sravan/system76-coreboot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

util/amdfwtool: Add ability to split hash table

Browse Source 
Hash table containing hashes of all signed PSP binaries is compiled at
build time and installed into the concerned CBFS. During boot, PSP
verstage reads the hash table binary and passes it to PSP bootloader.
PSP bootloader in turn uses the hash table to verify the signed PSP
binaries. Currently the hashes for all the signed PSP binaries are
compiled into one hash table. On upcoming platforms with more number of
signed PSP binaries, PSP bootloader does not have resources to handle
one monolithic hash table. Instead PSP bootloader recommends splitting
them into smaller hash tables (currently limited to 3 hash tables).

Update amdfwtool tool to support splitting hash tables. This is done by
adding an optional hash table id to the entries in the amdfw.cfg file.
By default, one hash table binary is always compiled and it's name is of
the format ${signed_rom}.hash. If an entry has a hash table id defined,
then this utility will compile a separate hash table binary whose name
is of the format ${signed_rom}.${N}.hash where N is the hash table id.

BUG=b:277292697
TEST=Build Skyrim BIOS image and boot to OS. Ensure that the hash table
is identical with and without this change. Perform suspend/resume
cycles, warm/cold reset cycles for 50 iterations each.
TEST=Artificially inject hash table id against some entries in
amdfw.cfg and ensure that the concerned hash table binaries are getting
compiled.

Change-Id: I7ef338d67695a34c33b5c166924832939f381191
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/75188
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
This commit is contained in:
Karthikeyan Ramasubramanian
2023-05-03 13:34:41 -06:00
committed by Karthik Ramasubramanian
parent 3b89102935
commit d7a5d9e9da
3 changed files with 128 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
util/amdfwtool/amdfwtool.h
View File

@@ -356,6 +356,7 @@ typedef struct _amd_fw_entry {
/* Some files that don't have amd_fw_header have to be skipped from hashing. These files
include but not limited to: *iKek*, *.tkn, *.stkn */
bool skip_hashing;
uint8_t hash_tbl_id;
uint32_t num_hash_entries;
amd_fw_entry_hash *hash_entries;
bool generate_manifest;
@@ -390,6 +391,9 @@ struct amd_fw_header {
uint8_t reserved_80[128];
} __packed;
/* Based on the available PSP resources and increasing number of signed PSP binaries,
AMD recommends to split the hash table into 3 parts for now. */
#define MAX_NUM_HASH_TABLES 3
struct psp_fw_hash_table {
uint16_t version;
uint16_t no_of_entries_256;