blob: 9cb11d5384e983d53f45406e60c2f0e348c46d66 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
/* SPDX-License-Identifier: GPL-2.0-only */
/* This file is part of the coreboot project. */
#ifndef VBOOT_CHECK_H
#define VBOOT_CHECK_H
#include <cbfs.h>
#include <device/device.h>
#include <device/pci.h>
#include <lib.h>
#include CONFIG_VENDORCODE_ELTAN_VBOOT_MANIFEST
#include <console/console.h>
#include <vb2_sha.h>
#include <string.h>
#include <program_loading.h>
#include <mboot.h>
#define VERIFIED_BOOT_COPY_BLOCK 0x80000000
/* These method verifies the SHA256 hash over the 'named' CBFS component.
* 'type' denotes the type of CBFS component i.e. stage, payload or fsp.
*/
void verified_boot_bootblock_check(void);
void verified_boot_early_check(void);
int verified_boot_check_manifest(void);
void verified_boot_check_cbfsfile(const char *name, uint32_t type,
uint32_t hash_index, void **buffer, uint32_t *filesize, int32_t pcr);
typedef enum {
VERIFY_TERMINATOR = 0,
VERIFY_FILE,
VERIFY_BLOCK,
VERIFY_OPROM
} verify_type;
typedef struct {
verify_type type;
const char *name;
union {
struct {
const void *related_items;
uint32_t cbfs_type;
} file;
struct {
const void *start;
uint32_t size;
} block;
struct {
const void *related_items;
uint32_t viddev;
} oprom;
} data;
uint32_t hash_index;
int32_t pcr;
} verify_item_t;
void process_verify_list(const verify_item_t list[]);
extern const verify_item_t bootblock_verify_list[];
extern const verify_item_t romstage_verify_list[];
extern const verify_item_t postcar_verify_list[];
extern const verify_item_t ramstage_verify_list[];
extern const verify_item_t payload_verify_list[];
extern const verify_item_t oprom_verify_list[];
#endif //VBOOT_CHECK_H
|
