1 /* SPDX-License-Identifier: GPL-2.0-only */ 2 3 #ifndef VBOOT_CHECK_H 4 #define VBOOT_CHECK_H 5 6 #include <cbfs.h> 7 #include <device/device.h> 8 #include <device/pci.h> 9 #include <lib.h> 10 #include CONFIG_VENDORCODE_ELTAN_VBOOT_MANIFEST 11 #include <console/console.h> 12 #include <vb2_sha.h> 13 #include <string.h> 14 #include <program_loading.h> 15 #include <mboot.h> 16 17 #define VERIFIED_BOOT_COPY_BLOCK 0x80000000 18 /* These method verifies the SHA256 hash over the 'named' CBFS component. 19 * 'type' denotes the type of CBFS component i.e. stage, payload or fsp. 20 */ 21 void verified_boot_bootblock_check(void); 22 void verified_boot_early_check(void); 23 24 int verified_boot_check_manifest(void); 25 26 void verified_boot_check_cbfsfile(const char *name, uint32_t type, 27 uint32_t hash_index, void **buffer, uint32_t *filesize, int32_t pcr); 28 29 typedef enum { 30 VERIFY_TERMINATOR = 0, 31 VERIFY_FILE, 32 VERIFY_BLOCK, 33 VERIFY_OPROM 34 35 } verify_type; 36 37 typedef struct { 38 verify_type type; 39 const char *name; 40 union { 41 struct { 42 const void *related_items; 43 uint32_t cbfs_type; 44 } file; 45 struct { 46 const void *start; 47 uint32_t size; 48 } block; 49 struct { 50 const void *related_items; 51 uint32_t viddev; 52 } oprom; 53 } data; 54 uint32_t hash_index; 55 int32_t pcr; 56 } verify_item_t; 57 58 void process_verify_list(const verify_item_t list[]); 59 60 extern const verify_item_t bootblock_verify_list[]; 61 extern const verify_item_t romstage_verify_list[]; 62 extern const verify_item_t postcar_verify_list[]; 63 extern const verify_item_t ramstage_verify_list[]; 64 extern const verify_item_t payload_verify_list[]; 65 extern const verify_item_t oprom_verify_list[]; 66 67 #endif //VBOOT_CHECK_H 68