From 26aa7503a7cb9a5ca833f2b0774f10ec3846a6df Mon Sep 17 00:00:00 2001
From: Karthikeyan Ramasubramanian <kramasub@google.com>
Date: Wed, 5 Oct 2022 23:48:18 -0600
Subject: [PATCH] soc/amd/common/psp_verstage: Pass SRAM buffer to Crypto
 Engine

Crypto engine prefers the buffer from SRAM. CBFS verification may pass
the mapped address of a CBFS file from SPI flash. This causes PSP crypto
engine to return invalid address. Hence if the buffer is from SRAM, pass
it directly to crypto engine. Else copy into a temporary buffer before
passing it to crypto engine.

BUG=b:b:227809919
TEST=Build and boot to OS in skyrim with CBFS verification enabled using
both x86 verstage and PSP verstage.

Change-Id: Ie9bc9e786f302e7938969c8093d5405b5a85b711
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68184
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
---
 .../amd/common/psp_verstage/vboot_crypto.c    | 38 ++++++++++++++++++-
 1 file changed, 37 insertions(+), 1 deletion(-)

diff --git a/src/soc/amd/common/psp_verstage/vboot_crypto.c b/src/soc/amd/common/psp_verstage/vboot_crypto.c
index 81a6740668..8c1f31336a 100644
--- a/src/soc/amd/common/psp_verstage/vboot_crypto.c
+++ b/src/soc/amd/common/psp_verstage/vboot_crypto.c
@@ -6,9 +6,11 @@
 #include <commonlib/bsd/helpers.h>
 #include <console/console.h>
 #include "psp_verstage.h"
+#include <soc/psp_verstage_addr.h>
 #include <stddef.h>
 #include <string.h>
 #include <swab.h>
+#include <symbols.h>
 #include <vb2_api.h>
 
 static struct sha_generic_data sha_op;
@@ -40,9 +42,10 @@ vb2_error_t vb2ex_hwcrypto_digest_init(enum vb2_hash_algorithm hash_alg, uint32_
 	return VB2_SUCCESS;
 }
 
-vb2_error_t vb2ex_hwcrypto_digest_extend(const uint8_t *buf, uint32_t size)
+static vb2_error_t vb2ex_hwcrypto_digest_extend_psp_sram(const uint8_t *buf, uint32_t size)
 {
 	uint32_t retval;
+
 	sha_op.Data = (uint8_t *)buf;
 
 	if (!sha_op_size_remaining) {
@@ -76,6 +79,39 @@ vb2_error_t vb2ex_hwcrypto_digest_extend(const uint8_t *buf, uint32_t size)
 	return VB2_SUCCESS;
 }
 
+
+vb2_error_t vb2ex_hwcrypto_digest_extend(const uint8_t *buf, uint32_t size)
+{
+	vb2_error_t retval;
+	uint32_t offset = 0, copy_size;
+
+	/*
+	 * Crypto engine prefers the buffer from SRAM. CBFS verification may pass the
+	 * mapped address of SPI flash which makes crypto engine to return invalid address.
+	 * Hence if the buffer is from SRAM, pass it to crypto engine. Else copy into a
+	 * temporary buffer before passing it to crypto engine.
+	 */
+	if (buf >= _sram && (buf + size) < _esram)
+		return vb2ex_hwcrypto_digest_extend_psp_sram(buf, size);
+
+	while (size) {
+		uint8_t block[CONFIG_VBOOT_HASH_BLOCK_SIZE];
+
+		copy_size = size < CONFIG_VBOOT_HASH_BLOCK_SIZE ?
+					size : CONFIG_VBOOT_HASH_BLOCK_SIZE;
+		memcpy(block, buf + offset, copy_size);
+
+		retval = vb2ex_hwcrypto_digest_extend_psp_sram(block, copy_size);
+		if (retval != VB2_SUCCESS)
+			return retval;
+
+		size -= copy_size;
+		offset += copy_size;
+	}
+
+	return VB2_SUCCESS;
+}
+
 /* Copy the hash back to verstage */
 vb2_error_t vb2ex_hwcrypto_digest_finalize(uint8_t *digest, uint32_t digest_size)
 {