/* SPDX-License-Identifier: GPL-2.0-only */
/* This file is part of the coreboot project. */

#ifndef VBOOT_CHECK_H
#define VBOOT_CHECK_H

#include <cbfs.h>
#include <device/device.h>
#include <device/pci.h>
#include <lib.h>
#include CONFIG_VENDORCODE_ELTAN_VBOOT_MANIFEST
#include <console/console.h>
#include <vb2_sha.h>
#include <string.h>
#include <program_loading.h>
#include <mboot.h>

#define VERIFIED_BOOT_COPY_BLOCK	0x80000000
/* These method verifies the SHA256 hash over the 'named' CBFS component.
 * 'type' denotes the type of CBFS component i.e. stage, payload or fsp.
 */
void verified_boot_bootblock_check(void);
void verified_boot_early_check(void);

int verified_boot_check_manifest(void);

void verified_boot_check_cbfsfile(const char *name, uint32_t type,
	uint32_t hash_index, void **buffer, uint32_t *filesize, int32_t pcr);

typedef enum {
	VERIFY_TERMINATOR = 0,
	VERIFY_FILE,
	VERIFY_BLOCK,
	VERIFY_OPROM

} verify_type;

typedef struct {
	verify_type type;
	const char *name;
	union {
		struct {
			const void *related_items;
			uint32_t cbfs_type;
		} file;
		struct {
			const void *start;
			uint32_t size;
		} block;
		struct {
			const void *related_items;
			uint32_t viddev;
		} oprom;
	} data;
	uint32_t hash_index;
	int32_t pcr;
} verify_item_t;

void process_verify_list(const verify_item_t list[]);

extern const verify_item_t bootblock_verify_list[];
extern const verify_item_t romstage_verify_list[];
extern const verify_item_t postcar_verify_list[];
extern const verify_item_t ramstage_verify_list[];
extern const verify_item_t payload_verify_list[];
extern const verify_item_t oprom_verify_list[];

#endif //VBOOT_CHECK_H