diff options
author | Julius Werner <jwerner@chromium.org> | 2020-01-23 14:52:59 -0800 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2020-01-28 02:32:08 +0000 |
commit | 0e97e25e85f0499e23b09a31a2c7116759f191d5 (patch) | |
tree | d990e6cc56eeab048a96de48cefdacc10e0c13b3 /firmware/2lib/include/2sha.h | |
parent | f57ad98c29072624bf0977ab972201595efd2b38 (diff) | |
download | vboot-stabilize-12871.103.B.tar.gz |
2lib: Fix struct vb2_hash the way it was meant to bestabilize-quickfix-12871.27.Bstabilize-12871.91.Bstabilize-12871.65.Bstabilize-12871.57.Bstabilize-12871.253.Bstabilize-12871.24.Bstabilize-12871.103.Bstabilize-12871.102.Brelease-R81-12871.B
My goal in CL:1963614 was to write struct vb2_hash such that it can
match the exisiting binary representation of the CBFS hash attribute,
but no longer be dependent on endianness. Unfortunately I screwed up...
if you want to match the binary representation of a big-endian integer
for small numbers, the important byte you're interested in is the *last*
one, not the first.
Thankfully we still have time to fix the issue before this struct is
really used anywhere, so this patch does that and adds a test to double
check I got it right this time.
Also clarify comments about how vboot is allowed to use this struct a
bit to match the indended usage I'm planning in coreboot. In doing that
I realized that you actually don't want to make it easy to sizeof() the
|bytes| portion of the struct (because functions shouldn't rely on that
size anyway, they should only touch what's valid for a given hash
algorithm), so taking that out which also makes it a little more
comfortable to work with the struct.
BRANCH=none
BUG=none
TEST=make runtests
Change-Id: I7e1a19f36d75acb69e5d1bfa79700c9d878f9703
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2019952
Diffstat (limited to 'firmware/2lib/include/2sha.h')
-rw-r--r-- | firmware/2lib/include/2sha.h | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/firmware/2lib/include/2sha.h b/firmware/2lib/include/2sha.h index 32af9f74..95f85804 100644 --- a/firmware/2lib/include/2sha.h +++ b/firmware/2lib/include/2sha.h @@ -100,15 +100,17 @@ struct vb2_digest_context { /* * Serializable data structure that can store any vboot hash. Layout used in * CBFS attributes that need to be backwards-compatible -- do not change! - * When serializing/deserizaling this, you should store/load (offsetof(bytes) + - * vb2_digest_size(algo)), not the full size of this structure. + * When serializing/deserizaling this, you should store/load (offsetof(raw) + + * vb2_digest_size(algo)), not the full size of this structure. vboot functions + * taking a pointer to this should only access the |raw| array up to + * vb2_digest_size(algo) and not assume that the whole structure is accessible. */ struct vb2_hash { - /* enum vb2_hash_algorithm. Fixed width for serialization. - Single byte to avoid endianness issues. */ - uint8_t algo; - /* Padding to align and to match existing CBFS attribute. */ + /* Padding to match existing 4-byte big-endian from CBFS. + Could be reused for other stuff later (e.g. flags or something). */ uint8_t reserved[3]; + /* enum vb2_hash_algorithm. Single byte to avoid endianness issues. */ + uint8_t algo; /* The actual digest. Can add new types here as required. */ union { uint8_t raw[0]; @@ -121,10 +123,10 @@ struct vb2_hash { #if VB2_SUPPORT_SHA512 uint8_t sha512[VB2_SHA512_DIGEST_SIZE]; #endif - } bytes; /* This has a name so that it's easy to sizeof(). */ + }; }; -_Static_assert(sizeof(((struct vb2_hash *)0)->bytes) <= VB2_MAX_DIGEST_SIZE, - "Must update VB2_MAX_DIGEST_SIZE for new digests!"); +_Static_assert(sizeof(struct vb2_hash) - offsetof(struct vb2_hash, raw) + <= VB2_MAX_DIGEST_SIZE, "Update VB2_MAX_DIGEST_SIZE for new digests!"); _Static_assert(VB2_HASH_ALG_COUNT <= UINT8_MAX, "vb2_hash.algo overflow!"); /** @@ -270,7 +272,7 @@ static inline vb2_error_t vb2_hash_calculate(const void *buf, uint32_t size, struct vb2_hash *hash) { hash->algo = algo; - return vb2_digest_buffer(buf, size, algo, hash->bytes.raw, + return vb2_digest_buffer(buf, size, algo, hash->raw, vb2_digest_size(algo)); } |