From 272a1f05b943d781acb8c04c01874bde9df3b774 Mon Sep 17 00:00:00 2001 From: Aaron Durbin Date: Tue, 15 Dec 2015 18:00:30 -0600 Subject: cbfstool: Add 'hashcbfs' command to compute hash of CBFS region. For the purposes of maintaining integrity of a CBFS allow one to hash a CBFS over a given region. The hash consists of all file metadata and non-empty file data. The resulting digest is saved to the requested destination region. BUG=chrome-os-partner:48412 BUG=chromium:445938 BRANCH=None TEST=Integrated with glados chrome os build. vboot verification works using the same code to generate the hash in the tooling as well as at runtime on the board in question. Change-Id: Ib0d6bf668ffd6618f5f73e1217bdef404074dbfc Signed-off-by: Aaron Durbin Reviewed-on: https://review.coreboot.org/12790 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi --- util/cbfstool/cbfs_hash.c | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 util/cbfstool/cbfs_hash.c (limited to 'util/cbfstool/cbfs_hash.c') diff --git a/util/cbfstool/cbfs_hash.c b/util/cbfstool/cbfs_hash.c new file mode 100644 index 0000000000..332a59b35d --- /dev/null +++ b/util/cbfstool/cbfs_hash.c @@ -0,0 +1,33 @@ +/* + * This file is part of the coreboot project. + * + * Copyright 2015 Google Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include +#include + +int cbfs_calculate_hash(void *cbfs, size_t cbfs_sz, + enum vb2_hash_algorithm hash_algo, + void *digest, size_t digest_sz); + +int cbfs_calculate_hash(void *cbfs, size_t cbfs_sz, + enum vb2_hash_algorithm hash_algo, + void *digest, size_t digest_sz) +{ + struct mem_region_device mdev; + + mem_region_device_init(&mdev, cbfs, cbfs_sz); + + return cbfs_vb2_hash_contents(&mdev.rdev, + hash_algo, digest, digest_sz); +} -- cgit v1.2.3