diff options
author | Patrick Georgi <patrick@georgi-clan.de> | 2015-10-01 15:54:04 +0200 |
---|---|---|
committer | Patrick Georgi <pgeorgi@google.com> | 2015-10-01 20:14:26 +0000 |
commit | 89f20340d5a4c14ab76d3612cd33fff8894602ec (patch) | |
tree | a44cf61e958eb121de01bd17bc1cb4691ad8d455 /util/cbfstool/cbfs.h | |
parent | 44853371f108b85a36775b72b894c93b24d7b7f7 (diff) | |
download | coreboot-89f20340d5a4c14ab76d3612cd33fff8894602ec.tar.xz |
cbfstool: Add support for hashes as file metadata
They allow optimizing a verification of a whole CBFS image by only
dealing with the headers (assuming you choose to trust the hash
algorithm(s)).
The format allows for multiple hashes for a single file, and cbfstool
can handle them, but right now it can't generate such headers.
Loosely based on Sol's work in http://review.coreboot.org/#/c/10147/,
but using the compatible file attribute format. vboot is now a hard
dependency of the build process, but we import it into the tree for
quite a while now.
Change-Id: I9f14f30537d676ce209ad612e7327c6f4810b313
Signed-off-by: Patrick Georgi <patrick@georgi-clan.de>
Reviewed-on: http://review.coreboot.org/11767
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Diffstat (limited to 'util/cbfstool/cbfs.h')
-rw-r--r-- | util/cbfstool/cbfs.h | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/util/cbfstool/cbfs.h b/util/cbfstool/cbfs.h index 579afa60a0..86218056cb 100644 --- a/util/cbfstool/cbfs.h +++ b/util/cbfstool/cbfs.h @@ -19,8 +19,11 @@ #ifndef __CBFS_H #define __CBFS_H +#include "common.h" #include <stdint.h> +#include <vb2_api.h> + /* cbfstool will fail when trying to build a cbfs_file header that's larger * than MAX_CBFS_FILE_HEADER_BUFFER. 1K should give plenty of room. */ #define MAX_CBFS_FILE_HEADER_BUFFER 1024 @@ -107,6 +110,7 @@ struct cbfs_file_attribute { #define CBFS_FILE_ATTR_TAG_UNUSED 0 #define CBFS_FILE_ATTR_TAG_UNUSED2 0xffffffff #define CBFS_FILE_ATTR_TAG_COMPRESSION 0x42435a4c +#define CBFS_FILE_ATTR_TAG_HASH 0x68736148 struct cbfs_file_attr_compression { uint32_t tag; @@ -116,6 +120,14 @@ struct cbfs_file_attr_compression { uint32_t decompressed_size; } __PACKED; +struct cbfs_file_attr_hash { + uint32_t tag; + uint32_t len; + uint32_t hash_type; + /* hash_data is len - sizeof(struct) bytes */ + uint8_t hash_data[]; +} __PACKED; + struct cbfs_stage { uint32_t compression; uint64_t entry; @@ -203,6 +215,23 @@ static struct typedesc_t filetypes[] unused = { {CBFS_COMPONENT_NULL, "null"} }; +static const struct typedesc_t types_cbfs_hash[] unused = { + {VB2_HASH_INVALID, "none"}, + {VB2_HASH_SHA1, "sha1"}, + {VB2_HASH_SHA256, "sha256"}, + {VB2_HASH_SHA512, "sha512"}, + {0, NULL} +}; + +static size_t widths_cbfs_hash[] unused = { + [VB2_HASH_INVALID] = 0, + [VB2_HASH_SHA1] = 20, + [VB2_HASH_SHA256] = 32, + [VB2_HASH_SHA512] = 64, +}; + +#define CBFS_NUM_SUPPORTED_HASHES ARRAY_SIZE(widths_cbfs_hash) + #define CBFS_SUBHEADER(_p) ( (void *) ((((uint8_t *) (_p)) + ntohl((_p)->offset))) ) /* cbfs_image.c */ |