cbfs/vboot: Adapt to new vb2_digest API
CL:3825558 changes all vb2_digest and vb2_hash functions to take a new hwcrypto_allowed argument, to potentially let them try to call the vb2ex_hwcrypto API for hash calculation. This change will open hardware crypto acceleration up to all hash calculations in coreboot (most notably CBFS verification). As part of this change, the vb2_digest_buffer() function has been removed, so replace existing instances in coreboot with the newer vb2_hash_calculate() API. Due to the circular dependency of these changes with vboot, this patch also needs to update the vboot submodule: Updating from commit id 18cb85b5: 2load_kernel.c: Expose load kernel as vb2_api to commit id b827ddb9: tests: Ensure auxfw sync runs after EC sync This brings in 15 new commits. Signed-off-by: Julius Werner <jwerner@chromium.org> Change-Id: I287d8dac3c49ad7ea3e18a015874ce8d610ec67e Reviewed-on: https://review.coreboot.org/c/coreboot/+/66561 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Jakub Czapiga <jacz@semihalf.com>
This commit is contained in:
@@ -271,12 +271,12 @@ static int maybe_update_fmap_hash(void)
|
||||
if (mhc->cbfs_hash.algo == VB2_HASH_INVALID)
|
||||
return 0;
|
||||
|
||||
uint8_t fmap_hash[VB2_MAX_DIGEST_SIZE];
|
||||
struct vb2_hash fmap_hash;
|
||||
const struct fmap *fmap = partitioned_file_get_fmap(param.image_file);
|
||||
if (!fmap || vb2_digest_buffer((const void *)fmap, fmap_size(fmap),
|
||||
mhc->cbfs_hash.algo, fmap_hash, sizeof(fmap_hash)))
|
||||
if (!fmap || vb2_hash_calculate(false, fmap, fmap_size(fmap),
|
||||
mhc->cbfs_hash.algo, &fmap_hash))
|
||||
return -1;
|
||||
return update_anchor(mhc, fmap_hash);
|
||||
return update_anchor(mhc, fmap_hash.raw);
|
||||
}
|
||||
|
||||
static bool verification_exclude(enum cbfs_type type)
|
||||
@@ -1511,7 +1511,7 @@ static enum cb_err verify_walker(__always_unused cbfs_dev_t dev, size_t offset,
|
||||
if (!hash)
|
||||
return CB_ERR;
|
||||
void *file_data = arg + offset + data_offset;
|
||||
if (vb2_hash_verify(file_data, be32toh(mdata->h.len), hash) != VB2_SUCCESS)
|
||||
if (vb2_hash_verify(false, file_data, be32toh(mdata->h.len), hash) != VB2_SUCCESS)
|
||||
return CB_CBFS_HASH_MISMATCH;
|
||||
return CB_CBFS_NOT_FOUND;
|
||||
}
|
||||
|
Reference in New Issue
Block a user