diff mbox

[31/40] core/flash.c: verify and measure resources

Message ID 1476089061-15197-32-git-send-email-stewart@linux.vnet.ibm.com
State Accepted
Headers show

Commit Message

Stewart Smith Oct. 10, 2016, 8:44 a.m. UTC 
From: Claudio Carvalho <cclaudio@linux.vnet.ibm.com>

This changes core/flash.c to verify and measure the downloaded PNOR
resource before it is returned to the caller.

sb_verify() and tb_measure() do nothing if libstb is not initialized
in the platform.

Signed-off-by: Claudio Carvalho <cclaudio@linux.vnet.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
---
 core/flash.c | 8 ++++++++
 1 file changed, 8 insertions(+)
diff mbox

Patch

diff --git a/core/flash.c b/core/flash.c
index 24c34cf..9b07aa3 100644
--- a/core/flash.c
+++ b/core/flash.c
@@ -24,6 +24,7 @@ 
 #include <libflash/libffs.h>
 #include <libflash/blocklevel.h>
 #include <libflash/ecc.h>
+#include <libstb/stb.h>
 
 struct flash {
 	struct list_node	list;
@@ -610,6 +611,13 @@  static int flash_load_resource(enum resource_id id, uint32_t subid,
 	*len = size;
 	status = true;
 
+	/*
+	 * Verify and measure the retrieved PNOR partition as part of the
+	 * secure boot and trusted boot requirements
+	 */
+	sb_verify(id, subid, buf, *len);
+	tb_measure(id, subid, buf, *len);
+
 out_free_ffs:
 	ffs_close(ffs);
 out_unlock: