diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/aes/aes-encrypt.c | 3 | ||||
| -rw-r--r-- | lib/ecdsa/ecdsa-libcrypto.c | 2 | ||||
| -rw-r--r-- | lib/efi_loader/efi_variable_tee.c | 16 | ||||
| -rw-r--r-- | lib/rsa/rsa-sign.c | 2 |
4 files changed, 12 insertions, 11 deletions
diff --git a/lib/aes/aes-encrypt.c b/lib/aes/aes-encrypt.c index a6d1720f30..e74e35eaa2 100644 --- a/lib/aes/aes-encrypt.c +++ b/lib/aes/aes-encrypt.c @@ -2,6 +2,9 @@ /* * Copyright (c) 2019,Softathome */ + +#define OPENSSL_API_COMPAT 0x10101000L + #include "mkimage.h" #include <stdio.h> #include <string.h> diff --git a/lib/ecdsa/ecdsa-libcrypto.c b/lib/ecdsa/ecdsa-libcrypto.c index 1757a14562..ae6dfa0ba9 100644 --- a/lib/ecdsa/ecdsa-libcrypto.c +++ b/lib/ecdsa/ecdsa-libcrypto.c @@ -18,6 +18,8 @@ * Copyright (c) 2020,2021, Alexandru Gagniuc <mr.nuke.me@gmail.com> */ +#define OPENSSL_API_COMPAT 0x10101000L + #include <u-boot/ecdsa.h> #include <u-boot/fdt-libcrypto.h> #include <openssl/ssl.h> diff --git a/lib/efi_loader/efi_variable_tee.c b/lib/efi_loader/efi_variable_tee.c index 281f886124..a2c65e3694 100644 --- a/lib/efi_loader/efi_variable_tee.c +++ b/lib/efi_loader/efi_variable_tee.c @@ -15,7 +15,6 @@ #include <malloc.h> #include <mm_communication.h> -#define OPTEE_PAGE_SIZE BIT(12) extern struct efi_var_file __efi_runtime_data *efi_var_buf; static efi_uintn_t max_buffer_size; /* comm + var + func + data */ static efi_uintn_t max_payload_size; /* func + data */ @@ -114,7 +113,11 @@ static efi_status_t optee_mm_communicate(void *comm_buf, ulong dsize) rc = tee_invoke_func(conn.tee, &arg, 2, param); tee_shm_free(shm); tee_close_session(conn.tee, conn.session); - if (rc || arg.ret != TEE_SUCCESS) + if (rc) + return EFI_DEVICE_ERROR; + if (arg.ret == TEE_ERROR_EXCESS_DATA) + log_err("Variable payload too large\n"); + if (arg.ret != TEE_SUCCESS) return EFI_DEVICE_ERROR; switch (param[1].u.value.a) { @@ -256,15 +259,6 @@ efi_status_t EFIAPI get_max_payload(efi_uintn_t *size) } *size = var_payload->size; /* - * Although the max payload is configurable on StMM, we only share a - * single page from OP-TEE for the non-secure buffer used to communicate - * with StMM. Since OP-TEE will reject to map anything bigger than that, - * make sure we are in bounds. - */ - if (*size > OPTEE_PAGE_SIZE) - *size = OPTEE_PAGE_SIZE - MM_COMMUNICATE_HEADER_SIZE - - MM_VARIABLE_COMMUNICATE_SIZE; - /* * There seems to be a bug in EDK2 miscalculating the boundaries and * size checks, so deduct 2 more bytes to fulfill this requirement. Fix * it up here to ensure backwards compatibility with older versions diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index 0579e5294e..44f21416ce 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -3,6 +3,8 @@ * Copyright (c) 2013, Google Inc. */ +#define OPENSSL_API_COMPAT 0x10101000L + #include "mkimage.h" #include <stdlib.h> #include <stdio.h> |