cbfs/vboot: Adapt to new vb2_digest API
CL:3825558 changes all vb2_digest and vb2_hash functions to take a new hwcrypto_allowed argument, to potentially let them try to call the vb2ex_hwcrypto API for hash calculation. This change will open hardware crypto acceleration up to all hash calculations in coreboot (most notably CBFS verification). As part of this change, the vb2_digest_buffer() function has been removed, so replace existing instances in coreboot with the newer vb2_hash_calculate() API. Due to the circular dependency of these changes with vboot, this patch also needs to update the vboot submodule: Updating from commit id 18cb85b5: 2load_kernel.c: Expose load kernel as vb2_api to commit id b827ddb9: tests: Ensure auxfw sync runs after EC sync This brings in 15 new commits. Signed-off-by: Julius Werner <jwerner@chromium.org> Change-Id: I287d8dac3c49ad7ea3e18a015874ce8d610ec67e Reviewed-on: https://review.coreboot.org/c/coreboot/+/66561 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Jakub Czapiga <jacz@semihalf.com>
This commit is contained in:
@@ -5,9 +5,11 @@
|
||||
|
||||
#include <libpayload-config.h>
|
||||
#include <boot_device.h>
|
||||
#include <stdbool.h>
|
||||
#include <stdio.h>
|
||||
|
||||
#define CBFS_ENABLE_HASHING CONFIG(LP_CBFS_VERIFICATION)
|
||||
#define CBFS_HASH_HWCRYPTO cbfs_hwcrypto_allowed()
|
||||
|
||||
#define ERROR(...) printf("CBFS ERROR: " __VA_ARGS__)
|
||||
#define LOG(...) printf("CBFS: " __VA_ARGS__)
|
||||
@@ -43,4 +45,6 @@ static inline size_t cbfs_dev_size(cbfs_dev_t dev)
|
||||
return dev->size;
|
||||
}
|
||||
|
||||
bool cbfs_hwcrypto_allowed(void);
|
||||
|
||||
#endif /* _CBFS_CBFS_GLUE_H */
|
||||
|
@@ -89,7 +89,7 @@ static bool cbfs_file_hash_mismatch(const void *buffer, size_t size,
|
||||
ERROR("'%s' does not have a file hash!\n", mdata->h.filename);
|
||||
return true;
|
||||
}
|
||||
if (vb2_hash_verify(buffer, size, hash) != VB2_SUCCESS) {
|
||||
if (vb2_hash_verify(cbfs_hwcrypto_allowed(), buffer, size, hash) != VB2_SUCCESS) {
|
||||
ERROR("'%s' file hash mismatch!\n", mdata->h.filename);
|
||||
return true;
|
||||
}
|
||||
@@ -223,3 +223,10 @@ void *_cbfs_unverified_area_load(const char *area, const char *name, void *buf,
|
||||
|
||||
return do_load(&mdata, dev.offset + data_offset, buf, size_inout, true);
|
||||
}
|
||||
|
||||
/* This should be overridden by payloads that want to enforce more explicit
|
||||
policy on using HW crypto. */
|
||||
__weak bool cbfs_hwcrypto_allowed(void)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
@@ -23,8 +23,10 @@ size_t vb2_digest_size(enum vb2_hash_algorithm hash_alg)
|
||||
return VB2_SHA256_DIGEST_SIZE;
|
||||
}
|
||||
|
||||
vb2_error_t vb2_hash_verify(const void *buf, uint32_t size, const struct vb2_hash *hash)
|
||||
vb2_error_t vb2_hash_verify(bool allow_hwcrypto, const void *buf, uint32_t size,
|
||||
const struct vb2_hash *hash)
|
||||
{
|
||||
assert_true(allow_hwcrypto);
|
||||
check_expected_ptr(buf);
|
||||
check_expected(size);
|
||||
|
||||
|
Reference in New Issue
Block a user