diff options
| author | Vadim Bendebury <vbendeb@chromium.org> | 2017-01-25 10:28:48 -0800 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2017-01-28 01:52:09 -0800 |
| commit | 79a1e2072d512d943cbac4a96497ff07fc42e834 (patch) | |
| tree | a79cebf0e9cd18f66c936ff3d78f34f1608bf3fb /include/nvmem.h | |
| parent | 1f52e64ae6b3876746bbd6339a6282f5f3ab5818 (diff) | |
| download | chrome-ec-79a1e2072d512d943cbac4a96497ff07fc42e834.tar.gz | |
nvmem: do not use malloc for cached buffer
With introduction of encryption it is becoming impossible to read
NVMEM contents directly from flash. Decrypting the contents each time
there is a read request creates a significant performance hit. NVMEM
needs to be rearchitecture such that there is no need to run
decryption each time NVMEM read is performed.
This patch does just that, implementation details are described in the
header comment in common/nvmem.c.
To reduce memory impact the size of NVMEM is being decreased from 16K
to 12K. This is acceptable because eviction objects stored in NVMEM
serialized now, which dramatically reduces NVMEM size requirements.
The TPM2 NVMEM size definition must be kept in sync.
Another optimization this change introduces is bypassing writing into
the flash if NVMEM contents did not change, which is verified by
examining the hash of the cached storage.
A test is added to verify that the new commit scheme works as
expected, and the nvmem test is re-introduced to the list of test ran
on each 'make buildall'.
CQ-DEPEND=CL:433839
BRANCH=none
BUG=chrome-os-partner:62260,chrome-os-partner:62421
BUG=chrome-os-partner:62437
TEST=ran the following tests, all succeeded
make buildall -j
TEST_LIST_HOST=nvmem make runtests
tcg test suite
corp enroll on reef, reboot a few times, verify that enrollment sticks
Change-Id: I177daa3ceb4fd7aac299ca26b4506b863e31b946
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/433184
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Diffstat (limited to 'include/nvmem.h')
| -rw-r--r-- | include/nvmem.h | 35 |
1 files changed, 27 insertions, 8 deletions
diff --git a/include/nvmem.h b/include/nvmem.h index 1f9a27b1c7..87de8b9cae 100644 --- a/include/nvmem.h +++ b/include/nvmem.h @@ -35,7 +35,7 @@ * * Note that the NvMem partitions can be placed anywhere in flash space, but * must be equal in total size. A table is used by the NvMem module to get the - * correct base address and offset for each partition. + * correct base address for each partition. * * A generation number is used to distinguish between two valid partitions with * the newsest generation number (in a circular sense) marking the correct @@ -54,8 +54,8 @@ * The board.h file must define a macro or enum named NVMEM_NUM_USERS. * The board.c file must implement: * nvmem_user_sizes[] -> array of user buffer lengths - * nvmem_compute_sha() -> function used to compute 4 byte sha (or equivalent) - * nvmem_wipe() -> function to erase and reformat the users' storage + * The chip must provide + * app_compute_hash() -> function used to compute 16 byte sha (or equivalent) * * Note that total length of user buffers must satisfy the following: * sum(user sizes) <= (NVMEM_PARTITION_SIZE) - sizeof(struct nvmem_tag) @@ -130,6 +130,9 @@ int nvmem_read(uint32_t startOffset, uint32_t size, /** * Write 'size' amount of bytes to NvMem * + * Calling this function will wait for the mutex, then lock it until + * nvmem_commit() is invoked. + * * @param startOffset: Offset (in bytes) into NVmem logical space * @param size: Number of bytes to write * @param data: Pointer to source buffer @@ -144,6 +147,9 @@ int nvmem_write(uint32_t startOffset, uint32_t size, /** * Move 'size' amount of bytes within NvMem * + * Calling this function will wait for the mutex, then lock it until + * nvmem_commit() is invoked. + * * @param src_offset: source offset within NvMem logical space * @param dest_offset: destination offset within NvMem logical space * @param size: Number of bytes to move @@ -158,7 +164,12 @@ int nvmem_move(uint32_t src_offset, uint32_t dest_offset, uint32_t size, * Commit all previous NvMem writes to flash * * @return EC_SUCCESS if flash erase/operations are successful. - * EC_ERROR_UNKNOWN otherwise. + + * EC_ERROR_OVERFLOW in case the mutex is not locked when this + * function is called + * EC_ERROR_INVAL if task trying to commit is not the one + * holding the mutex + * EC_ERROR_UNKNOWN in other error cases */ int nvmem_commit(void); @@ -167,20 +178,28 @@ int nvmem_commit(void); * * This function should be called when NvMem needs to be wiped out. * - * @param generation: Starting generation number of partition 0 - * * @return EC_SUCCESS if flash operations are successful. * EC_ERROR_UNKNOWN otherwise. */ -int nvmem_setup(uint8_t generation); +int nvmem_setup(void); /* * Temporarily stopping NVMEM commits could be beneficial. One use case is * when TPM operations need to be sped up. * + * Calling this function will wait for the mutex, then lock it until + * nvmem_commit() is invoked. + * * Both below functions should be called from the same task. */ -void nvmem_enable_commits(void); void nvmem_disable_commits(void); +/* + * Only the task holding the mutex is allowed to enable commits. + * + * @return error if this task does not hold the lock or commit + * fails, EC_SUCCESS otherwise. + */ +int nvmem_enable_commits(void); + #endif /* __CROS_EC_NVMEM_UTILS_H */ |