Commit Graph

5 Commits

Author SHA1 Message Date
Alex Rebert 70282aece0 lz4: Fix out-of-bounds reads
Fix two out-of-bounds reads in lz4 decompression:

1) LZ4_decompress_generic could read one byte past the input buffer when
decoding variable length literals due to a missing bounds check. This
issue was resolved in libpayload, commonlib and cbfstool

2) ulz4fn could read up to 4 bytes past the input buffer when reading a
lz4_block_header due to a missing bounds check. This issue was resolved
in libpayload and commonlib.

Change-Id: I5afdf7e1d43ecdb06c7b288be46813c1017569fc
Signed-off-by: Alex Rebert <alexandre.rebert@gmail.com>
Found-by: Mayhem
Reviewed-on: https://review.coreboot.org/c/coreboot/+/39174
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2020-03-02 15:03:03 +00:00
Stefan Reinauer 6a00113de8 Rename __attribute__((packed)) --> __packed
Also unify __attribute__ ((..)) to __attribute__((..)) and
handle ((__packed__)) like ((packed))

Change-Id: Ie60a51c3fa92b5009724a5b7c2932e361bf3490c
Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-on: https://review.coreboot.org/15921
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-07-13 19:45:59 +00:00
Julius Werner 09f2921b5d cbfs: Add LZ4 in-place decompression support for pre-RAM stages
This patch ports the LZ4 decompression code that debuted in libpayload
last year to coreboot for use in CBFS stages (upgrading the base
algorithm to LZ4's dev branch to access the new in-place decompression
checks). This is especially useful for pre-RAM stages in constrained
SRAM-based systems, which previously could not be compressed due to
the size requirements of the LZMA scratchpad and bounce buffer. The
LZ4 algorithm offers a very lean decompressor function and in-place
decompression support to achieve roughly the same boot speed gains
(trading compression ratio for decompression time) with nearly no
memory overhead.

For now we only activate it for the stages that had previously not been
compressed at all on non-XIP (read: non-x86) boards. In the future we
may also consider replacing LZMA completely for certain boards, since
which algorithm wins out on boot speed depends on board-specific
parameters (architecture, processor speed, SPI transfer rate, etc.).

BRANCH=None
BUG=None
TEST=Built and booted Oak, Jerry, Nyan and Falco. Measured boot time on
Oak to be about ~20ms faster (cutting load times for affected stages
almost in half).

Change-Id: Iec256c0e6d585d1b69985461939884a54e3ab900
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/13638
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-02-22 21:38:37 +01:00
Julius Werner bf697566da libpayload: lz4: Add output overrun check to incompressible case
The LZ4 decompressor currently doesn't check for output overruns before
writing data in the case where a block had been incompressible (and
included verbatim in the compression stream). This is extremely unlikely
with the default 4MB blocks, but still a nice thing to fix. We'll still
output as much data as we can before returning an error to support
partial decompression use cases.

This matches the behavior already in place for normal, LZ4-compressed
blocks where the decompression function is already (supposed to be)
doing complete bounds checking (although it is not guaranteed to output
all valid bytes before aborting on an output overrun, and you should try
to provide a few dozen bytes of extra buffer space beyond the parts
you're interested in on partial decompression).

BRANCH=None
BUG=chrome-os-partner:32184
TEST=None

Change-Id: I5e40c8cec8947ec0ec8f6d8c8fa2574cfb4dc958
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: 636985334c9b3b93a12d4066d2829f1f999c9315
Original-Change-Id: Iecf44650aade60b9fa1b13e57da752fb482a3f3f
Original-Signed-off-by: Julius Werner <jwerner@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/286240
Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/11016
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2015-07-21 21:27:42 +02:00
Julius Werner bf27391da5 libpayload: Add LZ4 decompression algorithm
This patch adds support for the LZ4 decompression algorithm to
libpayload. It's what all the cool kids are using for decompression
these days and has many interesting advantages over LZMA (and everything
else I know of): blazing fast decompression (20(!) times faster than
LZMA, twice as fast as LZO on my Cortex-A72), no memory requirements on
decompression, and possibly in-place decompression support. It pays for
that with a lower compression ratio (about 50% larger compressed size
than LZMA, 10% larger than LZO for an ARM64 Linux kernel binary), but
the boot time math still works in its favor for our IO speeds.

This patch only adds the raw decompression functions for use by external
payloads, we can later try integrating them in CBFS. It copies the
decompression code itself unmodified from the upstream LZ4 library at
github.com/Cyan4973/lz4 which will hopefully make it easy to update. The
frame format parsing is reimplemented since the upstream version looks
unnecessarily complex and unreadable for our needs.

BRANCH=smaug
BUG=chrome-os-partner:32184
TEST=With other patches, booted ARM64 kernel that got compressed from
15M to 5.1M and decompresses in 44ms.

Change-Id: I65bdc4b2b19bd51c7b7e17a4e4b79da301a2a014
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: f8a1fc996d5b0234d07f567fa8163d0f802d5144
Original-Change-Id: I15c0620da05561ade2552b15ffdf6bb3afd7eb26
Original-Signed-off-by: Julius Werner <jwerner@chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/282743
Original-Reviewed-by: Stefan Reinauer <reinauer@google.com>
Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/10845
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2015-07-09 00:10:16 +02:00