scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2026-01-10 17:41:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
6ab5fce30c09ce08d2aec113b91362bee34476ca
OpenCellular/firmware/lib21/api.c
Randall Spangler 1a5e02c7a9 firmware: Align workbuf used size 
Previously, workbuf used was not rounded up to a multiple of
VB2_WORKBUF_ALIGN.  The next allocation would be aligned, but not
until it was made.

Change this to round up used size when more workbuf is used.  This
provides better predictability of where the next allocation will be
placed.

Uncovered this problem when I added a new member to vb2_shared_data
which changed its size so it wasn't a multiple of VB2_WORKBUF_ALIGN,
and the vb20 and vb21 unit tests which tried to simulate not enough
buffer broke in strange ways.

BUG=chromium:611535
BRANCH=none
TEST=make -j runtests; build bob firmware and boot it

Change-Id: I0157a1c96326f7fce6be6efbd74d90c3d2942268
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/852488
Reviewed-by: Shelley Chen <shchen@chromium.org>
2018-01-05 21:14:12 -08:00

168 lines
4.2 KiB
C
Raw Blame History

/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* Externally-callable APIs
* (Firmware portion)
*/
#include "2sysincludes.h"
#include "2api.h"
#include "2common.h"
#include "2misc.h"
#include "2nvstorage.h"
#include "2secdata.h"
#include "2sha.h"
#include "2rsa.h"
#include "vb21_common.h"
int vb21api_fw_phase3(struct vb2_context *ctx)
{
int rv;
/* Verify firmware keyblock */
rv = vb21_load_fw_keyblock(ctx);
if (rv) {
vb2_fail(ctx, VB2_RECOVERY_RO_INVALID_RW, rv);
return rv;
}
/* Verify firmware preamble */
rv = vb21_load_fw_preamble(ctx);
if (rv) {
vb2_fail(ctx, VB2_RECOVERY_RO_INVALID_RW, rv);
return rv;
}
return VB2_SUCCESS;
}
int vb21api_init_hash(struct vb2_context *ctx,
const struct vb2_id *id,
uint32_t *size)
{
struct vb2_shared_data *sd = vb2_get_sd(ctx);
const struct vb21_fw_preamble *pre;
const struct vb21_signature *sig = NULL;
struct vb2_digest_context *dc;
struct vb2_workbuf wb;
uint32_t hash_offset;
int i, rv;
vb2_workbuf_from_ctx(ctx, &wb);
/* Get preamble pointer */
if (!sd->workbuf_preamble_size)
return VB2_ERROR_API_INIT_HASH_PREAMBLE;
pre = (const struct vb21_fw_preamble *)
(ctx->workbuf + sd->workbuf_preamble_offset);
/* Find the matching signature */
hash_offset = pre->hash_offset;
for (i = 0; i < pre->hash_count; i++) {
sig = (const struct vb21_signature *)
((uint8_t *)pre + hash_offset);
if (!memcmp(id, &sig->id, sizeof(*id)))
break;
hash_offset += sig->c.total_size;
}
if (i >= pre->hash_count)
return VB2_ERROR_API_INIT_HASH_ID; /* No match */
/* Allocate workbuf space for the hash */
if (sd->workbuf_hash_size) {
dc = (struct vb2_digest_context *)
(ctx->workbuf + sd->workbuf_hash_offset);
} else {
uint32_t dig_size = sizeof(*dc);
dc = vb2_workbuf_alloc(&wb, dig_size);
if (!dc)
return VB2_ERROR_API_INIT_HASH_WORKBUF;
sd->workbuf_hash_offset = vb2_offset_of(ctx->workbuf, dc);
sd->workbuf_hash_size = dig_size;
vb2_set_workbuf_used(ctx, sd->workbuf_hash_offset + dig_size);
}
sd->hash_tag = vb2_offset_of(ctx->workbuf, sig);
sd->hash_remaining_size = sig->data_size;
if (size)
*size = sig->data_size;
if (!(pre->flags & VB21_FIRMWARE_PREAMBLE_DISALLOW_HWCRYPTO)) {
rv = vb2ex_hwcrypto_digest_init(sig->hash_alg, sig->data_size);
if (!rv) {
VB2_DEBUG("Using HW crypto engine for hash_alg %d\n",
sig->hash_alg);
dc->hash_alg = sig->hash_alg;
dc->using_hwcrypto = 1;
return VB2_SUCCESS;
}
if (rv != VB2_ERROR_EX_HWCRYPTO_UNSUPPORTED)
return rv;
VB2_DEBUG("HW crypto for hash_alg %d not supported, using SW\n",
sig->hash_alg);
} else {
VB2_DEBUG("HW crypto forbidden by preamble, using SW\n");
}
return vb2_digest_init(dc, sig->hash_alg);
}
int vb21api_check_hash(struct vb2_context *ctx)
{
struct vb2_shared_data *sd = vb2_get_sd(ctx);
struct vb2_digest_context *dc = (struct vb2_digest_context *)
(ctx->workbuf + sd->workbuf_hash_offset);
struct vb2_workbuf wb;
uint8_t *digest;
uint32_t digest_size = vb2_digest_size(dc->hash_alg);
const struct vb21_signature *sig;
int rv;
vb2_workbuf_from_ctx(ctx, &wb);
/* Get signature pointer */
if (!sd->hash_tag)
return VB2_ERROR_API_CHECK_HASH_TAG;
sig = (const struct vb21_signature *)(ctx->workbuf + sd->hash_tag);
/* Must have initialized hash digest work area */
if (!sd->workbuf_hash_size)
return VB2_ERROR_API_CHECK_HASH_WORKBUF;
/* Should have hashed the right amount of data */
if (sd->hash_remaining_size)
return VB2_ERROR_API_CHECK_HASH_SIZE;
/* Allocate the digest */
digest = vb2_workbuf_alloc(&wb, digest_size);
if (!digest)
return VB2_ERROR_API_CHECK_HASH_WORKBUF_DIGEST;
/* Finalize the digest */
if (dc->using_hwcrypto)
rv = vb2ex_hwcrypto_digest_finalize(digest, digest_size);
else
rv = vb2_digest_finalize(dc, digest, digest_size);
if (rv)
return rv;
/* Compare with the signature */
if (vb2_safe_memcmp(digest, (const uint8_t *)sig + sig->sig_offset,
digest_size))
return VB2_ERROR_API_CHECK_HASH_SIG;
/* TODO: the old check-hash function called vb2_fail() on any mismatch.
* I don't think it should do that; the caller should. */
return VB2_SUCCESS;
}
Reference in New Issue View Git Blame Copy Permalink