diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/commonlib/Makefile.inc | 7 | ||||
-rw-r--r-- | src/commonlib/cbfs.c | 347 | ||||
-rw-r--r-- | src/commonlib/include/commonlib/cbfs.h | 75 | ||||
-rw-r--r-- | src/include/cbfs.h | 12 | ||||
-rw-r--r-- | src/lib/cbfs.c | 40 | ||||
-rw-r--r-- | src/security/tpm/tspi/crtm.h | 1 | ||||
-rw-r--r-- | src/security/vboot/Kconfig | 4 |
7 files changed, 3 insertions, 483 deletions
diff --git a/src/commonlib/Makefile.inc b/src/commonlib/Makefile.inc index 9347f88f9c..2477e07268 100644 --- a/src/commonlib/Makefile.inc +++ b/src/commonlib/Makefile.inc @@ -27,13 +27,6 @@ romstage-$(CONFIG_PLATFORM_USES_FSP2_0) += fsp_relocate.c endif ramstage-$(CONFIG_PLATFORM_USES_FSP2_0) += fsp_relocate.c -bootblock-y += cbfs.c -verstage-y += cbfs.c -romstage-y += cbfs.c -ramstage-y += cbfs.c -smm-y += cbfs.c -postcar-y += cbfs.c - bootblock-y += bsd/cbfs_private.c verstage-y += bsd/cbfs_private.c romstage-y += bsd/cbfs_private.c diff --git a/src/commonlib/cbfs.c b/src/commonlib/cbfs.c deleted file mode 100644 index e7f800c67a..0000000000 --- a/src/commonlib/cbfs.c +++ /dev/null @@ -1,347 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-only */ - -#include <commonlib/cbfs.h> -#include <commonlib/endian.h> -#include <commonlib/helpers.h> -#include <string.h> -#include <vb2_sha.h> - -static size_t cbfs_next_offset(const struct region_device *cbfs, - const struct cbfsf *f) -{ - size_t offset; - - if (f == NULL) - return 0; - - /* The region_device objects store absolute offsets over the whole - * region. Therefore a relative offset needs to be calculated. */ - offset = rdev_relative_offset(cbfs, &f->data); - offset += region_device_sz(&f->data); - - return ALIGN_UP(offset, CBFS_ALIGNMENT); -} - -static int cbfs_end(const struct region_device *cbfs, size_t offset) -{ - if (offset >= region_device_sz(cbfs)) - return 1; - - return 0; -} - -int cbfs_for_each_file(const struct region_device *cbfs, - const struct cbfsf *prev, struct cbfsf *fh) -{ - size_t offset; - - offset = cbfs_next_offset(cbfs, prev); - - /* Try to scan the entire cbfs region looking for file name. */ - while (1) { - struct cbfs_file file; - const size_t fsz = sizeof(file); - - DEBUG("Checking offset %zx\n", offset); - - /* End of region. */ - if (cbfs_end(cbfs, offset)) - return 1; - - /* Can't read file. Nothing else to do but bail out. */ - if (rdev_readat(cbfs, &file, offset, fsz) != fsz) - break; - - if (memcmp(file.magic, CBFS_FILE_MAGIC, sizeof(file.magic))) { - offset++; - offset = ALIGN_UP(offset, CBFS_ALIGNMENT); - continue; - } - - file.len = read_be32(&file.len); - file.offset = read_be32(&file.offset); - - DEBUG("File @ offset %zx size %x\n", offset, file.len); - - /* Keep track of both the metadata and the data for the file. */ - if (rdev_chain(&fh->metadata, cbfs, offset, file.offset)) - break; - - if (rdev_chain(&fh->data, cbfs, offset + file.offset, file.len)) - break; - - /* Success. */ - return 0; - } - - return -1; -} - -size_t cbfs_for_each_attr(void *metadata, size_t metadata_size, - size_t last_offset) -{ - struct cbfs_file_attribute *attr; - - if (!last_offset) { - struct cbfs_file *file = metadata; - size_t start_offset = read_be32(&file->attributes_offset); - if (start_offset <= sizeof(struct cbfs_file) || - start_offset + sizeof(*attr) > metadata_size) - return 0; - return start_offset; - } - - attr = metadata + last_offset; - size_t next_offset = last_offset + read_be32(&attr->len); - - if (next_offset + sizeof(*attr) > metadata_size) - return 0; - return next_offset; -} - -int cbfsf_decompression_info(struct cbfsf *fh, uint32_t *algo, size_t *size) -{ - size_t metadata_size = region_device_sz(&fh->metadata); - void *metadata = rdev_mmap_full(&fh->metadata); - size_t offs = 0; - - if (!metadata) - return -1; - - while ((offs = cbfs_for_each_attr(metadata, metadata_size, offs))) { - struct cbfs_file_attr_compression *attr = metadata + offs; - if (read_be32(&attr->tag) != CBFS_FILE_ATTR_TAG_COMPRESSION) - continue; - - *algo = read_be32(&attr->compression); - *size = read_be32(&attr->decompressed_size); - rdev_munmap(&fh->metadata, metadata); - return 0; - } - - *algo = CBFS_COMPRESS_NONE; - *size = region_device_sz(&fh->data); - rdev_munmap(&fh->metadata, metadata); - return 0; -} - -int cbfsf_file_type(struct cbfsf *fh, uint32_t *ftype) -{ - const size_t sz = sizeof(*ftype); - - if (rdev_readat(&fh->metadata, ftype, - offsetof(struct cbfs_file, type), sz) != sz) - return -1; - - *ftype = read_be32(ftype); - - return 0; -} - -int cbfs_locate(struct cbfsf *fh, const struct region_device *cbfs, - const char *name, uint32_t *type) -{ - struct cbfsf *prev; - - LOG("Locating '%s'\n", name); - - prev = NULL; - - while (1) { - int ret; - char *fname; - int name_match; - const size_t fsz = sizeof(struct cbfs_file); - - ret = cbfs_for_each_file(cbfs, prev, fh); - prev = fh; - - /* Either failed to read or hit the end of the region. */ - if (ret < 0 || ret > 0) - break; - - fname = rdev_mmap(&fh->metadata, fsz, - region_device_sz(&fh->metadata) - fsz); - - if (fname == NULL) - break; - - name_match = !strcmp(fname, name); - rdev_munmap(&fh->metadata, fname); - - if (!name_match) { - DEBUG(" Unmatched '%s' at %zx\n", fname, - rdev_relative_offset(cbfs, &fh->metadata)); - continue; - } - - if (type != NULL) { - uint32_t ftype; - - if (cbfsf_file_type(fh, &ftype)) - break; - - if (*type != 0 && *type != ftype) { - DEBUG(" Unmatched type %x at %zx\n", ftype, - rdev_relative_offset(cbfs, - &fh->metadata)); - continue; - } - // *type being 0 means we want to know ftype. - // We could just do a blind assignment but - // if type is pointing to read-only memory - // that might be bad. - if (*type == 0) - *type = ftype; - } - - LOG("Found @ offset %zx size %zx\n", - rdev_relative_offset(cbfs, &fh->metadata), - region_device_sz(&fh->data)); - - /* Success. */ - return 0; - } - - LOG("'%s' not found.\n", name); - return -1; -} - -static int cbfs_extend_hash_buffer(struct vb2_digest_context *ctx, - void *buf, size_t sz) -{ - return vb2_digest_extend(ctx, buf, sz); -} - -static int cbfs_extend_hash(struct vb2_digest_context *ctx, - const struct region_device *rdev) -{ - uint8_t buffer[1024]; - size_t sz_left; - size_t offset; - - sz_left = region_device_sz(rdev); - offset = 0; - - while (sz_left) { - int rv; - size_t block_sz = MIN(sz_left, sizeof(buffer)); - - if (rdev_readat(rdev, buffer, offset, block_sz) != block_sz) - return VB2_ERROR_UNKNOWN; - - rv = cbfs_extend_hash_buffer(ctx, buffer, block_sz); - - if (rv) - return rv; - - sz_left -= block_sz; - offset += block_sz; - } - - return VB2_SUCCESS; -} - -/* Include offsets of child regions within the parent into the hash. */ -static int cbfs_extend_hash_with_offset(struct vb2_digest_context *ctx, - const struct region_device *p, - const struct region_device *c) -{ - int32_t soffset; - int rv; - - soffset = rdev_relative_offset(p, c); - - if (soffset < 0) - return VB2_ERROR_UNKNOWN; - - /* All offsets in big endian format. */ - write_be32(&soffset, soffset); - - rv = cbfs_extend_hash_buffer(ctx, &soffset, sizeof(soffset)); - - if (rv) - return rv; - - return cbfs_extend_hash(ctx, c); -} - -/* Hash in the potential CBFS header sitting at the beginning of the CBFS - * region as well as relative offset at the end. */ -static int cbfs_extend_hash_master_header(struct vb2_digest_context *ctx, - const struct region_device *cbfs) -{ - struct region_device rdev; - int rv; - - if (rdev_chain(&rdev, cbfs, 0, sizeof(struct cbfs_header))) - return VB2_ERROR_UNKNOWN; - - rv = cbfs_extend_hash_with_offset(ctx, cbfs, &rdev); - - if (rv) - return rv; - - /* Include potential relative offset at end of region. */ - if (rdev_chain(&rdev, cbfs, region_device_sz(cbfs) - sizeof(int32_t), - sizeof(int32_t))) - return VB2_ERROR_UNKNOWN; - - return cbfs_extend_hash_with_offset(ctx, cbfs, &rdev); -} - -int cbfs_vb2_hash_contents(const struct region_device *cbfs, - enum vb2_hash_algorithm hash_alg, void *digest, - size_t digest_sz) -{ - struct vb2_digest_context ctx; - int rv; - struct cbfsf f; - struct cbfsf *prev; - struct cbfsf *fh; - - rv = vb2_digest_init(&ctx, hash_alg); - - if (rv) - return rv; - - rv = cbfs_extend_hash_master_header(&ctx, cbfs); - if (rv) - return rv; - - prev = NULL; - fh = &f; - - while (1) { - uint32_t ftype; - - rv = cbfs_for_each_file(cbfs, prev, fh); - prev = fh; - - if (rv < 0) - return VB2_ERROR_UNKNOWN; - - /* End of CBFS. */ - if (rv > 0) - break; - - rv = cbfs_extend_hash_with_offset(&ctx, cbfs, &fh->metadata); - - if (rv) - return rv; - - /* Include data contents in hash if file is non-empty. */ - if (cbfsf_file_type(fh, &ftype)) - return VB2_ERROR_UNKNOWN; - - if (ftype == CBFS_TYPE_DELETED || ftype == CBFS_TYPE_NULL) - continue; - - rv = cbfs_extend_hash_with_offset(&ctx, cbfs, &fh->data); - - if (rv) - return rv; - } - - return vb2_digest_finalize(&ctx, digest, digest_sz); -} diff --git a/src/commonlib/include/commonlib/cbfs.h b/src/commonlib/include/commonlib/cbfs.h deleted file mode 100644 index 6565c1dcd3..0000000000 --- a/src/commonlib/include/commonlib/cbfs.h +++ /dev/null @@ -1,75 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-only */ - -#ifndef _COMMONLIB_CBFS_H_ -#define _COMMONLIB_CBFS_H_ - -#include <commonlib/bsd/cbfs_private.h> -#include <commonlib/region.h> -#include <vb2_api.h> - -/* Object representing cbfs files. */ -struct cbfsf { - struct region_device metadata; - struct region_device data; - union cbfs_mdata mdata; -}; - -/* Locate file by name and optional type. Returns 0 on success else < 0 on - * error.*/ -int cbfs_locate(struct cbfsf *fh, const struct region_device *cbfs, - const char *name, uint32_t *type); - -static inline void cbfs_file_data(struct region_device *data, - const struct cbfsf *file) -{ - rdev_chain_full(data, &file->data); -} - -static inline void cbfs_file_metadata(struct region_device *metadata, - const struct cbfsf *file) -{ - rdev_chain_full(metadata, &file->metadata); -} - -/* - * Provide a handle to each cbfs file within a cbfs. The prev pointer represents - * the previous file (NULL on first invocation). The next object gets filled - * out with the next file. This returns < 0 on error, 0 on finding the next - * file, and > 0 at end of cbfs. - */ -int cbfs_for_each_file(const struct region_device *cbfs, - const struct cbfsf *prev, struct cbfsf *fh); - -/* - * Return the offset for each CBFS attribute in a CBFS file metadata region. - * The metadata must already be fully mapped by the caller. Will return the - * offset (relative to the start of the metadata) or 0 when there are no - * further attributes. Should be called with 0 to begin, then always with - * the previously returned value until it returns 0. - */ -size_t cbfs_for_each_attr(void *metadata, size_t metadata_size, - size_t last_offset); - -/* - * Find out the decompression algorithm and decompressed size of a non-stage - * CBFS file (by parsing its metadata attributes), and return them with - * out-parameters. Returns 0 on success and < 0 on error. - */ -int cbfsf_decompression_info(struct cbfsf *fh, uint32_t *algo, size_t *size); - -/* - * Return the CBFS file type as out-parameter. - * Returns 0 on success and < 0 on error. - */ -int cbfsf_file_type(struct cbfsf *fh, uint32_t *ftype); - -/* - * Perform the vb2 hash over the CBFS region skipping empty file contents. - * Caller is responsible for providing the hash algorithm as well as storage - * for the final digest. Return 0 on success or non-zero on error. - */ -int cbfs_vb2_hash_contents(const struct region_device *cbfs, - enum vb2_hash_algorithm hash_alg, void *digest, - size_t digest_sz); - -#endif diff --git a/src/include/cbfs.h b/src/include/cbfs.h index 6c79625f72..5731d6efd8 100644 --- a/src/include/cbfs.h +++ b/src/include/cbfs.h @@ -5,9 +5,9 @@ #include <cbmem.h> #include <commonlib/bsd/cbfs_mdata.h> -#include <commonlib/cbfs.h> #include <commonlib/mem_pool.h> #include <commonlib/region.h> +#include <endian.h> #include <program_loading.h> #include <types.h> #include <vb2_sha.h> @@ -190,16 +190,6 @@ cb_err_t cbfs_init_boot_device(const struct cbfs_boot_device *cbd, /********************************************************************************************** - * LEGACY APIs, TO BE DEPRECATED/REPLACED * - **********************************************************************************************/ - -/* Locate file by name and optional type. Return 0 on success. < 0 on error. */ -int cbfs_boot_locate(struct cbfsf *fh, const char *name, uint32_t *type); -/* Locate file in a specific region of fmap. Return 0 on success. < 0 on error*/ -int cbfs_locate_file_in_region(struct cbfsf *fh, const char *region_name, - const char *name, uint32_t *type); - -/********************************************************************************************** * INTERNAL HELPERS FOR INLINES, DO NOT USE. * **********************************************************************************************/ cb_err_t _cbfs_boot_lookup(const char *name, bool force_ro, diff --git a/src/lib/cbfs.c b/src/lib/cbfs.c index 0b5891378d..991c9fe342 100644 --- a/src/lib/cbfs.c +++ b/src/lib/cbfs.c @@ -6,7 +6,6 @@ #include <cbmem.h> #include <commonlib/bsd/cbfs_private.h> #include <commonlib/bsd/compression.h> -#include <commonlib/endian.h> #include <console/console.h> #include <fmap.h> #include <lib.h> @@ -84,25 +83,6 @@ cb_err_t _cbfs_boot_lookup(const char *name, bool force_ro, return CB_SUCCESS; } -int cbfs_boot_locate(struct cbfsf *fh, const char *name, uint32_t *type) -{ - if (_cbfs_boot_lookup(name, false, &fh->mdata, &fh->data)) - return -1; - - size_t msize = be32toh(fh->mdata.h.offset); - if (rdev_chain_mem(&fh->metadata, &fh->mdata, msize)) - return -1; - - if (type) { - if (!*type) - *type = be32toh(fh->mdata.h.type); - else if (*type != be32toh(fh->mdata.h.type)) - return -1; - } - - return 0; -} - void cbfs_unmap(void *mapping) { /* @@ -115,26 +95,6 @@ void cbfs_unmap(void *mapping) mem_pool_free(&cbfs_cache, mapping); } -int cbfs_locate_file_in_region(struct cbfsf *fh, const char *region_name, - const char *name, uint32_t *type) -{ - struct region_device rdev; - int ret = 0; - if (fmap_locate_area_as_rdev(region_name, &rdev)) { - LOG("%s region not found while looking for %s\n", region_name, name); - return -1; - } - - uint32_t dummy_type = 0; - if (!type) - type = &dummy_type; - - ret = cbfs_locate(fh, &rdev, name, type); - /* No more measuring here, this function will be removed next patch. */ - - return ret; -} - static inline bool fsps_env(void) { /* FSP-S is assumed to be loaded in ramstage. */ diff --git a/src/security/tpm/tspi/crtm.h b/src/security/tpm/tspi/crtm.h index 8ebb661130..c4d051d988 100644 --- a/src/security/tpm/tspi/crtm.h +++ b/src/security/tpm/tspi/crtm.h @@ -3,7 +3,6 @@ #ifndef __SECURITY_TSPI_CRTM_H__ #define __SECURITY_TSPI_CRTM_H__ -#include <commonlib/cbfs.h> #include <program_loading.h> #include <security/tpm/tspi.h> #include <types.h> diff --git a/src/security/vboot/Kconfig b/src/security/vboot/Kconfig index 26f2484bf3..3e29c7e655 100644 --- a/src/security/vboot/Kconfig +++ b/src/security/vboot/Kconfig @@ -251,8 +251,8 @@ config VBOOT_ENABLE_CBFS_FALLBACK default n depends on VBOOT_SLOTS_RW_A help - When this option is enabled cbfs_boot_locate will look for a file in the RO - (COREBOOT) region if it isn't available in the active RW region. + When this option is enabled, the CBFS code will look for a file in the + RO (COREBOOT) region if it isn't available in the active RW region. config VBOOT_EARLY_EC_SYNC bool |