scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2026-01-15 00:56:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
cd89b400a22702ab327b6fd261cd7d5c53b421e3
OpenCellular/common/vboot/common.c
Nicolas Boichat 6e8cbe40ee shared_mem: Assert that shared memory size is large enough 
We add a configuration option to set the minimum shared memory
size (CONFIG_SHAREDMEM_MINIMUM_SIZE), so that the link will fail
if there is not enough IRAM left.

Also, we add 2 macros around shared_mem_acquire, that check, at
build time, that the shared memory size is sufficient for the
allocation:
 - SHARED_MEM_ACQUIRE_CHECK should be used instead of
   shared_mem_acquire, when size is known in advance.
 - SHARED_MEM_CHECK_SIZE should be used when only a maximum size
   is known.

This does not account for "jump tags" that boards often add on
jump from RO to RW. Luckily, RW usually does not do verification,
and does not need as much shared memory.

BRANCH=none
BUG=chromium:739771
TEST=make buildall -j, no error

Change-Id: Ic4c72938affe65fe8f8bc17ee5111c1798fc536f
Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1002713
Reviewed-by: Gwendal Grignou <gwendal@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
2018-05-07 20:45:54 -07:00

59 lines
1.3 KiB
C
Raw Blame History

/* Copyright 2017 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*/
#include "common.h"
#include "console.h"
#include "rsa.h"
#include "sha256.h"
#include "shared_mem.h"
#include "vboot.h"
#define CPRINTS(format, args...) cprints(CC_VBOOT, format, ## args)
#define CPRINTF(format, args...) cprintf(CC_VBOOT, format, ## args)
int vboot_is_padding_valid(const uint8_t *data, uint32_t start, uint32_t end)
{
const uint32_t *data32 = (const uint32_t *)data;
int i;
if (start > end)
return EC_ERROR_INVAL;
if (start % 4 || end % 4)
return EC_ERROR_INVAL;
for (i = start / 4; i < end / 4; i++) {
if (data32[i] != 0xffffffff)
return EC_ERROR_INVAL;
}
return EC_SUCCESS;
}
int vboot_verify(const uint8_t *data, int len,
const struct rsa_public_key *key, const uint8_t *sig)
{
struct sha256_ctx ctx;
uint8_t *hash;
uint32_t *workbuf;
int err = EC_SUCCESS;
if (SHARED_MEM_ACQUIRE_CHECK(3 * RSANUMBYTES, (char **)&workbuf))
return EC_ERROR_MEMORY_ALLOCATION;
/* Compute hash of the RW firmware */
SHA256_init(&ctx);
SHA256_update(&ctx, data, len);
hash = SHA256_final(&ctx);
/* Verify the data */
if (rsa_verify(key, sig, hash, workbuf) != 1)
err = EC_ERROR_VBOOT_DATA_VERIFY;
shared_mem_release(workbuf);
return err;
}
Reference in New Issue View Git Blame Copy Permalink