From 6c68e91ef1c28584dbb9f8a5a05031e228a01095 Mon Sep 17 00:00:00 2001
From: Vishal Mhatre <38512878+mhatrevi@users.noreply.github.com>
Date: Sun, 10 Nov 2024 08:13:06 -0800
Subject: [PATCH] [update] Update auth manifest metadata limit to 128 (#1773)

(cherry picked from commit 926ad4ae45b3baf1e935b80f7b4dfca178014a76)
---
 api/src/mailbox.rs                            |  2 +-
 auth-manifest/app/src/config.rs               |  6 ++--
 auth-manifest/gen/src/generator.rs            |  6 ++--
 auth-manifest/types/src/lib.rs                | 30 +++++++++----------
 drivers/src/lib.rs                            |  2 +-
 drivers/src/memory_layout.rs                  |  6 ++--
 drivers/src/persistent.rs                     | 17 +++++------
 runtime/src/authorize_and_stash.rs            |  4 +--
 runtime/src/packet.rs                         |  2 +-
 runtime/src/set_auth_manifest.rs              | 14 ++++-----
 .../test_set_auth_manifest.rs                 |  4 +--
 11 files changed, 42 insertions(+), 51 deletions(-)

diff --git a/api/src/mailbox.rs b/api/src/mailbox.rs
index ed666ea4e0..c0d941132e 100644
--- a/api/src/mailbox.rs
+++ b/api/src/mailbox.rs
@@ -948,7 +948,7 @@ pub struct SetAuthManifestReq {
     pub manifest: [u8; SetAuthManifestReq::MAX_MAN_SIZE],
 }
 impl SetAuthManifestReq {
-    pub const MAX_MAN_SIZE: usize = 8192;
+    pub const MAX_MAN_SIZE: usize = 14 * 1024;
 
     pub fn as_bytes_partial(&self) -> CaliptraResult<&[u8]> {
         if self.manifest_size as usize > Self::MAX_MAN_SIZE {
diff --git a/auth-manifest/app/src/config.rs b/auth-manifest/app/src/config.rs
index 1ee33df7c6..a94f966b00 100644
--- a/auth-manifest/app/src/config.rs
+++ b/auth-manifest/app/src/config.rs
@@ -38,7 +38,7 @@ pub(crate) struct AuthManifestKeyConfigFromFile {
 }
 
 #[derive(Serialize, Deserialize)]
-pub struct ImageMetadata {
+pub struct ImageMetadataConfigFromFile {
     digest: String,
     source: u32,
 }
@@ -54,7 +54,7 @@ pub(crate) struct AuthManifestConfigFromFile {
 
     pub owner_man_key_config: Option<AuthManifestKeyConfigFromFile>,
 
-    pub image_metadata_list: Vec<ImageMetadata>,
+    pub image_metadata_list: Vec<ImageMetadataConfigFromFile>,
 }
 
 /// Load Authorization Manifest Key Configuration from file
@@ -116,7 +116,7 @@ pub(crate) fn owner_config_from_file(
 }
 
 pub(crate) fn image_metadata_config_from_file(
-    config: &Vec<ImageMetadata>,
+    config: &Vec<ImageMetadataConfigFromFile>,
 ) -> anyhow::Result<Vec<AuthManifestImageMetadata>> {
     let mut image_metadata_list = Vec::new();
 
diff --git a/auth-manifest/gen/src/generator.rs b/auth-manifest/gen/src/generator.rs
index 09f0e7a04c..d9d487f8af 100644
--- a/auth-manifest/gen/src/generator.rs
+++ b/auth-manifest/gen/src/generator.rs
@@ -47,9 +47,7 @@ impl<Crypto: ImageGeneratorCrypto> AuthManifestGenerator<Crypto> {
         let slice = config.image_metadata_list.as_slice();
         auth_manifest.image_metadata_col.image_metadata_list[..slice.len()].copy_from_slice(slice);
 
-        auth_manifest.image_metadata_col.header.entry_count =
-            config.image_metadata_list.len() as u32;
-        auth_manifest.image_metadata_col.header.revision = 0; // [TODO] Need to update this.
+        auth_manifest.image_metadata_col.entry_count = config.image_metadata_list.len() as u32;
 
         // Generate the preamble.
         auth_manifest.preamble.marker = AUTH_MANIFEST_MARKER;
@@ -118,7 +116,7 @@ impl<Crypto: ImageGeneratorCrypto> AuthManifestGenerator<Crypto> {
         // Sign the IMC with the vendor manifest public keys if indicated in the flags.
         if config
             .flags
-            .contains(AuthManifestFlags::VENDOR_SIGNATURE_REQURIED)
+            .contains(AuthManifestFlags::VENDOR_SIGNATURE_REQUIRED)
         {
             if let Some(vendor_man_priv_keys) = config.vendor_man_key_info.priv_keys {
                 let sig = self.crypto.ecdsa384_sign(
diff --git a/auth-manifest/types/src/lib.rs b/auth-manifest/types/src/lib.rs
index 004e9c0b50..a6aa13e67b 100644
--- a/auth-manifest/types/src/lib.rs
+++ b/auth-manifest/types/src/lib.rs
@@ -23,12 +23,12 @@ use zerocopy::{AsBytes, FromBytes};
 use zeroize::Zeroize;
 
 pub const AUTH_MANIFEST_MARKER: u32 = 0x4154_4D4E;
-pub const AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT: usize = 16;
+pub const AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT: usize = 128;
 
 bitflags::bitflags! {
     #[derive(Default, Copy, Clone, Debug)]
     pub struct AuthManifestFlags : u32 {
-        const VENDOR_SIGNATURE_REQURIED = 0b1;
+        const VENDOR_SIGNATURE_REQUIRED = 0b1;
     }
 }
 
@@ -139,18 +139,6 @@ pub struct AuthManifestImageMetadata {
     pub image_source: u32,
 }
 
-/// Caliptra Authorization Manifest Image Metadata Collection Header
-#[repr(C)]
-#[derive(AsBytes, FromBytes, Clone, Copy, Debug, Zeroize, Default)]
-#[cfg_attr(feature = "arbitrary", derive(arbitrary::Arbitrary))]
-pub struct AuthManifestImageMetadataCollectionHeader {
-    pub revision: u32,
-
-    pub reserved: [u8; 12],
-
-    pub entry_count: u32,
-}
-
 impl Default for AuthManifestImageMetadata {
     fn default() -> Self {
         AuthManifestImageMetadata {
@@ -162,14 +150,24 @@ impl Default for AuthManifestImageMetadata {
 
 /// Caliptra Authorization Manifest Image Metadata Collection
 #[repr(C)]
-#[derive(AsBytes, FromBytes, Clone, Copy, Debug, Zeroize, Default)]
+#[derive(AsBytes, FromBytes, Clone, Copy, Debug, Zeroize)]
 #[cfg_attr(feature = "arbitrary", derive(arbitrary::Arbitrary))]
 pub struct AuthManifestImageMetadataCollection {
-    pub header: AuthManifestImageMetadataCollectionHeader,
+    pub entry_count: u32,
 
     pub image_metadata_list: [AuthManifestImageMetadata; AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT],
 }
 
+impl Default for AuthManifestImageMetadataCollection {
+    fn default() -> Self {
+        AuthManifestImageMetadataCollection {
+            entry_count: 0,
+            image_metadata_list: [AuthManifestImageMetadata::default();
+                AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT],
+        }
+    }
+}
+
 /// Caliptra Image Authorization Manifest
 #[repr(C)]
 #[derive(AsBytes, FromBytes, Clone, Copy, Debug, Zeroize, Default)]
diff --git a/drivers/src/lib.rs b/drivers/src/lib.rs
index 910b6c8521..d89ace877d 100644
--- a/drivers/src/lib.rs
+++ b/drivers/src/lib.rs
@@ -91,7 +91,7 @@ pub use okref::okref;
 pub use pcr_bank::{PcrBank, PcrId};
 pub use pcr_reset::PcrResetCounter;
 #[cfg(feature = "runtime")]
-pub use persistent::{AuthManifestImageMetadataList, AUTH_MANIFEST_IMAGE_METADATA_LIST_MAX_COUNT};
+pub use persistent::AuthManifestImageMetadataList;
 pub use persistent::{
     FuseLogArray, PcrLogArray, PersistentData, PersistentDataAccessor, StashMeasurementArray,
     FUSE_LOG_MAX_COUNT, MEASUREMENT_MAX_COUNT, PCR_LOG_MAX_COUNT,
diff --git a/drivers/src/memory_layout.rs b/drivers/src/memory_layout.rs
index 1705f6c774..b371d3e719 100644
--- a/drivers/src/memory_layout.rs
+++ b/drivers/src/memory_layout.rs
@@ -44,7 +44,7 @@ pub const FUSE_LOG_ORG: u32 = MEASUREMENT_LOG_ORG + MEASUREMENT_LOG_SIZE;
 pub const DPE_ORG: u32 = FUSE_LOG_ORG + FUSE_LOG_SIZE;
 pub const PCR_RESET_COUNTER_ORG: u32 = DPE_ORG + DPE_SIZE;
 pub const AUTH_MAN_IMAGE_METADATA_LIST_ORG: u32 = PCR_RESET_COUNTER_ORG + PCR_RESET_COUNTER_SIZE;
-pub const DATA_ORG: u32 = AUTH_MAN_IMAGE_METADATA_LIST_ORG + AUTH_MAN_IMAGE_METADATA_LIST_MAX_SIZE;
+pub const DATA_ORG: u32 = AUTH_MAN_IMAGE_METADATA_LIST_ORG + AUTH_MAN_IMAGE_METADATA_MAX_SIZE;
 
 pub const STACK_ORG: u32 = DATA_ORG + DATA_SIZE;
 pub const ROM_STACK_ORG: u32 = STACK_ORG + (STACK_SIZE - ROM_STACK_SIZE);
@@ -76,8 +76,8 @@ pub const MEASUREMENT_LOG_SIZE: u32 = 1024;
 pub const FUSE_LOG_SIZE: u32 = 1024;
 pub const DPE_SIZE: u32 = 5 * 1024;
 pub const PCR_RESET_COUNTER_SIZE: u32 = 1024;
-pub const AUTH_MAN_IMAGE_METADATA_LIST_MAX_SIZE: u32 = 1024;
-pub const DATA_SIZE: u32 = 69 * 1024;
+pub const AUTH_MAN_IMAGE_METADATA_MAX_SIZE: u32 = 7 * 1024;
+pub const DATA_SIZE: u32 = 63 * 1024;
 pub const STACK_SIZE: u32 = 22 * 1024;
 pub const ROM_STACK_SIZE: u32 = 14 * 1024;
 pub const ESTACK_SIZE: u32 = 1024;
diff --git a/drivers/src/persistent.rs b/drivers/src/persistent.rs
index d1a2b01643..4afbf7535a 100644
--- a/drivers/src/persistent.rs
+++ b/drivers/src/persistent.rs
@@ -3,9 +3,10 @@
 use core::{marker::PhantomData, mem::size_of, ptr::addr_of};
 
 #[cfg(feature = "runtime")]
-use caliptra_auth_man_types::AuthManifestImageMetadata;
-#[cfg(feature = "runtime")]
-use caliptra_auth_man_types::AuthManifestImageMetadataCollection;
+use caliptra_auth_man_types::{
+    AuthManifestImageMetadata, AuthManifestImageMetadataCollection,
+    AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT,
+};
 use caliptra_image_types::ImageManifest;
 #[cfg(feature = "runtime")]
 use dpe::{DpeInstance, U8Bool, MAX_HANDLES};
@@ -25,8 +26,6 @@ use crate::pcr_reset::PcrResetCounter;
 pub const PCR_LOG_MAX_COUNT: usize = 17;
 pub const FUSE_LOG_MAX_COUNT: usize = 62;
 pub const MEASUREMENT_MAX_COUNT: usize = 8;
-#[cfg(feature = "runtime")]
-pub const AUTH_MANIFEST_IMAGE_METADATA_LIST_MAX_COUNT: usize = 8;
 
 #[cfg(feature = "runtime")]
 const DPE_DCCM_STORAGE: usize = size_of::<DpeInstance>()
@@ -42,7 +41,7 @@ pub type FuseLogArray = [FuseLogEntry; FUSE_LOG_MAX_COUNT];
 pub type StashMeasurementArray = [MeasurementLogEntry; MEASUREMENT_MAX_COUNT];
 #[cfg(feature = "runtime")]
 pub type AuthManifestImageMetadataList =
-    [AuthManifestImageMetadata; AUTH_MANIFEST_IMAGE_METADATA_LIST_MAX_COUNT];
+    [AuthManifestImageMetadata; AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT];
 
 #[derive(FromBytes, AsBytes, Zeroize)]
 #[repr(C)]
@@ -99,12 +98,12 @@ pub struct PersistentData {
     #[cfg(feature = "runtime")]
     pub auth_manifest_image_metadata_col: AuthManifestImageMetadataCollection,
     #[cfg(feature = "runtime")]
-    reserved9: [u8; memory_layout::AUTH_MAN_IMAGE_METADATA_LIST_MAX_SIZE as usize
+    reserved9: [u8; memory_layout::AUTH_MAN_IMAGE_METADATA_MAX_SIZE as usize
         - size_of::<AuthManifestImageMetadataCollection>()],
 
     #[cfg(not(feature = "runtime"))]
     pub auth_manifest_image_metadata_col:
-        [u8; memory_layout::AUTH_MAN_IMAGE_METADATA_LIST_MAX_SIZE as usize],
+        [u8; memory_layout::AUTH_MAN_IMAGE_METADATA_MAX_SIZE as usize],
 }
 impl PersistentData {
     pub fn assert_matches_layout() {
@@ -139,7 +138,7 @@ impl PersistentData {
             assert_eq!(
                 P.add(1) as u32,
                 memory_layout::AUTH_MAN_IMAGE_METADATA_LIST_ORG
-                    + memory_layout::AUTH_MAN_IMAGE_METADATA_LIST_MAX_SIZE
+                    + memory_layout::AUTH_MAN_IMAGE_METADATA_MAX_SIZE
             );
         }
     }
diff --git a/runtime/src/authorize_and_stash.rs b/runtime/src/authorize_and_stash.rs
index 0ff44365a0..9a1de26c0f 100644
--- a/runtime/src/authorize_and_stash.rs
+++ b/runtime/src/authorize_and_stash.rs
@@ -17,8 +17,7 @@ use core::mem::size_of;
 
 use crate::{dpe_crypto::DpeCrypto, CptraDpeTypes, DpePlatform, Drivers, StashMeasurementCmd};
 use caliptra_auth_man_types::{
-    AuthManifestImageMetadataCollection, AuthManifestImageMetadataCollectionHeader,
-    AuthManifestPreamble, AUTH_MANIFEST_MARKER,
+    AuthManifestImageMetadataCollection, AuthManifestPreamble, AUTH_MANIFEST_MARKER,
 };
 use caliptra_cfi_derive_git::cfi_impl_fn;
 use caliptra_cfi_lib_git::cfi_launder;
@@ -30,7 +29,6 @@ use caliptra_drivers::{
     pcr_log::PCR_ID_STASH_MEASUREMENT, Array4x12, Array4xN, AuthManifestImageMetadataList,
     CaliptraError, CaliptraResult, Ecc384, Ecc384PubKey, Ecc384Signature, HashValue, Lms,
     PersistentData, RomPqcVerifyConfig, Sha256, Sha384, SocIfc,
-    AUTH_MANIFEST_IMAGE_METADATA_LIST_MAX_COUNT,
 };
 use caliptra_image_types::{
     ImageDigest, ImageEccPubKey, ImageEccSignature, ImageLmsPublicKey, ImageLmsSignature,
diff --git a/runtime/src/packet.rs b/runtime/src/packet.rs
index 3072e2e673..1a925fb32b 100644
--- a/runtime/src/packet.rs
+++ b/runtime/src/packet.rs
@@ -25,7 +25,7 @@ pub struct Packet {
     pub len: usize, // Length in bytes
 }
 
-const MAX_PAYLOAD_SIZE: usize = 2050; // in dwords
+const MAX_PAYLOAD_SIZE: usize = 3586; // in dwords
 
 impl Default for Packet {
     fn default() -> Self {
diff --git a/runtime/src/set_auth_manifest.rs b/runtime/src/set_auth_manifest.rs
index b582a8b098..666f2c8f12 100644
--- a/runtime/src/set_auth_manifest.rs
+++ b/runtime/src/set_auth_manifest.rs
@@ -18,8 +18,8 @@ use core::mem::size_of;
 use crate::verify;
 use crate::{dpe_crypto::DpeCrypto, CptraDpeTypes, DpePlatform, Drivers};
 use caliptra_auth_man_types::{
-    AuthManifestFlags, AuthManifestImageMetadataCollection,
-    AuthManifestImageMetadataCollectionHeader, AuthManifestPreamble, AUTH_MANIFEST_MARKER,
+    AuthManifestFlags, AuthManifestImageMetadataCollection, AuthManifestPreamble,
+    AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT, AUTH_MANIFEST_MARKER,
 };
 use caliptra_cfi_derive_git::cfi_impl_fn;
 use caliptra_cfi_lib_git::cfi_launder;
@@ -30,7 +30,6 @@ use caliptra_drivers::{
     pcr_log::PCR_ID_STASH_MEASUREMENT, Array4x12, Array4xN, AuthManifestImageMetadataList,
     CaliptraError, CaliptraResult, Ecc384, Ecc384PubKey, Ecc384Signature, HashValue, Lms,
     PersistentData, RomPqcVerifyConfig, Sha256, Sha384, SocIfc,
-    AUTH_MANIFEST_IMAGE_METADATA_LIST_MAX_COUNT,
 };
 use caliptra_image_types::{
     ImageDigest, ImageEccPubKey, ImageEccSignature, ImageLmsPublicKey, ImageLmsSignature,
@@ -221,7 +220,7 @@ impl SetAuthManifestCmd {
         soc_ifc: &SocIfc,
     ) -> CaliptraResult<()> {
         let flags = AuthManifestFlags::from(auth_manifest_preamble.flags);
-        if !flags.contains(AuthManifestFlags::VENDOR_SIGNATURE_REQURIED) {
+        if !flags.contains(AuthManifestFlags::VENDOR_SIGNATURE_REQUIRED) {
             return Ok(());
         }
         // Verify the vendor ECC signature over the image metadata collection.
@@ -340,7 +339,7 @@ impl SetAuthManifestCmd {
         sha256: &mut Sha256,
         soc_ifc: &SocIfc,
     ) -> CaliptraResult<()> {
-        if cmd_buf.len() < size_of::<AuthManifestImageMetadataCollectionHeader>() {
+        if cmd_buf.len() < size_of::<u32>() {
             Err(CaliptraError::RUNTIME_AUTH_MANIFEST_IMAGE_METADATA_LIST_INVALID_SIZE)?;
         }
 
@@ -354,9 +353,8 @@ impl SetAuthManifestCmd {
 
         image_metadata_col.as_bytes_mut()[..col_size].copy_from_slice(buf);
 
-        if image_metadata_col.header.entry_count == 0
-            || image_metadata_col.header.entry_count
-                > AUTH_MANIFEST_IMAGE_METADATA_LIST_MAX_COUNT as u32
+        if image_metadata_col.entry_count == 0
+            || image_metadata_col.entry_count > AUTH_MANIFEST_IMAGE_METADATA_MAX_COUNT as u32
         {
             Err(CaliptraError::RUNTIME_AUTH_MANIFEST_IMAGE_METADATA_LIST_INVALID_ENTRY_COUNT)?;
         }
diff --git a/runtime/tests/runtime_integration_tests/test_set_auth_manifest.rs b/runtime/tests/runtime_integration_tests/test_set_auth_manifest.rs
index dc3dd5ee04..d15ba3314a 100644
--- a/runtime/tests/runtime_integration_tests/test_set_auth_manifest.rs
+++ b/runtime/tests/runtime_integration_tests/test_set_auth_manifest.rs
@@ -97,7 +97,7 @@ fn test_auth_manifest() -> AuthorizationManifest {
         owner_man_key_info,
         image_metadata_list,
         version: 1,
-        flags: AuthManifestFlags::VENDOR_SIGNATURE_REQURIED,
+        flags: AuthManifestFlags::VENDOR_SIGNATURE_REQUIRED,
     };
 
     let gen = AuthManifestGenerator::new(Crypto::default());
@@ -273,7 +273,7 @@ fn test_set_auth_manifest_invalid_owner_lms_sig() {
 #[test]
 fn test_set_auth_manifest_invalid_metadata_list_count() {
     let mut auth_manifest = test_auth_manifest();
-    auth_manifest.image_metadata_col.header.entry_count = 0;
+    auth_manifest.image_metadata_col.entry_count = 0;
     test_manifest_expect_err(
         auth_manifest,
         CaliptraError::RUNTIME_AUTH_MANIFEST_IMAGE_METADATA_LIST_INVALID_ENTRY_COUNT,