Commit graph

81 commits

Author SHA1 Message Date
Martin Roth
adaab4a97e util: Add SPDX license headers to Makefiles
Signed-off-by: Martin Roth <gaumless@gmail.com>
Change-Id: I7cf35132df0bc23f7b6f78014ddd72d58ea2ab8a
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68983
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Matt DeVillier <matt.devillier@amd.corp-partner.google.com>
Reviewed-by: Elyes Haouas <ehaouas@noos.fr>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
2022-11-22 12:47:09 +00:00
Angel Pons
bb58c1e438 util/cbfstool: Set USE_FLASHROM=0 to build vboot
cbfstool does not need to build vboot with flashrom support.

TEST=./util/abuild/abuild -a --timeless -y -c $(nproc) -Z -t hp/280_g2
     no longer fails due to missing libflashrom.h header.

Change-Id: I57edcb1b67baa4c458874b11e9ca0238b4419c46
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65216
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-by: Felix Singer <felixsinger@posteo.net>
2022-06-19 18:46:04 +00:00
Edward O'Callaghan
774dcffc36 util/cbfstool: Decouple elogtool from vboot_ref flashrom code
Currently elogtool sub-proccesses flashrom as calling libflashrom
requires a missing function from the previous flashrom release.
Pending a new release of flashrom we must continue to use subprocess.

However the current subprocess wrapper implementation lives in
vboot_reference which is a git sub-module of coreboot. This causes
all sorts of grief keeping a subprocess ABI stable from vboot_reference
when the rest of vboot_reference builds of HEAD of the flashrom tree
(i.e., using unreleased libflashrom functions). In order to not keep
finding ourseleves in a bind between the two separately moving trees
with different build environments, decouple elogtool with its own
mini copy of flashrom subprocess wrapping logic.

Squash in,
 util/cbfstool/elogtool.c: Convert args into struct in flashrom helper

  vboot signatures for flashrom r/w helpers changed in the upstream
  commit bd2971326ee94fc5. Reflect the change here to allow vboot ref
  and coreboot to realign.

BUG=b:207808292,b:231152447
TEST=builds with vboot_ref uprev.

Change-Id: I04925e4d9a44b52e4a6fb6f9cec332cab2c7c725
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/65055
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2022-06-16 20:38:41 +00:00
Manoj Gupta
dfb8d80c1a utils/cbfstool: Disable Wstrict-prototypes warning
As recommended on crrev.com/c/3612466 lz4 code is not supposed
to be modified. Since both gcc and clang complain about
functions without explicit void in argument with Wstrict-prototypes,
just disable it instead instead of enabling.

BUG=b:230345382
TEST=llvm tot test
BRANCH=none

Signed-off-by: Manoj Gupta <manojgupta@google.com>
Change-Id: I9f3ae01821447f43b4082598dd618d9f8325dca2
Reviewed-on: https://review.coreboot.org/c/coreboot/+/63936
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2022-05-02 21:02:57 +00:00
Martin Roth
e3e965b13d Revert "util/cbfstool: Port elogtool to libflashrom"
This reverts commit d74b8d9c99.

This change breaks the 'make all' build of the cbfstool tools
from the util/cbfstool directory unless libflashrom-dev is
installed, complaining that flashrom is not installed.

Even with libflashrom-dev installed, it breaks building
elogtool with the public version of libflashrom-dev.

Signed-off-by: Martin Roth <martin@coreboot.org>
Change-Id: I572daa0c0f3998e20a8ed76df21228fdbb384baf
Reviewed-on: https://review.coreboot.org/c/coreboot/+/62404
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: ron minnich <rminnich@gmail.com>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-by: Felix Singer <felixsinger@posteo.net>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2022-02-26 01:24:17 +00:00
Edward O'Callaghan
d74b8d9c99 util/cbfstool: Port elogtool to libflashrom
This also uncouples cbfstool from being overly Chromium
specific. However the main objective is to not subprocess
flashrom any more and instead use the programmatic API.

BUG=b:207808292
TEST=built and ran `elogtool (list|clear|add 0x16 C0FFEE)`.

Change-Id: I79df2934b9b0492a554a4fecdd533a0abe1df231
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/59714
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Sam McNally <sammc@google.com>
2022-01-14 23:10:55 +00:00
Alex James
2219d89d9d cbfstool: Avoid defining _XOPEN_SOURCE
This restricts availability of non-standard functions (such as memmem)
on FreeBSD and macOS. It also isn't necessary on glibc.

Change-Id: Iaee1ce7304c89f128a35a385032fce16a2772b13
Signed-off-by: Alex James <theracermaster@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/60232
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2022-01-04 11:51:06 +00:00
Furquan Shaikh
555f040772 util/cse*: Add cse_helpers.{c,h}
This change moves `read_member` and `write_member` helper functions
out of cse_fpt.c and cse_serger.c into cse_helpers.c to avoid
duplication.

BUG=b:189177186,b:189167923

Change-Id: I7b646b29c9058d892bb0fc9824ef1b4340d2510c
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/58201
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
2021-10-19 16:08:45 +00:00
Furquan Shaikh
d7fb6a90e1 util/cse_serger: Add a new tool for stitching CSE components
This change adds a new tool `cse_serger` which can be used to print,
dump and stitch together different components for the CSE region.

BUG=b:189177186

Change-Id: I90dd809b47fd16afdc80e66431312721082496aa
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55503
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
2021-10-19 16:08:24 +00:00
Furquan Shaikh
796aeeba96 util/cse_fpt: Add a new tool for managing Intel CSE FPT binaries
This change adds a new tool `cse_fpt` which can be used to print and
dump CSE partitions in Flash Partition Table (FPT) format.

BUG=b:189167923

Change-Id: I93c8d33e9baa327cbdab918a14f2f7a039953be6
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55259
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
2021-10-19 16:08:03 +00:00
Ricardo Quesada
c2cf3946c9 util/elogtool: add tool to print elog events
Add a new tool that that prints elog events.
The tool, as input, accepts either a file with the RW_ELOG contents, or
if the file is not provided it reads the contents of RW_ELOG by calling
the "flashrom" tool.

The tool is based on "mosys eventlog list"[1]. For the moment it only
supports "list", but future commits will add additional functionality.

This commit also adds missing ELOG defines needed for the tool. These
defines are added with the rest of the ELOG defines, in
include/commonlib/bsd/elog.h

The tool is placed inside util/cbfstool. The rationale behind the
decision, is that this tool shares a lot in common with the other tools
located in cbfstool: vboot dependency, shared files like common.o and
valstr.o, and in spirit is similar to some of the tools located in
cbfstool/.

As an example, you call the tool like the following:

$ elogtool list -f rw_elog_dump.bin

[1]: https://chromium.googlesource.com/chromiumos/platform/mosys/+/refs/heads/main/lib/eventlog/elog.c

BUG=b:172210863

Signed-off-by: Ricardo Quesada <ricardoq@google.com>
Change-Id: Ia1fe1c9ed3c4c6bda846055d4b10943b54463935
Reviewed-on: https://review.coreboot.org/c/coreboot/+/56406
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Reviewed-by: Jack Rosenthal <jrosenth@chromium.org>
2021-08-05 22:00:35 +00:00
Nico Huber
6cd4d32039 cbfstool: Unset ${DEBUG} when making vboot hostlib
Vboot's Makefile is controlled by a ${DEBUG} environment variable.
As the name is very generic, it may be set by accident without any
intention to change the build. Having it set would break reproduci-
bility at least but it also turns out that the hostlib build would
be incomplete so that linking cbfstool fails due to internal calls
to vb2api_fail() which is not built in.

Change-Id: I2a9eb9a645c70451a320c455b8f24bfed197117c
Signed-off-by: Nico Huber <nico.huber@secunet.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55764
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2021-06-26 10:07:34 +00:00
Idwer Vollering
9a05601341 util/cbfstool: Do not set -D_XOPEN_SOURCE on FreeBSD
Fixes compilation on FreeBSD CURRENT, and possibly other releases.

The compiler, clang, complained about:
util/cbfstool/cbfstool.c:181:40: error: implicit declaration of function 'memmem' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
util/cbfstool/cbfstool.c:181:31: error: incompatible integer to pointer conversion initializing 'struct metadata_hash_anchor *' with an expression of type 'int' [-Werror,-Wint-conversion]

Signed-off-by: Idwer Vollering <vidwer@gmail.com>
Change-Id: I45c02a21709160df44fc8da329f6c4a9bad24478
Reviewed-on: https://review.coreboot.org/c/coreboot/+/53996
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2021-05-10 23:01:52 +00:00
Julius Werner
76dab5f98f cbfstool: Add support for platform "fixups" when modifying bootblock
To support the new CONFIG_CBFS_VERIFICATION feature, cbfstool needs to
update the metadata hash embedded in the bootblock code every time it
adds or removes a CBFS file. This can lead to problems on certain
platforms where the bootblock needs to be specially wrapped in some
platform-specific data structure so that the platform's masked ROM can
recognize it. If that data structure contains any form of hash or
signature of the bootblock code that is checked on every boot, it will
no longer match if cbfstool modifies it after the fact.

In general, we should always try to disable these kinds of features
where possible (they're not super useful anyway). But for platforms
where the hardware simply doesn't allow that, this patch introduces the
concept of "platform fixups" to cbfstool. Whenever cbfstool finds a
metadata hash anchor in a CBFS image, it will run all built-in "fixup
probe" functions on that bootblock to check if it can recognize it as
the wrapper format for a platform known to have such an issue. If so, it
will register a corresponding fixup function that will run whenever it
tries to write back modified data to that bootblock. The function can
then modify any platform-specific headers as necessary.

As first supported platform, this patch adds a fixup for Qualcomm
platforms (specifically the header format used by sc7180), which
recalculates the bootblock body hash originally added by
util/qualcomm/createxbl.py.

(Note that this feature is not intended to support platform-specific
signature schemes like BootGuard directly in cbfstool. For anything that
requires an actual secret key, it should be okay if the user needs to
run a platform-specific signing tool on the final CBFS image before
flashing. This feature is intended for the normal unsigned case (which
on some platforms may be implemented as signing with a well-known key)
so that on a board that is not "locked down" in any way the normal use
case of manipulating an image with cbfstool and then directly flashing
the output file stays working with CONFIG_CBFS_VERIFICATION.)

Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I02a83a40f1d0009e6f9561ae5d2d9f37a510549a
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41122
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2021-03-13 04:17:35 +00:00
Julius Werner
4bfbabdb54 cbfstool: Support CONFIG_CBFS_VERIFICATION and metadata hash anchor
This patch adds support for the new CONFIG_CBFS_VERIFICATION feature to
cbfstool. When CBFS verification is enabled, cbfstool must automatically
add a hash attribute to every CBFS file it adds (with a handful of
exceptions like bootblock and "header" pseudofiles that are never read
by coreboot code itself). It must also automatically update the metadata
hash that is embedded in the bootblock code. It will automatically find
the metadata hash by scanning the bootblock for its magic number and use
its presence to auto-detect whether CBFS verification is enabled for an
image (and which hash algorithm to use).

Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I61a84add8654f60c683ef213b844a11b145a5cb7
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41121
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2021-03-13 04:16:20 +00:00
Martin Roth
92f447aa92 util/cbfstool: Update Makefiles
- Add a distclean target
- Add a help target
- Add the -Wshadow option

Signed-off-by: Martin Roth <martin@coreboot.org>
Change-Id: Ie31d61bd0e28b1e228656dfa09b5ab1996868706
Reviewed-on: https://review.coreboot.org/c/coreboot/+/50848
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2021-02-25 10:03:05 +00:00
Julius Werner
d477565dbd cbfstool: Use cbfs_serialized.h and standard vboot helpers
This patch reduces some code duplication in cbfstool by switching it to
use the CBFS data structure definitions in commonlib rather than its own
private copy. In addition, replace a few custom helpers related to hash
algorithms with the official vboot APIs of the same purpose.

Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I22eae1bcd76d85fff17749617cfe4f1de55603f4
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41117
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
2020-12-03 00:00:33 +00:00
Julius Werner
11298542cd cbfstool: Don't build unneeded commonlib sources
These sources are built but not used by cbfstool. The only .c file in
commonlib/ it really needs is fsp_relocate.c. Get rid of the others.

Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I6ebbb4161874f6279b6dbaffe7c3144226a6f9b9
Reviewed-on: https://review.coreboot.org/c/coreboot/+/46253
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-10-26 06:59:53 +00:00
Patrick Georgi
c6dd4435d2 util/cbfstool: Defuse vboot's openssl linking
Vboot determines openssl through pkgconfig, so pointing its build
system to /bin/true makes the build not break unless it needs to use
valid information about openssl.

Vboot's use of openssl is only for some special features, mostly around
PKCS key format parsing and not needed by cbfstool. While cbfstool
can link vboot, it can't link with openssl because openssl's license
is deliberately incompatible with the GPL.

Change-Id: Ia3825f9625a1964d7cefc47ab3c3a8250ceefafb
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42880
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
2020-07-01 18:06:16 +00:00
Yu-Ping Wu
0beddb5e23 cbfstool: Build vboot library
Currently cbfstool cherry-picks a few files from vboot and hopes these
files will work standalone without any dependencies. This is pretty
brittle (for example, CL:2084062 will break it), and could be improved
by building the whole vboot library and then linking against it.
Therefore, this patch creates a new target $(VBOOT_HOSTLIB) and includes
it as a dependency for cbfstool and ifittool.

To prevent building the vboot lib twice (one for cbfstool and the other
for futility) when building coreboot tools together, add the variable
'VBOOT_BUILD' in Makefile to define a shared build path among different
tools so that vboot files don't need to be recompiled.

Also ignore *.o.d and *.a for vboot library.

BRANCH=none
BUG=none
TEST=make -C util/cbfstool
TEST=make -C util/futility
TEST=Run 'make tools' and make sure common files such as 2sha1.c are
     compiled only once
TEST=emerge-nami coreboot-utils

Change-Id: Ifc826896d895f53d69ea559a88f75672c2ec3146
Signed-off-by: Yu-Ping Wu <yupingso@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/39390
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2020-03-23 08:34:23 +00:00
Julius Werner
d6900a96e0 cbfstool: Set deprecated _BSD_SOURCE and _SVID_SOURCE macros
In glibc feature control macros, _DEFAULT_SOURCE is the shorthand to
tell glibc to enable "all the default stuff", meaning POSIX, BSD and
System V interfaces. However, this macro is somewhat recent and older
glibc versions (e.g. 2.12) are still occasionally in use that don't
recognize it yet. For the benefits of users with these versions, let's
also enable the deprecated _BSD_SOURCE and _SVID_SOURCE macros which
essentially achieve the same thing. We must continue to define
_DEFAULT_SOURCE so that newer glibc versions don't throw a deprecation
warning.

This patch should make BSD-style byteswap macros like le32toh()
available on these older glibc versions.

Change-Id: I019bbcf738a1bcdccd7b299bdde29cd4d4ded134
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38638
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
2020-01-31 20:36:40 +00:00
Julius Werner
98eeb96135 commonlib: Add commonlib/bsd
This patch creates a new commonlib/bsd subdirectory with a similar
purpose to the existing commonlib, with the difference that all files
under this subdirectory shall be licensed under the BSD-3-Clause license
(or compatible permissive license). The goal is to allow more code to be
shared with libpayload in the future.

Initially, I'm going to move a few files there that have already been
BSD-licensed in the existing commonlib. I am also exracting most
contents of the often-needed <commonlib/helpers.h> as long as they have
either been written by me (and are hereby relicensed) or have an
existing equivalent in BSD-licensed libpayload code. I am also
relicensing <commonlib/compression.h> (written by me) and
<commonlib/compiler.h> (same stuff exists in libpayload).

Finally, I am extracting the cb_err error code definitions from
<types.h> into a new BSD-licensed header so that future commonlib/bsd
code can build upon a common set of error values. I am making the
assumption here that the enum constants and the half-sentence fragments
of documentation next to them by themselves do not meet the threshold of
copyrightability.

Change-Id: I316cea70930f131e8e93d4218542ddb5ae4b63a2
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38420
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
2020-01-28 06:36:13 +00:00
Nico Huber
591dbfe295 util/cbfstool: Further reduce warnings for lz4 code
If the compiler fails to inline all the FORCE_INLINE functions, it will
complain.

Change-Id: I7b8349c9a3d53c47ac189f02b296600abac8a0cf
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37734
Reviewed-by: Idwer Vollering <vidwer@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-12-16 09:43:17 +00:00
Julius Werner
3833f0ffdb cbfstool: Bump C version to C11
cbfstool depends on vboot headers, and vboot expects to be able to use
modern C features like _Static_assert(). It just so happens that it
doesn't do that in any headers included from cbfstool right now, but
that may change. Let's switch cbfstool to a newer version to prevent
that from becoming a problem.

Change-Id: I884e1bdf4ec21487ddb1bca57ef5dc2104cf8e0e
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37666
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2019-12-12 20:59:41 +00:00
Marshall Dawson
30cf155168 util/cbfstool: Add AMD BIOS compression tool for PSP
Add a utility to generate a compressed BIOS image for AMD Family 17h.

If the input is an elf file, the utility extracts the program portion
for compression.  Otherwise the file is compressed as-is.

In modern AMD systems, the PSP brings up DRAM then uncompresses the
BIOS image into memory prior to x86 beginning execution.  The PSP
supports a zlib engine, and interprets the first 256 bytes as a
header, where offset 0x14 containing the uncompressed size.  For
further details, see AMD Platform Security Processor BIOS Architecture
Design Guide for AMD Family 17h Processors (NDA only, #55758).

BUG=b:127766506
TEST=Use with WIP Picasso

Change-Id: Id1c54e0a6dae9e4a0362c6635fe8b8aa48a369d8
Signed-off-by: Marshall Dawson <marshalldawson3rd@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33401
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
2019-07-03 21:28:43 +00:00
Patrick Rudolph
9ab80a33a5 cbfstool: Drop update-fit option
The ifittool is used instead. Drop old code.

Change-Id: I70fec5fef9ffd1ba3049badb398783f31aefb02f
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31496
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2019-06-24 09:45:00 +00:00
Philipp Deppenwiese
5ada0023d1 cbfstool: Add ifittool
Add the IntelFirmwareInterfaceTable-tool to modify the FIT.
As cbfstool is overloaded with arguments, introduce a new tool
to only modify FIT, which brings it's own command line syntax.

Provide clean interface to:
* Clear FIT
* Add entry to CBFS file
* Add entry to REGION
* Delete entries
* Add support for types other than 1
* Add support to dump current table
* Add support for top-swap
* Sort entries by type

Most code is reused from existing cbfstool and functionality of cbfstool
is kept. It will be removed once the make system uses only ifittool.

Based on "Intel Trusted Execution Technology (Intel TXT) LAB Handout"
and https://github.com/slimbootloader/slimbootloader .

Change-Id: I0fe8cd70611d58823aca1147d5b830722ed72bd5
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/31493
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2019-06-24 09:42:31 +00:00
Joel Kitching
2eb89c8b14 vboot: include vb2_sha.h when required
Should include vb2_sha.h header when SHA library functions or
constants are required.  This replaces NEED_VB2_SHA_LIBRARY.

BUG=b:124141368, chromium:956474
TEST=make clean && make test-abuild
BRANCH=none

Change-Id: I9f32174dbf3de05fbe5279cb8017888757abf368
Signed-off-by: Joel Kitching <kitching@google.com>
Cq-Depend: chromium:1583820
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32454
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-05-09 06:32:44 +00:00
Nico Huber
d44221f9c8 Move compiler.h to commonlib
Its spreading copies got out of sync. And as it is not a standard header
but used in commonlib code, it belongs into commonlib. While we are at
it, always include it via GCC's `-include` switch.

Some Windows and BSD quirk handling went into the util copies. We always
guard from redefinitions now to prevent further issues.

Change-Id: I850414e6db1d799dce71ff2dc044e6a000ad2552
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/28927
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-10-08 16:57:27 +00:00
Patrick Georgi
d42eb37be4 util/cbfstool: Fix build with armv7-eabi cross compiler
We recently changed all PACKED, __PACKED, __attribute__((packed)) ... to
__packed to gain some consistency. In cbfstool we use compiler.h to
provide that where necessary.

The cross compiler I use doesn't provide __packed by itself, but liblz4
doesn't compensate for that. Therefore include compiler.h, and to avoid
adding dependencies to non-liblz4 code, do so through the command line.

Change-Id: I581e45639ac3e103af7c16793e8effe2e632dec7
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/20836
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2017-08-02 09:55:11 +00:00
Patrick Georgi
c88d16baaf util/cbfstool: Add cbfs-compression-tool
cbfs-compression-tool provides a way to benchmark the compression
algorithms as used by cbfstool (and coreboot) and allows to
pre-compress data for later consumption by cbfstool (once it supports
the format).

For an impression, the benchmark's results on my machine:

measuring 'none'
compressing 10485760 bytes to 10485760 took 0 seconds
measuring 'LZMA'
compressing 10485760 bytes to 1736 took 2 seconds
measuring 'LZ4'
compressing 10485760 bytes to 41880 took 0 seconds

And a possible use for external compression, parallel and non-parallel
(60MB in 53 files compressed to 650KB on a machine with 40 threads):

$ time (ls -1 *.* |xargs -n 1 -P $(nproc) -I '{}' cbfs-compression-tool compress '{}' out/'{}' LZMA)

real	0m0.786s
user	0m11.440s
sys	0m0.044s

$ time (ls -1 *.* |xargs -n 1 -P 1 -I '{}' cbfs-compression-tool compress '{}' out/'{}' LZMA)

real	0m10.444s
user	0m10.280s
sys	0m0.064s

Change-Id: I40be087e85d09a895b1ed277270350ab65a4d6d4
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/18099
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
2017-01-12 21:40:25 +01:00
Patrick Georgi
8474e7d7e8 util/cbfstool: compile with -O2 by default
This speeds up the lzma encoder approximately four-fold.

Change-Id: Ibf896098799693ddd0f8a6c74bda2e518ecea869
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/18098
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2017-01-12 21:40:00 +01:00
Paul Kocialkowski
61486b506d Use VBOOT_SOURCE instead of hardcoding vboot path
This replaces all occurrences of a hardcoded vboot path to the
VBOOT_SOURCE variable, that may be overridden from the command line,
witch fallback to the source from 3rdparty.

Change-Id: Ia57d498d38719cc71e17060b76b0162c4ab363ed
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Reviewed-on: https://review.coreboot.org/15825
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
2016-08-08 12:17:00 +02:00
Patrick Georgi
2b80734811 fmaptool: Accept hex values with uppercase letters
Due to a newer flex version with which the scanner was recreated, we
also have to make the compiler less strict on the generated code.

Change-Id: I3758c0dcb2f5661d072b54a30d6a4ebe094854e6
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: https://review.coreboot.org/15482
Tested-by: build bot (Jenkins)
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
2016-07-04 12:17:51 +02:00
Furquan Shaikh
233f1b6a38 ifwitool: Add new tool for managing IFWI images
- Supports following operations:
 1. add raw/dir sub-partition
 2. extract raw/dir sub-partition
 3. print info
 4. delete raw sub-partition
 5. replace raw/dir sub-partition

Change-Id: I683a0ab13cc50eb60eecca34db4a8ffefc8dccbd
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/14896
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-05-30 23:51:42 +02:00
Furquan Shaikh
b0c2fe0554 cbfstool/fsp: Rename fsp1_1_relocate
FSP 2.0 uses the same relocate logic as FSP 1.1. Thus, rename
fsp1_1_relocate to more generic fsp_component_relocate that can be
used by cbfstool to relocate either FSP 1.1 or FSP 2.0
components. Allow FSP1.1 driver to still call fsp1_1_relocate which
acts as a wrapper for fsp_component_relocate.

Change-Id: I14a6efde4d86a340663422aff5ee82175362d1b0
Signed-off-by: Furquan Shaikh <furquan@google.com>
Reviewed-on: https://review.coreboot.org/14749
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
2016-05-11 18:38:28 +02:00
Aaron Durbin
62c8dbe970 Revert "cbfstool: Add 'hashcbfs' command to compute hash of CBFS region."
This reverts commit 272a1f05b9.

In Chrome OS this command's usage was dropped in favor of another
solution. As it's not used drop the support for it.

Change-Id: I58b51446d3a8b5fed7fc391025225fbe38ffc007
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/14261
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Martin Roth <martinroth@google.com>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2016-04-07 22:24:48 +02:00
Paul Menzel
8b831da586 Revert "cbfstool: Silence LZ4 -Wsign-compare warnings"
This reverts commit 17cb0370a7.

It’s the wrong thing to do, to just disable the warning. The code is
fixed for 32-bit user space now in Change-Id
I85bee25a69c432ef8bb934add7fd2e2e31f03662 (commonlib/lz4_wrapper: Use
correct casts to ensure valid calculations), so enable the warning
again.

Change-Id: I6d1c62c7b4875da8053c25e640c03cedf0ff2916
Signed-off-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-on: https://review.coreboot.org/13772
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins)
2016-02-24 19:27:13 +01:00
Julius Werner
17cb0370a7 cbfstool: Silence LZ4 -Wsign-compare warnings
It seems that the exact behavior of -Wsign-compare changes between GCC
versions... some of them like the commonlib/lz4_wrapper.c code, and some
don't. Since we don't have a well-defined HOSTCC toolchain this slipped
through pre-commit testing. Explicitly silence the warning to ensure
cbfstool still builds on all systems.

Change-Id: I43f951301d3f14ce34dadbe58e885b82d21d6353
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/13769
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-02-23 04:52:44 +01:00
Julius Werner
09f2921b5d cbfs: Add LZ4 in-place decompression support for pre-RAM stages
This patch ports the LZ4 decompression code that debuted in libpayload
last year to coreboot for use in CBFS stages (upgrading the base
algorithm to LZ4's dev branch to access the new in-place decompression
checks). This is especially useful for pre-RAM stages in constrained
SRAM-based systems, which previously could not be compressed due to
the size requirements of the LZMA scratchpad and bounce buffer. The
LZ4 algorithm offers a very lean decompressor function and in-place
decompression support to achieve roughly the same boot speed gains
(trading compression ratio for decompression time) with nearly no
memory overhead.

For now we only activate it for the stages that had previously not been
compressed at all on non-XIP (read: non-x86) boards. In the future we
may also consider replacing LZMA completely for certain boards, since
which algorithm wins out on boot speed depends on board-specific
parameters (architecture, processor speed, SPI transfer rate, etc.).

BRANCH=None
BUG=None
TEST=Built and booted Oak, Jerry, Nyan and Falco. Measured boot time on
Oak to be about ~20ms faster (cutting load times for affected stages
almost in half).

Change-Id: Iec256c0e6d585d1b69985461939884a54e3ab900
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/13638
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-02-22 21:38:37 +01:00
Aaron Durbin
272a1f05b9 cbfstool: Add 'hashcbfs' command to compute hash of CBFS region.
For the purposes of maintaining integrity of a CBFS allow one to
hash a CBFS over a given region. The hash consists of all file
metadata and non-empty file data. The resulting digest is saved
to the requested destination region.

BUG=chrome-os-partner:48412
BUG=chromium:445938
BRANCH=None
TEST=Integrated with glados chrome os build. vboot verification
     works using the same code to generate the hash in the tooling
     as well as at runtime on the board in question.

Change-Id: Ib0d6bf668ffd6618f5f73e1217bdef404074dbfc
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/12790
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2016-01-06 01:12:38 +01:00
Stefan Reinauer
354c11d10e cbfstool: Make sure fileno is available on Cygwin
This patch fixes compilation of cbfstool on Cygwin.

As reported in http://review.coreboot.org/#/c/10027
cbfstool on Cygwin likes to be compiled with -D_GNU_SOURCE.
That patch was abandoned because it would unwantedly turn on
more GNU extensions. Instead of doing that, only enable the
define on Cygwin, switch to -std=gnu99 instead of -std=c99 to
make fileno and strdup actually available.
A MINGW32 check that was forgotten in Makefile was copied over
from Makefile.inc to keep the two files in sync.

This patch has no impact on non-Windows builds.

Change-Id: I068b181d67daf9c7280110e64aefb634aa20c69b
Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-on: http://review.coreboot.org/11667
Reviewed-by: Ronald G. Minnich <rminnich@gmail.com>
Tested-by: build bot (Jenkins)
2015-10-23 20:44:35 +02:00
Aaron Durbin
8a414a0943 cbfstool: relocate FSP blobs on cbfstool add
When adding an FSP blob relocate it to its final
destination. This allows FSP to not be hard coded in
the cbfs. In order for the include paths to work
correctly w/ the edk 2 headers we need to supply
a neutered ProcessorBind.h to match up with the
tool environment such that one can get the UEFI
Platform Initialization type definitions.

BUG=chrome-os-partner:44827
BRANCH=None
TEST=Built glados and booted. Also added FSP with -b and manually
     adjusted location in fsp cache-as-ram. Booted as well.

Change-Id: I830d93578fdf745a51195109cf18d94a83ee8cd3
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/11778
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-10-02 12:17:21 +00:00
Werner Zeh
8c3780a142 cbfstool: Allow anonymous structs/unions for older gcc versions
Older gcc versions throws a warning when a struct or union is
declared without a valid name (anonymous). This patch enables the
feature for older gcc versions so that no warning will be issued.

Change-Id: Idc5481f4d5723c5090a6f7d7dbb0686a737e11fc
Signed-off-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-on: http://review.coreboot.org/11779
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-10-02 08:54:51 +00:00
Patrick Georgi
89f20340d5 cbfstool: Add support for hashes as file metadata
They allow optimizing a verification of a whole CBFS image by only
dealing with the headers (assuming you choose to trust the hash
algorithm(s)).

The format allows for multiple hashes for a single file, and cbfstool
can handle them, but right now it can't generate such headers.

Loosely based on Sol's work in http://review.coreboot.org/#/c/10147/,
but using the compatible file attribute format. vboot is now a hard
dependency of the build process, but we import it into the tree for
quite a while now.

Change-Id: I9f14f30537d676ce209ad612e7327c6f4810b313
Signed-off-by: Patrick Georgi <patrick@georgi-clan.de>
Reviewed-on: http://review.coreboot.org/11767
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-10-01 20:14:26 +00:00
Paul Kocialkowski
34ce438e6f cbfstool: Proper commonlib include path with no dependency on $(src)
$(src) is not defined when building directly from the cbfs directory (that is,
when building cbfs as standalone, running make in the cbfs directory), so we
need to define the path to the commonlib include path relative to $(top).

Change-Id: I72e80b030d4a156ec653ded5ab1457b16f612526
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Reviewed-on: http://review.coreboot.org/11706
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Tested-by: build bot (Jenkins)
2015-09-24 17:08:20 +00:00
Aaron Durbin
dc9f5cd546 coreboot: introduce commonlib
Instead of reaching into src/include and re-writing code
allow for cleaner code sharing within coreboot and its
utilities. The additional thing needed at this point is
for the utilities to provide a printk() declaration within
a <console/console.h> file. That way code which uses printk()
can than be mapped properly to verbosity of utility parameters.

Change-Id: I9e46a279569733336bc0a018aed96bc924c07cdd
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/11592
Tested-by: build bot (Jenkins)
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2015-09-22 21:21:34 +00:00
Patrick Georgi
cdeb1c4f61 cbfstool: actually use no-ms-bitfields flag on mingw
It was added to an unused variable.

Change-Id: I869ffdda7e04b5c615931473c760d66b803fb98b
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/11673
Tested-by: build bot (Jenkins)
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2015-09-17 07:40:44 +00:00
Aaron Durbin
4be1674d32 cbfstool: add --xip support to add-stage for x86
Instead of going through the locate then add-stage
dance while linking romstage twice allow for adding romstage
with --xip flags to perform the relocation while adding it
into CBFS. The -P (page-size) and -a (alignment) parameters
were added as well so one could specify the necessary
parameters for x86 romstage.

BUG=chrome-os-partner:44827
BRANCH=None
TEST=Built and booted on glados.

Change-Id: I585619886f257e35f00961a1574009a51c28ff2b
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: http://review.coreboot.org/11669
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2015-09-16 14:11:10 +00:00
Jonathan A. Kollasch
9d6a17b549 util/cbfstool: use _XOPEN_SOURCE=700 to find strdup(3)
Change-Id: I974c6c8733356cc8ea4e0505136a34b6055abf0c
Signed-off-by: Jonathan A. Kollasch <jakllsch@kollasch.net>
Reviewed-on: http://review.coreboot.org/10809
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins)
2015-07-07 02:14:08 +02:00