coreboot-kgpe-d16/util
Julius Werner fdabf3fcd7 cbfs: Add verification for RO CBFS metadata hash
This patch adds the first stage of the new CONFIG_CBFS_VERIFICATION
feature. It's not useful to end-users in this stage so it cannot be
selected in menuconfig (and should not be used other than for
development) yet. With this patch coreboot can verify the metadata hash
of the RO CBFS when it starts booting, but it does not verify individual
files yet. Likewise, verifying RW CBFSes with vboot is not yet
supported.

Verification is bootstrapped from a "metadata hash anchor" structure
that is embedded in the bootblock code and marked by a unique magic
number.  This anchor contains both the CBFS metadata hash and a separate
hash for the FMAP which is required to find the primary CBFS. Both are
verified on first use in the bootblock (and halt the system on failure).

The CONFIG_TOCTOU_SAFETY option is also added for illustrative purposes
to show some paths that need to be different when full protection
against TOCTOU (time-of-check vs. time-of-use) attacks is desired. For
normal verification it is sufficient to check the FMAP and the CBFS
metadata hash only once in the bootblock -- for TOCTOU verification we
do the same, but we need to be extra careful that we do not re-read the
FMAP or any CBFS metadata in later stages. This is mostly achieved by
depending on the CBFS metadata cache and FMAP cache features, but we
allow for one edge case in case the RW CBFS metadata cache overflows
(which may happen during an RW update and could otherwise no longer be
fixed because mcache size is defined by RO code). This code is added to
demonstrate design intent but won't really matter until RW CBFS
verification can be supported.

Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I8930434de55eb938b042fdada9aa90218c0b5a34
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41120
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2020-12-03 00:11:08 +00:00
..
abuild util/abuild/abuild: Do not check out submodules 2020-10-19 07:07:31 +00:00
acpi util/: Replace GPLv2 boiler plate with SPDX header 2020-05-09 21:22:08 +00:00
amdfwtool util/amdfwtool: add missing zero-initialization for local variable 2020-11-21 19:40:33 +00:00
amdtools
apcb util/apcb_edit: fix handling of binary SPD files 2020-09-08 05:44:28 +00:00
archive .gitignore: Ignore .test/.dependencies globally 2020-10-31 18:21:36 +00:00
autoport .gitignore: Ignore .test/.dependencies globally 2020-10-31 18:21:36 +00:00
bincfg .gitignore: Ignore .test/.dependencies globally 2020-10-31 18:21:36 +00:00
board_status .gitignore: Split into subdirectory files 2020-10-30 07:05:27 +00:00
bucts .gitignore: Ignore .test/.dependencies globally 2020-10-31 18:21:36 +00:00
cavium util: Use SPDX headers 2020-05-11 19:38:40 +00:00
cbfstool cbfs: Add verification for RO CBFS metadata hash 2020-12-03 00:11:08 +00:00
cbmem .gitignore: Ignore .test/.dependencies globally 2020-10-31 18:21:36 +00:00
chromeos treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
crossgcc util/crossgcc: ensure curl writes downloaded bytes to a file 2020-11-25 16:03:30 +00:00
docker util/docker/Makefile: Add missing separator 2020-11-30 08:05:29 +00:00
dtd_parser util/: Replace GPLv2 boiler plate with SPDX header 2020-05-09 21:22:08 +00:00
ectool .gitignore: Ignore .test/.dependencies globally 2020-10-31 18:21:36 +00:00
exynos util/exynos: Port *_cksum.py to python3 2020-09-18 08:00:39 +00:00
find_usbdebug util/: Replace GPLv2 boiler plate with SPDX header 2020-05-09 21:22:08 +00:00
futility util/futility: Don't refresh the binary all the time 2020-11-11 19:45:47 +00:00
fuzz-tests treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
genbuild_h treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
gitconfig treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
ifdtool util/ifdtool: Enable CPU read of the ME region 2020-11-02 10:39:27 +00:00
intelmetool .gitignore: Ignore .test/.dependencies globally 2020-10-31 18:21:36 +00:00
intelp2m util/intelp2m: Clean up SCI, SMI macro generation and update comments 2020-11-16 11:08:27 +00:00
inteltool inteltool: Add support to print TME/MKTME status 2020-11-30 08:01:38 +00:00
intelvbttool .gitignore: Ignore .test/.dependencies globally 2020-10-31 18:21:36 +00:00
ipqheader sdm845: Combine BB with QC-Sec for ROM boot 2019-05-03 21:59:05 +00:00
kbc1126 .gitignore: Ignore .test/.dependencies globally 2020-10-31 18:21:36 +00:00
kconfig treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
lint util/lint: Capitalise lint descriptions 2020-10-14 09:19:58 +00:00
mainboard/google util/mb/google/puff: remove HECI from overridetree 2020-12-01 01:25:17 +00:00
marvell util/*: more typo fixes 2020-01-30 13:47:49 +00:00
me_cleaner util: Use SPDX headers 2020-05-11 19:38:40 +00:00
mma util: Use SPDX headers 2020-05-11 19:38:40 +00:00
msrtool .gitignore: Ignore .test/.dependencies globally 2020-10-31 18:21:36 +00:00
mtkheader util/mtkheader: Port gen-bl-img.py to python3 2020-09-18 08:00:22 +00:00
nvidia util/nvidia/cbootimage: Update to upstream master 2019-08-20 15:28:49 +00:00
nvramtool .gitignore: Ignore .test/.dependencies globally 2020-10-31 18:21:36 +00:00
pgtblgen util/pgtblgen: Improve compatibility 2020-11-30 21:51:05 +00:00
pmh7tool .gitignore: Ignore .test/.dependencies globally 2020-10-31 18:21:36 +00:00
post util/: Replace GPLv2 boiler plate with SPDX header 2020-05-09 21:22:08 +00:00
qemu util/qemu: Add comprehensive default config for QEMU Q35 2020-11-04 09:39:50 +00:00
qualcomm Delete soc/qualcomm/sdm845 2020-11-12 01:43:14 +00:00
release Add qc_blobs repository 2020-06-30 08:57:03 +00:00
riscv treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
rockchip util/rockchip: Port make_idb.py to python3 2020-09-18 13:30:05 +00:00
sconfig sconfig: Apply 'hidden' state from override tree 2020-11-20 00:26:11 +00:00
scripts cross-repo-cherrypick: Do not prepend "Original-" to "Cq-Depend:" 2020-08-31 06:33:56 +00:00
showdevicetree util/: Replace GPLv2 boiler plate with SPDX header 2020-05-09 21:22:08 +00:00
spd_tools lp4x: Add new memory parts and generate SPDs 2020-11-30 08:03:35 +00:00
spdtool util: Add SPDX header, replacing boiler plate where applicable 2020-05-11 17:11:59 +00:00
spkmodem_recv util: Add SPDX header, replacing boiler plate where applicable 2020-05-11 17:11:59 +00:00
superiotool .gitignore: Ignore .test/.dependencies globally 2020-10-31 18:21:36 +00:00
supermicro util/supermicro: Always include commonlib/bsd/compiler.h 2020-10-19 07:04:43 +00:00
testing util/testing: Allow what-jenkins-does to skip lint testing 2020-10-27 10:10:56 +00:00
uio_usbdebug util: Add SPDX header, replacing boiler plate where applicable 2020-05-11 17:11:59 +00:00
util_readme
vboot_list Documentation: Spell vboot all lowercase 2020-04-28 06:14:25 +00:00
vgabios .gitignore: Ignore .test/.dependencies globally 2020-10-31 18:21:36 +00:00
x86 treewide: Remove "this file is part of" lines 2020-05-11 17:11:40 +00:00
xcompile util/xcompile: Look for the host compiler in XGCCPATH, too (and first) 2020-07-08 08:53:41 +00:00
README.md util/rockchip: Port make_idb.py to python3 2020-09-18 13:30:05 +00:00

  • abuild - coreboot autobuild script builds coreboot images for all available targets. bash
  • acpi - Walk through all ACPI tables with their addresses. bash
  • amdfwtool - Create AMD Firmware combination C
  • amdtools - A set of tools to compare extended) K8 memory settings. Perl
  • archive - Concatenate files and create an archive C
  • autoport - Automated porting coreboot to Sandy Bridge/Ivy Bridge platforms Go
  • bincfg - Compiler/Decompiler for data blobs with specs Lex Yacc
  • board_status - Tools to collect logs and upload them to the board status repository Bash Go
  • bucts - A tool to manipulate the BUC.TS bit on Intel targets. C
  • cavium - Devicetree_convert Tool to convert a DTB to a static C file Python
  • cbfstool
    • cbfstool - For manipulating CBFS file C
    • fmaptool - Converts plaintext fmd files into fmap blobs C
    • rmodtool - Creates rmodules C
    • ifwitool - For manipulating IFWI C
  • cbmem - CBMEM parser to read e.g. timestamps and console log C
  • chromeos - These scripts can be used to access Chrome OS resources, for example to extract System Agent reference code and other blobs (e.g. mrc.bin, refcode, VGA option roms) from a Chrome OS recovery image. C
  • crossgcc - A cross toolchain builder for -elf toolchains (ie. no libc support)
  • docker - Dockerfiles for coreboot-sdk, coreboot-jenkins-node, coreboot.org-status and docs.coreboot.org
  • dtd_parser - DTD structure parser Python2
  • ectool - Dumps the RAM of a laptop's Embedded/Environmental Controller (EC). C
  • exynos - Computes and fills Exynos ROM checksum (for BL1 or BL2). Python3
  • find_usbdebug - Help find USB debug ports
  • futility - Firmware utility for signing ChromeOS images Make
  • fuzz-tests - Create test cases that crash the jpeg code. C
  • genbuild_h - Generate build system definitions Shell
  • genprof - Format function tracing logs Bash C
  • gitconfig - Initialize git repository submodules install git hooks Bash
  • ifdtool - Extract and dump Intel Firmware Descriptor information C
  • intelmetool - Dump interesting things about Management Engine even if hidden C
  • inteltool - Provides information about the Intel CPU/chipset hardware configuration (register contents, MSRs, etc). C
  • intelvbttool - Parse VBT from VGA BIOS C
  • ipqheader
    • createxbl.py - Concatentates XBL segments into one ELF image Python
    • ipqheader.py - Returns a packed MBN header image with the specified base and size Python
    • mbncat.py - Generate ipq8064 uber SBL Python
    • mbn_tools.py - Contains all MBN Utilities for image generation Python
  • kbc1126 - Tools used to dump the two blobs from the factory firmware of many HP laptops with 8051-based SMSC KBC1098/KBC1126 embedded controller and insert them to the firmware image. C
  • kconfig - Build system Make
  • lint - Source linter and linting rules Shell
  • marvell - Add U-Boot boot loader for Marvell ARMADA38X C
  • me_cleaner - Tool for partial deblobbing of Intel ME/TXE firmware images Python
  • mma - Memory Margin Analysis automation tests Bash
  • msrtool - Dumps chipset-specific MSR registers. C
  • mtkheader - Generate MediaTek bootload header. Python3
  • nvidia - nvidia blob parsers
  • nvramtool - Reads and writes coreboot parameters and displaying information from the coreboot table in CMOS/NVRAM. C
  • pgtblgen - Generates page tables based on fixed physical address. C
  • pmh7tool - Dumps, reads and writes PMH7 registers on Lenovo ThinkPads. PMH7 is used for switching on and off the power of some devices on the board such as dGPU. C
  • post - Userspace utility that can be used to test POST cards. C
  • qualcomm - CMM script to debug Qualcomm coreboot environments. CMM
  • release - Generate coreboot release Bash
  • riscv
    • make-spike-elf.sh - Converts a flat file into an ELF, that can be passed to SPIKE, the RISC-V reference emulator.Bash
    • sifive-gpt.py - Wraps the bootblock in a GPT partition for SiFive's bootrom. Python3
  • rockchip - Generate Rockchip idblock bootloader. Python3
  • sconfig - coreboot device tree compiler Lex Yacc
  • scripts
    • config - Manipulate options in a .config file from the command line Bash
    • cross-repo-cherrypick - Pull in patches from another tree from a gerrit repository. Shell
    • decode_spd.sh - Decodes Serial Presence Detect (SPD) files into various human readable formats.
    • dts-to-fmd.sh -Converts a depthcharge fmap.dts into an fmaptool compatible .fmd format Bash
    • find-unused-kconfig-symbols.sh - Points out Kconfig variables that may be unused. There are some false positives, but it serves as a starting point Shell
    • gerrit-rebase - Applies all commits that from-branch has over to-branch, based on a common ancestor and gerrit meta-data Bash
    • get_maintainer.pl - Print selected MAINTAINERS information for the files modified in a patch or for a file Perl
    • maintainers.go - Build subsystem Maintainers Go
    • no-fsf-addresses.sh - Removes various FSF addresses from license headers Shell
    • parse-maintainers.pl - Script to alphabetize MAINTAINERS file Perl
    • ucode_h_to_bin.sh - Microcode conversion tool Bash
    • update_submodules - Check all submodules for updates Bash
  • showdevicetree - Compile and dump the device tree C
  • spdtool - Dumps SPD ROMs from a given blob to separate files using known patterns and reserved bits. Useful for analysing firmware that holds SPDs on boards that have soldered down DRAM. python
  • spkmodem_recv - Decode spkmodem signals C
  • superiotool - A user-space utility to detect Super I/O of a mainboard and provide detailed information about the register contents of the Super I/O. C
  • smcbiosinfo - Generates SMC biosinfo for BMC BIOS updates C
  • testing - coreboot test targets Make
  • uio_usbdebug - Debug coreboot's usbdebug driver inside a running operating system (only Linux at this time). C
  • util_readme - Creates README.md of description files in ./util subdirectories Bash
  • vboot_list - Tools to generate a list of vboot enabled devices to the documentation Bash
  • vgabios - emulated vga driver for qemu C
  • x86 - Generates 32-bit PAE page tables based on a CSV input file. Go
  • xcompile - Cross compile setup Bash