libstb: add secure and trusted boot interface

stb.c implements the libstb API, which is an API for secure and trusted boot:

- stb_init(): read secure mode and trusted mode from device tree and
  load drivers accordingly

- tb_measure(): measure a resource downloaded from PNOR if trusted mode
  is on. That is, an EV_ACTION event is recorded in the event log for
  the mapped PCR and the sha1 and sha256 measurements are extended in
  the mapped PCR.

- sb_verify(): verify the integrity and authenticity of a resource
  downloaded from PNOR if secure mode is on. The boot process is aborted
  if the verification fails.

- stb_final(): this is called to add marks to TPM and event log before
  handover to petitboot kernel. Basically, it records an EV_SEPARATOR
  event in the event log for PCR[0-7], extends the sha1 and sha256
  digests of 0xFFFFFFFF in PCR[0-7], and deallocates the memory allocated
  for secure and trusted boot.

For more information please refer to 'doc/stb.rst'.

Signed-off-by: Claudio Carvalho <cclaudio@linux.vnet.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>

1 files changed, 1 insertions, 1 deletions

diff --git a/libstb/Makefile.inc b/libstb/Makefile.inc
index cb6c30e..337b9e4 100644
--- a/libstb/Makefile.inc
+++ b/libstb/Makefile.inc
@@ -4,7 +4,7 @@ LIBSTB_DIR = libstb
 
 SUBDIRS += $(LIBSTB_DIR)
 
-LIBSTB_SRCS = container.c rom.c tpm_chip.c
+LIBSTB_SRCS = container.c rom.c tpm_chip.c stb.c
 LIBSTB_OBJS = $(LIBSTB_SRCS:%.c=%.o)
 LIBSTB = $(LIBSTB_DIR)/built-in.o