coreboot-kgpe-d16/util/crossgcc
Jonathan Neuschäfer 92d483a892 buildgcc: Implement simple tarball hash verification
This patch implements a relatively simple hash-based verification scheme
for downloaded files (tarballs):

After buildgcc downloads a file or notices that it has already been
downloaded, it hashes the file, and compares the hash against the known
hash stored in util/crossgcc/sum/$filename.cksum. Two errors can occur:

1. The hash file is missing. In this case, crossgcc asks the user to
   verify the authenticity of the downloaded file. It also calculates
   its hash and stores it in util/crossgcc/sum/$filename.cksum.calc.
   If the file is authentic, the user may rename the calculated hash
   file to $filename.cksum, so that it can be found the next time
   buildgcc is started.

2. The known hash and the calculated hash differ. This is the case that
   this patch seeks to protect against, because it may imply that the
   downloaded file was unexpectedly changed, either in transit
   (Man-in-the-Middle attack) or on the file server that it was
   downloaded from. If buildgcc detects such a hash mismatch, it asks
   the user to delete the downloaded file and retry, because it can also
   be caused by a benign network error. If, however, the error persists,
   buildgcc can't continue without risking that the user runs malicious
   code, and it stops.

Note: The hash algorithm may be changed in the future, but for now I
left it at SHA-1, to avoid bloating this patch.

Change-Id: I0d5d67b34684d02011a845d00f6f5b6769f43b4f
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-on: https://review.coreboot.org/21592
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2017-10-04 02:43:02 +00:00
..
patches buildgcc: Integrate nds32 update from Andes Technology 2017-09-01 12:32:36 +00:00
sum buildgcc: Update to gdb 8.0 and expat 2.2.1 2017-08-07 21:47:17 +00:00
Dockerfile crossgcc/Dockerfile: Add gnat to build the Ada toolchain 2017-03-23 18:55:18 +01:00
Makefile crossgcc: Switch POWER8 to big endian mode 2016-03-24 18:32:23 +01:00
Makefile.inc util/crossgcc: update jenkins-build-toolchain 2017-01-04 22:18:55 +01:00
README Remove empty lines at end of file 2015-06-08 00:55:07 +02:00
buildgcc buildgcc: Implement simple tarball hash verification 2017-10-04 02:43:02 +00:00
getopt.c Add the BSD-licensed getopt tool to crossgcc, to use 2010-01-29 17:40:52 +00:00

README

README
------

This is a cross toolchain builder for -elf toolchains (ie. no libc support)

known working:
  i386-elf
  x86_64-elf
  powerpc-elf
  mipsel-elf
  arm-elf
  armv7a-eabi
  aarch64-elf

known broken:
  alpha-elf
  powerpc64-elf