2d99da12a9
This adds the option to compress ramstage and payloads with zstd.
zstd compressed ramstages are typically +5% bigger than lzma compressed
ramstages. The decompressor .text section grows by 20KiB and the
decompressor needs 16KiB more heap than the lzma decompressor.
To use less heap inside the zstd decompressor the build time define
ZSTD_DECODER_INTERNAL_BUFFER is used.
Quote:
The build macro `ZSTD_DECODER_INTERNAL_BUFFER` can be set to control
the amount of extra memory used during decompression to store
literals. This defaults to 64kB. Reducing this value reduces the
memory footprint of `ZSTD_DCtx` decompression contexts, but might
also result in a small decompression speed cost
TEST=Booted on Lenovo X220 with zstd ramstage showed no disadvantage
over a bigger internal buffer used.
TEST=Booted on Lenovo X220. The zstd decompressor is twice as fast
as the lzma decompressor.
cbmem -t shows:
- finished ZSTD decompress (ignore for x86) 79,444 (24,494)
- finished LZMA decompress (ignore for x86) 94,971 (45,545)
TEST=Booted on QEMU Q35, QEMU aarch64 virt, QEMU riscv RV64 with
zstd compressed ramstage.
Change-Id: Ic1b1f53327c598d07bd83d4391e8012d41696a16
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69893
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
206 lines
5.9 KiB
C
206 lines
5.9 KiB
C
/* SPDX-License-Identifier: GPL-2.0-only */
|
|
|
|
#include <cbfs.h>
|
|
#include <commonlib/bsd/cbfs_private.h>
|
|
#include <commonlib/region.h>
|
|
#include <string.h>
|
|
#include <tests/lib/cbfs_util.h>
|
|
#include <tests/test.h>
|
|
|
|
|
|
/* Mocks */
|
|
|
|
static struct cbfs_boot_device cbd;
|
|
|
|
const struct cbfs_boot_device *cbfs_get_boot_device(bool force_ro)
|
|
{
|
|
check_expected(force_ro);
|
|
return &cbd;
|
|
}
|
|
|
|
size_t vb2_digest_size(enum vb2_hash_algorithm hash_alg)
|
|
{
|
|
if (hash_alg != VB2_HASH_SHA256) {
|
|
fail_msg("Unsupported hash algorithm: %d\n", hash_alg);
|
|
return 0;
|
|
}
|
|
|
|
return VB2_SHA256_DIGEST_SIZE;
|
|
}
|
|
|
|
vb2_error_t vb2_hash_verify(bool allow_hwcrypto, const void *buf, uint32_t size,
|
|
const struct vb2_hash *hash)
|
|
{
|
|
assert_true(allow_hwcrypto);
|
|
check_expected_ptr(buf);
|
|
check_expected(size);
|
|
assert_int_equal(hash->algo, VB2_HASH_SHA256);
|
|
|
|
if (!memcmp(hash->sha256, good_hash, sizeof(good_hash)))
|
|
return VB2_SUCCESS;
|
|
|
|
if (!memcmp(hash->sha256, bad_hash, sizeof(bad_hash)))
|
|
return VB2_ERROR_SHA_MISMATCH;
|
|
|
|
fail_msg("%s called with bad hash", __func__);
|
|
return VB2_ERROR_SHA_MISMATCH;
|
|
}
|
|
|
|
size_t ulzman(const void *src, size_t srcn, void *dst, size_t dstn)
|
|
{
|
|
fail_msg("Unexpected call to %s", __func__);
|
|
return 0;
|
|
}
|
|
|
|
size_t uzstdn(const void *src, size_t srcn, void *dst, size_t dstn)
|
|
{
|
|
fail_msg("Unexpected call to %s", __func__);
|
|
return 0;
|
|
}
|
|
|
|
size_t ulz4fn(const void *src, size_t srcn, void *dst, size_t dstn)
|
|
{
|
|
fail_msg("Unexpected call to %s", __func__);
|
|
return 0;
|
|
}
|
|
|
|
vb2_error_t vb2_digest_init(struct vb2_digest_context *dc, bool allow_hwcrypto,
|
|
enum vb2_hash_algorithm hash_alg, uint32_t data_size)
|
|
{
|
|
if (hash_alg != VB2_HASH_SHA256) {
|
|
fail_msg("Unsupported hash algorithm: %d\n", hash_alg);
|
|
return VB2_ERROR_SHA_INIT_ALGORITHM;
|
|
}
|
|
|
|
return VB2_SUCCESS;
|
|
}
|
|
|
|
vb2_error_t vb2_digest_extend(struct vb2_digest_context *dc, const uint8_t *buf, uint32_t size)
|
|
{
|
|
check_expected(buf);
|
|
check_expected(size);
|
|
return VB2_SUCCESS;
|
|
}
|
|
|
|
vb2_error_t vb2_digest_finalize(struct vb2_digest_context *dc, uint8_t *digest, uint32_t size)
|
|
{
|
|
memcpy(digest, mock_ptr_type(void *), size);
|
|
return VB2_SUCCESS;
|
|
}
|
|
|
|
/* Original function alias created by test framework. Used for call wrapping in mock below. */
|
|
enum cb_err __real_cbfs_lookup(cbfs_dev_t dev, const char *name, union cbfs_mdata *mdata_out,
|
|
size_t *data_offset_out, struct vb2_hash *metadata_hash);
|
|
|
|
enum cb_err cbfs_lookup(cbfs_dev_t dev, const char *name, union cbfs_mdata *mdata_out,
|
|
size_t *data_offset_out, struct vb2_hash *metadata_hash)
|
|
{
|
|
const enum cb_err err =
|
|
__real_cbfs_lookup(dev, name, mdata_out, data_offset_out, metadata_hash);
|
|
assert_int_equal(mock_type(enum cb_err), err);
|
|
return err;
|
|
}
|
|
|
|
/* Tests */
|
|
|
|
static int setup_test_cbfs(void **state)
|
|
{
|
|
memset(&cbd, 0, sizeof(cbd));
|
|
return 0;
|
|
}
|
|
|
|
static void test_cbfs_map_no_hash(void **state)
|
|
{
|
|
void *mapping = NULL;
|
|
assert_int_equal(0, rdev_chain_mem(&cbd.rdev, &file_no_hash, sizeof(file_no_hash)));
|
|
|
|
if (CONFIG(CBFS_VERIFICATION)) {
|
|
/* File with no hash. No hash causes hash mismatch by default,
|
|
so mapping will not be completed successfully. */
|
|
expect_value(cbfs_get_boot_device, force_ro, false);
|
|
will_return(cbfs_lookup, CB_SUCCESS);
|
|
mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL);
|
|
assert_null(mapping);
|
|
} else {
|
|
expect_value(cbfs_get_boot_device, force_ro, false);
|
|
will_return(cbfs_lookup, CB_SUCCESS);
|
|
mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL);
|
|
assert_ptr_equal(mapping, file_no_hash.attrs_and_data);
|
|
}
|
|
}
|
|
|
|
static void test_cbfs_map_valid_hash(void **state)
|
|
{
|
|
void *mapping = NULL;
|
|
assert_int_equal(0,
|
|
rdev_chain_mem(&cbd.rdev, &file_valid_hash, sizeof(file_valid_hash)));
|
|
|
|
if (CONFIG(CBFS_VERIFICATION)) {
|
|
expect_value(cbfs_get_boot_device, force_ro, false);
|
|
expect_value(vb2_hash_verify, buf,
|
|
&file_valid_hash.attrs_and_data[HASH_ATTR_SIZE]);
|
|
expect_value(vb2_hash_verify, size, TEST_DATA_1_SIZE);
|
|
will_return(cbfs_lookup, CB_SUCCESS);
|
|
mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL);
|
|
assert_ptr_equal(mapping, &file_valid_hash.attrs_and_data[HASH_ATTR_SIZE]);
|
|
} else {
|
|
expect_value(cbfs_get_boot_device, force_ro, false);
|
|
will_return(cbfs_lookup, CB_SUCCESS);
|
|
mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL);
|
|
assert_ptr_equal(mapping, &file_valid_hash.attrs_and_data[HASH_ATTR_SIZE]);
|
|
}
|
|
}
|
|
|
|
static void test_cbfs_map_invalid_hash(void **state)
|
|
{
|
|
void *mapping = NULL;
|
|
assert_int_equal(
|
|
0, rdev_chain_mem(&cbd.rdev, &file_broken_hash, sizeof(file_broken_hash)));
|
|
|
|
if (CONFIG(CBFS_VERIFICATION)) {
|
|
expect_value(cbfs_get_boot_device, force_ro, false);
|
|
expect_value(vb2_hash_verify, buf,
|
|
&file_broken_hash.attrs_and_data[HASH_ATTR_SIZE]);
|
|
expect_value(vb2_hash_verify, size, TEST_DATA_1_SIZE);
|
|
will_return(cbfs_lookup, CB_SUCCESS);
|
|
mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL);
|
|
assert_null(mapping);
|
|
} else {
|
|
expect_value(cbfs_get_boot_device, force_ro, false);
|
|
will_return(cbfs_lookup, CB_SUCCESS);
|
|
mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL);
|
|
assert_ptr_equal(mapping, &file_broken_hash.attrs_and_data[HASH_ATTR_SIZE]);
|
|
}
|
|
}
|
|
|
|
void test_init_boot_device_verify(void **state)
|
|
{
|
|
struct vb2_hash hash = {.algo = VB2_HASH_SHA256};
|
|
const uint8_t hash_value[VB2_SHA256_DIGEST_SIZE] = {0};
|
|
memset(&cbd, 0, sizeof(cbd));
|
|
assert_int_equal(0,
|
|
rdev_chain_mem(&cbd.rdev, &file_valid_hash, sizeof(file_valid_hash)));
|
|
|
|
if (CONFIG(CBFS_VERIFICATION)) {
|
|
expect_memory(vb2_digest_extend, buf, &file_valid_hash,
|
|
be32_to_cpu(file_valid_hash.header.offset));
|
|
expect_value(vb2_digest_extend, size,
|
|
be32_to_cpu(file_valid_hash.header.offset));
|
|
will_return(vb2_digest_finalize, hash_value);
|
|
}
|
|
|
|
assert_int_equal(CB_SUCCESS, cbfs_init_boot_device(&cbd, &hash));
|
|
}
|
|
|
|
int main(void)
|
|
{
|
|
const struct CMUnitTest tests[] = {
|
|
cmocka_unit_test_setup(test_cbfs_map_no_hash, setup_test_cbfs),
|
|
cmocka_unit_test_setup(test_cbfs_map_valid_hash, setup_test_cbfs),
|
|
cmocka_unit_test_setup(test_cbfs_map_invalid_hash, setup_test_cbfs),
|
|
|
|
cmocka_unit_test(test_init_boot_device_verify),
|
|
};
|
|
|
|
return cb_run_group_tests(tests, NULL, NULL);
|
|
}
|