Fix review comments for Hash Store updates

Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
2019-12-06 13:50:01 -07:00 · 2019-12-06 13:50:01 -07:00 · 1d50d7c888
parent 53f088f9d5
commit 1d50d7c888
7 changed files with 87 additions and 56 deletions
--- a/BootloaderCommonPkg/Include/Guid/KeyHashGuid.h
+++ b/BootloaderCommonPkg/Include/Guid/KeyHashGuid.h
@ -0,0 +1,82 @@
+/** @file
+  This file defines the hob structure used for paylod.
+
+  Copyright (c) 2017-2019, Intel Corporation. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef __PAYLOAD_KEY_HASH_GUID_H__
+#define __PAYLOAD_KEY_HASH_GUID_H__
+
+///
+/// The pre-process public key GUID used for payload to verify image.
+///
+extern EFI_GUID gPayloadKeyHashGuid;
+
+#define  COMP_TYPE_STAGE_1B            0
+#define  COMP_TYPE_STAGE_2             1
+#define  COMP_TYPE_PAYLOAD             2
+#define  COMP_TYPE_FIRMWARE_UPDATE     3
+#define  COMP_TYPE_PUBKEY_CFG_DATA     4
+#define  COMP_TYPE_PUBKEY_FWU          5
+#define  COMP_TYPE_PUBKEY_OS           6
+#define  COMP_TYPE_PAYLOAD_DYNAMIC     7
+#define  COMP_TYPE_INVALID             8
+
+
+//
+// Hash Table Definition for Component and Public key usage
+//
+
+typedef UINT32 HASH_COMP_USAGE;
+
+#define HASH_USAGE_STAGE_1B              BIT0
+#define HASH_USAGE_STAGE_2               BIT1
+#define HASH_USAGE_PAYLOAD               BIT2
+#define HASH_USAGE_FIRMWARE_UPDATE       BIT3
+#define HASH_USAGE_PUBKEY_CFG_DATA       BIT4
+#define HASH_USAGE_PUBKEY_FWU            BIT5
+#define HASH_USAGE_PUBKEY_OS             BIT6
+
+
+#pragma pack(1)
+typedef struct {
+  //
+  // Usage corresponds to components bit mask for hash is valid
+  //
+  HASH_COMP_USAGE    Usage;
+  //
+  // Hash algorithm used for digest
+  //
+  UINT8              HashAlg;
+  UINT8              Reserved;
+  //
+  // Digest Length
+  //
+  UINT16             DigestLen;
+  //
+  // Hash of the component
+  //
+  UINT8              Digest[0];
+} HASH_STORE_DATA;
+
+typedef struct {
+  UINT32             Signature;
+  UINT8              Revision;
+  UINT8              Reserved[3];
+  //
+  // Total valid  hash store data including the header
+  //
+  UINT32             UsedLength;
+  //
+  // The total space for hash store data allocated
+  //
+  UINT32             TotalLength;
+  //
+  // Hash store data chain with type HASH_STORE_DATA
+  //
+  UINT8              Data[0];
+} HASH_STORE_TABLE;
+#pragma pack()
+#endif
--- a/BootloaderCommonPkg/Include/Guid/PayloadKeyHashGuid.h
+++ b/BootloaderCommonPkg/Include/Guid/PayloadKeyHashGuid.h
@ -1,36 +0,0 @@
-/** @file
-  This file defines the hob structure used for paylod.
-
-  Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
-  SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#ifndef __PAYLOAD_KEY_HASH_GUID_H__
-#define __PAYLOAD_KEY_HASH_GUID_H__
-
-///
-/// The pre-process public key GUID used for payload to verify image.
-///
-extern EFI_GUID gPayloadKeyHashGuid;
-
-
-#pragma pack(1)
-typedef struct {
-  UINT32           Usage;
-  UINT8            HashAlg;
-  UINT8            Reserved;
-  UINT16           DigestLen;
-  UINT8            Digest[0];
-} HASH_STORE_DATA;
-
-typedef struct {
-  UINT32             Signature;
-  UINT8              Revision;
-  UINT8              Reserved[3];
-  UINT32             UsedLength;
-  UINT32             TotalLength;
-  UINT8              Data[0];
-} HASH_STORE_TABLE;
-#pragma pack()
-#endif
--- a/BootloaderCommonPkg/Include/Library/SecureBootLib.h
+++ b/BootloaderCommonPkg/Include/Library/SecureBootLib.h
@ -8,18 +8,11 @@
 #ifndef __VERIFIED_BOOT_LIB_H__
 #define __VERIFIED_BOOT_LIB_H__

+#include <Guid/KeyHashGuid.h>
+
 #define  SIG_TYPE_RSA2048_SHA256       0
 #define  SIG_TYPE_RSA3072_SHA384       1

-#define  COMP_TYPE_STAGE_1B            0
-#define  COMP_TYPE_STAGE_2             1
-#define  COMP_TYPE_PAYLOAD             2
-#define  COMP_TYPE_FIRMWARE_UPDATE     3
-#define  COMP_TYPE_PUBKEY_CFG_DATA     4
-#define  COMP_TYPE_PUBKEY_FWU          5
-#define  COMP_TYPE_PUBKEY_OS           6
-#define  COMP_TYPE_PAYLOAD_DYNAMIC     7
-#define  COMP_TYPE_INVALID             8

 /**
  Verify data block hash with the built-in one.
--- a/BootloaderCorePkg/Include/HashStore.h
+++ b/BootloaderCorePkg/Include/HashStore.h
@ -8,7 +8,7 @@
 #ifndef __HASH_STORE_H__
 #define __HASH_STORE_H__

-#include <Guid/PayloadKeyHashGuid.h>
+#include <Guid/KeyHashGuid.h>

 #define  HASH_STORE_SIGNATURE                SIGNATURE_32('_', 'H', 'S', '_')

--- a/BootloaderCorePkg/Stage2/Stage2.h
+++ b/BootloaderCorePkg/Stage2/Stage2.h
@ -43,7 +43,7 @@
 #include <Guid/LoaderPlatformInfoGuid.h>
 #include <Guid/LoaderPlatformDataGuid.h>
 #include <Guid/SeedInfoHobGuid.h>
-#include <Guid/PayloadKeyHashGuid.h>
+#include <Guid/KeyHashGuid.h>
 #include <Guid/LoaderLibraryDataGuid.h>
 #include <Guid/GraphicsInfoHob.h>
 #include <Guid/SmmInformationGuid.h>
--- a/BootloaderCorePkg/Tools/CommonUtility.py
+++ b/BootloaderCorePkg/Tools/CommonUtility.py
@ -43,14 +43,6 @@ HASH_TYPE_VALUE = {
            "SM3_256"     : 4,
    }

-# Sign values defined should match with cryptolib.h
-SIGN_TYPE_VALUE = {
-# {   Sign_string:        Sign_Value}
-            "RSA2048"     : 1,
-            "RSA3072 "    : 2,
-            "SM2     "    : 3,
-    }
-
 AUTH_TYPE_HASH_VALUE = {
 # {   Auth_type:        Hash_type}
            "SHA2_256"       : 1,
--- a/PayloadPkg/Library/PayloadLib/PayloadLib.c
+++ b/PayloadPkg/Library/PayloadLib/PayloadLib.c
@ -13,7 +13,7 @@
 #include <Library/HobLib.h>
 #include <Library/PayloadLib.h>
 #include <Library/DebugLogBufferLib.h>
-#include <Guid/PayloadKeyHashGuid.h>
+#include <Guid/KeyHashGuid.h>
 #include <Guid/FlashMapInfoGuid.h>
 #include <Guid/LoaderPlatformInfoGuid.h>