commonlib: Add function to hash contents of a CBFS region.

Provide a common routine to hash the contents of a cbfs
region. The cbfs region is hashed in the following order:
1. potential cbfs header at offset 0
2. potential cbfs header retlative offset at cbfs size - 4
3. For each file the metadata of the file.
4. For each non-empty file the data of the file.

BUG=chrome-os-partner:48412
BUG=chromium:445938
BRANCH=None
TEST=Utilized in chromeos cros_bundle_firmware as well as at
      runtime during vboot verification on glados.

Change-Id: Ie1e5db5b8a80d9465e88d3f69f5367d887bdf73f
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/12786
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins)

1 files changed, 12 insertions, 0 deletions

diff --git a/src/commonlib/include/commonlib/cbfs.h b/src/commonlib/include/commonlib/cbfs.h
index b0a468cdc9..c74dd708e3 100644
--- a/src/commonlib/include/commonlib/cbfs.h
+++ b/src/commonlib/include/commonlib/cbfs.h
@@ -18,6 +18,9 @@
 
 #include <commonlib/cbfs_serialized.h>
 #include <commonlib/region.h>
+/* TODO: remove me! This is for vboot_handoff.c's benefit. */
+#define NEED_VB20_INTERNALS
+#include <vb2_api.h>
 
 /* Object representing cbfs files. */
 struct cbfsf {
@@ -52,4 +55,13 @@ static inline void cbfs_file_metadata(struct region_device *metadata,
 int cbfs_for_each_file(const struct region_device *cbfs,
 			const struct cbfsf *prev, struct cbfsf *fh);
 
+/*
+ * Perform the vb2 hash over the CBFS region skipping empty file contents.
+ * Caller is responsible for providing the hash algorithm as well as storage
+ * for the final digest. Return 0 on success or non-zero on error.
+ */
+int cbfs_vb2_hash_contents(const struct region_device *cbfs,
+				enum vb2_hash_algorithm hash_alg, void *digest,
+				size_t digest_sz);
+
 #endif