From 4bfbabdb54ed6a56bdfa9e703b49f4ed7d9a6acc Mon Sep 17 00:00:00 2001 From: Julius Werner Date: Wed, 6 May 2020 17:27:02 -0700 Subject: cbfstool: Support CONFIG_CBFS_VERIFICATION and metadata hash anchor This patch adds support for the new CONFIG_CBFS_VERIFICATION feature to cbfstool. When CBFS verification is enabled, cbfstool must automatically add a hash attribute to every CBFS file it adds (with a handful of exceptions like bootblock and "header" pseudofiles that are never read by coreboot code itself). It must also automatically update the metadata hash that is embedded in the bootblock code. It will automatically find the metadata hash by scanning the bootblock for its magic number and use its presence to auto-detect whether CBFS verification is enabled for an image (and which hash algorithm to use). Signed-off-by: Julius Werner Change-Id: I61a84add8654f60c683ef213b844a11b145a5cb7 Reviewed-on: https://review.coreboot.org/c/coreboot/+/41121 Reviewed-by: Angel Pons Tested-by: build bot (Jenkins) --- util/cbfstool/cbfs_glue.h | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 util/cbfstool/cbfs_glue.h (limited to 'util/cbfstool/cbfs_glue.h') diff --git a/util/cbfstool/cbfs_glue.h b/util/cbfstool/cbfs_glue.h new file mode 100644 index 0000000000..11786bece4 --- /dev/null +++ b/util/cbfstool/cbfs_glue.h @@ -0,0 +1,27 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ + +#ifndef _CBFS_GLUE_H_ +#define _CBFS_GLUE_H_ + +#include "cbfs_image.h" + +#define CBFS_ENABLE_HASHING 1 + +typedef const struct cbfs_image *cbfs_dev_t; + +static inline ssize_t cbfs_dev_read(cbfs_dev_t dev, void *buffer, size_t offset, size_t size) +{ + if (buffer_size(&dev->buffer) < offset || + buffer_size(&dev->buffer) - offset < size) + return -1; + + memcpy(buffer, buffer_get(&dev->buffer) + offset, size); + return size; +} + +static inline size_t cbfs_dev_size(cbfs_dev_t dev) +{ + return buffer_size(&dev->buffer); +} + +#endif /* _CBFS_GLUE_H_ */ -- cgit v1.2.3