cbfs/vboot: Adapt to new vb2_digest API

CL:3825558 changes all vb2_digest and vb2_hash functions to take a new
hwcrypto_allowed argument, to potentially let them try to call the
vb2ex_hwcrypto API for hash calculation. This change will open hardware
crypto acceleration up to all hash calculations in coreboot (most
notably CBFS verification). As part of this change, the
vb2_digest_buffer() function has been removed, so replace existing
instances in coreboot with the newer vb2_hash_calculate() API.

Due to the circular dependency of these changes with vboot, this patch
also needs to update the vboot submodule:

Updating from commit id 18cb85b5:
    2load_kernel.c: Expose load kernel as vb2_api

to commit id b827ddb9:
    tests: Ensure auxfw sync runs after EC sync

This brings in 15 new commits.

Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I287d8dac3c49ad7ea3e18a015874ce8d610ec67e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66561
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jakub Czapiga <jacz@semihalf.com>
This commit is contained in:
Julius Werner
2022-08-08 18:08:35 -07:00
parent b45b48de73
commit d96ca24652
22 changed files with 98 additions and 85 deletions

View File

@@ -1456,7 +1456,7 @@ int cbfs_print_entry_info(struct cbfs_image *image, struct cbfs_file *entry,
break;
}
char *hash_str = bintohex(attr->hash.raw, hash_len);
int valid = vb2_hash_verify(CBFS_SUBHEADER(entry),
int valid = vb2_hash_verify(false, CBFS_SUBHEADER(entry),
be32toh(entry->len), &attr->hash) == VB2_SUCCESS;
const char *valid_str = valid ? "valid" : "invalid";
@@ -1544,7 +1544,7 @@ static int cbfs_print_parseable_entry_info(struct cbfs_image *image,
if (!hash_len)
continue;
char *hash_str = bintohex(attr->hash.raw, hash_len);
int valid = vb2_hash_verify(CBFS_SUBHEADER(entry),
int valid = vb2_hash_verify(false, CBFS_SUBHEADER(entry),
be32toh(entry->len), &attr->hash) == VB2_SUCCESS;
fprintf(fp, "%shash:%s:%s:%s", sep,
vb2_get_hash_algorithm_name(attr->hash.algo),
@@ -1873,7 +1873,7 @@ int cbfs_add_file_hash(struct cbfs_file *header, struct buffer *buffer,
if (attr == NULL)
return -1;
if (vb2_hash_calculate(buffer_get(buffer), buffer_size(buffer),
if (vb2_hash_calculate(false, buffer_get(buffer), buffer_size(buffer),
alg, &attr->hash) != VB2_SUCCESS)
return -1;