From patchwork Tue Jul 28 11:55:38 2009 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: coreboot V2 with crypto library Date: Tue, 28 Jul 2009 11:55:38 -0000 From: =?utf-8?q?Ren=C3=A9_Reuter_=3Creuter=2Erene=40googlemail=2Ecom=3E?= X-Patchwork-Id: 79 Message-Id: <6b2fa9aa0907280455r552ac1e4i156d51445f7aca42@mail.gmail.com> To: Carl-Daniel Hailfinger Cc: coreboot@coreboot.org Sorry didn't used the svn diff tool: Regards, René Index: src/mainboard/emulation/qemu-x86/Options.lb =================================================================== --- src/mainboard/emulation/qemu-x86/Options.lb (Revision 4200) +++ src/mainboard/emulation/qemu-x86/Options.lb (Arbeitskopie) @@ -37,6 +37,7 @@ uses OBJCOPY uses CONFIG_PCI_ROM_RUN uses CONFIG_PCI_OPTION_ROM_RUN_VM86 +uses CONFIG_GDB_STUB uses CONFIG_CONSOLE_SERIAL8250 uses USE_DCACHE_RAM @@ -51,7 +52,6 @@ default DEFAULT_CONSOLE_LOGLEVEL=8 default MAXIMUM_CONSOLE_LOGLEVEL=8 default CONFIG_CBFS=0 - ## ROM_SIZE is the size of boot ROM that this board will use. default ROM_SIZE = 256*1024 @@ -124,5 +124,5 @@ ## default CC="$(CROSS_COMPILE)gcc -m32" default HOSTCC="gcc" - +default CONFIG_GDB_STUB=1 end Index: src/boot/elfboot.c =================================================================== --- src/boot/elfboot.c (Revision 4200) +++ src/boot/elfboot.c (Arbeitskopie) @@ -27,6 +27,8 @@ #include #include #include +#include +#include /* Maximum physical address we can use for the coreboot bounce buffer. */ @@ -34,9 +36,14 @@ #define MAX_ADDR -1UL #endif +#define SHA256_DIGEST_LENGTH 32 + extern unsigned char _ram_seg; extern unsigned char _eram_seg; +static void measure_elf(unsigned char *header, size_t length); +static int measure_and_extend(unsigned char hash); + struct segment { struct segment *next; struct segment *prev; @@ -61,6 +68,30 @@ unsigned short ip_checksum; }; +static void measure_elf(unsigned char *header, size_t length) { + unsigned char md[SHA256_DIGEST_LENGTH]; + + EVP_Digest(header,length,md,NULL,EVP_sha256(),NULL); + // if (memcmp(md,header,sizeof(header))) + // { fflush(stdout); + // fprintf(stderr,"\nMemcpy failed.\n"); + // return 1; + // } + // unsigned char hash = fflush(stdout); + + //write_log_entry_in_tcpa(hash); // Write hash to the acpi table + + measure_and_extend(md); //Write hash to the tpm + return 1; +} + +/* + * Dummy function for tpm capability + */ +static int measure_and_extend(unsigned char hash) { + return 1; +} + int verify_ip_checksum( struct verify_callback *vcb, Elf_ehdr *ehdr, Elf_phdr *phdr, struct segment *head) @@ -500,6 +531,7 @@ len = ptr->s_filesz; } memcpy(dest, &header[start_offset], len); + measure_elf(&header[start_offset], len); //Pass the elf code to the measurement function dest += len; } Index: src/config/Config.lb =================================================================== --- src/config/Config.lb (Revision 4200) +++ src/config/Config.lb (Arbeitskopie) @@ -10,7 +10,7 @@ makedefine GCC_INC_DIR := $(shell LC_ALL=C $(GCC) -print-search-dirs | sed -ne "s/install: \(.*\)/\1include/gp") makedefine CPPFLAGS := -I$(TOP)/src/include -I$(TOP)/src/arch/$(ARCH)/include -I$(GCC_INC_DIR) $(CPUFLAGS) -makedefine CFLAGS := $(CPU_OPT) $(DISTRO_CFLAGS) $(CPPFLAGS) -Os -nostdinc -nostdlib -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs -Werror-implicit-function-declaration -Wstrict-aliasing -Wshadow -fno-common -ffreestanding -fno-builtin -fomit-frame-pointer +makedefine CFLAGS := $(CPU_OPT) $(DISTRO_CFLAGS) $(CPPFLAGS) -O2 -g -nostdinc -nostdlib -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs -Werror-implicit-function-declaration -Wstrict-aliasing -Wshadow -fno-common -ffreestanding -fno-builtin -fomit-frame-pointer if ASSEMBLER_DEBUG makedefine DEBUG_CFLAGS := -g -dA -fverbose-asm Index: src/arch/i386/boot/boot.c =================================================================== --- src/arch/i386/boot/boot.c (Revision 4200) +++ src/arch/i386/boot/boot.c (Arbeitskopie) @@ -84,13 +84,13 @@ adjusted_boot_notes = (unsigned long)&elf_boot_notes; adjusted_boot_notes += adjust; - printk_spew("entry = 0x%08lx\n", (unsigned long)entry); - printk_spew("lb_start = 0x%08lx\n", lb_start); - printk_spew("lb_size = 0x%08lx\n", lb_size); - printk_spew("adjust = 0x%08lx\n", adjust); - printk_spew("buffer = 0x%08lx\n", buffer); - printk_spew(" elf_boot_notes = 0x%08lx\n", (unsigned long)&elf_boot_notes); - printk_spew("adjusted_boot_notes = 0x%08lx\n", adjusted_boot_notes); + printk_debug("entry = 0x%08lx\n", (unsigned long)entry); + printk_debug("lb_start = 0x%08lx\n", lb_start); + printk_debug("lb_size = 0x%08lx\n", lb_size); + printk_debug("adjust = 0x%08lx\n", adjust); + printk_debug("buffer = 0x%08lx\n", buffer); + printk_debug(" elf_boot_notes = 0x%08lx\n", (unsigned long)&elf_boot_notes); + printk_debug("adjusted_boot_notes = 0x%08lx\n", adjusted_boot_notes); /* Jump to kernel */ __asm__ __volatile__( Index: src/arch/i386/include/stddef.h =================================================================== --- src/arch/i386/include/stddef.h (Revision 4200) +++ src/arch/i386/include/stddef.h (Arbeitskopie) @@ -3,8 +3,10 @@ typedef long ptrdiff_t; typedef unsigned long size_t; -typedef long ssize_t; +// hacked +//typedef long ssize_t; + typedef int wchar_t; typedef unsigned int wint_t;