1 /* Copyright 2014 The ChromiumOS Authors
2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 *
5 * Common functions between firmware and kernel verified boot.
6 */
7
8 #ifndef VBOOT_REFERENCE_2COMMON_H_
9 #define VBOOT_REFERENCE_2COMMON_H_
10
11 #include "2api.h"
12 #include "2gbb.h"
13 #include "2misc.h"
14 #include "2packed_key.h"
15 #include "2return_codes.h"
16 #include "2sha.h"
17 #include "2struct.h"
18 #include "2sysincludes.h"
19
20 struct vb2_public_key;
21
22 /* Time conversion constants. */
23 #define VB2_USEC_PER_MSEC 1000ULL
24 #define VB2_MSEC_PER_SEC 1000ULL
25
26 /*
27 * Return the min/max of A and B. This is used in macros which calculate the
28 * required buffer size, so can't be turned into a static inline function.
29 */
30 #define VB2_MIN(a, b) ({ \
31 typeof(a) __vb2_min_a = (a); \
32 typeof(b) __vb2_min_b = (b); \
33 __vb2_min_a < __vb2_min_b ? __vb2_min_a : __vb2_min_b; \
34 })
35 #define VB2_MAX(a, b) ({ \
36 typeof(a) __vb2_max_a = (a); \
37 typeof(b) __vb2_max_b = (b); \
38 __vb2_max_a > __vb2_max_b ? __vb2_max_a : __vb2_max_b; \
39 })
40
41 /* Return the number of elements in an array */
42 #ifndef ARRAY_SIZE
43 #define ARRAY_SIZE(a) (sizeof(a) / sizeof((a)[0]))
44 #endif
45
46 /* Platform-dependent debug/assert output macros. */
47 #define VB2_DEBUG(format, args...) \
48 vb2ex_printf(__func__, format, ## args)
49
50 #define VB2_DEBUG_RAW(format, args...) \
51 vb2ex_printf(NULL, format, ## args)
52
53 #define VB2_ASSERT(expr) do { \
54 if (!(expr)) { \
55 VB2_DEBUG("assertion failed: %s at %s:%d\n", \
56 #expr, __FILE__, __LINE__); \
57 vb2ex_abort(); \
58 for (;;); \
59 } \
60 } while (0)
61
62 #define VB2_DIE(format, args...) do { \
63 VB2_DEBUG(format, ## args); \
64 vb2ex_abort(); \
65 for (;;); \
66 } while (0)
67
68 #define VB2_REC_OR_DIE(ctx, format, args...) do { \
69 VB2_DEBUG(format, ## args); \
70 if ((vb2_get_sd(ctx)->status & VB2_SD_STATUS_RECOVERY_DECIDED) && \
71 !(ctx->flags & VB2_CONTEXT_RECOVERY_MODE)) { \
72 vb2ex_abort(); \
73 for (;;); \
74 } \
75 VB2_DEBUG("IGNORING ABORT IN RECOVERY MODE!!!\n"); \
76 } while (0)
77
78 /*
79 * Define test_mockable and for mocking functions when compiled for Chrome OS
80 * environment (that is, not for firmware).
81 */
82 #ifndef test_mockable
83 #ifdef CHROMEOS_ENVIRONMENT
84 #define test_mockable __attribute__((weak))
85 #else
86 #define test_mockable
87 #endif
88 #endif
89
90 #if (defined(__GNUC__) && __GNUC__ >= 7)
91 #define VBOOT_FALLTHROUGH __attribute__((__fallthrough__))
92 #elif defined(__clang__)
93 #if __has_attribute(__fallthrough__)
94 #define VBOOT_FALLTHROUGH __attribute__((__fallthrough__))
95 #endif
96 #else
97 #define VBOOT_FALLTHROUGH ((void)0)
98 #endif
99
100 /**
101 * Round down a number to a multiple of VB2_WORKBUF_ALIGN
102 *
103 * @param v Number to round down
104 * @return The number, rounded down.
105 */
vb2_wb_round_down(uint32_t v)106 static inline uint32_t vb2_wb_round_down(uint32_t v)
107 {
108 return v & ~(VB2_WORKBUF_ALIGN - 1);
109 }
110
111 /**
112 * Round up a number to a multiple of VB2_WORKBUF_ALIGN
113 *
114 * @param v Number to round up
115 * @return The number, rounded up.
116 */
vb2_wb_round_up(uint32_t v)117 static inline uint32_t vb2_wb_round_up(uint32_t v)
118 {
119 return (v + VB2_WORKBUF_ALIGN - 1) & ~(VB2_WORKBUF_ALIGN - 1);
120 }
121
122 /* Work buffer */
123 struct vb2_workbuf {
124 uint8_t *buf;
125 uint32_t size;
126 };
127
128 /**
129 * Initialize a work buffer.
130 *
131 * @param wb Work buffer to init
132 * @param buf Pointer to work buffer data
133 * @param size Size of work buffer data in bytes
134 */
135 void vb2_workbuf_init(struct vb2_workbuf *wb, uint8_t *buf, uint32_t size);
136
137 /**
138 * Allocate space in a work buffer.
139 *
140 * Note that the returned buffer will always be aligned to VB2_WORKBUF_ALIGN.
141 *
142 * The work buffer acts like a stack, and detailed tracking of allocs and frees
143 * is not done. The caller must track the size of each allocation and free via
144 * vb2_workbuf_free() in the reverse order they were allocated.
145 *
146 * An acceptable alternate workflow inside a function is to pass in a const
147 * work buffer, then make a local copy. Allocations done to the local copy
148 * then don't change the passed-in work buffer, and will effectively be freed
149 * when the local copy goes out of scope.
150 *
151 * @param wb Work buffer
152 * @param size Requested size in bytes
153 * @return A pointer to the allocated space, or NULL if error.
154 */
155 void *vb2_workbuf_alloc(struct vb2_workbuf *wb, uint32_t size);
156
157 /**
158 * Reallocate space in a work buffer.
159 *
160 * Note that the returned buffer will always be aligned to VB2_WORKBUF_ALIGN.
161 * The work buffer acts like a stack, so this must only be done to the most
162 * recently allocated buffer.
163 *
164 * @param wb Work buffer
165 * @param oldsize Old allocation size in bytes
166 * @param newsize Requested size in bytes
167 * @return A pointer to the allocated space, or NULL if error.
168 */
169 void *vb2_workbuf_realloc(struct vb2_workbuf *wb, uint32_t oldsize,
170 uint32_t newsize);
171
172 /**
173 * Free the preceding allocation.
174 *
175 * Note that the work buffer acts like a stack, and detailed tracking of
176 * allocs and frees is not done. The caller must track the size of each
177 * allocation and free them in reverse order.
178 *
179 * @param wb Work buffer
180 * @param size Size of data to free
181 */
182 void vb2_workbuf_free(struct vb2_workbuf *wb, uint32_t size);
183
184 /* Check if a pointer is aligned on an align-byte boundary */
185 #define vb2_aligned(ptr, align) (!(((uintptr_t)(ptr)) & ((align) - 1)))
186
187 /**
188 * Safer memcmp() for use in crypto.
189 *
190 * Compares the buffers to see if they are equal. Time taken to perform
191 * the comparison is dependent only on the size, not the relationship of
192 * the match between the buffers. Note that unlike memcmp(), this only
193 * indicates inequality, not which buffer is lesser.
194 *
195 * @param s1 First buffer
196 * @param s2 Second buffer
197 * @param size Number of bytes to compare
198 * @return 0 if match or size=0, non-zero if at least one byte mismatched.
199 */
200 vb2_error_t vb2_safe_memcmp(const void *s1, const void *s2, size_t size);
201
202 /**
203 * Align a buffer and check its size.
204 *
205 * @param **ptr Pointer to pointer to align
206 * @param *size Points to size of buffer pointed to by *ptr
207 * @param align Required alignment (must be power of 2)
208 * @param want_size Required size
209 * @return VB2_SUCCESS, or non-zero if error.
210 */
211 vb2_error_t vb2_align(uint8_t **ptr, uint32_t *size, uint32_t align,
212 uint32_t want_size);
213
214 /**
215 * Return offset of ptr from base.
216 *
217 * @param base Base pointer
218 * @param ptr Pointer at some offset from base
219 * @return The offset of ptr from base.
220 */
221 ptrdiff_t vb2_offset_of(const void *base, const void *ptr);
222
223 /**
224 * Return member of given object.
225 *
226 * @param parent Pointer to parent object
227 * @param offset Offset from base
228 * @return Pointer to child object.
229 */
230 void *vb2_member_of(void *parent, ptrdiff_t offset);
231
232 /**
233 * Return expected signature size for a signature/hash algorithm pair
234 *
235 * @param sig_alg Signature algorithm
236 * @param hash_alg Hash algorithm
237 * @return The signature size, or zero if error / unsupported algorithm.
238 */
239 uint32_t vb2_sig_size(enum vb2_signature_algorithm sig_alg,
240 enum vb2_hash_algorithm hash_alg);
241
242 /**
243 * Return a key ID for an unsigned hash algorithm.
244 *
245 * @param hash_alg Hash algorithm to return key for
246 * @return A pointer to the key ID for that hash algorithm with
247 * sig_alg=VB2_SIG_NONE, or NULL if error.
248 */
249 const struct vb2_id *vb2_hash_id(enum vb2_hash_algorithm hash_alg);
250
251 /* Size of work buffer sufficient for vb2_verify_digest() worst case. */
252 #define VB2_VERIFY_DIGEST_WORKBUF_BYTES VB2_VERIFY_RSA_DIGEST_WORKBUF_BYTES
253
254 /* Size of work buffer sufficient for vb2_verify_data() worst case. */
255 #define VB2_VERIFY_DATA_WORKBUF_BYTES \
256 (VB2_SHA512_DIGEST_SIZE + \
257 VB2_MAX(VB2_VERIFY_DIGEST_WORKBUF_BYTES, \
258 sizeof(struct vb2_digest_context)))
259
260 /* Size of work buffer sufficient for vb2_verify_keyblock() worst case. */
261 #define VB2_KEYBLOCK_VERIFY_WORKBUF_BYTES VB2_VERIFY_DATA_WORKBUF_BYTES
262
263 /* Size of work buffer sufficient for vb2_verify_fw_preamble() worst case. */
264 #define VB2_VERIFY_FIRMWARE_PREAMBLE_WORKBUF_BYTES VB2_VERIFY_DATA_WORKBUF_BYTES
265
266 /*
267 * Size of work buffer sufficient for vb2_verify_kernel_preamble() worst
268 * case.
269 */
270 #define VB2_VERIFY_KERNEL_PREAMBLE_WORKBUF_BYTES VB2_VERIFY_DATA_WORKBUF_BYTES
271
272 /**
273 * Verify the data pointed to by a subfield is inside the parent data.
274 *
275 * The subfield has a header pointed to by member, and a separate data
276 * field at an offset relative to the header. That is:
277 *
278 * struct parent {
279 * (possibly other parent fields)
280 * struct member {
281 * (member header fields)
282 * };
283 * (possibly other parent fields)
284 * };
285 * (possibly some other parent data)
286 * (member data)
287 * (possibly some other parent data)
288 *
289 * @param parent Parent data
290 * @param parent_size Parent size in bytes
291 * @param member Subfield header
292 * @param member_size Size of subfield header in bytes
293 * @param member_data_offset Offset of member data from start of member
294 * @param member_data_size Size of member data in bytes
295 * @return VB2_SUCCESS, or non-zero if error.
296 */
297 vb2_error_t vb2_verify_member_inside(const void *parent, size_t parent_size,
298 const void *member, size_t member_size,
299 ptrdiff_t member_data_offset,
300 size_t member_data_size);
301
302 /*
303 * Helper function to get data pointed to by a public key.
304 */
vb2_packed_key_data_mutable(struct vb2_packed_key * key)305 static inline uint8_t *vb2_packed_key_data_mutable(
306 struct vb2_packed_key *key)
307 {
308 return (uint8_t *)key + key->key_offset;
309 }
310
vb2_packed_key_data(const struct vb2_packed_key * key)311 static inline const uint8_t *vb2_packed_key_data(
312 const struct vb2_packed_key *key)
313 {
314 return (const uint8_t *)((uintptr_t)key + key->key_offset);
315 }
316
317 /**
318 * Verify a packed key is fully contained in its parent data
319 *
320 * @param parent Parent data
321 * @param parent_size Parent size in bytes
322 * @param key Packed key pointer
323 * @return VB2_SUCCESS, or non-zero if error.
324 */
vb2_verify_packed_key_inside(const void * parent,uint32_t parent_size,const struct vb2_packed_key * key)325 static inline vb2_error_t vb2_verify_packed_key_inside(
326 const void *parent,
327 uint32_t parent_size,
328 const struct vb2_packed_key *key)
329 {
330 return vb2_verify_member_inside(parent, parent_size,
331 key, sizeof(*key),
332 key->key_offset, key->key_size);
333 }
334
335 /*
336 * Helper functions to get data pointed to by a public key or signature.
337 */
vb2_signature_data_mutable(struct vb2_signature * sig)338 static inline uint8_t *vb2_signature_data_mutable(
339 struct vb2_signature *sig)
340 {
341 return (uint8_t *)sig + sig->sig_offset;
342 }
343
vb2_signature_data(const struct vb2_signature * sig)344 static inline const uint8_t *vb2_signature_data(
345 const struct vb2_signature *sig)
346 {
347 return (const uint8_t *)((uintptr_t)sig + sig->sig_offset);
348 }
349
350 /**
351 * Verify a signature is fully contained in its parent data
352 *
353 * @param parent Parent data
354 * @param parent_size Parent size in bytes
355 * @param sig Signature pointer
356 * @return VB2_SUCCESS, or non-zero if error.
357 */
vb2_verify_signature_inside(const void * parent,uint32_t parent_size,const struct vb2_signature * sig)358 static inline vb2_error_t vb2_verify_signature_inside(
359 const void *parent,
360 uint32_t parent_size,
361 const struct vb2_signature *sig)
362 {
363 return vb2_verify_member_inside(parent, parent_size,
364 sig, sizeof(*sig),
365 sig->sig_offset, sig->sig_size);
366 }
367
368 /**
369 * Verify a signature against an expected hash digest.
370 *
371 * @param key Key to use in signature verification
372 * @param sig Signature to verify (may be destroyed in process)
373 * @param digest Digest of signed data
374 * @param wb Work buffer
375 * @return VB2_SUCCESS, or non-zero if error.
376 */
377 vb2_error_t vb2_verify_digest(const struct vb2_public_key *key,
378 struct vb2_signature *sig, const uint8_t *digest,
379 const struct vb2_workbuf *wb);
380
381 /**
382 * Verify data matches signature.
383 *
384 * @param data Data to verify
385 * @param size Size of data buffer. Note that amount of data to
386 * actually validate is contained in sig->data_size.
387 * @param sig Signature of data (destroyed in process)
388 * @param key Key to use to validate signature
389 * @param wb Work buffer
390 * @return VB2_SUCCESS, or non-zero error code if error.
391 */
392 vb2_error_t vb2_verify_data(const uint8_t *data, uint32_t size,
393 struct vb2_signature *sig,
394 const struct vb2_public_key *key,
395 const struct vb2_workbuf *wb);
396
397 /**
398 * Check the validity of a keyblock structure.
399 *
400 * Verifies all the header fields. Does not verify key index or keyblock
401 * flags. Should be called before verifying the keyblock data itself using
402 * the key. (This function does not itself verify the signature - just that
403 * the right amount of data is claimed to be signed.)
404 *
405 * @param block Keyblock to verify
406 * @param size Size of keyblock buffer
407 * @param sig Which signature inside the keyblock to use
408 */
409 vb2_error_t vb2_check_keyblock(const struct vb2_keyblock *block, uint32_t size,
410 const struct vb2_signature *sig);
411
412 /**
413 * Verify a keyblock using a public key.
414 *
415 * Header fields are also checked for validity. Does not verify key index or key
416 * block flags. Signature inside block is destroyed during check.
417 *
418 * @param block Keyblock to verify
419 * @param size Size of keyblock buffer
420 * @param key Key to use to verify block
421 * @param wb Work buffer
422 * @return VB2_SUCCESS, or non-zero error code if error.
423 */
424 vb2_error_t vb2_verify_keyblock(struct vb2_keyblock *block, uint32_t size,
425 const struct vb2_public_key *key,
426 const struct vb2_workbuf *wb);
427
428 /**
429 * Check the validity of a firmware preamble using a public key.
430 *
431 * The signature in the preamble is destroyed during the check.
432 *
433 * @param preamble Preamble to verify
434 * @param size Size of preamble buffer
435 * @param key Key to use to verify preamble
436 * @param wb Work buffer
437 * @return VB2_SUCCESS, or non-zero error code if error.
438 */
439 vb2_error_t vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble,
440 uint32_t size,
441 const struct vb2_public_key *key,
442 const struct vb2_workbuf *wb);
443
444 /**
445 * Get the flags for the kernel preamble.
446 *
447 * @param preamble Preamble to check
448 * @return Flags for the preamble. Old preamble versions (<2.2) return 0.
449 */
450 uint32_t vb2_kernel_get_flags(const struct vb2_kernel_preamble *preamble);
451
452 /**
453 * Verify a keyblock using its hash.
454 *
455 * Header fields are also checked for validity. Does not verify key index or key
456 * block flags. Use this for self-signed keyblocks in developer mode.
457 *
458 * @param block Keyblock to verify
459 * @param size Size of keyblock buffer
460 * @param key Key to use to verify block
461 * @param wb Work buffer
462 * @return VB2_SUCCESS, or non-zero error code if error.
463 */
464 vb2_error_t vb2_verify_keyblock_hash(const struct vb2_keyblock *block,
465 uint32_t size,
466 const struct vb2_workbuf *wb);
467
468 /**
469 * Check the validity of a kernel preamble using a public key.
470 *
471 * The signature in the preamble is destroyed during the check.
472 *
473 * @param preamble Preamble to verify
474 * @param size Size of preamble buffer
475 * @param key Key to use to verify preamble
476 * @param wb Work buffer
477 * @return VB2_SUCCESS, or non-zero error code if error.
478 */
479 vb2_error_t vb2_verify_kernel_preamble(struct vb2_kernel_preamble *preamble,
480 uint32_t size,
481 const struct vb2_public_key *key,
482 const struct vb2_workbuf *wb);
483
484 #endif /* VBOOT_REFERENCE_2COMMON_H_ */
485