Am 26.06.2011 03:47 schrieb Stefan Tauner: > On Sun, 26 Jun 2011 03:02:44 +0200 > Stefan Tauner <[email protected]> wrote: > > >> The MD5 hashes of the files and flash contents are computed and printed >> whenever a file >> or a whole flash device is read. This can be disabled by setting CONFIG_MD5 >> to no in the >> makefile. >> It uses a simple self-contained MD5 "library" with a permissive license in >> md5.[hc]. >>
I am not sure if the MD5 code is allowed to be linked against GPLv2 flashrom since neither flashrom nor the MD5 code have any license exception for linking. >> Its author is added to the (new) acknowledgments section in the manpage. >> > because there seem to be a bit of misunderstanding on the purpose of > printing md5 hashes: this should not help you when you are using > flashrom correctly (md5sum et al. are fine) but the poor souls (and the > ones helping fixing them stuff i.e. you) when they have misused > flashrom in one or another way. this allows us to verify for every log > we receive which file has been used (together with the upcoming log > file patch) without costing much when dealing with untrustworthy third > parties (== euphemism :). > > size of flashrom with md5 (and libftdi linked): > text data bss dec hex filename > 309905 1412 9960 321277 4e6fd flashrom > > without the patch at all: > text data bss dec hex filename > 306613 1412 9960 317985 4da21 flashrom > > i.e. ~1% of text size. > > the patch does integrate well and obviously i am pro using it, but i am > not insisting on this at all if the majority objects it. i just thought > it is a good idea and gave it a try :) > If we don't care about cryptographic strength, why not pick a simpler hash, e.g. FNV? Heck, a standard CRC would probably work as well, _but_ if CRC is used by the BIOS to verify parts of the flash image, there might be interactions (e.g. collisions) which impact our hashing- That said, I have trouble seeing the benefit of such hashes. Regards, Carl-Daniel -- http://www.hailfinger.org/ _______________________________________________ flashrom mailing list [email protected] http://www.flashrom.org/mailman/listinfo/flashrom
