vboot2: Allocate more buffer for kernel verification
The low-level verification functions' *_WORKBUF_BYTES constants assume
the work buffer is already aligned to VB2_WORKBUF_ALIGN. But malloc()
may return a less-aligned pointer, in which case vb2_workbuf_init()
aligns it (and loses a bit of space in the process). This can cause an
error "vb2_rsa_verify_digest: ERROR - vboot2 work buffer too small!".
High-level functions should be using the *_WORKBUF_RECOMMENDED_SIZE
constants for allocation, which have enough padding to compensate for
alignment problems.
BUG=chrome-os-partner:59306
BRANCH=none
TEST=make runtests; boot a recovery image on reef
Change-Id: I1055fa56072b3fe1cd07c5c090293635c42c77a2
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/406526
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c
index 6f896fb..53f8b0e 100644
--- a/firmware/lib/vboot_api_kernel.c
+++ b/firmware/lib/vboot_api_kernel.c
@@ -1403,12 +1403,10 @@
retval = VBERROR_INVALID_KERNEL_FOUND;
/* Allocate work buffer */
- workbuf = (uint8_t *)
- VbExMalloc(VB2_VERIFY_KERNEL_PREAMBLE_WORKBUF_BYTES);
+ workbuf = (uint8_t *)VbExMalloc(VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE);
if (!workbuf)
goto fail;
- vb2_workbuf_init(&wb, workbuf,
- VB2_VERIFY_KERNEL_PREAMBLE_WORKBUF_BYTES);
+ vb2_workbuf_init(&wb, workbuf, VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE);
/* Verify the key block. */
key_block = (VbKeyBlockHeader *)kbuf;
diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c
index cf6f92b..4e0d3e4 100644
--- a/firmware/lib/vboot_kernel.c
+++ b/firmware/lib/vboot_kernel.c
@@ -152,12 +152,10 @@
goto bad_gpt;
/* Allocate work buffer */
- workbuf = (uint8_t *)
- VbExMalloc(VB2_VERIFY_KERNEL_PREAMBLE_WORKBUF_BYTES);
+ workbuf = (uint8_t *)VbExMalloc(VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE);
if (!workbuf)
goto bad_gpt;
- vb2_workbuf_init(&wb, workbuf,
- VB2_VERIFY_KERNEL_PREAMBLE_WORKBUF_BYTES);
+ vb2_workbuf_init(&wb, workbuf, VB2_KERNEL_WORKBUF_RECOMMENDED_SIZE);
/* Unpack kernel subkey */
struct vb2_public_key kernel_subkey2;