[coreboot] coreboot V2 with crypto library

René Reuter reuter.rene at googlemail.com
Tue Jul 28 13:55:38 CEST 2009 

Sorry didn't used the svn diff tool:

Index: src/mainboard/emulation/qemu-x86/Options.lb
===================================================================
--- src/mainboard/emulation/qemu-x86/Options.lb    (Revision 4200)
+++ src/mainboard/emulation/qemu-x86/Options.lb    (Arbeitskopie)
@@ -37,6 +37,7 @@
 uses OBJCOPY
 uses CONFIG_PCI_ROM_RUN
 uses CONFIG_PCI_OPTION_ROM_RUN_VM86
+uses CONFIG_GDB_STUB

 uses CONFIG_CONSOLE_SERIAL8250
 uses USE_DCACHE_RAM
@@ -51,7 +52,6 @@
 default DEFAULT_CONSOLE_LOGLEVEL=8
 default MAXIMUM_CONSOLE_LOGLEVEL=8
 default CONFIG_CBFS=0
-
 ## ROM_SIZE is the size of boot ROM that this board will use.
 default ROM_SIZE  = 256*1024

@@ -124,5 +124,5 @@
 ##
 default CC="$(CROSS_COMPILE)gcc -m32"
 default HOSTCC="gcc"
-
+default CONFIG_GDB_STUB=1
 end
Index: src/boot/elfboot.c
===================================================================
--- src/boot/elfboot.c    (Revision 4200)
+++ src/boot/elfboot.c    (Arbeitskopie)
@@ -27,6 +27,8 @@
 #include <stdint.h>
 #include <stdlib.h>
 #include <string.h>
+#include <openssl/sha.h>
+#include <openssl/evp.h>

 /* Maximum physical address we can use for the coreboot bounce buffer.
  */
@@ -34,9 +36,14 @@
 #define MAX_ADDR -1UL
 #endif

+#define SHA256_DIGEST_LENGTH    32
+
 extern unsigned char _ram_seg;
 extern unsigned char _eram_seg;

+static void measure_elf(unsigned char *header, size_t length);
+static int measure_and_extend(unsigned char hash);
+
 struct segment {
     struct segment *next;
     struct segment *prev;
@@ -61,6 +68,30 @@
     unsigned short ip_checksum;
 };

+static void measure_elf(unsigned char *header, size_t length) {
+        unsigned char md[SHA256_DIGEST_LENGTH];
+
+        EVP_Digest(header,length,md,NULL,EVP_sha256(),NULL);
+         //   if (memcmp(md,header,sizeof(header)))
+         //   {   fflush(stdout);
+         //       fprintf(stderr,"\nMemcpy failed.\n");
+         //       return 1;
+         //   }
+        // unsigned char hash = fflush(stdout);
+
+         //write_log_entry_in_tcpa(hash); // Write hash to the acpi table
+
+         measure_and_extend(md); //Write hash to the tpm
+         return 1;
+}
+
+/*
+ * Dummy function for tpm capability
+ */
+static int measure_and_extend(unsigned char hash) {
+        return 1;
+}
+
 int verify_ip_checksum(
     struct verify_callback *vcb,
     Elf_ehdr *ehdr, Elf_phdr *phdr, struct segment *head)
@@ -500,6 +531,7 @@
                 len = ptr->s_filesz;
             }
             memcpy(dest, &header[start_offset], len);
+                        measure_elf(&header[start_offset], len); //Pass the
elf code to the measurement function
             dest += len;
         }

Index: src/config/Config.lb
===================================================================
--- src/config/Config.lb    (Revision 4200)
+++ src/config/Config.lb    (Arbeitskopie)
@@ -10,7 +10,7 @@
 makedefine GCC_INC_DIR := $(shell LC_ALL=C $(GCC) -print-search-dirs | sed
-ne "s/install: \(.*\)/\1include/gp")

 makedefine CPPFLAGS := -I$(TOP)/src/include
-I$(TOP)/src/arch/$(ARCH)/include -I$(GCC_INC_DIR) $(CPUFLAGS)
-makedefine CFLAGS := $(CPU_OPT) $(DISTRO_CFLAGS) $(CPPFLAGS) -Os -nostdinc
-nostdlib -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs
-Werror-implicit-function-declaration -Wstrict-aliasing -Wshadow -fno-common
-ffreestanding -fno-builtin -fomit-frame-pointer
+makedefine CFLAGS := $(CPU_OPT) $(DISTRO_CFLAGS) $(CPPFLAGS) -O2 -g
-nostdinc -nostdlib -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs
-Werror-implicit-function-declaration -Wstrict-aliasing -Wshadow -fno-common
-ffreestanding -fno-builtin -fomit-frame-pointer

 if ASSEMBLER_DEBUG
 makedefine DEBUG_CFLAGS := -g -dA -fverbose-asm
Index: src/arch/i386/boot/boot.c
===================================================================
--- src/arch/i386/boot/boot.c    (Revision 4200)
+++ src/arch/i386/boot/boot.c    (Arbeitskopie)
@@ -84,13 +84,13 @@
     adjusted_boot_notes = (unsigned long)&elf_boot_notes;
     adjusted_boot_notes += adjust;

-    printk_spew("entry    = 0x%08lx\n", (unsigned long)entry);
-    printk_spew("lb_start = 0x%08lx\n", lb_start);
-    printk_spew("lb_size  = 0x%08lx\n", lb_size);
-    printk_spew("adjust   = 0x%08lx\n", adjust);
-    printk_spew("buffer   = 0x%08lx\n", buffer);
-    printk_spew("     elf_boot_notes = 0x%08lx\n", (unsigned
long)&elf_boot_notes);
-    printk_spew("adjusted_boot_notes = 0x%08lx\n", adjusted_boot_notes);
+    printk_debug("entry    = 0x%08lx\n", (unsigned long)entry);
+    printk_debug("lb_start = 0x%08lx\n", lb_start);
+    printk_debug("lb_size  = 0x%08lx\n", lb_size);
+    printk_debug("adjust   = 0x%08lx\n", adjust);
+    printk_debug("buffer   = 0x%08lx\n", buffer);
+    printk_debug("     elf_boot_notes = 0x%08lx\n", (unsigned
long)&elf_boot_notes);
+    printk_debug("adjusted_boot_notes = 0x%08lx\n", adjusted_boot_notes);

     /* Jump to kernel */
     __asm__ __volatile__(
Index: src/arch/i386/include/stddef.h
===================================================================
--- src/arch/i386/include/stddef.h    (Revision 4200)
+++ src/arch/i386/include/stddef.h    (Arbeitskopie)
@@ -3,8 +3,10 @@

 typedef long ptrdiff_t;
 typedef unsigned long size_t;
-typedef long ssize_t;

+// hacked
+//typedef long ssize_t;
+
 typedef int wchar_t;
 typedef unsigned int wint_t;



Regards,

René
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.coreboot.org/pipermail/coreboot/attachments/20090728/7aee3916/attachment.html>

More information about the coreboot mailing list