OLD | NEW |
---|---|
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * High-level firmware API for loading and verifying rewritable firmware. | 5 * High-level firmware API for loading and verifying rewritable firmware. |
6 * (Firmware portion) | 6 * (Firmware portion) |
7 */ | 7 */ |
8 | 8 |
9 #include "load_firmware_fw.h" | 9 #include "load_firmware_fw.h" |
10 #include "rollback_index.h" | 10 #include "rollback_index.h" |
(...skipping 23 matching lines...) Expand all Loading... | |
34 int LoadFirmware(LoadFirmwareParams* params) { | 34 int LoadFirmware(LoadFirmwareParams* params) { |
35 | 35 |
36 VbPublicKey* root_key = (VbPublicKey*)params->firmware_root_key_blob; | 36 VbPublicKey* root_key = (VbPublicKey*)params->firmware_root_key_blob; |
37 VbLoadFirmwareInternal* lfi; | 37 VbLoadFirmwareInternal* lfi; |
38 | 38 |
39 uint16_t tpm_key_version = 0; | 39 uint16_t tpm_key_version = 0; |
40 uint16_t tpm_fw_version = 0; | 40 uint16_t tpm_fw_version = 0; |
41 uint64_t lowest_key_version = 0xFFFF; | 41 uint64_t lowest_key_version = 0xFFFF; |
42 uint64_t lowest_fw_version = 0xFFFF; | 42 uint64_t lowest_fw_version = 0xFFFF; |
43 uint32_t status; | 43 uint32_t status; |
44 int is_dev = (BOOT_FLAG_DEVELOPER & params->boot_flags ? 1 : 0); | |
45 int good_index = -1; | 44 int good_index = -1; |
46 int index; | 45 int index; |
47 | 46 |
48 /* Clear output params in case we fail */ | 47 /* Clear output params in case we fail */ |
49 params->firmware_index = 0; | 48 params->firmware_index = 0; |
50 | 49 |
51 VBDEBUG(("LoadFirmware started...\n")); | 50 VBDEBUG(("LoadFirmware started...\n")); |
52 | 51 |
53 if (params->kernel_sign_key_size < sizeof(VbPublicKey)) { | 52 if (params->kernel_sign_key_size < sizeof(VbPublicKey)) { |
54 VBDEBUG(("Kernel sign key buffer too small\n")); | 53 VBDEBUG(("Kernel sign key buffer too small\n")); |
55 return LOAD_FIRMWARE_RECOVERY; | 54 return LOAD_FIRMWARE_RECOVERY; |
56 } | 55 } |
57 | 56 |
58 /* Must have a root key */ | 57 /* Must have a root key */ |
59 if (!root_key) { | 58 if (!root_key) { |
60 VBDEBUG(("No root key\n")); | 59 VBDEBUG(("No root key\n")); |
61 return LOAD_FIRMWARE_RECOVERY; | 60 return LOAD_FIRMWARE_RECOVERY; |
62 } | 61 } |
63 | 62 |
64 /* Initialize the TPM and read rollback indices. */ | 63 /* Initialize the TPM and read rollback indices. */ |
65 if (!is_dev) { | 64 status = RollbackFirmwareSetup(params->boot_flags & BOOT_FLAG_DEVELOPER); |
66 /* TODO: should use the TPM all the time; for now, only use when | 65 if (0 != status) { |
67 * not in developer mode. */ | 66 VBDEBUG(("Unable to setup TPM.\n")); |
semenzato
2010/08/05 19:50:53
This message may be too scary when the firmware is
| |
68 status = RollbackFirmwareSetup(params->boot_flags & BOOT_FLAG_DEVELOPER); | 67 return (status == TPM_E_MUST_REBOOT ? |
69 if (0 != status) { | 68 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); |
70 VBDEBUG(("Unable to setup TPM.\n")); | 69 } |
71 return (status == TPM_E_MUST_REBOOT ? | 70 status = RollbackFirmwareRead(&tpm_key_version, &tpm_fw_version); |
72 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); | 71 if (0 != status) { |
73 } | 72 VBDEBUG(("Unable to read stored versions.\n")); |
74 status = RollbackFirmwareRead(&tpm_key_version, &tpm_fw_version); | 73 return (status == TPM_E_MUST_REBOOT ? |
75 if (0 != status) { | 74 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); |
76 VBDEBUG(("Unable to read stored versions.\n")); | |
77 return (status == TPM_E_MUST_REBOOT ? | |
78 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); | |
79 } | |
80 } | 75 } |
81 | 76 |
82 /* Allocate our internal data */ | 77 /* Allocate our internal data */ |
83 lfi = (VbLoadFirmwareInternal*)Malloc(sizeof(VbLoadFirmwareInternal)); | 78 lfi = (VbLoadFirmwareInternal*)Malloc(sizeof(VbLoadFirmwareInternal)); |
84 if (!lfi) | 79 if (!lfi) |
85 return LOAD_FIRMWARE_RECOVERY; | 80 return LOAD_FIRMWARE_RECOVERY; |
86 params->load_firmware_internal = (uint8_t*)lfi; | 81 params->load_firmware_internal = (uint8_t*)lfi; |
87 | 82 |
88 /* Loop over indices */ | 83 /* Loop over indices */ |
89 for (index = 0; index < 2; index++) { | 84 for (index = 0; index < 2; index++) { |
(...skipping 133 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
223 params->load_firmware_internal = NULL; | 218 params->load_firmware_internal = NULL; |
224 | 219 |
225 /* Handle finding good firmware */ | 220 /* Handle finding good firmware */ |
226 if (good_index >= 0) { | 221 if (good_index >= 0) { |
227 | 222 |
228 /* Update TPM if necessary */ | 223 /* Update TPM if necessary */ |
229 if ((lowest_key_version > tpm_key_version) || | 224 if ((lowest_key_version > tpm_key_version) || |
230 (lowest_key_version == tpm_key_version && | 225 (lowest_key_version == tpm_key_version && |
231 lowest_fw_version > tpm_fw_version)) { | 226 lowest_fw_version > tpm_fw_version)) { |
232 | 227 |
233 if (!is_dev) { | 228 status = RollbackFirmwareWrite((uint16_t)lowest_key_version, |
234 /* TODO: should use the TPM all the time; for now, only use | 229 (uint16_t)lowest_fw_version); |
235 * when not in developer mode. */ | |
236 status = RollbackFirmwareWrite((uint16_t)lowest_key_version, | |
237 (uint16_t)lowest_fw_version); | |
238 if (0 != status) { | |
239 VBDEBUG(("Unable to write stored versions.\n")); | |
240 return (status == TPM_E_MUST_REBOOT ? | |
241 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); | |
242 } | |
243 } | |
244 } | |
245 | |
246 if (!is_dev) { | |
247 /* TODO: should use the TPM all the time; for now, only use | |
248 * when not in developer mode. */ | |
249 /* Lock firmware versions in TPM */ | |
250 status = RollbackFirmwareLock(); | |
251 if (0 != status) { | 230 if (0 != status) { |
252 VBDEBUG(("Unable to lock firmware versions.\n")); | 231 VBDEBUG(("Unable to write stored versions.\n")); |
253 return (status == TPM_E_MUST_REBOOT ? | 232 return (status == TPM_E_MUST_REBOOT ? |
254 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); | 233 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); |
255 } | 234 } |
256 } | 235 } |
257 | 236 |
237 /* Lock firmware versions in TPM */ | |
238 status = RollbackFirmwareLock(); | |
239 if (0 != status) { | |
240 VBDEBUG(("Unable to lock firmware versions.\n")); | |
241 return (status == TPM_E_MUST_REBOOT ? | |
242 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); | |
243 } | |
244 | |
258 /* Success */ | 245 /* Success */ |
259 VBDEBUG(("Will boot firmware index %d\n", (int)params->firmware_index)); | 246 VBDEBUG(("Will boot firmware index %d\n", (int)params->firmware_index)); |
260 return LOAD_FIRMWARE_SUCCESS; | 247 return LOAD_FIRMWARE_SUCCESS; |
261 } | 248 } |
262 | 249 |
263 /* If we're still here, no good firmware, so go to recovery mode. */ | 250 /* If we're still here, no good firmware, so go to recovery mode. */ |
264 VBDEBUG(("Alas, no good firmware.\n")); | 251 VBDEBUG(("Alas, no good firmware.\n")); |
265 return LOAD_FIRMWARE_RECOVERY; | 252 return LOAD_FIRMWARE_RECOVERY; |
266 } | 253 } |
OLD | NEW |