Fix LoadKernel()

src/platform/vboot_reference/vboot_firmware/lib/load_kernel_fw.c

 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  *
  * Functions for loading a kernel from disk.
  * (Firmware portion)
  */
 
 #include "load_kernel_fw.h"
 
 #include "boot_device.h"
 #include "cgptlib.h"
 #include "kernel_image_fw.h"
 #include "rollback_index.h"
 #include "utility.h"
 
 #define GPT_ENTRIES_SIZE 16384 /* Bytes to read for GPT entries */
 
 // TODO: for testing
 #include <stdio.h>
+#include <inttypes.h>  /* For PRIu64 macro */
 #include "cgptlib_internal.h"
 
 /* TODO: Remove this terrible hack which fakes partition attributes
  * for the kernel partitions so that GptNextKernelEntry() won't
  * choke. */
 void FakePartitionAttributes(GptData* gpt) {
   GptEntry* entries = (GptEntry*)gpt->primary_entries;
   GptEntry* e;
   int i;
   printf("Hacking partition attributes...\n");
-  printf("Note that GUIDs below have first 3 fields endian-swapped\n");
 
   for (i = 0, e = entries; i < 12; i++, e++) {
 
-    printf("%2d %08x %04x %04x %02x %02x %02x %02x %02x %02x %02x %02x\n",
+    printf("%2d %08x %04x %04x %02x %02x %02x %02x %02x %02x %02x %02x",
            i,
            e->type.u.Uuid.time_low,
            e->type.u.Uuid.time_mid,
            e->type.u.Uuid.time_high_and_version,
            e->type.u.Uuid.clock_seq_high_and_reserved,
            e->type.u.Uuid.clock_seq_low,
            e->type.u.Uuid.node[0],
            e->type.u.Uuid.node[1],
            e->type.u.Uuid.node[2],
            e->type.u.Uuid.node[3],
            e->type.u.Uuid.node[4],
            e->type.u.Uuid.node[5]
            );
+    printf(" %8" PRIu64 " %8" PRIu64"\n", e->starting_lba,
+           e->ending_lba - e->starting_lba + 1);
     if (!IsKernelEntry(e))
       continue;
     printf("Hacking attributes for kernel partition %d\n", i);
     SetEntryPriority(e, 2);
     SetEntrySuccessful(e, 1);
   }
 }
 
 
 int AllocAndReadGptData(GptData *gptdata) {
@@ skipping 78 matching lines @@
   uint64_t blba = params->bytes_per_lba;
   uint8_t* kbuf = NULL;
   uint64_t kbuf_sectors;
   int found_partition = 0;
   int good_partition = -1;
   uint16_t tpm_kernel_key_version, tpm_kernel_version;
   uint16_t lowest_kernel_key_version = 0xFFFF;
   uint16_t lowest_kernel_version = 0xFFFF;
   KernelImage *kim = NULL;
 
+  /* Clear output params in case we fail */
+  params->partition_number = 0;
+  params->bootloader_address = 0;
+  params->bootloader_size = 0;
+
   /* Read current kernel key index from TPM.  Assumes TPM is already
    * initialized. */
   /* TODO: Is that a safe assumption?  Normally, SetupTPM() would be called
    * when the RW firmware is verified.  Is it harmful to call SetupTPM()
    * again if it's already initialized?  It'd be easier if we could just do
    * that. */
   GetStoredVersions(KERNEL_VERSIONS,
                     &tpm_kernel_key_version,
                     &tpm_kernel_version);
 
   do {
     /* Read GPT data */
     gpt.sector_bytes = blba;
     gpt.drive_sectors = params->ending_lba + 1;
     if (0 != AllocAndReadGptData(&gpt))
       break;
 
-    fprintf(stderr, "RRS1\n");
-
     /* Initialize GPT library */
     if (GPT_SUCCESS != GptInit(&gpt))
       break;
 
     /* TODO: TERRIBLE KLUDGE - fake partition attributes */
     FakePartitionAttributes(&gpt);
 
     /* Allocate kernel header and image work buffers */
     kbuf = (uint8_t*)Malloc(KBUF_SIZE);
     if (!kbuf)
       break;
 
     kbuf_sectors = KBUF_SIZE / blba;
     kim = (KernelImage*)Malloc(sizeof(KernelImage));
     if (!kim)
       break;
 
-    fprintf(stderr, "RRS2\n");
-
     /* Loop over candidate kernel partitions */
     while (GPT_SUCCESS == GptNextKernelEntry(&gpt, &part_start, &part_size)) {
       RSAPublicKey *kernel_sign_key = NULL;
       int kernel_start, kernel_sectors;
 
-      fprintf(stderr, "RRS3\n");
-
       /* Found at least one kernel partition. */
       found_partition = 1;
 
       /* Read the first part of the kernel partition  */
       if (part_size < kbuf_sectors)
         continue;
       if (0 != BootDeviceReadLBA(part_start, kbuf_sectors, kbuf))
         continue;
 
-      fprintf(stderr, "RRS4\n");
-
       /* Verify the kernel header and preamble */
       if (VERIFY_KERNEL_SUCCESS != VerifyKernelHeader(
               params->header_sign_key_blob,
               kbuf,
               KBUF_SIZE,
               (BOOT_MODE_DEVELOPER == params->boot_mode ? 1 : 0),
               kim,
               &kernel_sign_key)) {
         continue;
       }
 
-      fprintf(stderr, "RRS5\n");
+      printf("Kernel header:\n");
+      printf("header version:     %d\n", kim->header_version);
+      printf("header len:         %d\n", kim->header_len);
+      printf("firmware sign alg:  %d\n", kim->firmware_sign_algorithm);
+      printf("kernel sign alg:    %d\n", kim->kernel_sign_algorithm);
+      printf("kernel key version: %d\n", kim->kernel_key_version);
+      printf("kernel version:     %d\n", kim->kernel_version);
+      printf("kernel len:         %" PRIu64 "\n", kim->kernel_len);
+      printf("bootloader addr:    %" PRIu64 "\n", kim->bootloader_offset);
+      printf("bootloader size:    %" PRIu64 "\n", kim->bootloader_size);
+      printf("padded header size: %" PRIu64 "\n", kim->padded_header_size);
 
       /* Check for rollback of key version */
       if (kim->kernel_key_version < tpm_kernel_key_version) {
         RSAPublicKeyFree(kernel_sign_key);
         continue;
       }
 
       /* Check for rollback of kernel version */
       if (kim->kernel_key_version == tpm_kernel_key_version &&
            kim->kernel_version < tpm_kernel_version) {
@@ skipping 38 matching lines @@
       }
 
       /* Done with the kernel signing key, so can free it now */
       RSAPublicKeyFree(kernel_sign_key);
 
       /* If we're still here, the kernel is valid. */
       /* Save the first good partition we find; that's the one we'll boot */
       if (-1 == good_partition) {
         good_partition = gpt.current_kernel;
         params->partition_number = gpt.current_kernel;
-        params->bootloader_start = (uint8_t*)params->kernel_buffer +
-            kim->bootloader_offset;
+        params->bootloader_address = kim->bootloader_offset;
         params->bootloader_size = kim->bootloader_size;
 
         /* If the good partition's key version is the same as the tpm, then
          * the TPM doesn't need updating; we can stop now.  Otherwise, we'll
          * check all the other headers to see if they contain a newer key. */
         if (kim->kernel_key_version == tpm_kernel_key_version &&
             kim->kernel_version == tpm_kernel_version)
           break;
       }
     } /* while(GptNextKernelEntry) */
@@ skipping 38 matching lines @@
 
   // Handle error cases
   if (found_partition)
     return LOAD_KERNEL_INVALID;
   else
     return LOAD_KERNEL_NOT_FOUND;
   /* TODO: no error code for "internal error", but what would the firmware do
    * with that anyway?  So in the do-while(0) code above, the firmware just
    * does 'break' to indicate an internal error... */
 }