2lib: Move firmware body size reporting to separate function

We used to return the firmware body size as part of vb2api_init_hash().
With persistent context and other recent developments, coreboot is
caching less data itself and relying more on vboot's data structures, so
it may now need this information at more points than just during the
hashing process. So let's create a custom function to return this.

BRANCH=hatch,kukui
BUG=b:143994765
TEST=make runtests

Cq-Depend: CB:37680 when it's done reviewing
Change-Id: I2bc968cd163016fd0130416c2679724caad895a2
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1965922
Reviewed-by: Shelley Chen <shchen@chromium.org>
Commit-Queue: Shelley Chen <shchen@chromium.org>
Tested-by: Shelley Chen <shchen@chromium.org>

5 files changed, 50 insertions, 27 deletions

diff --git a/firmware/2lib/2api.c b/firmware/2lib/2api.c
index a94f0193..f9b8bebb 100644
--- a/firmware/2lib/2api.c
+++ b/firmware/2lib/2api.c
@@ -226,8 +226,7 @@ vb2_error_t vb2api_fw_phase3(struct vb2_context *ctx)
 	return VB2_SUCCESS;
 }
 
-vb2_error_t vb2api_init_hash(struct vb2_context *ctx, uint32_t tag,
-			     uint32_t *size)
+vb2_error_t vb2api_init_hash(struct vb2_context *ctx, uint32_t tag)
 {
 	struct vb2_shared_data *sd = vb2_get_sd(ctx);
 	const struct vb2_fw_preamble *pre;
@@ -296,9 +295,6 @@ vb2_error_t vb2api_init_hash(struct vb2_context *ctx, uint32_t tag,
 	sd->hash_tag = tag;
 	sd->hash_remaining_size = pre->body_signature.data_size;
 
-	if (size)
-		*size = pre->body_signature.data_size;
-
 	if (!(pre->flags & VB2_FIRMWARE_PREAMBLE_DISALLOW_HWCRYPTO)) {
 		rv = vb2ex_hwcrypto_digest_init(key.hash_alg,
 						pre->body_signature.data_size);
diff --git a/firmware/2lib/2misc.c b/firmware/2lib/2misc.c
index 86438b44..1cdaeb62 100644
--- a/firmware/2lib/2misc.c
+++ b/firmware/2lib/2misc.c
@@ -13,6 +13,7 @@
 #include "2secdata.h"
 #include "2sha.h"
 #include "2sysincludes.h"
+#include "vb2_common.h"
 
 vb2_error_t vb2_validate_gbb_signature(uint8_t *sig)
 {
@@ -33,6 +34,17 @@ struct vb2_gbb_header *vb2_get_gbb(struct vb2_context *ctx)
 	return (struct vb2_gbb_header *)((void *)sd + sd->gbb_offset);
 }
 
+uint32_t vb2api_get_firmware_size(struct vb2_context *ctx)
+{
+	struct vb2_shared_data *sd = vb2_get_sd(ctx);
+	if (!sd->preamble_size)
+		return 0;
+
+	const struct vb2_fw_preamble *pre = (const struct vb2_fw_preamble *)
+		vb2_member_of(sd, sd->preamble_offset);
+	return pre->body_signature.data_size;
+}
+
 vb2_error_t vb2_read_gbb_header(struct vb2_context *ctx,
 				struct vb2_gbb_header *gbb)
 {
diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h
index 03df7e25..d178268a 100644
--- a/firmware/2lib/include/2api.h
+++ b/firmware/2lib/include/2api.h
@@ -602,12 +602,9 @@ vb2_error_t vb21api_fw_phase3(struct vb2_context *ctx);
  *
  * @param ctx		Vboot context
  * @param tag		Tag to start hashing (enum vb2_hash_tag)
- * @param size		If non-null, expected size of data for tag will be
- *			stored here on output.
  * @return VB2_SUCCESS, or error code on error.
  */
-vb2_error_t vb2api_init_hash(struct vb2_context *ctx, uint32_t tag,
-			     uint32_t *size);
+vb2_error_t vb2api_init_hash(struct vb2_context *ctx, uint32_t tag);
 
 /**
  * Same, but for new-style structs.
@@ -759,6 +756,16 @@ vb2_error_t vb2api_gbb_read_hwid(struct vb2_context *ctx, char *hwid,
 vb2_gbb_flags_t vb2api_gbb_get_flags(struct vb2_context *ctx);
 
 /**
+ * Get the size of the signed firmware body. This is only legal to call after
+ * vb2api_fw_phase3() has returned successfully, and will return 0 otherwise.
+ *
+ * @param ctx		Vboot context
+ *
+ * @return The firmware body size in bytes (or 0 if called too early).
+ */
+uint32_t vb2api_get_firmware_size(struct vb2_context *ctx);
+
+/**
  * Sync the Embedded Controller device to the expected version.
  *
  * This function will check if EC software sync is allowed, and if it
diff --git a/tests/vb20_verify_fw.c b/tests/vb20_verify_fw.c
index e7058054..4e107cf1 100644
--- a/tests/vb20_verify_fw.c
+++ b/tests/vb20_verify_fw.c
@@ -87,7 +87,7 @@ static void save_if_needed(struct vb2_context *c)
  */
 static vb2_error_t hash_body(struct vb2_context *c)
 {
-	uint32_t expect_size;
+	uint32_t remaining;
 	uint8_t block[8192];
 	uint32_t size;
 	FILE *f;
@@ -99,19 +99,20 @@ static vb2_error_t hash_body(struct vb2_context *c)
 		return VB2_ERROR_TEST_INPUT_FILE;
 
 	/* Start the body hash */
-	rv = vb2api_init_hash(c, VB2_HASH_TAG_FW_BODY, &expect_size);
+	rv = vb2api_init_hash(c, VB2_HASH_TAG_FW_BODY);
 	if (rv) {
 		fclose(f);
 		return rv;
 	}
 
-	printf("Expect %d bytes of body...\n", expect_size);
+	remaining = vb2api_get_firmware_size(c);
+	printf("Expect %d bytes of body...\n", remaining);
 
 	/* Extend over the body */
-	while (expect_size) {
+	while (remaining) {
 		size = sizeof(block);
-		if (size > expect_size)
-			size = expect_size;
+		if (size > remaining)
+			size = remaining;
 
 		/* Read next body block */
 		size = fread(block, 1, size, f);
@@ -125,7 +126,7 @@ static vb2_error_t hash_body(struct vb2_context *c)
 			return rv;
 		}
 
-		expect_size -= size;
+		remaining -= size;
 	}
 
 	fclose(f);
diff --git a/tests/vb2_api_tests.c b/tests/vb2_api_tests.c
index a7143b7f..f578d8cf 100644
--- a/tests/vb2_api_tests.c
+++ b/tests/vb2_api_tests.c
@@ -113,7 +113,7 @@ static void reset_common_data(enum reset_type t)
 	k->algorithm = mock_algorithm;
 
 	if (t == FOR_EXTEND_HASH || t == FOR_CHECK_HASH)
-		vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, NULL);
+		vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY);
 
 	if (t == FOR_CHECK_HASH)
 		vb2api_extend_hash(ctx, mock_body, mock_body_size);
@@ -290,6 +290,14 @@ static void misc_tests(void)
 		12, "vb2api_fail request");
 	TEST_EQ(vb2_nv_get(ctx, VB2_NV_RECOVERY_SUBCODE),
 		34, "vb2api_fail subcode");
+
+	/* Test get_firmware_size() */
+	reset_common_data(FOR_MISC);
+	TEST_EQ(vb2api_get_firmware_size(ctx), mock_body_size, "firmware_size");
+
+	reset_common_data(FOR_MISC);
+	sd->preamble_size = 0;
+	TEST_EQ(vb2api_get_firmware_size(ctx), 0, "firmware_size too early");
 }
 
 static void phase1_tests(void)
@@ -551,12 +559,11 @@ static void init_hash_tests(void)
 {
 	struct vb2_packed_key *k;
 	int wb_used_before;
-	uint32_t size;
 
 	/* For now, all we support is body signature hash */
 	reset_common_data(FOR_MISC);
 	wb_used_before = sd->workbuf_used;
-	TEST_SUCC(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, &size),
+	TEST_SUCC(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY),
 		  "init hash good");
 	TEST_EQ(sd->hash_offset, wb_used_before, "hash context offset");
 	TEST_EQ(sd->hash_size, sizeof(struct vb2_digest_context),
@@ -568,43 +575,43 @@ static void init_hash_tests(void)
 	TEST_EQ(sd->hash_remaining_size, mock_body_size, "hash remaining");
 
 	wb_used_before = sd->workbuf_used;
-	TEST_SUCC(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, NULL),
+	TEST_SUCC(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY),
 		  "init hash again");
 	TEST_EQ(sd->workbuf_used, wb_used_before, "init hash reuses context");
 
 	reset_common_data(FOR_MISC);
-	TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_INVALID, &size),
+	TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_INVALID),
 		VB2_ERROR_API_INIT_HASH_TAG, "init hash invalid tag");
 
 	reset_common_data(FOR_MISC);
 	sd->preamble_size = 0;
-	TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, &size),
+	TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY),
 		VB2_ERROR_API_INIT_HASH_PREAMBLE, "init hash preamble");
 
 	reset_common_data(FOR_MISC);
-	TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY + 1, &size),
+	TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY + 1),
 		VB2_ERROR_API_INIT_HASH_TAG, "init hash unknown tag");
 
 	reset_common_data(FOR_MISC);
 	sd->workbuf_used = sd->workbuf_size + VB2_WORKBUF_ALIGN -
 			vb2_wb_round_up(sizeof(struct vb2_digest_context));
-	TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, &size),
+	TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY),
 		VB2_ERROR_API_INIT_HASH_WORKBUF, "init hash workbuf");
 
 	reset_common_data(FOR_MISC);
 	sd->data_key_size = 0;
-	TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, &size),
+	TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY),
 		VB2_ERROR_API_INIT_HASH_DATA_KEY, "init hash data key");
 
 	reset_common_data(FOR_MISC);
 	sd->data_key_size--;
-	TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, &size),
+	TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY),
 		VB2_ERROR_UNPACK_KEY_SIZE, "init hash data key size");
 
 	reset_common_data(FOR_MISC);
 	k = vb2_member_of(sd, sd->data_key_offset);
 	k->algorithm--;
-	TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY, &size),
+	TEST_EQ(vb2api_init_hash(ctx, VB2_HASH_TAG_FW_BODY),
 		VB2_ERROR_SHA_INIT_ALGORITHM, "init hash algorithm");
 }