cbfstool: Add support for hashes as file metadata

They allow optimizing a verification of a whole CBFS image by only
dealing with the headers (assuming you choose to trust the hash
algorithm(s)).

The format allows for multiple hashes for a single file, and cbfstool
can handle them, but right now it can't generate such headers.

Loosely based on Sol's work in http://review.coreboot.org/#/c/10147/,
but using the compatible file attribute format. vboot is now a hard
dependency of the build process, but we import it into the tree for
quite a while now.

Change-Id: I9f14f30537d676ce209ad612e7327c6f4810b313
Signed-off-by: Patrick Georgi <patrick@georgi-clan.de>
Reviewed-on: http://review.coreboot.org/11767
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
This commit is contained in:
Patrick Georgi
2015-10-01 15:54:04 +02:00
committed by Patrick Georgi
parent 44853371f1
commit 89f20340d5
5 changed files with 163 additions and 8 deletions

View File

@@ -36,6 +36,10 @@ struct cbfs_image {
* enum comp_algo if it's supported, or a number < 0 otherwise. */
int cbfs_parse_comp_algo(const char *name);
/* Given the string name of a hash algorithm, return the corresponding
* id if it's supported, or a number < 0 otherwise. */
int cbfs_parse_hash_algo(const char *name);
/* Given a pointer, serialize the header from host-native byte format
* to cbfs format, i.e. big-endian. */
void cbfs_put_header(void *dest, const struct cbfs_header *header);
@@ -184,4 +188,10 @@ struct cbfs_file_attribute *cbfs_file_next_attr(struct cbfs_file *file,
struct cbfs_file_attribute *cbfs_add_file_attr(struct cbfs_file *header,
uint32_t tag,
uint32_t size);
/* Adds an extended attribute to header, containing a hash of buffer's data of
* the type specified by hash_type.
* Returns 0 on success, -1 on error. */
int cbfs_add_file_hash(struct cbfs_file *header, struct buffer *buffer,
enum vb2_hash_algorithm hash_type);
#endif