License header for the `gitconfig.sh` was copied from the Makefile it
was extracted from in commit 9ab8ae6a (util/gitconfig: Make gitconfig
a bash script).
License header for the pre-commit hook names Patrick Georgi as the
copyright holder as he is the original author.
Change-Id: Ie051e5e6ae7571050ece383e6be8236ed7d1ddd9
Signed-off-by: Alex Thiessen <alex.thiessen.de+coreboot@gmail.com>
Reviewed-on: https://review.coreboot.org/23097
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
When running `make gitconfig` on a freshly cloned repository, the script
will wait for user input without a prompt in a call to `sed`, caused by
a spurious newline introduced in commit 9ab8ae6a (util/gitconfig: Make
gitconfig a bash script).
Change-Id: I2aa722c052d24dcffa9688df09bcf8dc767bd0b6
Signed-off-by: Alex Thiessen <alex.thiessen.de+coreboot@gmail.com>
Reviewed-on: https://review.coreboot.org/23059
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Nico Huber <nico.h@gmx.de>
On debian systems, /bin/sh is `dash` which has built-in `echo` always
interpreting escape sequences such as '\n'. The pre-commit hook uses
the built-in for piping diff to checkpatch, interpreting the diff's
escape sequences in the process and leading to false negatives
and preventing commits despite conformance.
Use `printf` instead of `echo` when handling diff content. The bug was
introduced in commit ef869305 (util/gitconfig: update pre-commit
script).
Change-Id: I37edfe7b32721cb63d99299563cb11f26082c9a9
Signed-off-by: Alex Thiessen <alex.thiessen.de+coreboot@gmail.com>
Reviewed-on: https://review.coreboot.org/23070
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Falling through is intended here, so add a comment that GCC will notice
and stop warning about this.
Change-Id: I12637b6bc18844a3bc47f06208df7fee7a4feb3b
Found-by: gcc-7 (Debian 7-20170316-1) 7.0.1 20170316 (experimental) [trunk revision 246203]
Signed-off-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-on: https://review.coreboot.org/18906
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Omar Pakker
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
The initial lookup for cbfs location for xip stages is implicitly
using the ELF size assuming it's relatively equivalent. However,
if the ELF that is being converted contains debug information or
other metadata then the location lookup can fail because the ELF is
considerably bigger than the real footprint.
BUG=b:70801221
Change-Id: I47024dcd8205a09885d3a3f76e255eb5e3c55d9e
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/22936
Reviewed-by: Furquan Shaikh <furquan@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
The gitconfig target has a few bashisms and would fail
silently on systems that use a POSIX standard sh (like Ubuntu dash).
Remove the code from the makefile and put it in a bash script that
is called by the gitconfig target.
Change-Id: I3bc8cf688a3ad211b57c8ca0e6b1e86c82dc6a37
Signed-off-by: Marc Jones <marcj303@gmail.com>
Reviewed-on: https://review.coreboot.org/22857
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
The code flow is changed slightly to print the timestamp frequency from
either method of determining it.
BUG=b:70432544
TEST=Build and test cbmem -t -V
Change-Id: I02286fa67919e70a3592cdbcc1c9ca2991b7f385
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/22821
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
The default implementation uses inb/outb, that is not available on ARM
platforms and others. A dummy implementation allows building nvramtool
on these platforms.
Change-Id: I75e4a1a0cbd35ca40f7b108658686839ccf9784a
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Reviewed-on: https://review.coreboot.org/22562
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
This patch adds '-p' to the 'add' command. It allows the add
command to specify the size of the padding added with the file
being added. This is useful to reserve an extra space in case
the file is too big to be relocated.
BUG=b:68660966
BRANCH=none
TEST=emerge-fizz coreboot &&
cbfstool image.bin add -n ecrw -f EC_RW.bin -p 0x10 ...
Verify image.bin has extra space in the file header.
Change-Id: I64bc54fd10a453b4da467bc69d9590e61b0f7ead
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://review.coreboot.org/22239
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Forgot the /bin/ part of the executable paths
Change-Id: I87d63ec18338e376787d02bb771471e746a17b62
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/22640
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Add a CBSDK tool set template that can be used in edk2 simply by
appending $prefix/share/edk2config/tools_def.txt to Conf/tools_def.txt.
After that, build -t CBSDK uses the coreboot compilers, providing a more
predictable compiler choice.
Change-Id: I76b38c928b831ee6f31450aa0ad59b4f906f394d
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/22570
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
With this implementation it's possible to detect the state
of bootguard in intel based systems. Currently it's WIP and
in a testphase. Handle it with care!
Changes done:
* Add support for reading msr
* Read ME firmware version
* Print bootguard state for ME > 9.1
* Make argument -s legacy
* Add argument -b for bootguard (and ME) dumping
* Add argument -m for ME dumping
* Opt out early if CPU is non Intel
Change-Id: Ifeec8e20fa8efc35d7db4c6a84be1f118dccfc4a
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Signed-off-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-on: https://review.coreboot.org/16328
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Clean the code to fix all errors and warnings.
No functional change.
Changes:
* Fix lines over 80chars
* Fix typos
* Restructure code to reduce indent level
* Move RCBA handling into own files
* Introduce helper functions for RCBA access
* Move GPL string into header
* Fix whitespace in macros
Change-Id: Ib8e3617ebb34c47959d6619dfbc7189045e6b8f7
Signed-off-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-on: https://review.coreboot.org/22521
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Both registers behave the same as on the previous generation
Taken from
* 6th Generation Intel Processor Families for S-Platform
Volume 2 of 2
* Page 55 and 62
* 332688-003EN
Change-Id: Id02a38a7ab51003c9d0f16ebb2300a16b66a15f9
Signed-off-by: Maximilian Schander <coreboot@mimoja.de>
Reviewed-on: https://review.coreboot.org/22350
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Rizwan Qureshi <rizwan.qureshi@intel.com>
Reviewed-by: Nico Huber <nico.h@gmx.de>
Register definitions were taken from
* 6th Generation Intel Processor Families for S-Platform Volume 2 of 2
* Page 117
* 332688-003EN
As well as
* 6th Generation Intel Processor Families for H-Platform Volume 2 of 2
* Page 117
* 332987-002EN
Tested on a 6th gen skylake mobile cpu and capability registers do match up
with the default values.
Change-Id: I636f6c3d045e297f1439d3e88e43f41e03db4c8e
Signed-off-by: Maximilian Schander <coreboot@mimoja.de>
Reviewed-on: https://review.coreboot.org/22345
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
The warning is printed using Printf syntax but actually Println is used
resulting in printing the format string first and the arguments second:
"%s. (%s) Default:%s WARNING: [...]"
Change-Id: I411fc47832dd7a82752f233c4909b98190340ccb
Signed-off-by: Maximilian Schander <coreboot@mimoja.de>
Reviewed-on: https://review.coreboot.org/22352
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
- Fix initial tool check.
- Admit that the script is coreboot specfic. Remove coreboot check.
- Fix some whitespace issues.
- Get rid of pushd/popd.
- Add keywords for section logging.
- Move code for getting SLOC into a subroutine.
- Find submodules to get patch count instead of having them hardcoded.
- Update specific change areas for 4.7 release
Change-Id: I115659a75604c24780c09605d7643e83e481f6a1
Signed-off-by: Martin Roth <gaumless@gmail.com>
Reviewed-on: https://review.coreboot.org/22343
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
When autoport is run on a system without supported southbridge
it won't populate the coresponding data structure. By sanitiy
checking after PCI detection autoport can exit cleanly and
provide a sufficient error message.
Error was:
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x30 pc=0x4be595]
goroutine 1 [running]:
main.FIXMEEC(0xc42014af80, 0x14, 0xc42014afe0, 0x1a, 0xc4200a914f,
0x4, 0xc4200a916f, 0xf, 0xc420149e60, 0x28, ...)
/coreboot/util/autoport/ec_fixme.go:14 +0x105
Change-Id: I6b0fcda76d33b0d3a0379c279f492160ce5add84
Signed-off-by: Maximilian Schander <maxschander@googlemail.com>
Reviewed-on: https://review.coreboot.org/22203
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
In some cases users may want to build just one toolchain not all. This
patch introduces COREBOOT_CROSSGCC_PARAM, which by default is set to
all_without_gdb so previous behavior is not changed. Users can pass
different parameter eg. COREBOOT_CROSSGCC_PARAM=build-x64 to build just
x64 SDK.
Change-Id: I858ba09644b5b86a4b0e828e4f342aee5083be93
Signed-off-by: Piotr Król <piotr.krol@3mdeb.com>
Reviewed-on: https://review.coreboot.org/22276
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
In general more ME capabilities are considered harmfull, useless or
unwanted. Therefore an easy overview can be obtained by coloring in red
and green.
Taken from Change with id:
Ifeec8e20fa8efc35d7db4c6a84be1f118dccfc4a
Add bootguard information dump support
https://review.coreboot.org/#/c/16328/
Change-Id: Ia911cc935d512174399aaf93bba982e071942212
Signed-off-by: Maximilian Schander <maxschander@googlemail.com>
Reviewed-on: https://review.coreboot.org/22217
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Refining some of the code indentations and cosmetics to
build upon and import some in-review changes.
Change-Id: I0038a146bd899f150518c4832258a42792abaabb
Signed-off-by: Maximilian Schander <maxschander@googlemail.com>
Reviewed-on: https://review.coreboot.org/22216
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Users can do it if they need it, but we shouldn't force it on them.
Change-Id: I08007d68a79c302d8f3ca4ed0837ee96d8d3eb1e
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/22213
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
This patch adds a column to the print command to show the compression
algorithm used for the file.
Name Offset Type Size Comp
fallback/romstage 0x0 stage 56236 none
ecrw 0xf2380 raw 62162 LZMA (131072 decompressed)
BUG=b:66956286
BRANCH=none
TEST=Run 'cbfstool image.bin print'
Change-Id: I4bbb60ab467adac4ae5486ddafec86ad9682a40e
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://review.coreboot.org/22196
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Using ifdtool to change layout on a 'ifd v2' file causes an error
about region type 5 not being valid.
The limit to check against is dynamic depending on ifd version, not
static.
Change-Id: Id4cdce4eac18fb0d171d1bdfa2044340bf93056a
Signed-off-by: Youness Alaoui <youness.alaoui@puri.sm>
Reviewed-on: https://review.coreboot.org/21962
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
The new test lets git check if $top is actually a git repo, instead of
just looking for clues.
BUG=chromium:776174
BRANCH=none
TEST=`mv .git .foo; mkdir .git; util/genbuild_h/genbuild_h.sh` provides
a valid build.h instead of failing because git is unhappy about the
.git directory.
Change-Id: I7fcc64d66e0b59fca1479b4c142fd0559aa984f4
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/22107
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Martin Roth <martinroth@google.com>
I noticed that the "last known good" field for the ThinkPad R400 pointed
nowhere. Instead of
https://www.coreboot.org/Supported_Motherboards#lenovo.2Ft400
it pointed to
https://www.coreboot.org/Supported_Motherboards#lenovo.2Fr400
which does not exist because if a board is marked as a "Clone of"
another one in board_info.txt, towiki uses the original board's reports
to derive the "last known good" date and color.
Change-Id: Ie235ca8e8691f49d041de7c5770eae77cdd444a7
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-on: https://review.coreboot.org/21906
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
bc is one of the standard posix utilities. I'm surprised that it's
not in the debian docker image by default.
Change-Id: I02f2d5296e7f87876b236af119965d1f4e6a0bc0
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/21889
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Also change the tarball from .tar.bz2 to .tar.xz.
Change-Id: I25134dbadf07a2f0cb356c8ac8f2c612a957d176
Signed-off-by: Iru Cai <mytbk920423@gmail.com>
Reviewed-on: https://review.coreboot.org/20806
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
> Could you make in a separate, independent change a update from the
> completely outdated LIBELF (from mr511.de/software/libelf ) to recent
> libelf? Those highly outdated libelf from this unmaintained mr511.de
> webpage should not be used any more since years. There are also a ton
> of security issues like for example: CVE-2017-7607, CVE-2017-7608, ...
> CVE-2017-7613. Recent version of this software is included in the
> elfutils that are available here: https://sourceware.org/elfutils/ ->
> download link:
> https://sourceware.org/elfutils/ftp/0.170/elfutils-0.170.tar.bz2
Remove the obsolete patch, which doesn’t apply anymore, and only
affected the build system, which is different now.
Increment the buildgcc version string as a tool version is changed.
TEST=Running `make crossgcc-i386` succeeds.
Change-Id: Iadd320a18c5d9fe2a82a347e39f01d8b7f8806c2
Signed-off-by: Paul Menzel <paulepanter@users.sourceforge.net>
Signed-off-by: Paul Menzel <pmenzel@molgen.mpg.de>
Reviewed-on: https://review.coreboot.org/21435
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
This patch address problem with Tianocore compilation in coreboot-sdk
container. Without it compilation fails asking for nasm installation.
Change-Id: I546f9d42b380799d1cd80a70f33be2a768745080
Signed-off-by: Piotr Król <piotr.krol@3mdeb.com>
Reviewed-on: https://review.coreboot.org/21924
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Martin Roth <martinroth@google.com>
buildgcc -B (--bootstrap-only) builds only a bootstrap compiler. That
useful if you want to package the cross compilers: first build the
bootstrap compiler, then all required cross compilers in a separate
directory (using the bootstrap compiler through an adjusted PATH).
Change-Id: I089b51d1b898d4cf530845ba51283997fd229451
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/21683
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
util/scripts/gerrit-rebase and cross-repo-cherrypick serve the same
purpose and we don't need two of everything.
Change-Id: I66a71033a8a29249d214db4c31a67f8a0725163c
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/21926
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martinroth@google.com>
It does the opposite to "expand", removing a trailing empty file from
CBFS. It also returns the size of the CBFS post processing on stdout.
BUG=b:65853903
BRANCH=none
TEST=`cbfstool test.bin truncate -r FW_MAIN_A` removes the trailing
empty file in FW_MAIN_A. Without a trailing empty file, the region is
left alone (tested using COREBOOT which comes with a master header
pointer).
Change-Id: I0c747090813898539f3428936afa9d8459adee9c
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://review.coreboot.org/21608
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Change http to https on many URLs and update llvm.org URLs in buildgcc.
The old URLs are deprecated and now switched to a http forwarder that
can be attacked by MITM attacks.
Change-Id: I68d4fe1a6236ed8540803e11cfc84e44a1d1ca35
Signed-off-by: Doug Gale <doug16k@gmail.com>
Reviewed-on: https://review.coreboot.org/21729
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-by: Martin Roth <martinroth@google.com>
The idea behind this not to enforce a license on autogenerated code
but is simply out of convenience in the case one wants to make the
result public (in which case it needs to have these license headers).
Change-Id: I1d6b48762b1249bb0becb178a30e1396bf6978fc
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/19510
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>
This generates better gpio.c files where structs are initialised as
static to be able to drop some entries since those would be
initialised as 0.
This makes these files less cluttered since only relevant things are
shown:
* GPIO direction, level, invert, blink depend on GPIO mode
* GPIO level is read only on input
* GPIO invert is only valid on input
* only show when GPIO are inverted, blinking, reset by RSMRST#
Change-Id: I83382d38a4a3b7ed11b8e7077cc5fbe154e261a7
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/19508
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-by: Nico Huber <nico.h@gmx.de>
The AMD firmware directory can go in a number of different locations.
This patch allows amdfwtool to write the directory correctly for those
different locations.
If the --location switch is not added to the command line, the default
location at ROM base address + 0x20000 is used as before.
BUG=b:65484600
TEST=Set PSP firmware location, compare amdfw.rom to previously built
version. Verify new location pointers.
Change-Id: Ief32e5e37d56088946b623d305c6e93bfd6abeaf
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/21865
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
This patch implements a relatively simple hash-based verification scheme
for downloaded files (tarballs):
After buildgcc downloads a file or notices that it has already been
downloaded, it hashes the file, and compares the hash against the known
hash stored in util/crossgcc/sum/$filename.cksum. Two errors can occur:
1. The hash file is missing. In this case, crossgcc asks the user to
verify the authenticity of the downloaded file. It also calculates
its hash and stores it in util/crossgcc/sum/$filename.cksum.calc.
If the file is authentic, the user may rename the calculated hash
file to $filename.cksum, so that it can be found the next time
buildgcc is started.
2. The known hash and the calculated hash differ. This is the case that
this patch seeks to protect against, because it may imply that the
downloaded file was unexpectedly changed, either in transit
(Man-in-the-Middle attack) or on the file server that it was
downloaded from. If buildgcc detects such a hash mismatch, it asks
the user to delete the downloaded file and retry, because it can also
be caused by a benign network error. If, however, the error persists,
buildgcc can't continue without risking that the user runs malicious
code, and it stops.
Note: The hash algorithm may be changed in the future, but for now I
left it at SHA-1, to avoid bloating this patch.
Change-Id: I0d5d67b34684d02011a845d00f6f5b6769f43b4f
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-on: https://review.coreboot.org/21592
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Julius made some suggestions to fix/improve commit 46300aa2.
Implement those.
BUG=b:66681446
Change-Id: I6becac9ffdcc65745e88734dfb80d12b581584a1
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://review.coreboot.org/21757
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>