diff options
| author | Michał Żygowski <michal.zygowski@3mdeb.com> | 2020-07-11 15:50:55 +0200 |
|---|---|---|
| committer | Hung-Te Lin <hungte@chromium.org> | 2020-12-11 07:33:51 +0000 |
| commit | 7ed4039703552b4f7d6165cc1e895ca8c6d280e0 (patch) | |
| tree | 6960f8a928c4fa620d8ad1ecf0b3086e66ed15f3 | |
| parent | 520003a55898da95160ebf6154076a8e42d48a2c (diff) | |
util/cbfstool/fit.c: Add support for adding Boot Guard manifests
Change-Id: I8221590cad16cffea3f8b50dd880a77934b78ea8
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Signed-off-by: Christian Walter <christian.walter@9elements.com>
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/48469
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
| -rw-r--r-- | util/cbfstool/fit.c | 47 |
1 files changed, 45 insertions, 2 deletions
diff --git a/util/cbfstool/fit.c b/util/cbfstool/fit.c index 44573cadee..63956dd7f9 100644 --- a/util/cbfstool/fit.c +++ b/util/cbfstool/fit.c @@ -434,6 +434,43 @@ static void update_fit_txt_policy_entry(struct fit_table *fit, fit_entry_add_size(&fit->header, sizeof(struct fit_entry)); } +/* + * There can be zero or one FIT_TYPE_BOOT_POLICY entries + * + * The caller has to provide valid arguments as those aren't verified. + */ +static void update_fit_boot_policy_entry(struct fit_table *fit, + struct fit_entry *entry, + uint64_t boot_policy_addr, + uint32_t boot_policy_size) +{ + entry->address = boot_policy_addr; + entry->type_checksum_valid = FIT_TYPE_BOOT_POLICY; + entry->size_reserved = boot_policy_size; + entry->version = FIT_TXT_VERSION; + entry->checksum = 0; + fit_entry_add_size(&fit->header, sizeof(struct fit_entry)); +} + +/* + * There can be zero or one FIT_TYPE_KEY_MANIFEST entries + * + * The caller has to provide valid arguments as those aren't verified. + */ +static void update_fit_key_manifest_entry(struct fit_table *fit, + struct fit_entry *entry, + uint64_t key_manifest_addr, + uint32_t key_manifest_size) +{ + entry->address = key_manifest_addr; + + entry->type_checksum_valid = FIT_TYPE_KEY_MANIFEST; + entry->size_reserved = key_manifest_size; + entry->version = FIT_TXT_VERSION; + entry->checksum = 0; + fit_entry_add_size(&fit->header, sizeof(struct fit_entry)); +} + /* Special case for ucode CBFS file, as it might contain more than one ucode */ int fit_add_microcode_file(struct fit_table *fit, struct cbfs_image *image, @@ -626,10 +663,10 @@ int fit_is_supported_type(const enum fit_type type) case FIT_TYPE_BIOS_STARTUP: case FIT_TYPE_BIOS_POLICY: case FIT_TYPE_TXT_POLICY: - return 1; - case FIT_TYPE_TPM_POLICY: case FIT_TYPE_KEY_MANIFEST: case FIT_TYPE_BOOT_POLICY: + return 1; + case FIT_TYPE_TPM_POLICY: default: return 0; } @@ -684,6 +721,12 @@ int fit_add_entry(struct fit_table *fit, case FIT_TYPE_TXT_POLICY: update_fit_txt_policy_entry(fit, entry, offset); break; + case FIT_TYPE_KEY_MANIFEST: + update_fit_key_manifest_entry(fit, entry, offset, len); + break; + case FIT_TYPE_BOOT_POLICY: + update_fit_boot_policy_entry(fit, entry, offset, len); + break; default: return 1; } |