf wb;
72
73 uint8_t *key_data;
74 uint32_t key_size;
75 struct vb2_packed_key *packed_key;
76 struct vb2_public_key root_key;
77
78 struct vb2_keyblock *kb;
79 uint32_t block_size;
80
Randall Spangler6f1b82a2014-12-03 12:29:37 -080081 int rv;
82
83 vb2_workbuf_from_ctx(ctx, &wb);
84
85 /* Read the root key */
86 key_size = sd->gbb_rootkey_size;
87 key_data = vb2_workbuf_alloc(&wb, key_size);
88 if (!key_data)
89 return VB2_ERROR_FW_KEYBLOCK_WORKBUF_ROOT_KEY;
90
91 rv = vb2ex_read_resource(ctx, VB2_RES_GBB, sd->gbb_rootkey_offset,
92 key_data, key_size);
93 if (rv)
94 return rv;
95
96 /* Unpack the root key */
97 rv = vb2_unpack_key(&root_key, key_data, key_size);
98 if (rv)
99 return rv;
100
Randall Spanglerb87d1ec2015-05-19 12:45:20 -0700101 /* If that's the checked-in root key, this is dev-signed firmware */
102 vb2_report_dev_firmware(&root_key);
103
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800104 /* Load the firmware keyblock header after the root key */
105 kb = vb2_workbuf_alloc(&wb, sizeof(*kb));
106 if (!kb)
107 return VB2_ERROR_FW_KEYBLOCK_WORKBUF_HEADER;
108
109 rv = vb2ex_read_resource(ctx, VB2_RES_FW_VBLOCK, 0, kb, sizeof(*kb));
110 if (rv)
111 return rv;
112
113 block_size = kb->keyblock_size;
114
115 /*
116 * Load the entire keyblock, now that we know how big it is. Note that
117 * we're loading the entire keyblock instead of just the piece after
118 * the header. That means we re-read the header. But that's a tiny
119 * amount of data, and it makes the code much more straightforward.
120 */
121 kb = vb2_workbuf_realloc(&wb, sizeof(*kb), block_size);
122 if (!kb)
123 return VB2_ERROR_FW_KEYBLOCK_WORKBUF;
124
125 rv = vb2ex_read_resource(ctx, VB2_RES_FW_VBLOCK, 0, kb, block_size);
126 if (rv)
127 return rv;
128
129 /* Verify the keyblock */
130 rv = vb2_verify_keyblock(kb, block_size, &root_key, &wb);
Julius Werner187f0692015-02-10 17:08:22 -0800131 if (rv) {
132 vb2_fail(ctx, VB2_RECOVERY_FW_KEYBLOCK, rv);
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800133 return rv;
Julius Werner187f0692015-02-10 17:08:22 -0800134 }
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800135
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800136 /* Key version is the upper 16 bits of the composite firmware version */
Randall Spanglerf7559e42016-06-23 13:45:59 -0700137 if (kb->data_key.key_version > VB2_MAX_KEY_VERSION)
Julius Werner187f0692015-02-10 17:08:22 -0800138 rv = VB2_ERROR_FW_KEYBLOCK_VERSION_RANGE;
Julius Wernerfb4e4082015-05-15 12:50:07 -0700139 if (!rv && kb->data_key.key_version < (sd->fw_version_secdata >> 16)) {
140 if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK)
141 VB2_DEBUG("Ignoring FW key rollback due to GBB flag\n");
142 else
143 rv = VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK;
144 }
Julius Werner187f0692015-02-10 17:08:22 -0800145 if (rv) {
146 vb2_fail(ctx, VB2_RECOVERY_FW_KEY_ROLLBACK, rv);
147 return rv;
148 }
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800149
150 sd->fw_version = kb->data_key.key_version << 16;
151
152 /*
153 * Save the data key in the work buffer. This overwrites the root key
154 * we read above. That's ok, because now that we have the data key we
155 * no longer need the root key.
156 */
157 packed_key = (struct vb2_packed_key *)key_data;
158
159 packed_key->algorithm = kb->data_key.algorithm;
160 packed_key->key_version = kb->data_key.key_version;
161 packed_key->key_size = kb->data_key.key_size;
162
163 /*
164 * Use memmove() instead of memcpy(). In theory, the destination will
165 * never overlap because with the source because the root key is likely
166 * to be at least as large as the data key, but there's no harm here in
167 * being paranoid.
168 */
169 memmove(key_data + packed_key->key_offset,
170 (uint8_t*)&kb->data_key + kb->data_key.key_offset,
171 packed_key->key_size);
172
173 /* Save the packed key offset and size */
174 sd->workbuf_data_key_offset = vb2_offset_of(ctx->workbuf, key_data);
175 sd->workbuf_data_key_size =
176 packed_key->key_offset + packed_key->key_size;
177
178 /* Preamble follows the keyblock in the vblock */
179 sd->vblock_preamble_offset = kb->keyblock_size;
180
Randall Spanglerb87d1ec2015-05-19 12:45:20 -0700181 /*
182 * Data key will persist in the workbuf after we return.
183 *
184 * Work buffer now contains:
185 * - vb2_shared_data
186 * - packed firmware data key
187 */
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800188 ctx->workbuf_used = sd->workbuf_data_key_offset +
189 sd->workbuf_data_key_size;
190
191 return VB2_SUCCESS;
192}
193
194int vb2_load_fw_preamble(struct vb2_context *ctx)
195{
196 struct vb2_shared_data *sd = vb2_get_sd(ctx);
197 struct vb2_workbuf wb;
198
199 uint8_t *key_data = ctx->workbuf + sd->workbuf_data_key_offset;
200 uint32_t key_size = sd->workbuf_data_key_size;
201 struct vb2_public_key data_key;
202
203 /* Preamble goes in the next unused chunk of work buffer */
204 struct vb2_fw_preamble *pre;
205 uint32_t pre_size;
206
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800207 int rv;
208
209 vb2_workbuf_from_ctx(ctx, &wb);
210
211 /* Unpack the firmware data key */
212 if (!sd->workbuf_data_key_size)
213 return VB2_ERROR_FW_PREAMBLE2_DATA_KEY;
214
215 rv = vb2_unpack_key(&data_key, key_data, key_size);
216 if (rv)
217 return rv;
218
219 /* Load the firmware preamble header */
220 pre = vb2_workbuf_alloc(&wb, sizeof(*pre));
221 if (!pre)
222 return VB2_ERROR_FW_PREAMBLE2_WORKBUF_HEADER;
223
224 rv = vb2ex_read_resource(ctx, VB2_RES_FW_VBLOCK,
225 sd->vblock_preamble_offset,
226 pre, sizeof(*pre));
227 if (rv)
228 return rv;
229
230 pre_size = pre->preamble_size;
231
232 /* Load the entire firmware preamble, now that we know how big it is */
233 pre = vb2_workbuf_realloc(&wb, sizeof(*pre), pre_size);
234 if (!pre)
235 return VB2_ERROR_FW_PREAMBLE2_WORKBUF;
236
237 rv = vb2ex_read_resource(ctx, VB2_RES_FW_VBLOCK,
238 sd->vblock_preamble_offset,
239 pre, pre_size);
240 if (rv)
241 return rv;
242
243 /* Work buffer now contains the data subkey data and the preamble */
244
245 /* Verify the preamble */
246 rv = vb2_verify_fw_preamble(pre, pre_size, &data_key, &wb);
Julius Werner187f0692015-02-10 17:08:22 -0800247 if (rv) {
248 vb2_fail(ctx, VB2_RECOVERY_FW_PREAMBLE, rv);
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800249 return rv;
Julius Werner187f0692015-02-10 17:08:22 -0800250 }
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800251
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800252 /*
253 * Firmware version is the lower 16 bits of the composite firmware
254 * version.
255 */
Randall Spanglerf7559e42016-06-23 13:45:59 -0700256 if (pre->firmware_version > VB2_MAX_PREAMBLE_VERSION)
Julius Werner187f0692015-02-10 17:08:22 -0800257 rv = VB2_ERROR_FW_PREAMBLE_VERSION_RANGE;
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800258 /* Combine with the key version from vb2_load_fw_keyblock() */
259 sd->fw_version |= pre->firmware_version;
Julius Wernerfb4e4082015-05-15 12:50:07 -0700260 if (!rv && sd->fw_version < sd->fw_version_secdata) {
261 if (sd->gbb_flags & VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK)
262 VB2_DEBUG("Ignoring FW rollback due to GBB flag\n");
263 else
264 rv = VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK;
265 }
Julius Werner187f0692015-02-10 17:08:22 -0800266 if (rv) {
267 vb2_fail(ctx, VB2_RECOVERY_FW_ROLLBACK, rv);
268 return rv;
269 }
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800270
271 /*
272 * If this is a newer version than in secure storage, and we
273 * successfully booted the same slot last boot, roll forward the
274 * version in secure storage.
Randall Spangler22da78c2015-05-29 10:53:11 -0700275 *
276 * Note that this happens before we've verified the firmware data this
277 * boot; we're relying on the indicator that the last boot was
278 * successful. That's ok, because even if the firmware data has a
279 * valid hash, the only way we can know if it's functional is to trust
280 * the status from the last boot.
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800281 */
Julius Werner21aedee2015-01-29 14:49:17 -0800282 if (sd->fw_version > sd->fw_version_secdata &&
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800283 sd->last_fw_slot == sd->fw_slot &&
284 sd->last_fw_result == VB2_FW_RESULT_SUCCESS) {
285
Julius Werner21aedee2015-01-29 14:49:17 -0800286 sd->fw_version_secdata = sd->fw_version;
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800287 rv = vb2_secdata_set(ctx, VB2_SECDATA_VERSIONS, sd->fw_version);
288 if (rv)
289 return rv;
290 }
291
292 /* Keep track of where we put the preamble */
293 sd->workbuf_preamble_offset = vb2_offset_of(ctx->workbuf, pre);
294 sd->workbuf_preamble_size = pre_size;
295
Randall Spanglerb87d1ec2015-05-19 12:45:20 -0700296 /*
297 * Preamble will persist in work buffer after we return.
298 *
299 * Work buffer now contains:
300 * - vb2_shared_data
301 * - packed firmware data key
302 * - firmware preamble
303 *
304 * TODO: we could move the preamble down over the firmware data key
305 * since we don't need it anymore.
306 */
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800307 ctx->workbuf_used = sd->workbuf_preamble_offset + pre_size;
308
309 return VB2_SUCCESS;
310}