diff options
author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2023-04-15 03:11:27 +0000 |
---|---|---|
committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2023-04-15 03:11:27 +0000 |
commit | 386fb90492db3bd6bc484a579bcde5b43a2a0292 (patch) | |
tree | 061be807b5ce85bdebff64dbc1e93638411f2475 | |
parent | d21a8afcacf844bf99e6d35be10ed863530dd1c8 (diff) | |
parent | de34939838d5b7d668167672f04c6143fc7af6f4 (diff) | |
download | avb-386fb90492db3bd6bc484a579bcde5b43a2a0292.tar.gz |
Snap for 9947982 from de34939838d5b7d668167672f04c6143fc7af6f4 to udc-releaseandroid-vts-14.0_r1android-security-14.0.0_r9android-security-14.0.0_r8android-security-14.0.0_r7android-security-14.0.0_r6android-security-14.0.0_r5android-security-14.0.0_r4android-security-14.0.0_r3android-security-14.0.0_r2android-security-14.0.0_r1android-platform-14.0.0_r8android-platform-14.0.0_r7android-platform-14.0.0_r6android-platform-14.0.0_r5android-platform-14.0.0_r4android-platform-14.0.0_r3android-platform-14.0.0_r2android-platform-14.0.0_r1android-cts-14.0_r1android-14.0.0_r28android-14.0.0_r2android-14.0.0_r15android-14.0.0_r14android-14.0.0_r13android-14.0.0_r1android14-security-releaseandroid14-s2-releaseandroid14-s1-releaseandroid14-releaseandroid14-platform-release
Change-Id: Ia2e436e5b4070eb8a6048e73c8ae40dcb65992b7
-rw-r--r-- | boot_control/boot_control_avb.c | 2 | ||||
-rw-r--r-- | examples/uefi/main.c | 7 | ||||
-rw-r--r-- | examples/uefi/uefi_avb_boot.c | 3 | ||||
-rw-r--r-- | libavb/avb_slot_verify.c | 193 | ||||
-rw-r--r-- | libavb/avb_sysdeps.h | 9 | ||||
-rw-r--r-- | libavb/avb_sysdeps_posix.c | 7 | ||||
-rw-r--r-- | libavb/avb_util.h | 129 | ||||
-rw-r--r-- | libavb_ab/avb_ab_flow.c | 26 | ||||
-rw-r--r-- | libavb_user/avb_ops_user.cpp | 10 | ||||
-rw-r--r-- | libavb_user/avb_user_verification.c | 32 | ||||
-rw-r--r-- | libavb_user/avb_user_verity.c | 32 | ||||
-rw-r--r-- | test/avb_sysdeps_posix_testing.cc | 7 |
12 files changed, 211 insertions, 246 deletions
diff --git a/boot_control/boot_control_avb.c b/boot_control/boot_control_avb.c index a4bdfe9..34bf13d 100644 --- a/boot_control/boot_control_avb.c +++ b/boot_control/boot_control_avb.c @@ -58,7 +58,7 @@ static unsigned int module_getCurrentSlot(boot_control_module_t* module) { } else if (strcmp(propbuf, "_b") == 0) { return 1; } else { - avb_errorv("Unexpected slot suffix '", propbuf, "'.\n", NULL); + avb_error("Unexpected slot suffix '", propbuf, "'.\n"); return 0; } return 0; diff --git a/examples/uefi/main.c b/examples/uefi/main.c index 01dae48..887ac08 100644 --- a/examples/uefi/main.c +++ b/examples/uefi/main.c @@ -103,10 +103,9 @@ EFI_STATUS EFIAPI efi_main(EFI_HANDLE ImageHandle, } boot_result = uefi_avb_boot_kernel(ImageHandle, slot_data, additional_cmdline); - avb_fatalv("uefi_avb_boot_kernel() failed with error ", - uefi_avb_boot_kernel_result_to_string(boot_result), - "\n", - NULL); + avb_fatal("uefi_avb_boot_kernel() failed with error ", + uefi_avb_boot_kernel_result_to_string(boot_result), + "\n"); avb_slot_verify_data_free(slot_data); avb_free(additional_cmdline); break; diff --git a/examples/uefi/uefi_avb_boot.c b/examples/uefi/uefi_avb_boot.c index 800c9a1..d79d899 100644 --- a/examples/uefi/uefi_avb_boot.c +++ b/examples/uefi/uefi_avb_boot.c @@ -142,8 +142,7 @@ UEFIAvbBootKernelResult uefi_avb_boot_kernel(EFI_HANDLE efi_image_handle, boot = &slot_data->loaded_partitions[0]; if (avb_strcmp(boot->partition_name, "boot") != 0) { - avb_errorv( - "Unexpected partition name '", boot->partition_name, "'.\n", NULL); + avb_error("Unexpected partition name '", boot->partition_name, "'.\n"); ret = UEFI_AVB_BOOT_KERNEL_RESULT_ERROR_PARTITION_INVALID_FORMAT; goto out; } diff --git a/libavb/avb_slot_verify.c b/libavb/avb_slot_verify.c index a548c80..3f6007d 100644 --- a/libavb/avb_slot_verify.c +++ b/libavb/avb_slot_verify.c @@ -92,7 +92,7 @@ static AvbSlotVerifyResult load_full_partition(AvbOps* ops, /* We are going to implicitly cast image_size from uint64_t to size_t in the * following code, so we need to make sure that the cast is safe. */ if (image_size != (size_t)(image_size)) { - avb_errorv(part_name, ": Partition size too large to load.\n", NULL); + avb_error(part_name, ": Partition size too large to load.\n"); return AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; } @@ -103,14 +103,14 @@ static AvbSlotVerifyResult load_full_partition(AvbOps* ops, if (io_ret == AVB_IO_RESULT_ERROR_OOM) { return AVB_SLOT_VERIFY_RESULT_ERROR_OOM; } else if (io_ret != AVB_IO_RESULT_OK) { - avb_errorv(part_name, ": Error loading data from partition.\n", NULL); + avb_error(part_name, ": Error loading data from partition.\n"); return AVB_SLOT_VERIFY_RESULT_ERROR_IO; } if (*out_image_buf != NULL) { *out_image_preloaded = true; if (part_num_read != image_size) { - avb_errorv(part_name, ": Read incorrect number of bytes.\n", NULL); + avb_error(part_name, ": Read incorrect number of bytes.\n"); return AVB_SLOT_VERIFY_RESULT_ERROR_IO; } } @@ -132,11 +132,11 @@ static AvbSlotVerifyResult load_full_partition(AvbOps* ops, if (io_ret == AVB_IO_RESULT_ERROR_OOM) { return AVB_SLOT_VERIFY_RESULT_ERROR_OOM; } else if (io_ret != AVB_IO_RESULT_OK) { - avb_errorv(part_name, ": Error loading data from partition.\n", NULL); + avb_error(part_name, ": Error loading data from partition.\n"); return AVB_SLOT_VERIFY_RESULT_ERROR_IO; } if (part_num_read != image_size) { - avb_errorv(part_name, ": Read incorrect number of bytes.\n", NULL); + avb_error(part_name, ": Read incorrect number of bytes.\n"); return AVB_SLOT_VERIFY_RESULT_ERROR_IO; } } @@ -170,7 +170,7 @@ static AvbSlotVerifyResult read_persistent_digest(AvbOps* ops, size_t stored_digest_size = 0; if (ops->read_persistent_value == NULL) { - avb_errorv(part_name, ": Persistent values are not implemented.\n", NULL); + avb_error(part_name, ": Persistent values are not implemented.\n"); return AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; } persistent_value_name = @@ -207,19 +207,17 @@ static AvbSlotVerifyResult read_persistent_digest(AvbOps* ops, } else if (io_ret == AVB_IO_RESULT_ERROR_NO_SUCH_VALUE) { // Treat a missing persistent value as a verification error, which is // ignoreable, rather than a metadata error which is not. - avb_errorv(part_name, ": Persistent digest does not exist.\n", NULL); + avb_error(part_name, ": Persistent digest does not exist.\n"); return AVB_SLOT_VERIFY_RESULT_ERROR_VERIFICATION; } else if (io_ret == AVB_IO_RESULT_ERROR_INVALID_VALUE_SIZE || io_ret == AVB_IO_RESULT_ERROR_INSUFFICIENT_SPACE) { - avb_errorv( - part_name, ": Persistent digest is not of expected size.\n", NULL); + avb_error(part_name, ": Persistent digest is not of expected size.\n"); return AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; } else if (io_ret != AVB_IO_RESULT_OK) { - avb_errorv(part_name, ": Error reading persistent digest.\n", NULL); + avb_error(part_name, ": Error reading persistent digest.\n"); return AVB_SLOT_VERIFY_RESULT_ERROR_IO; } else if (expected_digest_size != stored_digest_size) { - avb_errorv( - part_name, ": Persistent digest is not of expected size.\n", NULL); + avb_error(part_name, ": Persistent digest is not of expected size.\n"); return AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; } return AVB_SLOT_VERIFY_RESULT_OK; @@ -245,23 +243,21 @@ static AvbSlotVerifyResult initialize_persistent_digest( } if (is_device_unlocked) { - avb_debugv(part_name, - ": Digest does not exist, device unlocked so not initializing " - "digest.\n", - NULL); + avb_debug(part_name, + ": Digest does not exist, device unlocked so not initializing " + "digest.\n"); return AVB_SLOT_VERIFY_RESULT_ERROR_VERIFICATION; } // Device locked; initialize digest with given initial value. - avb_debugv(part_name, - ": Digest does not exist, initializing persistent digest.\n", - NULL); + avb_debug(part_name, + ": Digest does not exist, initializing persistent digest.\n"); io_ret = ops->write_persistent_value( ops, persistent_value_name, digest_size, initial_digest); if (io_ret == AVB_IO_RESULT_ERROR_OOM) { return AVB_SLOT_VERIFY_RESULT_ERROR_OOM; } else if (io_ret != AVB_IO_RESULT_OK) { - avb_errorv(part_name, ": Error initializing persistent digest.\n", NULL); + avb_error(part_name, ": Error initializing persistent digest.\n"); return AVB_SLOT_VERIFY_RESULT_ERROR_IO; } @@ -271,9 +267,8 @@ static AvbSlotVerifyResult initialize_persistent_digest( // initial_digest ensures that this will not recurse again. ret = read_persistent_digest(ops, part_name, digest_size, NULL, out_digest); if (ret != AVB_SLOT_VERIFY_RESULT_OK) { - avb_errorv(part_name, - ": Reading back initialized persistent digest failed!\n", - NULL); + avb_error(part_name, + ": Reading back initialized persistent digest failed!\n"); } return ret; } @@ -376,11 +371,11 @@ static AvbSlotVerifyResult load_and_verify_hash_partition( ret = AVB_SLOT_VERIFY_RESULT_ERROR_OOM; goto out; } else if (io_ret != AVB_IO_RESULT_OK) { - avb_errorv(part_name, ": Error determining partition size.\n", NULL); + avb_error(part_name, ": Error determining partition size.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_IO; goto out; } - avb_debugv(part_name, ": Loading entire partition.\n", NULL); + avb_debug(part_name, ": Loading entire partition.\n"); } ret = load_full_partition( @@ -412,14 +407,14 @@ static AvbSlotVerifyResult load_and_verify_hash_partition( digest = avb_sha512_final(&sha512_ctx); digest_len = AVB_SHA512_DIGEST_SIZE; } else { - avb_errorv(part_name, ": Unsupported hash algorithm.\n", NULL); + avb_error(part_name, ": Unsupported hash algorithm.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; goto out; } if (hash_desc.digest_len == 0) { /* Expect a match to a persistent digest. */ - avb_debugv(part_name, ": No digest, using persistent digest.\n", NULL); + avb_debug(part_name, ": No digest, using persistent digest.\n"); expected_digest_len = digest_len; expected_digest = expected_digest_buf; avb_assert(expected_digest_len <= sizeof(expected_digest_buf)); @@ -438,16 +433,14 @@ static AvbSlotVerifyResult load_and_verify_hash_partition( } if (digest_len != expected_digest_len) { - avb_errorv( - part_name, ": Digest in descriptor not of expected size.\n", NULL); + avb_error(part_name, ": Digest in descriptor not of expected size.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; goto out; } if (avb_safe_memcmp(digest, expected_digest, digest_len) != 0) { - avb_errorv(part_name, - ": Hash of data does not match digest in descriptor.\n", - NULL); + avb_error(part_name, + ": Hash of data does not match digest in descriptor.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_VERIFICATION; goto out; } @@ -461,7 +454,7 @@ out: image_buf != NULL) { AvbPartitionData* loaded_partition; if (slot_data->num_loaded_partitions == MAX_NUMBER_OF_LOADED_PARTITIONS) { - avb_errorv(part_name, ": Too many loaded partitions.\n", NULL); + avb_error(part_name, ": Too many loaded partitions.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_OOM; goto fail; } @@ -514,11 +507,11 @@ static AvbSlotVerifyResult load_requested_partitions( ret = AVB_SLOT_VERIFY_RESULT_ERROR_OOM; goto out; } else if (io_ret != AVB_IO_RESULT_OK) { - avb_errorv(part_name, ": Error determining partition size.\n", NULL); + avb_error(part_name, ": Error determining partition size.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_IO; goto out; } - avb_debugv(part_name, ": Loading entire partition.\n", NULL); + avb_debug(part_name, ": Loading entire partition.\n"); ret = load_full_partition( ops, part_name, image_size, &image_buf, &image_preloaded); @@ -528,7 +521,7 @@ static AvbSlotVerifyResult load_requested_partitions( /* Move to slot_data. */ if (slot_data->num_loaded_partitions == MAX_NUMBER_OF_LOADED_PARTITIONS) { - avb_errorv(part_name, ": Too many loaded partitions.\n", NULL); + avb_error(part_name, ": Too many loaded partitions.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_OOM; goto out; } @@ -656,7 +649,7 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( ret = AVB_SLOT_VERIFY_RESULT_ERROR_OOM; goto out; } else if (io_ret != AVB_IO_RESULT_OK) { - avb_errorv(full_partition_name, ": Error loading footer.\n", NULL); + avb_error(full_partition_name, ": Error loading footer.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_IO; goto out; } @@ -664,12 +657,11 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( if (!avb_footer_validate_and_byteswap((const AvbFooter*)footer_buf, &footer)) { - avb_debugv(full_partition_name, ": No footer detected.\n", NULL); + avb_debug(full_partition_name, ": No footer detected.\n"); } else { /* Basic footer sanity check since the data is untrusted. */ if (footer.vbmeta_size > VBMETA_MAX_SIZE) { - avb_errorv( - full_partition_name, ": Invalid vbmeta size in footer.\n", NULL); + avb_error(full_partition_name, ": Invalid vbmeta size in footer.\n"); } else { vbmeta_offset = footer.vbmeta_offset; vbmeta_size = footer.vbmeta_size; @@ -681,13 +673,12 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( ops->get_size_of_partition(ops, full_partition_name, &partition_size); if (io_ret == AVB_IO_RESULT_OK) { if (partition_size < vbmeta_size && partition_size > 0) { - avb_debugv(full_partition_name, - ": Using partition size as vbmeta size\n", - NULL); + avb_debug(full_partition_name, + ": Using partition size as vbmeta size\n"); vbmeta_size = partition_size; } } else { - avb_debugv(full_partition_name, ": Failed to get partition size\n", NULL); + avb_debug(full_partition_name, ": Failed to get partition size\n"); // libavb might fall back to other partitions if current vbmeta partition // isn't found. So AVB_IO_RESULT_ERROR_NO_SUCH_PARTITION is recoverable, // but other errors are not. @@ -711,15 +702,13 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( } if (vbmeta_offset != 0) { - avb_debugv("Loading vbmeta struct in footer from partition '", - full_partition_name, - "'.\n", - NULL); + avb_debug("Loading vbmeta struct in footer from partition '", + full_partition_name, + "'.\n"); } else { - avb_debugv("Loading vbmeta struct from partition '", - full_partition_name, - "'.\n", - NULL); + avb_debug("Loading vbmeta struct from partition '", + full_partition_name, + "'.\n"); } io_ret = ops->read_from_partition(ops, @@ -738,9 +727,8 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( */ if (is_main_vbmeta && io_ret == AVB_IO_RESULT_ERROR_NO_SUCH_PARTITION && !look_for_vbmeta_footer) { - avb_debugv(full_partition_name, - ": No such partition. Trying 'boot' instead.\n", - NULL); + avb_debug(full_partition_name, + ": No such partition. Trying 'boot' instead.\n"); ret = load_and_verify_vbmeta(ops, requested_partitions, ab_suffix, @@ -757,7 +745,7 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( out_additional_cmdline_subst); goto out; } else { - avb_errorv(full_partition_name, ": Error loading vbmeta data.\n", NULL); + avb_error(full_partition_name, ": Error loading vbmeta data.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_IO; goto out; } @@ -778,11 +766,10 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( case AVB_VBMETA_VERIFY_RESULT_HASH_MISMATCH: case AVB_VBMETA_VERIFY_RESULT_SIGNATURE_MISMATCH: ret = AVB_SLOT_VERIFY_RESULT_ERROR_VERIFICATION; - avb_errorv(full_partition_name, - ": Error verifying vbmeta image: ", - avb_vbmeta_verify_result_to_string(vbmeta_ret), - "\n", - NULL); + avb_error(full_partition_name, + ": Error verifying vbmeta image: ", + avb_vbmeta_verify_result_to_string(vbmeta_ret), + "\n"); if (!allow_verification_error) { goto out; } @@ -791,17 +778,15 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( case AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER: /* No way to continue this case. */ ret = AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; - avb_errorv(full_partition_name, - ": Error verifying vbmeta image: invalid vbmeta header\n", - NULL); + avb_error(full_partition_name, + ": Error verifying vbmeta image: invalid vbmeta header\n"); goto out; case AVB_VBMETA_VERIFY_RESULT_UNSUPPORTED_VERSION: /* No way to continue this case. */ ret = AVB_SLOT_VERIFY_RESULT_ERROR_UNSUPPORTED_VERSION; - avb_errorv(full_partition_name, - ": Error verifying vbmeta image: unsupported AVB version\n", - NULL); + avb_error(full_partition_name, + ": Error verifying vbmeta image: unsupported AVB version\n"); goto out; } @@ -815,9 +800,8 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( } else { if (vbmeta_header.flags != 0) { ret = AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; - avb_errorv(full_partition_name, - ": chained vbmeta image has non-zero flags\n", - NULL); + avb_error(full_partition_name, + ": chained vbmeta image has non-zero flags\n"); goto out; } } @@ -833,10 +817,9 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( avb_assert(!is_main_vbmeta); if (expected_public_key_length != pk_len || avb_safe_memcmp(expected_public_key, pk_data, pk_len) != 0) { - avb_errorv(full_partition_name, - ": Public key used to sign data does not match key in chain " - "partition descriptor.\n", - NULL); + avb_error(full_partition_name, + ": Public key used to sign data does not match key in chain " + "partition descriptor.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_PUBLIC_KEY_REJECTED; if (!allow_verification_error) { goto out; @@ -879,16 +862,14 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( ret = AVB_SLOT_VERIFY_RESULT_ERROR_OOM; goto out; } else if (io_ret != AVB_IO_RESULT_OK) { - avb_errorv(full_partition_name, - ": Error while checking public key used to sign data.\n", - NULL); + avb_error(full_partition_name, + ": Error while checking public key used to sign data.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_IO; goto out; } if (!key_is_trusted) { - avb_errorv(full_partition_name, - ": Public key used to sign data rejected.\n", - NULL); + avb_error(full_partition_name, + ": Public key used to sign data rejected.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_PUBLIC_KEY_REJECTED; if (!allow_verification_error) { goto out; @@ -904,17 +885,15 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( ret = AVB_SLOT_VERIFY_RESULT_ERROR_OOM; goto out; } else if (io_ret != AVB_IO_RESULT_OK) { - avb_errorv(full_partition_name, - ": Error getting rollback index for location.\n", - NULL); + avb_error(full_partition_name, + ": Error getting rollback index for location.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_IO; goto out; } if (vbmeta_header.rollback_index < stored_rollback_index) { - avb_errorv( + avb_error( full_partition_name, - ": Image rollback index is less than the stored rollback index.\n", - NULL); + ": Image rollback index is less than the stored rollback index.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_ROLLBACK_INDEX; if (!allow_verification_error) { goto out; @@ -930,7 +909,7 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( } } if (slot_data->num_vbmeta_images == MAX_NUMBER_OF_VBMETA_IMAGES) { - avb_errorv(full_partition_name, ": Too many vbmeta images.\n", NULL); + avb_error(full_partition_name, ": Too many vbmeta images.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_OOM; goto out; } @@ -954,8 +933,7 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( */ if (vbmeta_header.flags & AVB_VBMETA_IMAGE_FLAGS_VERIFICATION_DISABLED) { AvbSlotVerifyResult sub_ret; - avb_debugv( - full_partition_name, ": VERIFICATION_DISABLED bit is set.\n", NULL); + avb_debug(full_partition_name, ": VERIFICATION_DISABLED bit is set.\n"); /* If load_requested_partitions() fail it is always a fatal * failure (e.g. ERROR_INVALID_ARGUMENT, ERROR_OOM, etc.) rather * than recoverable (e.g. one where result_should_continue() @@ -988,7 +966,7 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( AvbDescriptor desc; if (!avb_descriptor_validate_and_byteswap(descriptors[n], &desc)) { - avb_errorv(full_partition_name, ": Descriptor is invalid.\n", NULL); + avb_error(full_partition_name, ": Descriptor is invalid.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; goto out; } @@ -1018,27 +996,24 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( /* Only allow CHAIN_PARTITION descriptors in the main vbmeta image. */ if (!is_main_vbmeta) { - avb_errorv(full_partition_name, - ": Encountered chain descriptor not in main image.\n", - NULL); + avb_error(full_partition_name, + ": Encountered chain descriptor not in main image.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; goto out; } if (!avb_chain_partition_descriptor_validate_and_byteswap( (AvbChainPartitionDescriptor*)descriptors[n], &chain_desc)) { - avb_errorv(full_partition_name, - ": Chain partition descriptor is invalid.\n", - NULL); + avb_error(full_partition_name, + ": Chain partition descriptor is invalid.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; goto out; } if (chain_desc.rollback_index_location == 0) { - avb_errorv(full_partition_name, - ": Chain partition has invalid " - "rollback_index_location field.\n", - NULL); + avb_error(full_partition_name, + ": Chain partition has invalid " + "rollback_index_location field.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; goto out; } @@ -1078,9 +1053,8 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( if (!avb_kernel_cmdline_descriptor_validate_and_byteswap( (AvbKernelCmdlineDescriptor*)descriptors[n], &kernel_cmdline_desc)) { - avb_errorv(full_partition_name, - ": Kernel cmdline descriptor is invalid.\n", - NULL); + avb_error(full_partition_name, + ": Kernel cmdline descriptor is invalid.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; goto out; } @@ -1090,9 +1064,8 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( if (!avb_validate_utf8(kernel_cmdline, kernel_cmdline_desc.kernel_cmdline_length)) { - avb_errorv(full_partition_name, - ": Kernel cmdline is not valid UTF-8.\n", - NULL); + avb_error(full_partition_name, + ": Kernel cmdline is not valid UTF-8.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; goto out; } @@ -1152,8 +1125,7 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( if (!avb_hashtree_descriptor_validate_and_byteswap( (AvbHashtreeDescriptor*)descriptors[n], &hashtree_desc)) { - avb_errorv( - full_partition_name, ": Hashtree descriptor is invalid.\n", NULL); + avb_error(full_partition_name, ": Hashtree descriptor is invalid.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; goto out; } @@ -1207,7 +1179,7 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( "sha512") == 0) { digest_len = AVB_SHA512_DIGEST_SIZE; } else { - avb_errorv(part_name, ": Unsupported hash algorithm.\n", NULL); + avb_error(part_name, ": Unsupported hash algorithm.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; goto out; } @@ -1242,8 +1214,7 @@ static AvbSlotVerifyResult load_and_verify_vbmeta( if (rollback_index_location_to_use >= AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS) { - avb_errorv( - full_partition_name, ": Invalid rollback_index_location.\n", NULL); + avb_error(full_partition_name, ": Invalid rollback_index_location.\n"); ret = AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA; goto out; } diff --git a/libavb/avb_sysdeps.h b/libavb/avb_sysdeps.h index e511a8a..b4a1e99 100644 --- a/libavb/avb_sysdeps.h +++ b/libavb/avb_sysdeps.h @@ -48,6 +48,7 @@ extern "C" { */ #define AVB_ATTR_WARN_UNUSED_RESULT __attribute__((warn_unused_result)) #define AVB_ATTR_PACKED __attribute__((packed)) +#define AVB_ATTR_PRINTF(x, y) __attribute__((format(printf, x, y))) #define AVB_ATTR_NO_RETURN __attribute__((noreturn)) #define AVB_ATTR_SENTINEL __attribute__((__sentinel__)) @@ -95,10 +96,16 @@ void* avb_memset(void* dest, const int c, size_t n); void avb_print(const char* message); /* Prints out a vector of strings. Each argument must point to a - * NUL-terminated UTF-8 string and NULL should be the last argument. + * NUL-terminated UTF-8 string and NULL must be the last argument. */ void avb_printv(const char* message, ...) AVB_ATTR_SENTINEL; +/* Prints out a formatted string. + * + * Replaces avb_printv when AVB_USE_PRINTF_LOGS is enabled. + */ +void avb_printf(const char* fmt, ...) AVB_ATTR_PRINTF(1, 2); + /* Aborts the program or reboots the device. */ void avb_abort(void) AVB_ATTR_NO_RETURN; diff --git a/libavb/avb_sysdeps_posix.c b/libavb/avb_sysdeps_posix.c index e26c3ef..a954869 100644 --- a/libavb/avb_sysdeps_posix.c +++ b/libavb/avb_sysdeps_posix.c @@ -58,6 +58,13 @@ void avb_abort(void) { abort(); } +void avb_printf(const char* fmt, ...) { + va_list ap; + va_start(ap, fmt); + vfprintf(stderr, fmt, ap); + va_end(ap); +} + void avb_print(const char* message) { fprintf(stderr, "%s", message); } diff --git a/libavb/avb_util.h b/libavb/avb_util.h index b6b036e..da638fc 100644 --- a/libavb/avb_util.h +++ b/libavb/avb_util.h @@ -35,9 +35,44 @@ extern "C" { #endif +#define AVB_CONCAT(x, y) x##y #define AVB_STRINGIFY(x) #x #define AVB_TO_STRING(x) AVB_STRINGIFY(x) +#define AVB__COUNT_ARGS(_0, _1, _2, _3, _4, _5, _6, _7, x, ...) x +#define AVB_COUNT_ARGS(...) \ + AVB__COUNT_ARGS(, ##__VA_ARGS__, 7, 6, 5, 4, 3, 2, 1, 0) + +#define AVB__REPEAT0(x) +#define AVB__REPEAT1(x) x +#define AVB__REPEAT2(x) AVB__REPEAT1(x) x +#define AVB__REPEAT3(x) AVB__REPEAT2(x) x +#define AVB__REPEAT4(x) AVB__REPEAT3(x) x +#define AVB__REPEAT5(x) AVB__REPEAT4(x) x +#define AVB__REPEAT6(x) AVB__REPEAT5(x) x +#define AVB__REPEAT7(x) AVB__REPEAT6(x) x +#define AVB__REPEAT(n, x) AVB_CONCAT(AVB__REPEAT, n)(x) +#define AVB_REPEAT(n, x) AVB__REPEAT(n, x) + +#ifdef AVB_USE_PRINTF_LOGS +#define AVB_LOG(level, message, ...) \ + avb_printf("%s:%d: " level \ + ": " AVB_REPEAT(AVB_COUNT_ARGS(message, ##__VA_ARGS__), "%s"), \ + avb_basename(__FILE__), \ + __LINE__, \ + message, \ + ##__VA_ARGS__) +#else +#define AVB_LOG(level, message, ...) \ + avb_printv(avb_basename(__FILE__), \ + ":", \ + AVB_TO_STRING(__LINE__), \ + ": " level ": ", \ + message, \ + ##__VA_ARGS__, \ + NULL) +#endif + #ifdef AVB_ENABLE_DEBUG /* Aborts the program if |expr| is false. * @@ -49,21 +84,28 @@ extern "C" { avb_fatal("assert fail: " #expr "\n"); \ } \ } while (0) -#else -#define avb_assert(expr) -#endif /* Aborts the program if reached. * * This has no effect unless AVB_ENABLE_DEBUG is defined. */ -#ifdef AVB_ENABLE_DEBUG #define avb_assert_not_reached() \ do { \ avb_fatal("assert_not_reached()\n"); \ } while (0) + +/* Print functions, used for diagnostics. + * + * These have no effect unless AVB_ENABLE_DEBUG is defined. + */ +#define avb_debug(message, ...) \ + do { \ + AVB_LOG("DEBUG", message, ##__VA_ARGS__); \ + } while (0) #else +#define avb_assert(expr) #define avb_assert_not_reached() +#define avb_debug(message, ...) #endif /* Aborts the program if |addr| is not word-aligned. @@ -73,79 +115,30 @@ extern "C" { #define avb_assert_aligned(addr) \ avb_assert((((uintptr_t)addr) & (AVB_ALIGNMENT_SIZE - 1)) == 0) -#ifdef AVB_ENABLE_DEBUG -/* Print functions, used for diagnostics. - * - * These have no effect unless AVB_ENABLE_DEBUG is defined. - */ -#define avb_debug(message) \ - do { \ - avb_printv(avb_basename(__FILE__), \ - ":", \ - AVB_TO_STRING(__LINE__), \ - ": DEBUG: ", \ - message, \ - NULL); \ - } while (0) -#define avb_debugv(message, ...) \ - do { \ - avb_printv(avb_basename(__FILE__), \ - ":", \ - AVB_TO_STRING(__LINE__), \ - ": DEBUG: ", \ - message, \ - ##__VA_ARGS__); \ - } while (0) -#else -#define avb_debug(message) -#define avb_debugv(message, ...) -#endif - /* Prints out a message. This is typically used if a runtime-error * occurs. */ -#define avb_error(message) \ - do { \ - avb_printv(avb_basename(__FILE__), \ - ":", \ - AVB_TO_STRING(__LINE__), \ - ": ERROR: ", \ - message, \ - NULL); \ - } while (0) -#define avb_errorv(message, ...) \ - do { \ - avb_printv(avb_basename(__FILE__), \ - ":", \ - AVB_TO_STRING(__LINE__), \ - ": ERROR: ", \ - message, \ - ##__VA_ARGS__); \ +#define avb_error(message, ...) \ + do { \ + AVB_LOG("ERROR", message, ##__VA_ARGS__); \ } while (0) /* Prints out a message and calls avb_abort(). */ -#define avb_fatal(message) \ - do { \ - avb_printv(avb_basename(__FILE__), \ - ":", \ - AVB_TO_STRING(__LINE__), \ - ": FATAL: ", \ - message, \ - NULL); \ - avb_abort(); \ - } while (0) -#define avb_fatalv(message, ...) \ - do { \ - avb_printv(avb_basename(__FILE__), \ - ":", \ - AVB_TO_STRING(__LINE__), \ - ": FATAL: ", \ - message, \ - ##__VA_ARGS__); \ - avb_abort(); \ +#define avb_fatal(message, ...) \ + do { \ + AVB_LOG("FATAL", message, ##__VA_ARGS__); \ + avb_abort(); \ } while (0) +#ifndef AVB_USE_PRINTF_LOGS +/* Deprecated legacy logging functions -- kept for client compatibility. + */ +#define avb_debugv(message, ...) avb_debug(message, ##__VA_ARGS__) +#define avb_errorv(message, ...) avb_error(message, ##__VA_ARGS__) +#define avb_fatalv(message, ...) avb_fatal(message, ##__VA_ARGS__) +#endif + /* Converts a 16-bit unsigned integer from big-endian to host byte order. */ uint16_t avb_be16toh(uint16_t in) AVB_ATTR_WARN_UNUSED_RESULT; diff --git a/libavb_ab/avb_ab_flow.c b/libavb_ab/avb_ab_flow.c index bf6eab1..cbdf6c9 100644 --- a/libavb_ab/avb_ab_flow.c +++ b/libavb_ab/avb_ab_flow.c @@ -263,15 +263,12 @@ AvbABFlowResult avb_ab_flow(AvbABOps* ab_ops, case AVB_SLOT_VERIFY_RESULT_ERROR_PUBLIC_KEY_REJECTED: if (flags & AVB_SLOT_VERIFY_FLAGS_ALLOW_VERIFICATION_ERROR) { /* Do nothing since we allow this. */ - avb_debugv("Allowing slot ", - slot_suffixes[n], - " which verified " - "with result ", - avb_slot_verify_result_to_string(verify_result), - " because " - "AVB_SLOT_VERIFY_FLAGS_ALLOW_VERIFICATION_ERROR " - "is set.\n", - NULL); + avb_debug("Allowing slot ", + slot_suffixes[n], + " which verified with result ", + avb_slot_verify_result_to_string(verify_result), + " because AVB_SLOT_VERIFY_FLAGS_ALLOW_VERIFICATION_ERROR " + "is set.\n"); saw_and_allowed_verification_error = true; } else { set_slot_unbootable = true; @@ -285,12 +282,11 @@ AvbABFlowResult avb_ab_flow(AvbABOps* ab_ops, } if (set_slot_unbootable) { - avb_errorv("Error verifying slot ", - slot_suffixes[n], - " with result ", - avb_slot_verify_result_to_string(verify_result), - " - setting unbootable.\n", - NULL); + avb_error("Error verifying slot ", + slot_suffixes[n], + " with result ", + avb_slot_verify_result_to_string(verify_result), + " - setting unbootable.\n"); slot_set_unbootable(&ab_data.slots[n]); } } diff --git a/libavb_user/avb_ops_user.cpp b/libavb_user/avb_ops_user.cpp index d7815f0..1ce5391 100644 --- a/libavb_user/avb_ops_user.cpp +++ b/libavb_user/avb_ops_user.cpp @@ -138,8 +138,7 @@ static AvbIOResult read_from_partition(AvbOps* ops, if (offset < 0) { uint64_t partition_size; if (ioctl(fd, BLKGETSIZE64, &partition_size) != 0) { - avb_errorv( - "Error getting size of \"", partition, "\" partition.\n", NULL); + avb_error("Error getting size of \"", partition, "\" partition.\n"); ret = AVB_IO_RESULT_ERROR_IO; goto out; } @@ -194,7 +193,7 @@ static AvbIOResult write_to_partition(AvbOps* ops, fd = open_partition(partition, O_WRONLY); if (fd == -1) { - avb_errorv("Error opening \"", partition, "\" partition.\n", NULL); + avb_error("Error opening \"", partition, "\" partition.\n"); ret = AVB_IO_RESULT_ERROR_IO; goto out; } @@ -273,15 +272,14 @@ static AvbIOResult get_size_of_partition(AvbOps* ops, fd = open_partition(partition, O_WRONLY); if (fd == -1) { - avb_errorv("Error opening \"", partition, "\" partition.\n", NULL); + avb_error("Error opening \"", partition, "\" partition.\n"); ret = AVB_IO_RESULT_ERROR_IO; goto out; } if (out_size_in_bytes != NULL) { if (ioctl(fd, BLKGETSIZE64, out_size_in_bytes) != 0) { - avb_errorv( - "Error getting size of \"", partition, "\" partition.\n", NULL); + avb_error("Error getting size of \"", partition, "\" partition.\n"); ret = AVB_IO_RESULT_ERROR_IO; goto out; } diff --git a/libavb_user/avb_user_verification.c b/libavb_user/avb_user_verification.c index f572128..7a124d8 100644 --- a/libavb_user/avb_user_verification.c +++ b/libavb_user/avb_user_verification.c @@ -86,18 +86,15 @@ static bool load_top_level_vbmeta_header( &footer, &num_read); if (io_res != AVB_IO_RESULT_OK) { - avb_errorv("Error loading footer from partition '", - out_partition_name, - "'\n", - NULL); + avb_error( + "Error loading footer from partition '", out_partition_name, "'\n"); goto out; } if (avb_memcmp(footer.magic, AVB_FOOTER_MAGIC, AVB_FOOTER_MAGIC_LEN) != 0) { - avb_errorv("Data from '", - out_partition_name, - "' does not look like a vbmeta footer.\n", - NULL); + avb_error("Data from '", + out_partition_name, + "' does not look like a vbmeta footer.\n"); goto out; } @@ -111,8 +108,7 @@ static bool load_top_level_vbmeta_header( } if (io_res != AVB_IO_RESULT_OK) { - avb_errorv( - "Error loading from partition '", out_partition_name, "'\n", NULL); + avb_error("Error loading from partition '", out_partition_name, "'\n"); goto out; } @@ -141,10 +137,9 @@ bool avb_user_verification_get(AvbOps* ops, } if (avb_memcmp(vbmeta_image, AVB_MAGIC, AVB_MAGIC_LEN) != 0) { - avb_errorv("Data from '", - partition_name, - "' does not look like a vbmeta header.\n", - NULL); + avb_error("Data from '", + partition_name, + "' does not look like a vbmeta header.\n"); goto out; } @@ -180,10 +175,9 @@ bool avb_user_verification_set(AvbOps* ops, } if (avb_memcmp(vbmeta_image, AVB_MAGIC, AVB_MAGIC_LEN) != 0) { - avb_errorv("Data from '", - partition_name, - "' does not look like a vbmeta header.\n", - NULL); + avb_error("Data from '", + partition_name, + "' does not look like a vbmeta header.\n"); goto out; } @@ -203,7 +197,7 @@ bool avb_user_verification_set(AvbOps* ops, AVB_VBMETA_IMAGE_HEADER_SIZE, vbmeta_image); if (io_res != AVB_IO_RESULT_OK) { - avb_errorv("Error writing to partition '", partition_name, "'\n", NULL); + avb_error("Error writing to partition '", partition_name, "'\n"); goto out; } diff --git a/libavb_user/avb_user_verity.c b/libavb_user/avb_user_verity.c index ecf0043..dd64b3c 100644 --- a/libavb_user/avb_user_verity.c +++ b/libavb_user/avb_user_verity.c @@ -86,18 +86,15 @@ static bool load_top_level_vbmeta_header( &footer, &num_read); if (io_res != AVB_IO_RESULT_OK) { - avb_errorv("Error loading footer from partition '", - out_partition_name, - "'\n", - NULL); + avb_error( + "Error loading footer from partition '", out_partition_name, "'\n"); goto out; } if (avb_memcmp(footer.magic, AVB_FOOTER_MAGIC, AVB_FOOTER_MAGIC_LEN) != 0) { - avb_errorv("Data from '", - out_partition_name, - "' does not look like a vbmeta footer.\n", - NULL); + avb_error("Data from '", + out_partition_name, + "' does not look like a vbmeta footer.\n"); goto out; } @@ -111,8 +108,7 @@ static bool load_top_level_vbmeta_header( } if (io_res != AVB_IO_RESULT_OK) { - avb_errorv( - "Error loading from partition '", out_partition_name, "'\n", NULL); + avb_error("Error loading from partition '", out_partition_name, "'\n"); goto out; } @@ -141,10 +137,9 @@ bool avb_user_verity_get(AvbOps* ops, } if (avb_memcmp(vbmeta_image, AVB_MAGIC, AVB_MAGIC_LEN) != 0) { - avb_errorv("Data from '", - partition_name, - "' does not look like a vbmeta header.\n", - NULL); + avb_error("Data from '", + partition_name, + "' does not look like a vbmeta header.\n"); goto out; } @@ -179,10 +174,9 @@ bool avb_user_verity_set(AvbOps* ops, } if (avb_memcmp(vbmeta_image, AVB_MAGIC, AVB_MAGIC_LEN) != 0) { - avb_errorv("Data from '", - partition_name, - "' does not look like a vbmeta header.\n", - NULL); + avb_error("Data from '", + partition_name, + "' does not look like a vbmeta header.\n"); goto out; } @@ -202,7 +196,7 @@ bool avb_user_verity_set(AvbOps* ops, AVB_VBMETA_IMAGE_HEADER_SIZE, vbmeta_image); if (io_res != AVB_IO_RESULT_OK) { - avb_errorv("Error writing to partition '", partition_name, "'\n", NULL); + avb_error("Error writing to partition '", partition_name, "'\n"); goto out; } diff --git a/test/avb_sysdeps_posix_testing.cc b/test/avb_sysdeps_posix_testing.cc index 0a6ac13..6b1f210 100644 --- a/test/avb_sysdeps_posix_testing.cc +++ b/test/avb_sysdeps_posix_testing.cc @@ -77,6 +77,13 @@ void avb_printv(const char* message, ...) { va_end(ap); } +void avb_printf(const char* fmt, ...) { + va_list ap; + va_start(ap, fmt); + vfprintf(stderr, fmt, ap); + va_end(ap); +} + typedef struct { size_t size; base::debug::StackTrace stack_trace; |