sravan/system76-coreboot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

security/vboot: Ensure firmware body size is respected again

Browse Source 
CB:36845 simplified how coreboot finds the RW CBFS after vboot has and
eliminated a layer of caching. Unfortunately, we missed the fact that
the former cached value didn't exactly match the FMAP section... it was
in fact truncated to the data actually used by vboot. That patch
unintentionally broke this truncation which leads to performance
regressions on certain CBFS accesses.

This patch makes use of a new API function added to vboot (CL:1965920)
which we can use to retrieve the real firmware body length as before.

(Also stop making all the vb2_context pointers const. vboot generally
never marks context pointers as const in its API functions, even when
the function doesn't modify the context. Therefore constifying it inside
coreboot just makes things weird because it prevents you from calling
random API functions for no reason. If we really want const context
pointers, that's a refactoring that would have to start inside vboot
first.)

This patch brings in upstream vboot commit 4b0408d2:
2019-12-12 Julius Werner   2lib: Move firmware body size reporting to
			   separate function

Change-Id: I167cd40cb435dbae7f09d6069c9f1ffc1d99fe13
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37680
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Mathew King <mathewk@chromium.org>
This commit is contained in:
Julius Werner
2019-12-12 13:23:06 -08:00
parent 9b7c232924
commit f8e1764bb9
5 changed files with 23 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/security/vboot/misc.h
View File

@ -30,7 +30,7 @@ struct vb2_context *vboot_get_context(void);
/*
* Returns 1 if firmware slot A is used, 0 if slot B is used.
*/
static inline int vboot_is_firmware_slot_a(const struct vb2_context *ctx)
static inline int vboot_is_firmware_slot_a(struct vb2_context *ctx)
{
return !(ctx->flags & VB2_CONTEXT_FW_SLOT_B);
}
@ -49,8 +49,7 @@ static inline bool vboot_is_gbb_flag_set(enum vb2_gbb_flag flag)
/*
* Locates firmware as a region device. Returns 0 on success, -1 on failure.
*/
int vboot_locate_firmware(const struct vb2_context *ctx,
struct region_device *fw);
int vboot_locate_firmware(struct vb2_context *ctx, struct region_device *fw);
/*
* Source: security/vboot/bootmode.c