diff options
| author | Julius Werner <jwerner@chromium.org> | 2022-08-08 18:08:35 -0700 |
|---|---|---|
| committer | Julius Werner <jwerner@chromium.org> | 2022-09-02 23:51:29 +0000 |
| commit | d96ca2465227f29354b41ce2ea7a17f1c5b8f1c1 (patch) | |
| tree | 835f9410585448932b2195bfdb7b4066204411f3 /payloads | |
| parent | b45b48de739ebaf52584bc23797869028950a535 (diff) | |
cbfs/vboot: Adapt to new vb2_digest API
CL:3825558 changes all vb2_digest and vb2_hash functions to take a new
hwcrypto_allowed argument, to potentially let them try to call the
vb2ex_hwcrypto API for hash calculation. This change will open hardware
crypto acceleration up to all hash calculations in coreboot (most
notably CBFS verification). As part of this change, the
vb2_digest_buffer() function has been removed, so replace existing
instances in coreboot with the newer vb2_hash_calculate() API.
Due to the circular dependency of these changes with vboot, this patch
also needs to update the vboot submodule:
Updating from commit id 18cb85b5:
2load_kernel.c: Expose load kernel as vb2_api
to commit id b827ddb9:
tests: Ensure auxfw sync runs after EC sync
This brings in 15 new commits.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I287d8dac3c49ad7ea3e18a015874ce8d610ec67e
Reviewed-on: https://review.coreboot.org/c/coreboot/+/66561
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jakub Czapiga <jacz@semihalf.com>
Diffstat (limited to 'payloads')
| -rw-r--r-- | payloads/libpayload/include/cbfs_glue.h | 4 | ||||
| -rw-r--r-- | payloads/libpayload/libcbfs/cbfs.c | 9 | ||||
| -rw-r--r-- | payloads/libpayload/tests/libcbfs/cbfs-verification-test.c | 4 |
3 files changed, 15 insertions, 2 deletions
diff --git a/payloads/libpayload/include/cbfs_glue.h b/payloads/libpayload/include/cbfs_glue.h index 00d0ea943a..bff63eea4a 100644 --- a/payloads/libpayload/include/cbfs_glue.h +++ b/payloads/libpayload/include/cbfs_glue.h @@ -5,9 +5,11 @@ #include <libpayload-config.h> #include <boot_device.h> +#include <stdbool.h> #include <stdio.h> #define CBFS_ENABLE_HASHING CONFIG(LP_CBFS_VERIFICATION) +#define CBFS_HASH_HWCRYPTO cbfs_hwcrypto_allowed() #define ERROR(...) printf("CBFS ERROR: " __VA_ARGS__) #define LOG(...) printf("CBFS: " __VA_ARGS__) @@ -43,4 +45,6 @@ static inline size_t cbfs_dev_size(cbfs_dev_t dev) return dev->size; } +bool cbfs_hwcrypto_allowed(void); + #endif /* _CBFS_CBFS_GLUE_H */ diff --git a/payloads/libpayload/libcbfs/cbfs.c b/payloads/libpayload/libcbfs/cbfs.c index 0694c4f7c5..a158ba8fa1 100644 --- a/payloads/libpayload/libcbfs/cbfs.c +++ b/payloads/libpayload/libcbfs/cbfs.c @@ -89,7 +89,7 @@ static bool cbfs_file_hash_mismatch(const void *buffer, size_t size, ERROR("'%s' does not have a file hash!\n", mdata->h.filename); return true; } - if (vb2_hash_verify(buffer, size, hash) != VB2_SUCCESS) { + if (vb2_hash_verify(cbfs_hwcrypto_allowed(), buffer, size, hash) != VB2_SUCCESS) { ERROR("'%s' file hash mismatch!\n", mdata->h.filename); return true; } @@ -223,3 +223,10 @@ void *_cbfs_unverified_area_load(const char *area, const char *name, void *buf, return do_load(&mdata, dev.offset + data_offset, buf, size_inout, true); } + +/* This should be overridden by payloads that want to enforce more explicit + policy on using HW crypto. */ +__weak bool cbfs_hwcrypto_allowed(void) +{ + return true; +} diff --git a/payloads/libpayload/tests/libcbfs/cbfs-verification-test.c b/payloads/libpayload/tests/libcbfs/cbfs-verification-test.c index 8e50f39d45..25e402cca3 100644 --- a/payloads/libpayload/tests/libcbfs/cbfs-verification-test.c +++ b/payloads/libpayload/tests/libcbfs/cbfs-verification-test.c @@ -23,8 +23,10 @@ size_t vb2_digest_size(enum vb2_hash_algorithm hash_alg) return VB2_SHA256_DIGEST_SIZE; } -vb2_error_t vb2_hash_verify(const void *buf, uint32_t size, const struct vb2_hash *hash) +vb2_error_t vb2_hash_verify(bool allow_hwcrypto, const void *buf, uint32_t size, + const struct vb2_hash *hash) { + assert_true(allow_hwcrypto); check_expected_ptr(buf); check_expected(size); |