From 99a9928447568e0144a61ea1d1799ecd99b31b9d Mon Sep 17 00:00:00 2001 From: Julius Werner Date: Tue, 9 Aug 2022 18:46:50 -0700 Subject: soc/(amd|rockchip): Update vb2ex_hwcrypto implementations to new API req We want to extend the vb2ex_hwcrypto APIs on the vboot side to allow passing 0 for the data_size parameter to vb2ex_hwcrypto_digest_init() (see CL:3825558). This is because not all use cases allow knowing the amount of data to be hashed beforehand (most notable the metadata hash for CBFS verification), and some HW crypto engines do not need this information, so we don't want to preclude them from optimizing these use cases just because others do. The new API requirement is that data_size may be 0, which indicates that the amount of data to be hashed is unknown. If a HW crypto engine cannot support this case, it should return VB2_ERROR_EX_HWCRYPTO_UNSUPPORTED to those calls (this patch adds the code to do that to existing HW crypto implementations). If the passed-in data_size value is non-zero, the HW crypto implementation can trust that it is accurate. Also reduce a bit of the console spew for existing HW crypto implementations, since vboot already logs the same information anyway. Signed-off-by: Julius Werner Change-Id: Ieb7597080254b31ef2bdbc0defc91b119c618380 Reviewed-on: https://review.coreboot.org/c/coreboot/+/66621 Tested-by: build bot (Jenkins) Reviewed-by: Yu-Ping Wu Reviewed-by: Karthik Ramasubramanian --- src/soc/amd/common/psp_verstage/vboot_crypto.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) (limited to 'src/soc/amd') diff --git a/src/soc/amd/common/psp_verstage/vboot_crypto.c b/src/soc/amd/common/psp_verstage/vboot_crypto.c index 89a4ccea51..81a6740668 100644 --- a/src/soc/amd/common/psp_verstage/vboot_crypto.c +++ b/src/soc/amd/common/psp_verstage/vboot_crypto.c @@ -17,15 +17,11 @@ static uint8_t __attribute__((aligned(32))) sha_hash[64]; vb2_error_t vb2ex_hwcrypto_digest_init(enum vb2_hash_algorithm hash_alg, uint32_t data_size) { - printk(BIOS_DEBUG, "Calculating hash of %d bytes\n", data_size); + if (!data_size || platform_set_sha_op(hash_alg, &sha_op) != 0) + return VB2_ERROR_EX_HWCRYPTO_UNSUPPORTED; sha_op_size_remaining = data_size; - if (platform_set_sha_op(hash_alg, &sha_op) != 0) { - printk(BIOS_INFO, "Unsupported hash_alg %d!\n", hash_alg); - return VB2_ERROR_EX_HWCRYPTO_UNSUPPORTED; - } - /* Set init flag for first operation */ sha_op.Init = 1; -- cgit v1.2.3