From 46cc24d94e9a1a225d10637650f56ff2272ba3dc Mon Sep 17 00:00:00 2001
From: Wim Vervoorn <wvervoorn@eltan.com>
Date: Thu, 14 Nov 2019 11:45:03 +0100
Subject: vendorcode/security/eltan: Allocate memory from bootmem to speed up
 hashing

The verified_boot_check_cbfsfile() will now try to allocate a buffer from
bootmem if the item in the list has the VERIFIED_BOOT_COPY_BLOCK attribute
set. For large payloads this speeds up the hash operation.

BUG=N/A
TEST=build

Change-Id: Ifa0c93632c59d05ae6d32f8785009a3c3568abc5
Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/36822
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
---
 .../eltan/security/verified_boot/vboot_check.c     | 32 ++++++++++++++++++----
 1 file changed, 26 insertions(+), 6 deletions(-)

(limited to 'src/vendorcode/eltan')

diff --git a/src/vendorcode/eltan/security/verified_boot/vboot_check.c b/src/vendorcode/eltan/security/verified_boot/vboot_check.c
index 0633042539..9fb83707bf 100644
--- a/src/vendorcode/eltan/security/verified_boot/vboot_check.c
+++ b/src/vendorcode/eltan/security/verified_boot/vboot_check.c
@@ -14,6 +14,7 @@
  * GNU General Public License for more details.
  */
 #include <boot_device.h>
+#include <bootmem.h>
 #include <cbfs.h>
 #include <vboot_check.h>
 #include <vboot_common.h>
@@ -183,13 +184,32 @@ void verified_boot_check_cbfsfile(const char *name, uint32_t type, uint32_t hash
 	start = cbfs_boot_map_with_leak(name, type & ~VERIFIED_BOOT_COPY_BLOCK, &size);
 	if (start && size) {
 		/* Speed up processing by copying the file content to memory first */
-		if (!ENV_ROMSTAGE_OR_BEFORE && (type & VERIFIED_BOOT_COPY_BLOCK) && (buffer) &&
-		    (*buffer) && ((uint32_t) start > (uint32_t)(~(CONFIG_CBFS_SIZE-1)))) {
+		if (!ENV_ROMSTAGE_OR_BEFORE && (type & VERIFIED_BOOT_COPY_BLOCK)) {
+
+			if ((buffer) && (*buffer) && (*filesize >= size) &&
+			    ((uint32_t) start > (uint32_t)(~(CONFIG_CBFS_SIZE-1)))) {
+
+				/* Use the buffer passed in if possible */
 				printk(BIOS_DEBUG, "%s: move buffer to memory\n", __func__);
-			/* Move the file to a memory bufferof which we know it doesn't harm */
-			memcpy(*buffer, start, size);
-			start = *buffer;
-			printk(BIOS_DEBUG, "%s: done\n", __func__);
+				/* Move the file to memory buffer passed in */
+				memcpy(*buffer, start, size);
+				start = *buffer;
+				printk(BIOS_DEBUG, "%s: done\n", __func__);
+
+			} else if (ENV_RAMSTAGE) {
+				/* Try to allocate a buffer from boot_mem */
+				void *local_buffer = bootmem_allocate_buffer(size);
+
+				if (local_buffer) {
+
+					/* Use the allocated buffer */
+					printk(BIOS_DEBUG, "%s: move file to memory\n",
+					       __func__);
+					memcpy(local_buffer, start, size);
+					start = local_buffer;
+					printk(BIOS_DEBUG, "%s: done\n", __func__);
+				}
+			}
 		}
 		verified_boot_check_buffer(name, start, size, hash_index, pcr);
 	} else {
-- 
cgit v1.2.3