From acbc03c79d5cc31b2ee87d744635dabc4bd27eb9 Mon Sep 17 00:00:00 2001 From: Julius Werner Date: Thu, 21 Dec 2023 15:38:53 -0800 Subject: [PATCH] Update vboot submodule to upstream main MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updating from commit id c0cb4bfa: 2023-12-08 signer: sign_android_image.sh should die when image repacking fails to commit id 7c3b60bb: 2023-10-13 firmware/2lib: Use SSE2 to speed-up Montgomery multiplication This brings in 3 new commits: 7c3b60bb firmware/2lib: Use SSE2 to speed-up Montgomery multiplication 8bb2f369 firmware: 2load_kernel: Set data_key allow_hwcrypto flag 2b183b58 vboot_reference: open drive rdonly when getting details 6ee22049 sign_official_build: switch from dgst to pkeyutl da69cf46 Makefile: Add support for make 4.3 Also update the implementations of the vb2ex_hwcrypto_modexp() callback to match the API changes made in vboot. Change-Id: Ia6e535f4e49045e24ab005ccd7dcbbcf250f96ac Signed-off-by: Julius Werner Reviewed-on: https://review.coreboot.org/c/coreboot/+/79685 Tested-by: build bot (Jenkins) Reviewed-by: Jérémy Compostella Reviewed-by: Subrata Banik --- 3rdparty/vboot | 2 +- src/soc/amd/common/psp_verstage/vboot_crypto.c | 13 ++++++++----- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/3rdparty/vboot b/3rdparty/vboot index c0cb4bfa74..7c3b60bb66 160000 --- a/3rdparty/vboot +++ b/3rdparty/vboot @@ -1 +1 @@ -Subproject commit c0cb4bfa743c5f0e4a70e2c1a4d063e0b4178ea9 +Subproject commit 7c3b60bb667f917525b5472f6a34df6402d7fa58 diff --git a/src/soc/amd/common/psp_verstage/vboot_crypto.c b/src/soc/amd/common/psp_verstage/vboot_crypto.c index 5ed351b604..370416f8f7 100644 --- a/src/soc/amd/common/psp_verstage/vboot_crypto.c +++ b/src/soc/amd/common/psp_verstage/vboot_crypto.c @@ -135,17 +135,17 @@ vb2_error_t vb2ex_hwcrypto_digest_finalize(uint8_t *digest, uint32_t digest_size vb2_error_t vb2ex_hwcrypto_modexp(const struct vb2_public_key *key, uint8_t *inout, - uint32_t *workbuf32, int exp) + void *workbuf, size_t workbuf_size, + int exp) { - /* workbuf32 is guaranteed to be a length of - * 3 * key->arrsize * sizeof(uint32_t). + /* * Since PSP expects everything in LE and *inout is BE array, * we'll use workbuf for temporary buffer for endian conversion. */ struct mod_exp_params mod_exp_param; unsigned int key_bytes = key->arrsize * sizeof(uint32_t); - uint32_t *sig_swapped = workbuf32; - uint32_t *output_buffer = &workbuf32[key->arrsize]; + uint32_t *sig_swapped = workbuf; + uint32_t *output_buffer = &sig_swapped[key->arrsize]; uint32_t *inout_32 = (uint32_t *)inout; uint32_t retval; uint32_t i; @@ -157,6 +157,9 @@ vb2_error_t vb2ex_hwcrypto_modexp(const struct vb2_public_key *key, return VB2_ERROR_EX_HWCRYPTO_UNSUPPORTED; } + if ((void *)&output_buffer[key->arrsize] - workbuf > workbuf_size) + return VB2_ERROR_WORKBUF_SMALL; + for (i = 0; i < key->arrsize; i++) sig_swapped[i] = swab32(inout_32[key->arrsize - i - 1]);