Port SBKT signing and secure loading

Change-Id: I3817cbf8eb25bc83d538d9eb6ea4c5e801603f74 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/38543 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
author: Stephen Cprek <smcprek@us.ibm.com> 2017-03-28 11:29:51 -0500
committer: Daniel M. Crowell <dcrowell@us.ibm.com> 2017-04-10 17:54:17 -0400
commit: b35084be0a0315dfedeeebab55eaf37345e637f1 (patch)
tree: ad10299c4f29704a70a033a3265b4ce0c3bc0a74
parent: a7bf050d4ddba121d7502939fc0c4ce517ef8e42 (diff)
download: blackbird-hostboot-b35084be0a0315dfedeeebab55eaf37345e637f1.tar.gz
blackbird-hostboot-b35084be0a0315dfedeeebab55eaf37345e637f1.zip
5 files changed, 102 insertions, 15 deletions
diff --git a/src/build/buildpnor/genPnorImages.pl b/src/build/buildpnor/genPnorImages.pl
index fc9b8bd9e..6d744d667 100755
--- a/src/build/buildpnor/genPnorImages.pl
+++ b/src/build/buildpnor/genPnorImages.pl
@@ -503,7 +503,7 @@ sub manipulateImages
         # Sections that have secureboot support. Secureboot still must be
         # enabled for secureboot actions on these partitions to occur.
         # @TODO securebootp9 re-enable with SBE/SBEC/PAYLOAD secureboot ports
-        my $isNormalSecure =  0; #($eyeCatch eq "SBKT")
+        my $isNormalSecure =  0;
                              #|| ($eyeCatch eq "HBRT");
                              #|| ($eyeCatch eq "SBE")
                              #|| ($eyeCatch eq "SBEC")
diff --git a/src/include/usr/secureboot/service.H b/src/include/usr/secureboot/service.H
index 86da6a64b..718efc686 100644
--- a/src/include/usr/secureboot/service.H
+++ b/src/include/usr/secureboot/service.H
@@ -30,16 +30,12 @@
 #include <secureboot/settings.H>
 #include <utility>
 #include <cstdint>
+#include <securerom/sha512.H>
 
-typedef uint8_t SHA512_t[64];
+typedef uint8_t SHA512_t[SHA512_DIGEST_LENGTH];
 
 typedef std::vector< std::pair<void*,size_t> > blobPair_t;
 
-/* From sha512.h:  */
-#define SHA512_DIGEST_LENGTH 64
-typedef uint8_t __attribute__((aligned(8))) sha2_hash_t[ \
-                SHA512_DIGEST_LENGTH / sizeof(uint8_t) ];
-
 // TODO securebootp9 added for spnorrp.C - service.H needs many more updates
 // in order to match the p8 version
 const size_t HASH_PAGE_TABLE_ENTRY_SIZE = 32;
diff --git a/src/usr/pnor/spnorrp.C b/src/usr/pnor/spnorrp.C
index c17d493ef..cd59cf26d 100644
--- a/src/usr/pnor/spnorrp.C
+++ b/src/usr/pnor/spnorrp.C
@@ -376,7 +376,6 @@ uint64_t SPnorRP::verifySections(SectionId i_id, LoadRecord* o_rec)
                 failedVerify = true;
                 break;
             }
-
             l_errhdl = miscSectionVerification(l_tempAddr, i_id);
             if (l_errhdl)
             {
@@ -711,7 +710,8 @@ errlHndl_t PNOR::loadSecureSection(const SectionId i_section)
     msg->data[0] = static_cast<uint64_t>(i_section);
     int rc = msg_sendrecv(spnorQ, msg);
 
-    TRACFCOMP(g_trac_pnor, "loadSecureSection i_section = %i",i_section);
+    TRACFCOMP(g_trac_pnor, "loadSecureSection i_section = %i (%s)",
+              i_section,PNOR::SectionIdToString(i_section));
 
     // TODO securebootp9 - Need to be able to receive an error from the
     // message handler. Also, message handler should police whether the request
@@ -772,26 +772,28 @@ errlHndl_t SPnorRP::miscSectionVerification(const uint8_t *i_vaddr,
     errlHndl_t l_errl = NULL;
     assert(i_vaddr != NULL);
 
-    TRACFCOMP(g_trac_pnor, "SPnorRP::miscSectionVerification section=%d", i_secId);
+    TRACFCOMP(g_trac_pnor, "SPnorRP::miscSectionVerification section=%d (%s)",
+              i_secId,PNOR::SectionIdToString(i_secId));
 
-// TODO securebootp9 - remove the following #if 0 and address issues
-#if 0
     // Do any additional verification needed for a specific PNOR section
     switch (i_secId) {
+        // TODO securebootp9 - remove the following #if 0 and address issues
+        #if 0
         case HB_EXT_CODE:
             // Compare HBB and HBI versions. Pass the vaddr of HBI's hash page
             // table by skipping past the container header.
             l_errl = baseExtVersCheck((i_vaddr + PAGESIZE));
             break;
+        #endif
         case SBKT:
-            // Ensure the outer container of the SBKT partition has a valid key
-            // transition container
+            // Ensure the nested container of the SBKT partition has a valid key
+            // transition container and that the outer containers' key
+            // transition bit is set
             l_errl = keyTransitionCheck((i_vaddr));
             break;
         default:
             break;
     }
-#endif
     return l_errl;
 }
 
diff --git a/src/usr/sbe/sbe_update.C b/src/usr/sbe/sbe_update.C
index 4a85db350..9a1a38ce3 100644
--- a/src/usr/sbe/sbe_update.C
+++ b/src/usr/sbe/sbe_update.C
@@ -57,6 +57,9 @@
 #include <ipmi/ipmisensor.H>
 #endif
 #include <initservice/istepdispatcherif.H>
+#ifdef CONFIG_SECUREBOOT
+#include <secureboot/containerheader.H>
+#endif
 
 //  fapi support
 #include    <fapi2.H>
@@ -74,6 +77,7 @@
 #include <bootloader/bootloaderif.H>
 #include <secureboot/service.H>
 #include <assert.h>
+#include <securerom/sha512.H>
 
 // ----------------------------------------------
 // Trace definitions
@@ -93,6 +97,11 @@ static bool g_mbox_query_result = false;
 static bool g_istep_mode        = false;
 static bool g_update_both_sides = false;
 
+// ----------------------------------------
+// Global Variables HW Keys Hash Transition
+static bool    g_do_hw_keys_hash_transition = false;
+static SHA512_t g_hw_keys_hash_transition_data = {0};
+
 using namespace ERRORLOG;
 using namespace TARGETING;
 
@@ -268,6 +277,20 @@ namespace SBE
                  err = NULL;
             }
 
+            // Check if a key transition is needed
+            err = secureKeyTransition();
+            if (err)
+            {
+                TRACFCOMP( g_trac_sbe, ERR_MRK"updateProcessorSbeSeeproms() - failed secureKeyTransition");
+                break;
+            }
+            // Print new hw keys' hash if a key transition is required.
+            if(g_do_hw_keys_hash_transition)
+            {
+                TRACFBIN(g_trac_sbe, "updateProcessorSbeSeeproms(): Key transition new hw key hash",
+                         g_hw_keys_hash_transition_data,
+                         sizeof(g_hw_keys_hash_transition_data));
+            }
 
             for(uint32_t i=0; i<procList.size(); i++)
             {
@@ -5002,5 +5025,62 @@ errlHndl_t getHwKeyHashFromSbeSeeprom(
     return err;
 }
 
+errlHndl_t secureKeyTransition()
+{
+    errlHndl_t l_errl = nullptr;
+
+#ifdef CONFIG_SECUREBOOT
+    do {
+    bool l_loaded = false;
+    PNOR::SectionInfo_t l_secInfo;
+
+    // Get SBKT PNOR section info from PNOR RP
+    l_errl = getSectionInfo(PNOR::SBKT, l_secInfo);
+    // SBKT section is optional so just delete error and no-op
+    if (l_errl)
+    {
+        TRACFCOMP( g_trac_sbe, ERR_MRK"secureKeyTransition() - getSectionInfo() optional PNOR::SBKT DNE");
+        delete l_errl;
+        l_errl = nullptr;
+        break;
+    }
+
+    // if it has a secure header, we do need to load and verify the container
+    if(l_secInfo.secure)
+    {
+        // Verify and Load SBKT section and nested container.
+        l_errl = loadSecureSection(PNOR::SBKT);
+        if (l_errl)
+        {
+            TRACFCOMP( g_trac_sbe, ERR_MRK,"secureKeyTransition() - Error from loadSecureSection(PNOR::SBKT)");
+            break;
+        }
+        l_loaded = true;
+
+        // Get new verified HW key hash
+        const void* l_pVaddr = reinterpret_cast<void*>(l_secInfo.vaddr);
+        SECUREBOOT::ContainerHeader l_nestedConHdr(l_pVaddr);
+        // Get pointer to first element of hwKeyHash from header.
+        const uint8_t* l_hwKeyHash = l_nestedConHdr.hwKeyHash()[0];
+        // Update global variable with hw keys hash to transition to.
+        memcpy(g_hw_keys_hash_transition_data, l_hwKeyHash,
+               sizeof(g_hw_keys_hash_transition_data));
+        // Indicate a key transition is required
+        g_do_hw_keys_hash_transition = true;
+    }
+    if(l_loaded)
+    {
+        l_errl = unloadSecureSection(PNOR::SBKT);
+        if (l_errl)
+        {
+            TRACFCOMP( g_trac_sbe, ERR_MRK,"secureKeyTransition() - Error from unloadSecureSection(PNOR::SBKT)");
+            break;
+        }
+    }
+    } while(0);
+#endif
+
+    return l_errl;
+}
 
 } //end SBE Namespace
diff --git a/src/usr/sbe/sbe_update.H b/src/usr/sbe/sbe_update.H
index ff436f419..d4ed02717 100644
--- a/src/usr/sbe/sbe_update.H
+++ b/src/usr/sbe/sbe_update.H
@@ -689,5 +689,14 @@ namespace SBE
      */
     errlHndl_t sbeDoReboot( void );
 
+    /**
+     * @brief Checks if a secure key transition is needed and if so verifies
+     *        the key transition container is valid. Then gets the new hw keys'
+     *        hash and sets the global hash transition data variables.
+     *
+     * @return errlHndl_t    Error log handle on failure. NULL on success
+     */
+    errlHndl_t secureKeyTransition();
+
 } //end namespace SBE
 #endif
author	Stephen Cprek <smcprek@us.ibm.com>	2017-03-28 11:29:51 -0500
committer	Daniel M. Crowell <dcrowell@us.ibm.com>	2017-04-10 17:54:17 -0400
commit	b35084be0a0315dfedeeebab55eaf37345e637f1 (patch)
tree	ad10299c4f29704a70a033a3265b4ce0c3bc0a74
parent	a7bf050d4ddba121d7502939fc0c4ce517ef8e42 (diff)
download	blackbird-hostboot-b35084be0a0315dfedeeebab55eaf37345e637f1.tar.gz blackbird-hostboot-b35084be0a0315dfedeeebab55eaf37345e637f1.zip