security/vboot: Ensure firmware body size is respected again
CB:36845 simplified how coreboot finds the RW CBFS after vboot has and eliminated a layer of caching. Unfortunately, we missed the fact that the former cached value didn't exactly match the FMAP section... it was in fact truncated to the data actually used by vboot. That patch unintentionally broke this truncation which leads to performance regressions on certain CBFS accesses. This patch makes use of a new API function added to vboot (CL:1965920) which we can use to retrieve the real firmware body length as before. (Also stop making all the vb2_context pointers const. vboot generally never marks context pointers as const in its API functions, even when the function doesn't modify the context. Therefore constifying it inside coreboot just makes things weird because it prevents you from calling random API functions for no reason. If we really want const context pointers, that's a refactoring that would have to start inside vboot first.) This patch brings in upstream vboot commit 4b0408d2: 2019-12-12 Julius Werner 2lib: Move firmware body size reporting to separate function Change-Id: I167cd40cb435dbae7f09d6069c9f1ffc1d99fe13 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37680 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Mathew King <mathewk@chromium.org>
This commit is contained in:
parent
9b7c232924
commit
f8e1764bb9
|
@ -1 +1 @@
|
||||||
Subproject commit b10e5e32cc34dba7660b070616d3481742a28e70
|
Subproject commit 2843aa62ba7bcaab2abccf16e3f1b8bd7e058fdb
|
|
@ -68,8 +68,7 @@ struct vb2_context *vboot_get_context(void)
|
||||||
return vboot_ctx;
|
return vboot_ctx;
|
||||||
}
|
}
|
||||||
|
|
||||||
int vboot_locate_firmware(const struct vb2_context *ctx,
|
int vboot_locate_firmware(struct vb2_context *ctx, struct region_device *fw)
|
||||||
struct region_device *fw)
|
|
||||||
{
|
{
|
||||||
const char *name;
|
const char *name;
|
||||||
|
|
||||||
|
@ -78,7 +77,12 @@ int vboot_locate_firmware(const struct vb2_context *ctx,
|
||||||
else
|
else
|
||||||
name = "FW_MAIN_B";
|
name = "FW_MAIN_B";
|
||||||
|
|
||||||
return fmap_locate_area_as_rdev(name, fw);
|
int ret = fmap_locate_area_as_rdev(name, fw);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
|
|
||||||
|
/* Truncate area to the size that was actually signed by vboot. */
|
||||||
|
return rdev_chain(fw, fw, 0, vb2api_get_firmware_size(ctx));
|
||||||
}
|
}
|
||||||
|
|
||||||
static void vboot_setup_cbmem(int unused)
|
static void vboot_setup_cbmem(int unused)
|
||||||
|
|
|
@ -30,7 +30,7 @@ struct vb2_context *vboot_get_context(void);
|
||||||
/*
|
/*
|
||||||
* Returns 1 if firmware slot A is used, 0 if slot B is used.
|
* Returns 1 if firmware slot A is used, 0 if slot B is used.
|
||||||
*/
|
*/
|
||||||
static inline int vboot_is_firmware_slot_a(const struct vb2_context *ctx)
|
static inline int vboot_is_firmware_slot_a(struct vb2_context *ctx)
|
||||||
{
|
{
|
||||||
return !(ctx->flags & VB2_CONTEXT_FW_SLOT_B);
|
return !(ctx->flags & VB2_CONTEXT_FW_SLOT_B);
|
||||||
}
|
}
|
||||||
|
@ -49,8 +49,7 @@ static inline bool vboot_is_gbb_flag_set(enum vb2_gbb_flag flag)
|
||||||
/*
|
/*
|
||||||
* Locates firmware as a region device. Returns 0 on success, -1 on failure.
|
* Locates firmware as a region device. Returns 0 on success, -1 on failure.
|
||||||
*/
|
*/
|
||||||
int vboot_locate_firmware(const struct vb2_context *ctx,
|
int vboot_locate_firmware(struct vb2_context *ctx, struct region_device *fw);
|
||||||
struct region_device *fw);
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Source: security/vboot/bootmode.c
|
* Source: security/vboot/bootmode.c
|
||||||
|
|
|
@ -72,7 +72,7 @@ void vboot_run_logic(void)
|
||||||
|
|
||||||
static int vboot_locate(struct region_device *rdev)
|
static int vboot_locate(struct region_device *rdev)
|
||||||
{
|
{
|
||||||
const struct vb2_context *ctx;
|
struct vb2_context *ctx;
|
||||||
|
|
||||||
/* Don't honor vboot results until the vboot logic has run. */
|
/* Don't honor vboot results until the vboot logic has run. */
|
||||||
if (!vboot_logic_executed())
|
if (!vboot_logic_executed())
|
||||||
|
|
|
@ -173,10 +173,10 @@ static int handle_digest_result(void *slot_hash, size_t slot_hash_sz)
|
||||||
}
|
}
|
||||||
|
|
||||||
static vb2_error_t hash_body(struct vb2_context *ctx,
|
static vb2_error_t hash_body(struct vb2_context *ctx,
|
||||||
struct region_device *fw_main)
|
struct region_device *fw_body)
|
||||||
{
|
{
|
||||||
uint64_t load_ts;
|
uint64_t load_ts;
|
||||||
uint32_t expected_size;
|
uint32_t remaining;
|
||||||
uint8_t block[TODO_BLOCK_SIZE];
|
uint8_t block[TODO_BLOCK_SIZE];
|
||||||
uint8_t hash_digest[VBOOT_MAX_HASH_SIZE];
|
uint8_t hash_digest[VBOOT_MAX_HASH_SIZE];
|
||||||
const size_t hash_digest_sz = sizeof(hash_digest);
|
const size_t hash_digest_sz = sizeof(hash_digest);
|
||||||
|
@ -197,33 +197,22 @@ static vb2_error_t hash_body(struct vb2_context *ctx,
|
||||||
load_ts = timestamp_get();
|
load_ts = timestamp_get();
|
||||||
timestamp_add(TS_START_HASH_BODY, load_ts);
|
timestamp_add(TS_START_HASH_BODY, load_ts);
|
||||||
|
|
||||||
expected_size = region_device_sz(fw_main);
|
remaining = region_device_sz(fw_body);
|
||||||
offset = 0;
|
offset = 0;
|
||||||
|
|
||||||
/* Start the body hash */
|
/* Start the body hash */
|
||||||
rv = vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, &expected_size);
|
rv = vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY);
|
||||||
if (rv)
|
if (rv)
|
||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
/*
|
|
||||||
* Honor vboot's RW slot size. The expected size is pulled out of
|
|
||||||
* the preamble and obtained through vb2api_init_hash() above. By
|
|
||||||
* creating sub region the RW slot portion of the boot media is
|
|
||||||
* limited.
|
|
||||||
*/
|
|
||||||
if (rdev_chain(fw_main, fw_main, 0, expected_size)) {
|
|
||||||
printk(BIOS_ERR, "Unable to restrict CBFS size.\n");
|
|
||||||
return VB2_ERROR_UNKNOWN;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Extend over the body */
|
/* Extend over the body */
|
||||||
while (expected_size) {
|
while (remaining) {
|
||||||
uint64_t temp_ts;
|
uint64_t temp_ts;
|
||||||
if (block_size > expected_size)
|
if (block_size > remaining)
|
||||||
block_size = expected_size;
|
block_size = remaining;
|
||||||
|
|
||||||
temp_ts = timestamp_get();
|
temp_ts = timestamp_get();
|
||||||
if (rdev_readat(fw_main, block, offset, block_size) < 0)
|
if (rdev_readat(fw_body, block, offset, block_size) < 0)
|
||||||
return VB2_ERROR_UNKNOWN;
|
return VB2_ERROR_UNKNOWN;
|
||||||
load_ts += timestamp_get() - temp_ts;
|
load_ts += timestamp_get() - temp_ts;
|
||||||
|
|
||||||
|
@ -231,7 +220,7 @@ static vb2_error_t hash_body(struct vb2_context *ctx,
|
||||||
if (rv)
|
if (rv)
|
||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
expected_size -= block_size;
|
remaining -= block_size;
|
||||||
offset += block_size;
|
offset += block_size;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -309,7 +298,7 @@ ROMSTAGE_CBMEM_INIT_HOOK(vboot_log_and_clear_recovery_mode_switch)
|
||||||
void verstage_main(void)
|
void verstage_main(void)
|
||||||
{
|
{
|
||||||
struct vb2_context *ctx;
|
struct vb2_context *ctx;
|
||||||
struct region_device fw_main;
|
struct region_device fw_body;
|
||||||
vb2_error_t rv;
|
vb2_error_t rv;
|
||||||
|
|
||||||
timestamp_add_now(TS_START_VBOOT);
|
timestamp_add_now(TS_START_VBOOT);
|
||||||
|
@ -405,12 +394,12 @@ void verstage_main(void)
|
||||||
}
|
}
|
||||||
|
|
||||||
printk(BIOS_INFO, "Phase 4\n");
|
printk(BIOS_INFO, "Phase 4\n");
|
||||||
rv = vboot_locate_firmware(ctx, &fw_main);
|
rv = vboot_locate_firmware(ctx, &fw_body);
|
||||||
if (rv)
|
if (rv)
|
||||||
die_with_post_code(POST_INVALID_ROM,
|
die_with_post_code(POST_INVALID_ROM,
|
||||||
"Failed to read FMAP to locate firmware");
|
"Failed to read FMAP to locate firmware");
|
||||||
|
|
||||||
rv = hash_body(ctx, &fw_main);
|
rv = hash_body(ctx, &fw_body);
|
||||||
vboot_save_data(ctx);
|
vboot_save_data(ctx);
|
||||||
if (rv) {
|
if (rv) {
|
||||||
printk(BIOS_INFO, "Reboot requested (%x)\n", rv);
|
printk(BIOS_INFO, "Reboot requested (%x)\n", rv);
|
||||||
|
|
Loading…
Reference in New Issue