diff options
| author | Claudio Carvalho <cclaudio@linux.vnet.ibm.com> | 2016-09-28 05:10:57 -0300 |
|---|---|---|
| committer | Stewart Smith <stewart@linux.vnet.ibm.com> | 2016-10-10 15:29:37 +1100 |
| commit | 1f198c909a39fe4d14071a4453af305ea91ab173 (patch) | |
| tree | a60b248a51bf00f6257f2f604c5b431af7c74e8d | |
| parent | 1a25de440d411d932f0aab33ab661ee3a1f45ac9 (diff) | |
| download | skiboot-1f198c909a39fe4d14071a4453af305ea91ab173.zip skiboot-1f198c909a39fe4d14071a4453af305ea91ab173.tar.gz skiboot-1f198c909a39fe4d14071a4453af305ea91ab173.tar.bz2 | |
core/flash.c: verify and measure resources
This changes core/flash.c to verify and measure the downloaded PNOR
resource before it is returned to the caller.
sb_verify() and tb_measure() do nothing if libstb is not initialized
in the platform.
Signed-off-by: Claudio Carvalho <cclaudio@linux.vnet.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
| -rw-r--r-- | core/flash.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/core/flash.c b/core/flash.c index 24c34cf..9b07aa3 100644 --- a/core/flash.c +++ b/core/flash.c @@ -24,6 +24,7 @@ #include <libflash/libffs.h> #include <libflash/blocklevel.h> #include <libflash/ecc.h> +#include <libstb/stb.h> struct flash { struct list_node list; @@ -610,6 +611,13 @@ static int flash_load_resource(enum resource_id id, uint32_t subid, *len = size; status = true; + /* + * Verify and measure the retrieved PNOR partition as part of the + * secure boot and trusted boot requirements + */ + sb_verify(id, subid, buf, *len); + tb_measure(id, subid, buf, *len); + out_free_ffs: ffs_close(ffs); out_unlock: |