OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * Data structure and API definitions for a verified boot kernel image. | 5 * Data structure and API definitions for a verified boot kernel image. |
6 * (Firmware Portion) | 6 * (Firmware Portion) |
7 */ | 7 */ |
8 | 8 |
9 #ifndef VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_ | 9 #ifndef VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_ |
10 #define VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_ | 10 #define VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_ |
11 | 11 |
12 #include <stdint.h> | 12 #include <stdint.h> |
13 | 13 |
14 #include "cryptolib.h" | 14 #include "cryptolib.h" |
15 | 15 |
16 #define KERNEL_MAGIC "CHROMEOS" | 16 #define KERNEL_MAGIC "CHROMEOS" |
17 #define KERNEL_MAGIC_SIZE 8 | 17 #define KERNEL_MAGIC_SIZE 8 |
18 #define KERNEL_CMD_LINE_SIZE 4096 | 18 #define KERNEL_CONFIG_SIZE 4096 |
19 | 19 |
20 #define DEV_MODE_ENABLED 1 | 20 #define DEV_MODE_ENABLED 1 |
21 #define DEV_MODE_DISABLED 0 | 21 #define DEV_MODE_DISABLED 0 |
22 | 22 |
23 /* Kernel config file options according to the Chrome OS drive map design. */ | |
24 typedef struct kconfig_options { | |
25 uint32_t version[2]; /* Configuration file version. */ | |
26 uint8_t cmd_line[KERNEL_CMD_LINE_SIZE]; /* Kernel command line option string | |
27 * terminated by a NULL character. */ | |
28 uint64_t kernel_len; /* Size of the kernel. */ | |
29 uint64_t kernel_load_addr; /* Load address in memory for the kernel image */ | |
30 uint64_t kernel_entry_addr; /* Address to jump to after kernel is loaded. */ | |
31 } kconfig_options; | |
32 | |
33 typedef struct KernelImage { | 23 typedef struct KernelImage { |
34 uint8_t magic[KERNEL_MAGIC_SIZE]; | 24 uint8_t magic[KERNEL_MAGIC_SIZE]; |
35 /* Key header */ | 25 /* Key header */ |
36 uint16_t header_version; /* Header version. */ | 26 uint16_t header_version; /* Header version. */ |
37 uint16_t header_len; /* Length of the header. */ | 27 uint16_t header_len; /* Length of the header. */ |
38 uint16_t firmware_sign_algorithm; /* Signature algorithm used by the firmware | 28 uint16_t firmware_sign_algorithm; /* Signature algorithm used by the firmware |
39 * signing key (used to sign this kernel | 29 * signing key (used to sign this kernel |
40 * header. */ | 30 * header. */ |
41 uint16_t kernel_sign_algorithm; /* Signature algorithm used by the kernel | 31 uint16_t kernel_sign_algorithm; /* Signature algorithm used by the kernel |
42 * signing key. */ | 32 * signing key. */ |
43 uint16_t kernel_key_version; /* Key Version# for preventing rollbacks. */ | 33 uint16_t kernel_key_version; /* Key Version# for preventing rollbacks. */ |
44 uint8_t* kernel_sign_key; /* Pre-processed public half of signing key. */ | 34 uint8_t* kernel_sign_key; /* Pre-processed public half of signing key. */ |
45 /* TODO(gauravsh): Do we need a choice of digest algorithms for the header | 35 /* TODO(gauravsh): Do we need a choice of digest algorithms for the header |
46 * checksum? */ | 36 * checksum? */ |
47 uint8_t header_checksum[SHA512_DIGEST_SIZE]; /* SHA-512 Crytographic hash of | 37 uint8_t header_checksum[SHA512_DIGEST_SIZE]; /* SHA-512 Crytographic hash of |
48 * the concatenation of the | 38 * the concatenation of the |
49 * header fields, i.e. | 39 * header fields, i.e. |
50 * [header_len, | 40 * [header_len, |
51 * firmware_sign_algorithm, | 41 * firmware_sign_algorithm, |
52 * sign_algorithm, sign_key, | 42 * sign_algorithm, sign_key, |
53 * key_version] */ | 43 * key_version] */ |
54 | 44 |
55 uint8_t* kernel_key_signature; /* Signature of the header above. */ | 45 uint8_t* kernel_key_signature; /* Signature of the header above. */ |
56 | 46 |
57 uint16_t kernel_version; /* Kernel Version# for preventing rollbacks. */ | 47 uint16_t kernel_version; /* Kernel Version# for preventing rollbacks. */ |
58 kconfig_options options; /* Other kernel/bootloader options. */ | 48 uint64_t kernel_len; /* Length of the actual kernel image. */ |
59 | 49 uint8_t* config_signature; /* Signature on the concatenation of |
60 uint8_t* config_signature; /* Signature of the kernel config file. */ | 50 * [kernel_version], [kernel_len] and |
61 | 51 * [kernel_config]. */ |
62 /* The kernel signature comes first as it may allow us to parallelize | 52 /* The kernel signature comes first as it may allow us to parallelize |
63 * the kernel data fetch and RSA public key operation. | 53 * the kernel data fetch and RSA public key operation. |
64 */ | 54 */ |
65 uint8_t* kernel_signature; /* Signature on the concatenation of | 55 uint8_t* kernel_signature; /* Signature on the concatenation of |
66 * [kernel_version], [options] and | 56 * [kernel_version], [kernel_len], [kernel_config] |
67 * [kernel_data]. */ | 57 * and [kernel_data]. */ |
| 58 /* The kernel config string is stored right before the kernel image data for |
| 59 * easy mapping while loading into the memory. */ |
| 60 uint8_t kernel_config[KERNEL_CONFIG_SIZE]; /* Kernel Config command line. */ |
68 uint8_t* kernel_data; /* Actual kernel data. */ | 61 uint8_t* kernel_data; /* Actual kernel data. */ |
69 | 62 |
70 } KernelImage; | 63 } KernelImage; |
71 | 64 |
72 /* Error Codes for VerifyFirmware. */ | 65 /* Error Codes for VerifyFirmware. */ |
73 #define VERIFY_KERNEL_SUCCESS 0 | 66 #define VERIFY_KERNEL_SUCCESS 0 |
74 #define VERIFY_KERNEL_INVALID_IMAGE 1 | 67 #define VERIFY_KERNEL_INVALID_IMAGE 1 |
75 #define VERIFY_KERNEL_KEY_SIGNATURE_FAILED 2 | 68 #define VERIFY_KERNEL_KEY_SIGNATURE_FAILED 2 |
76 #define VERIFY_KERNEL_INVALID_ALGORITHM 3 | 69 #define VERIFY_KERNEL_INVALID_ALGORITHM 3 |
77 #define VERIFY_KERNEL_CONFIG_SIGNATURE_FAILED 4 | 70 #define VERIFY_KERNEL_CONFIG_SIGNATURE_FAILED 4 |
78 #define VERIFY_KERNEL_SIGNATURE_FAILED 5 | 71 #define VERIFY_KERNEL_SIGNATURE_FAILED 5 |
79 #define VERIFY_KERNEL_WRONG_MAGIC 6 | 72 #define VERIFY_KERNEL_WRONG_MAGIC 6 |
80 #define VERIFY_KERNEL_MAX 7 /* Generic catch-all. */ | 73 #define VERIFY_KERNEL_MAX 7 /* Generic catch-all. */ |
81 | 74 |
82 extern char* kVerifyKernelErrors[VERIFY_KERNEL_MAX]; | 75 extern char* kVerifyKernelErrors[VERIFY_KERNEL_MAX]; |
83 | 76 |
| 77 /* Returns the length of the Kernel Verified Boot header excluding |
| 78 * [kernel_config] and [kernel_data]. |
| 79 * |
| 80 * This is always non-zero, so a return value of 0 signifies an error. |
| 81 */ |
| 82 uint64_t GetVBlockHeaderSize(const uint8_t* vkernel_blob); |
| 83 |
84 /* Checks for the sanity of the kernel header pointed by [kernel_header_blob]. | 84 /* Checks for the sanity of the kernel header pointed by [kernel_header_blob]. |
85 * If [dev_mode] is enabled, also checks the firmware key signature using the | 85 * If [dev_mode] is enabled, also checks the firmware key signature using the |
86 * pre-processed public firmware signing key [firmware_sign_key_blob]. | 86 * pre-processed public firmware signing key [firmware_sign_key_blob]. |
87 * | 87 * |
88 * On success, put firmware signature algorithm in [firmware_algorithm], | 88 * On success, put firmware signature algorithm in [firmware_algorithm], |
89 * kernel signature algorithm in [kernel_algorithm], kernel header | 89 * kernel signature algorithm in [kernel_algorithm], kernel header |
90 * length in [header_len], and return 0. | 90 * length in [header_len], and return 0. |
91 * Else, return error code on failure. | 91 * Else, return error code on failure. |
92 */ | 92 */ |
93 int VerifyKernelHeader(const uint8_t* firmware_sign_key_blob, | 93 int VerifyKernelHeader(const uint8_t* firmware_sign_key_blob, |
(...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
174 * BOOT_KERNEL_A_CONTINUE Boot from Kenrel A | 174 * BOOT_KERNEL_A_CONTINUE Boot from Kenrel A |
175 * BOOT_KERNEL_B_CONTINUE Boot from Kernel B | 175 * BOOT_KERNEL_B_CONTINUE Boot from Kernel B |
176 * BOOT_KERNEL_RECOVERY_CONTINUE Jump to recovery mode | 176 * BOOT_KERNEL_RECOVERY_CONTINUE Jump to recovery mode |
177 */ | 177 */ |
178 int VerifyKernelDriver_f(uint8_t* firmware_key_blob, | 178 int VerifyKernelDriver_f(uint8_t* firmware_key_blob, |
179 kernel_entry* kernelA, | 179 kernel_entry* kernelA, |
180 kernel_entry* kernelB, | 180 kernel_entry* kernelB, |
181 int dev_mode); | 181 int dev_mode); |
182 | 182 |
183 #endif /* VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_ */ | 183 #endif /* VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_ */ |
OLD | NEW |