From f8e1764bb9696782ad3e525be8be34c3a9e14588 Mon Sep 17 00:00:00 2001 From: Julius Werner Date: Thu, 12 Dec 2019 13:23:06 -0800 Subject: security/vboot: Ensure firmware body size is respected again CB:36845 simplified how coreboot finds the RW CBFS after vboot has and eliminated a layer of caching. Unfortunately, we missed the fact that the former cached value didn't exactly match the FMAP section... it was in fact truncated to the data actually used by vboot. That patch unintentionally broke this truncation which leads to performance regressions on certain CBFS accesses. This patch makes use of a new API function added to vboot (CL:1965920) which we can use to retrieve the real firmware body length as before. (Also stop making all the vb2_context pointers const. vboot generally never marks context pointers as const in its API functions, even when the function doesn't modify the context. Therefore constifying it inside coreboot just makes things weird because it prevents you from calling random API functions for no reason. If we really want const context pointers, that's a refactoring that would have to start inside vboot first.) This patch brings in upstream vboot commit 4b0408d2: 2019-12-12 Julius Werner 2lib: Move firmware body size reporting to separate function Change-Id: I167cd40cb435dbae7f09d6069c9f1ffc1d99fe13 Signed-off-by: Julius Werner Reviewed-on: https://review.coreboot.org/c/coreboot/+/37680 Tested-by: build bot (Jenkins) Reviewed-by: Mathew King --- 3rdparty/vboot | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '3rdparty/vboot') diff --git a/3rdparty/vboot b/3rdparty/vboot index b10e5e32cc34..2843aa62ba7b 160000 --- a/3rdparty/vboot +++ b/3rdparty/vboot @@ -1 +1 @@ -Subproject commit b10e5e32cc34dba7660b070616d3481742a28e70 +Subproject commit 2843aa62ba7bcaab2abccf16e3f1b8bd7e058fdb -- cgit v1.2.3