cbfs/vboot: Adapt to new vb2_digest API

CL:3825558 changes all vb2_digest and vb2_hash functions to take a new
hwcrypto_allowed argument, to potentially let them try to call the
vb2ex_hwcrypto API for hash calculation. This change will open hardware
crypto acceleration up to all hash calculations in coreboot (most
notably CBFS verification). As part of this change, the
vb2_digest_buffer() function has been removed, so replace existing
instances in coreboot with the newer vb2_hash_calculate() API.

Due to the circular dependency of these changes with vboot, this patch
also needs to update the vboot submodule:

Updating from commit id 18cb85b5:
    2load_kernel.c: Expose load kernel as vb2_api

to commit id b827ddb9:
    tests: Ensure auxfw sync runs after EC sync

This brings in 15 new commits.

Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I287d8dac3c49ad7ea3e18a015874ce8d610ec67e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66561
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jakub Czapiga <jacz@semihalf.com>

src/soc/intel/alderlake/hsphy.c

@@ -10,6 +10,7 @@
 #include <device/pci_ops.h>
 #include <intelblocks/cse.h>
 #include <intelblocks/systemagent.h>
+#include <security/vboot/misc.h>
 #include <soc/hsphy.h>
 #include <soc/iomap.h>
 #include <soc/pci_devs.h>
@@ -105,42 +106,28 @@ static int heci_get_hsphy_payload(void *buf, uint32_t *buf_size, uint8_t *hash_b
 
 static int verify_hsphy_hash(void *buf, uint32_t buf_size, uint8_t *hash_buf, uint8_t hash_alg)
 {
-	enum vb2_hash_algorithm alg;
-	uint32_t hash_size;
-	uint8_t hash_calc[MAX_HASH_SIZE];
+	struct vb2_hash hash;
 
 	switch (hash_alg) {
 	case HASHALG_SHA256:
-		alg = VB2_HASH_SHA256;
-		hash_size = VB2_SHA256_DIGEST_SIZE;
+		hash.algo = VB2_HASH_SHA256;
 		break;
 	case HASHALG_SHA384:
-		alg = VB2_HASH_SHA384;
-		hash_size = VB2_SHA384_DIGEST_SIZE;
+		hash.algo = VB2_HASH_SHA384;
 		break;
 	case HASHALG_SHA512:
-		alg = VB2_HASH_SHA512;
-		hash_size = VB2_SHA512_DIGEST_SIZE;
+		hash.algo = VB2_HASH_SHA512;
 		break;
 	case HASHALG_SHA1:
 	default:
 		printk(BIOS_ERR, "Hash alg %d not supported, trying SHA384\n", hash_alg);
-		alg = VB2_HASH_SHA384;
-		hash_size = VB2_SHA384_DIGEST_SIZE;
+		hash.algo = VB2_HASH_SHA384;
 		break;
 	}
+	memcpy(hash.raw, hash_buf, vb2_digest_size(hash.algo));
 
-	if (vb2_digest_buffer(buf, buf_size, alg, hash_calc, hash_size)) {
-		printk(BIOS_ERR, "HSPHY SHA calculation failed\n");
-		return -1;
-	}
-
-	if (memcmp(hash_buf, hash_calc, hash_size)) {
+	if (vb2_hash_verify(vboot_hwcrypto_allowed(), buf, buf_size, &hash) != VB2_SUCCESS) {
 		printk(BIOS_ERR, "HSPHY SHA hashes do not match\n");
-		printk(BIOS_DEBUG, "Hash from CSME:\n");
-		hexdump(hash_buf, hash_size);
-		printk(BIOS_DEBUG, "Calculated hash:\n");
-		hexdump(hash_calc, hash_size);
 		return -1;
 	}
 

src/soc/intel/common/block/cse/cse_lite.c

@@ -544,15 +544,15 @@ static bool cse_verify_cbfs_rw_sha256(const uint8_t *expected_rw_blob_sha,
 		const void *rw_blob, const size_t rw_blob_sz)
 
 {
-	uint8_t rw_comp_sha[VB2_SHA256_DIGEST_SIZE];
+	struct vb2_hash calculated;
 
-	if (vb2_digest_buffer(rw_blob, rw_blob_sz, VB2_HASH_SHA256, rw_comp_sha,
-				VB2_SHA256_DIGEST_SIZE)) {
+	if (vb2_hash_calculate(vboot_hwcrypto_allowed(), rw_blob, rw_blob_sz,
+			       VB2_HASH_SHA256, &calculated)) {
 		printk(BIOS_ERR, "cse_lite: CSE CBFS RW's SHA-256 calculation has failed\n");
 		return false;
 	}
 
-	if (memcmp(expected_rw_blob_sha, rw_comp_sha, VB2_SHA256_DIGEST_SIZE)) {
+	if (memcmp(expected_rw_blob_sha, calculated.sha256, sizeof(calculated.sha256))) {
 		printk(BIOS_ERR, "cse_lite: Computed CBFS RW's SHA-256 does not match with"
 				"the provided SHA in the metadata\n");
 		return false;