diff options
author | Randall Spangler <rspangler@chromium.org> | 2016-11-03 10:12:16 -0700 |
---|---|---|
committer | Randall Spangler <rspangler@chromium.org> | 2016-11-06 02:32:07 +0000 |
commit | a03a164a76a97f3f6a60ddf18c466b38f8a77400 (patch) | |
tree | eaa48fbcb2a142043e82edafbeebb8f0497133c4 | |
parent | 754ebdb8c39e693a1979e1f1089c3376390d9aa7 (diff) | |
download | vboot-a03a164a76a97f3f6a60ddf18c466b38f8a77400.tar.gz |
vboot2: Allocate more buffer for kernel verification
The low-level verification functions' *_WORKBUF_BYTES constants assume
the work buffer is already aligned to VB2_WORKBUF_ALIGN. But malloc()
may return a less-aligned pointer, in which case vb2_workbuf_init()
aligns it (and loses a bit of space in the process). This can cause an
error "vb2_rsa_verify_digest: ERROR - vboot2 work buffer too small!".
High-level functions should be using the *_WORKBUF_RECOMMENDED_SIZE
constants for allocation, which have enough padding to compensate for
alignment problems.
BUG=chrome-os-partner:59306
BRANCH=none
TEST=make runtests; boot a recovery image on reef
Change-Id: I1055fa56072b3fe1cd07c5c090293635c42c77a2
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/406526
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
-rw-r--r-- | firmware/lib/vboot_api_kernel.c | 6 | ||||
-rw-r--r-- | firmware/lib/vboot_kernel.c | 6 |
2 files changed, 4 insertions, 8 deletions
diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c index 6f896fbf..53f8b0ed 100644 --- a/firmware/lib/vboot_api_kernel.c +++ b/firmware/lib/vboot_api_kernel.c @@ -1403,12 +1403,10 @@ VbError_t VbVerifyMemoryBootImage(VbCommonParams *cparams, retval = VBERROR_INVALID_KERNEL_FOUND; /* Allocate work buffer */ - workbuf = (uint8_t *) - VbExMalloc(VB2_VERIFY_KERNEL_PREAMBLE_WORKBUF_BYTES); + workbuf = (uint8_t *)VbExMalloc(VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE); if (!workbuf) goto fail; - vb2_workbuf_init(&wb, workbuf, - VB2_VERIFY_KERNEL_PREAMBLE_WORKBUF_BYTES); + vb2_workbuf_init(&wb, workbuf, VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE); /* Verify the key block. */ key_block = (VbKeyBlockHeader *)kbuf; diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c index cf6f92bc..4e0d3e48 100644 --- a/firmware/lib/vboot_kernel.c +++ b/firmware/lib/vboot_kernel.c @@ -152,12 +152,10 @@ VbError_t LoadKernel(LoadKernelParams *params, VbCommonParams *cparams) goto bad_gpt; /* Allocate work buffer */ - workbuf = (uint8_t *) - VbExMalloc(VB2_VERIFY_KERNEL_PREAMBLE_WORKBUF_BYTES); + workbuf = (uint8_t *)VbExMalloc(VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE); if (!workbuf) goto bad_gpt; - vb2_workbuf_init(&wb, workbuf, - VB2_VERIFY_KERNEL_PREAMBLE_WORKBUF_BYTES); + vb2_workbuf_init(&wb, workbuf, VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE); /* Unpack kernel subkey */ struct vb2_public_key kernel_subkey2; |