kvs 2

.gitignore

@@ -1,3 +1,6 @@
+# nya
+build/
+
 # Prerequisites
 *.d
 

Makefile

@@ -0,0 +1,29 @@
+CC ?= gcc
+SHELL ?= /bin/sh
+KVSFLIST := \
+	src/KVS/main.c \
+	src/KVS/ui.c \
+	src/KVS/kernver-utils.c
+
+CFLAGS := \
+	-Iinclude \
+	-g \
+	-static
+
+$(shell mkdir -p build)
+
+all: clean kvs kvg
+
+kvs: build/kvs
+kvg: build/kvg
+
+build/kvs: src/KVS/main.c
+	$(CC) $(KVSFLIST) -o build/kvs $(CFLAGS)
+	chmod +rx build/kvs
+
+build/kvg: src/KVG/main.c
+	$(CC) src/KVG/main.c -o build/kvg $(CFLAGS)
+	chmod +rx build/kvg
+
+clean:
+	rm -rf build

builder/root/usr/sbin/factory_install.sh

@@ -1,108 +0,0 @@
-#!/bin/bash
-# KVS: Kernel Version Switcher
-# Written by kxtzownsu / kxtz#8161
-# https://kxtz.dev
-# Licensed under GNU Affero GPL v3
-
-if [[ $(/usr/bin/id -u) -ne 0 ]]; then
-    echo "$0 $(printf '\033[1;31mMUST\033[0m') be ran as root/sudo!"
-    exit
-fi
-
-version=1
-GITHUB_URL="https://github.com/kxtzownsu/KVS"
-tpmver=$(tpmc tpmver)
-
-if [ "$tpmver" == "2.0" ]; then
-  tpmdaemon="trunksd"
-else
-  tpmdaemon="tscd"
-fi
-
-# give me thy kernver NOW
-case "$(crossystem tpm_kernver)" in
-  "0x00000000")
-    kernver="0"
-    ;;
-  "0x00010001")
-    kernver="1"
-    ;;
-  "0x00010002")
-    kernver="2"
-    ;;
-  "0x00010003")
-    kernver="3"
-    ;;
-  *)
-    panic "invalid-kernver"
-    ;;
-esac
-
-# detect if booted from usb boot or from recovery boot
-if [ "$(crossystem mainfw_type)" == "recovery" ]; then
-  source /usr/share/kvs/tpmutil.sh
-  source /usr/share/kvs/functions.sh
-  mkdir -p /mnt/state &2>1 /dev/null
-  mount /dev/disk/by-label/KVS /mnt/state
-  stop $tpmdaemon
-  clear
-elif [ "$(crossystem mainfw_type)" == "developer" ]; then
-  source /usr/sbin/kvs/tpmutil.sh
-  source /usr/sbin/kvs/functions.sh
-  # panic "non-reco"
-  # sleep infinity
-  clear
-  . ../share/kvs/functions.sh
-  . ../share/kvs/tpmutil.sh
-  source ../share/kvs/functions.sh
-  source ../share/kvs/tpmutil.sh
-  style_text "YOU ARE RUNNING A DEBUG VERSION OF KVS, THIS WAS OPTIMIZED TO RUN ON CHROMEOS ONLY! ALL ACTIONS ARE PURELY VISUAL AND NOT FUNCTIONAL IN THIS MODE!!!"
-  sleep 5
-  clear
-fi
-
-credits(){
-  clear
-  echo "KVS: Kernel Version Switcher v$version"
-  echo "Current kernver: $kernver"
-  echo "TPM Version: $tpmver"
-  echo "TPMD: $tpmdaemon"
-  echo "-=-=-=-=-=-=-=-=-=-=-"
-  echo "kxtzownsu - Writing KVS, Providing kernver 0 & kernver 1 files."
-  echo "planetearth1363 - Providing kernver 2 files."
-  echo "miimaker - Providing kernver 3 files."
-  echo "OlyB - Helping me figure out the shim builder, seriously, thanks."
-  echo "Google - Writing the 'tpmc' command :3"
-  echo "-=-=-=-=-=-=-=-=-=-=-"
-  echo "Press ENTER to return to the main menu"
-  read -r
-}
-
-endkvs(){
-  # reboot now
-  stopwatch
-}
-
-
-main(){
-  echo "KVS: Kernel Version Switcher v$version"
-  echo "Current kernver: $kernver"
-  echo "TPM Version: $tpmver"
-  echo "TPMD: $tpmdaemon"
-  echo "-=-=-=-=-=-=-=-=-=-=-"
-  echo "1) Set New kernver"
-  echo "2) Backup kernver"
-  echo "3) Bash Shell"
-  echo "4) Credits"
-  echo "5) Exit"
-  printf '\x1b[?25h'
-  read -rep "$(printf '\x1b[?25h')> " sel
-  
-  selection $sel
-}
-
-
-while true; do
-  clear
-  main
-done

builder/root/usr/share/kvs/functions.sh

@@ -1,213 +0,0 @@
-#!/bin/bash
-
-style_text() {
-  printf "\033[31m\033[1m\033[5m$1\033[0m\n"
-}
-
-panic(){
-  case "$1" in
-    "invalid-kernver")
-      style_text "KVS PANIC"
-      printf "\033[31mERR\033[0m"
-      printf ": Invalid Kernel Version. Please make a GitHub issue at \033[3;34m$GITHUB_URL\033[0m with a picture of this information.\n"
-      echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-="
-      echo "tpm_kernver: $(crossystem tpm_kernver)"
-      echo "fwid: $(dmidecode -s bios-version) (compiled: $(dmidecode -s bios-release-date))"
-      echo "date: $(date +"%m-%d-%Y %I:%M:%S %p")"
-      echo "model: $(cat /sys/class/dmi/id/product_name) $(cat /sys/class/dmi/id/product_version)"
-      echo "Please shutdown your device now using REFRESH+PWR"
-      sleep infinity
-      ;;
-    "mount-error")
-      style_text "KVS PANIC"
-      printf "\033[31mERR\033[0m"
-      printf ": Unable to mount stateful. Please make a GitHub issue at \033[3;34m$GITHUB_URL\033[0m with a picture of this information.\n"
-      echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-="
-      echo "tpm_kernver: $(crossystem tpm_kernver)"
-      echo "fwid: $(dmidecode -s bios-version) (compiled: $(dmidecode -s bios-release-date))"
-      echo "state mounted: $([ -d /mnt/state/ ] && grep -qs '/mnt/state ' /proc/mounts && echo true || echo false)"
-      echo "date: $(date +"%m-%d-%Y %I:%M:%S %p")"
-      echo "model: $(cat /sys/class/dmi/id/product_name) $(cat /sys/class/dmi/id/product_version)"
-      echo "Please shutdown your device now using REFRESH+PWR"
-      sleep infinity
-      ;;
-    "non-reco")
-      style_text "KVS PANIC"
-      printf "\033[31mERR\033[0m"
-      printf ": Wrong Boot Method. To fix: boot the shim using the recovery method. (ESC+REFRESH+PWR) and \033[31mNOT\033[0m USB Boot.\n"
-      echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-="
-      echo "tpm_kernver: $(crossystem tpm_kernver)"
-      echo "fwid: $(dmidecode -s bios-version) (compiled: $(dmidecode -s bios-release-date))"
-      echo "fw mode: $(crossystem mainfw_type)"
-      echo "date: $(date +"%m-%d-%Y %I:%M:%S %p")"
-      echo "model: $(cat /sys/class/dmi/id/product_name) $(cat /sys/class/dmi/id/product_version)"
-      echo "Please shutdown your device now using REFRESH+PWR"
-      sleep infinity
-      ;;
-    "tpmd-not-killed")
-      style_text "KVS PANIC"
-      printf "\033[31mERR\033[0m"
-      printf ": $tpmdaemon unable to be killed. Please make a GitHub issue at \033[3;34m$GITHUB_URL\033[0m with a picture of this information.\n"
-      echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-="
-      echo "tpm_kernver: $(crossystem tpm_kernver)"
-      echo "fwid: $(dmidecode -s bios-version) (compiled: $(dmidecode -s bios-release-date))"
-      echo "tpmd ($tpmdaemon) running: $(status $tpmdaemon | grep stopped && echo true || echo false)"
-      echo "date: $(date +"%m-%d-%Y %I:%M:%S %p")"
-      echo "model: $(cat /sys/class/dmi/id/product_name) $(cat /sys/class/dmi/id/product_version)"
-      echo "Please shutdown your device now using REFRESH+PWR"
-      sleep infinity
-      ;;
-    "*")
-      echo "Panic ID unable to be found: $1"
-      echo "Exiting script to prevent crash, please make an issue at \033[3;34m$GITHUB_URL\033[0m."
-  esac
-}
-
-stopwatch() {
-    display_timer() {
-        printf "[%02d:%02d:%02d]\n" $hh $mm $ss
-    }
-    hh=0 #hours
-    mm=0 #minutes
-    ss=0 #seconds
-    
-    while true; do
-        clear
-        echo "Initiated reboot, if this doesn't reboot please manually reboot with REFRESH+PWR"
-        echo "Time since reboot initiated:"
-        display_timer
-        ss=$((ss + 1))
-        # if seconds reach 60, increment the minutes
-        if [ $ss -eq 60 ]; then
-            ss=0
-            mm=$((mm + 1))
-        fi
-        # if minutes reach 60, increment the hours
-        if [ $mm -eq 60 ]; then
-            mm=0
-            hh=$((hh + 1))
-        fi
-        sleep 1
-    done
-}
-
-selection(){
-  case $1 in
-    "1")
-      echo "Please Enter Target kernver (0-3)"
-      read -rep "> " kernver
-      case $kernver in
-        "0")
-          echo "Setting kernver 0"
-          write_kernver $(cat /mnt/state/kvs/kernver0)
-          sleep 2
-          echo "Finished writing kernver $kernver!"
-          echo "Press ENTER to return to main menu.."
-          read -r
-          ;;
-        "1")
-          echo "Setting kernver 1"
-          write_kernver $(cat /mnt/state/kvs/kernver1)
-          echo "Finished writing kernver $kernver!"
-          echo "Press ENTER to return to main menu.."
-          read -r
-          ;;
-        "2")
-          echo "Setting kernver 2"
-          write_kernver $(cat /mnt/state/kvs/kernver2)
-          echo "Finished writing kernver $kernver!"
-          echo "Press ENTER to return to main menu.."
-          read -r
-          ;;
-        "3")
-          echo "Setting kernver 3"
-          write_kernver $(cat /mnt/state/kvs/kernver3)
-          echo "Finished writing kernver $kernver!"
-          echo "Press ENTER to return to main menu.."
-          read -r
-          ;;
-        *)
-          echo "Invalid kernver. Please check your input."
-          main
-          ;;
-      esac ;;
-    "2")
-      case $kernver in
-        "0")
-          echo "Current kernver: 0"
-          echo "Outputting to stateful/kernver-out"
-          cp /mnt/state/kvs/raw/kernver0.raw /mnt/state/kernver-out
-          echo "Finished saving kernver $kernver!"
-          echo "Press ENTER to return to main menu.."
-          read -r
-          ;;
-        "1")
-          echo "Current kernver: 1"
-          echo "Outputting to stateful/kernver-out"
-          cp /mnt/state/kvs/raw/kernver1.raw /mnt/state/kernver-out
-          echo "Finished saving kernver $kernver!"
-          echo "Press ENTER to return to main menu.."
-          read -r
-          ;;
-        "2")
-          echo "Current kernver: 2"
-          echo "Outputting to stateful/kernver-out"
-          cp /mnt/state/kvs/raw/kernver2.raw /mnt/state/kernver-out
-          echo "Finished saving kernver $kernver!"
-          echo "Press ENTER to return to main menu.."
-          read -r
-          ;;
-        "3")
-          echo "Current kernver: 3"
-          echo "Outputting to stateful/kernver-out"
-          cp /mnt/state/kvs/raw/kernver3.raw /mnt/state/kernver-out
-          echo "Finished saving kernver $kernver!"
-          echo "Press ENTER to return to main menu.."
-          read -r
-          ;;
-        *)
-          panic "invalid-kernver"
-          ;;
-      esac ;;
-    "3")
-      bash
-      ;;
-    "4")
-      credits
-      ;;
-    "5")
-      endkvs
-      ;;
-    "6")
-      clear
-      style_text "silly debug menu!!"
-      echo "panic menu"
-      echo "1) invalid-kernver"
-      echo "2) mount-error"
-      echo "3) non-reco"
-      echo "4) tpmd-not-killed"
-      echo "5) return to menu"
-      read -rep "> " panicsel
-      
-      case $panicsel in
-        "1")
-          panic "invalid-kernver"
-          ;;
-        "2")
-          panic "mount-error"
-          ;;
-        "3")
-          panic "non-reco"
-          ;;
-        "4")
-          panic "tpmc-not-killed"
-          ;;
-        "5")
-          echo ""
-          ;;
-        "*")
-          echo "invalid option, wat the flip!!!"
-          ;;
-      esac ;;
-  esac
-}

builder/root/usr/share/kvs/tpmutil.sh

@@ -1,29 +0,0 @@
-#!/bin/bash
-
-write_kernver(){
-  local data=$*
-  
-  tpmc write 0x1008 $data
-}
-
-
-# gotta make this really complicated because TPMC doesn't like when I try to read the full index on GRUNT BARLA....
-read_kernver(){
-  case $kernver in
-    "0")
-      cat /mnt/state/kvs/kernver0
-      ;;
-    "1")
-      cat /mnt/state/kvs/kernver1
-      ;;
-    "2")
-      cat /mnt/state/kvs/kernver2
-      ;;
-    "3")
-      cat /mnt/state/kvs/kernver3
-      ;;
-    "*")
-      panic "invalid-kernver"
-      ;;
-    esac
-}

builder/stateful/kvs/kernver0

@@ -1 +0,0 @@
-02  4c 57 52 47  0 0 0 0  0 0 0  e8

builder/stateful/kvs/kernver1

@@ -1 +0,0 @@
-02  4c 57 52 47  1 0 1 0  0 0 0  55

builder/stateful/kvs/kernver2

@@ -1 +0,0 @@
-02  4c 57 52 47  2 0 1 0  0 0 0  33

builder/stateful/kvs/kernver3

@@ -1 +0,0 @@
-02  4c 57 52 47  3 0 1 0  0 0 0  EC

include/arg_checks.h

@@ -0,0 +1,22 @@
+// credit to Hannah / ZegLol for making this!
+
+int gargc;
+char **gargv;
+
+char *fval(const char *arg, int param)
+{
+	for (int i = 0; i < gargc; i++) {
+		if (!strcmp(gargv[i], arg)) return gargv[i + param];
+	}
+
+	return "";
+}
+
+bool fbool(const char *arg)
+{
+	for (int i = 0; i < gargc; i++) {
+		if (!strcmp(gargv[i], arg)) return true;
+	}
+
+	return false;
+}

include/hex_utils.h

@@ -0,0 +1,25 @@
+uint32_t convert_to_uint32(const char *str) {
+    char *endptr;
+    unsigned long ul_value = strtoul(str, &endptr, 0);
+    
+    if (strlen(str) > 10){
+        fprintf(stderr, "The entered kernver, %s, was longer than 10 characters (including 0x),\nplease refine the input and try again.", str);
+        exit(1);
+    }
+
+    return (uint32_t)ul_value;
+}
+
+bool is_valid_hex(const char *str) {
+    if (strncmp(str, "0x", 2) == 0 || strncmp(str, "0X", 2) == 0) {
+        str += 2;
+    }
+
+    return *str != '\0' && strspn(str, "0123456789abcdefABCDEF") == strlen(str);
+}
+
+void print_hex(const uint8_t *data, uint32_t size) {
+    for (uint32_t i = 0; i < size; i++) {
+        printf("%02x ", data[i]);
+    }
+}

shim-builder/builder.sh

@@ -8,8 +8,10 @@ if [ $HOST_ARCH == "x86_64" ]; then
   CGPT="$SCRIPT_DIR/bins/cgpt.x86-64"
   SFDISK="$SCRIPT_DIR/bins/sfdisk.x86-64"
 else
-  CGPT="$SCRIPT_DIR/bins/cgpt.aarch64"
-  SFDISK="$SCRIPT_DIR/bins/sfdisk.aarch64"
+  echo "Building on an ARM system is not supported currently"
+  exit
+  # CGPT="$SCRIPT_DIR/bins/cgpt.aarch64"
+  # SFDISK="$SCRIPT_DIR/bins/sfdisk.aarch64"
 fi
 
 source $SCRIPT_DIR/functions.sh

src/KVG/main.c

@@ -0,0 +1,100 @@
+#include <stdio.h>
+#include <stddef.h>
+#include <stdint.h> 
+#include <stdlib.h>
+#include <stdbool.h>
+#include <string.h>
+#include <limits.h>
+
+#include "arg_checks.h"
+#include "hex_utils.h"
+
+
+// basically almost all of this code was pieced together
+// using vboot_reference code, credits to Google
+// for writing most of this code in a sense :3
+
+struct vb2_secdata_kernel_v0 {
+    uint8_t struct_version;  
+    uint32_t uid;
+    uint32_t kernel_versions;
+    uint8_t reserved[3];
+    uint8_t crc8;
+} __attribute__((packed));
+
+struct vb2_context {
+    void *secdata_kernel;
+};
+
+uint8_t vb2_crc8(const void *vptr, uint32_t size)
+{
+    const uint8_t *data = vptr;
+    unsigned crc = 0;
+    uint32_t i, j;
+
+    for (j = size; j; j--, data++) {
+        crc ^= (*data << 8);
+        for(i = 8; i; i--) {
+            if (crc & 0x8000)
+                crc ^= (0x1070 << 3);
+            crc <<= 1;
+        }
+    }
+
+    return (uint8_t)(crc >> 8);
+}
+
+static uint8_t secdata_kernel_crc(struct vb2_context *ctx)
+{
+    size_t offset, size;
+    offset = 0;
+    size = offsetof(struct vb2_secdata_kernel_v0, crc8);
+    return vb2_crc8(ctx->secdata_kernel + offset, size);
+}
+
+int main(int argc, char *argv[]) {
+    gargc = argc;
+	gargv = argv;
+
+    // if --help or no args are passsed
+    // print the usage and an example command
+    if (fbool("--help") || argc == 1){
+        printf("USAGE: %s <kernver> <optl. flags>\n", argv[0]);
+        printf("e.g: %s 0x00010001 --raw\n", argv[0]);
+        printf("-=-=-=-=-=-=-\n");
+        printf("--raw - prints the output as raw hex bytes\n");
+        printf("--help - shows this message :3\n");
+        printf("-=-=-=-=-=-=-\n");
+        printf("KVG was created by kxtzownsu\n");
+        exit(0);
+    }
+
+    struct vb2_secdata_kernel_v0 secdata;
+
+    secdata.struct_version = 0x02;
+    secdata.uid = 0x4752574c;
+    secdata.reserved[0] = 0x00;
+    secdata.reserved[1] = 0x00;
+    secdata.reserved[2] = 0x00;
+
+    // make sure the user sends us a correct hex value, 
+    // we dont want to just blindly trust that its correct
+    if (is_valid_hex(argv[1])) {
+        uint32_t kvarg = convert_to_uint32(argv[1]);
+        secdata.kernel_versions = kvarg;
+    } else {
+        printf("The entered kernver: %s, wasn't detected as valid hexadecimal, please try again.\n", argv[1]);
+        exit(1);
+    }
+
+    struct vb2_context ctx;
+    ctx.secdata_kernel = (void *)&secdata;
+
+    secdata.crc8 = secdata_kernel_crc(&ctx);
+    if (fbool("--raw")) {
+        fwrite(&secdata, sizeof(secdata), 1, stdout);
+    } else {
+        print_hex((uint8_t *)&secdata, sizeof(struct vb2_secdata_kernel_v0));
+    }
+    return 0;
+}