From 821004776ffbf2a7d0bc321bdf094cff13dfcc09 Mon Sep 17 00:00:00 2001 From: Wim Vervoorn Date: Mon, 27 Jan 2020 15:47:44 +0100 Subject: vendorcode/eltan/security: Switch to vb2 vboot library The eltan verified_boot is using the vboot 2.1 data structures and code, as well as the fwlib21 build target, they are all deprecated. Refer to CB:37654 for more information. The verified_boot code is updated to use the vb2 structures and code and make sure only public functions are used. BUG=N/A TEST=build Change-Id: I1e1a7bce6110fe35221a4d7a47c1eb7c7074c318 Signed-off-by: Wim Vervoorn Reviewed-on: https://review.coreboot.org/c/coreboot/+/38590 Tested-by: build bot (Jenkins) Reviewed-by: Frans Hendriks --- src/vendorcode/eltan/security/lib/Makefile.inc | 60 -------------------------- src/vendorcode/eltan/security/lib/cb_sha.c | 38 ---------------- 2 files changed, 98 deletions(-) delete mode 100644 src/vendorcode/eltan/security/lib/Makefile.inc delete mode 100644 src/vendorcode/eltan/security/lib/cb_sha.c (limited to 'src/vendorcode/eltan/security/lib') diff --git a/src/vendorcode/eltan/security/lib/Makefile.inc b/src/vendorcode/eltan/security/lib/Makefile.inc deleted file mode 100644 index 2e11fb5a00..0000000000 --- a/src/vendorcode/eltan/security/lib/Makefile.inc +++ /dev/null @@ -1,60 +0,0 @@ -# -# This file is part of the coreboot project. -# -# Copyright (C) 2018-2019 Eltan B.V. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# - -# call with $1 = stage name to create rules for building the library -# for the stage and adding it to the stage's set of object files. -define vendor-security-lib -VEN_SEC_LIB_$(1) = $(obj)/external/ven_sec_lib-$(1)/vboot_fw21.a -VEN_SEC_CFLAGS_$(1) += $$(patsubst -I%,-I$(top)/%,\ - $$(patsubst $(src)/%.h,$(top)/$(src)/%.h,\ - $$(filter-out -I$(obj), $$(CPPFLAGS_$(1))))) -VEN_SEC_CFLAGS_$(1) += $$(CFLAGS_$(1)) -VEN_SEC_CFLAGS_$(1) += $$($(1)-c-ccopts) -VEN_SEC_CFLAGS_$(1) += -I$(abspath $(obj)) -Wno-missing-prototypes - -$$(VEN_SEC_LIB_$(1)): $(obj)/config.h - printf " MAKE $(subst $(obj)/,,$(@))\n" - +FIRMWARE_ARCH=$$(ARCHDIR-$$(ARCH-$(1)-y)) \ - CC="$$(CC_$(1))" \ - CFLAGS="$$(VEN_SEC_CFLAGS_$(1))" VBOOT2="y" \ - $(MAKE) -C $(VBOOT_SOURCE) \ - BUILD=$$(abspath $$(dir $$(VEN_SEC_LIB_$(1)))) \ - V=$(V) \ - fwlib21 -endef # vendor-security-for-stage - -CFLAGS_common += -I3rdparty/vboot/firmware/2lib/include -CFLAGS_common += -I3rdparty/vboot/firmware/lib21/include - -ifneq ($(filter y,$(CONFIG_VENDORCODE_ELTAN_VBOOT) $(CONFIG_VENDORCODE_ELTAN_MBOOT)),) - -bootblock-y += cb_sha.c -bootblock-y += ../../../../security/vboot/vboot_logic.c -$(eval $(call vendor-security-lib,bootblock)) -bootblock-srcs += $(obj)/external/ven_sec_lib-bootblock/vboot_fw21.a - -postcar-y += cb_sha.c -$(eval $(call vendor-security-lib,postcar)) -postcar-srcs += $(obj)/external/ven_sec_lib-postcar/vboot_fw21.a - -ramstage-y += cb_sha.c -$(eval $(call vendor-security-lib,ramstage)) -ramstage-srcs += $(obj)/external/ven_sec_lib-ramstage/vboot_fw21.a - -romstage-y += cb_sha.c -$(eval $(call vendor-security-lib,romstage)) -romstage-srcs += $(obj)/external/ven_sec_lib-romstage/vboot_fw21.a - -endif \ No newline at end of file diff --git a/src/vendorcode/eltan/security/lib/cb_sha.c b/src/vendorcode/eltan/security/lib/cb_sha.c deleted file mode 100644 index 20a84afacc..0000000000 --- a/src/vendorcode/eltan/security/lib/cb_sha.c +++ /dev/null @@ -1,38 +0,0 @@ -/* - * This file is part of the coreboot project. - * - * Copyright (C) 2019 Eltan B.V. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; version 2 of the License. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - */ - -#include - -vb2_error_t cb_sha_little_endian(enum vb2_hash_algorithm hash_alg, const uint8_t *data, - uint32_t len, uint8_t *digest) -{ - int i; - int rv; - uint32_t digest_size = vb2_digest_size(hash_alg); - uint8_t result[VB2_MAX_DIGEST_SIZE]; - - if (!digest_size) - return VB2_ERROR_SHA_INIT_ALGORITHM; - - rv = vb2_digest_buffer(data, len, hash_alg, (uint8_t *)&result, digest_size); - if (rv) - return rv; - - for (i = 0; i < digest_size; ++i) { - /* use little endian */ - digest[digest_size - i - 1] = result[i]; - } - return rv; -} -- cgit v1.2.3