Read the HW Key Hash from a Processor's SBE Seeprom

This commit adds an interface to read the HW Key Hash located in the HBBL
section of each Processor's two SBE Seeproms.

Change-Id: I906434269746c296c646f7b0594575c58b145294
RTC: 167585
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/38465
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Martin Gloff <mgloff@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>

4 files changed, 50 insertions, 3 deletions

diff --git a/src/include/bootloader/bootloaderif.H b/src/include/bootloader/bootloaderif.H
index 6c6486e57..e4d422d20 100644
--- a/src/include/bootloader/bootloaderif.H
+++ b/src/include/bootloader/bootloaderif.H
@@ -33,6 +33,9 @@ namespace Bootloader{
 // Must be aligned CACHELINE_SIZE of 128 bytes
 #define MAX_HBBL_SIZE (20 * KILOBYTE)
 
+// Location of the HW Key Hash located at the end of the HBBL without ECC
+#define HBBL_HW_KEY_HASH_LOCATION  (MAX_HBBL_SIZE - sizeof(SHA512_t))
+
 // Size of exception vector reserved space at start of the HBBL section
 #define HBBL_EXCEPTION_VECTOR_SIZE (12 * KILOBYTE)
 
@@ -111,4 +114,4 @@ inline bool BlToHbDataValid (const BlToHbData * i_blToHbData)
 
 } // end namespace bootloader
 
-#endif
\ No newline at end of file
+#endif
diff --git a/src/include/usr/pnor/ecc.H b/src/include/usr/pnor/ecc.H
index 3f4b7cef6..80c993c96 100644
--- a/src/include/usr/pnor/ecc.H
+++ b/src/include/usr/pnor/ecc.H
@@ -5,7 +5,9 @@
 /*                                                                        */
 /* OpenPOWER HostBoot Project                                             */
 /*                                                                        */
-/* COPYRIGHT International Business Machines Corp. 2013,2014              */
+/* Contributors Listed Below - COPYRIGHT 2013,2017                        */
+/* [+] International Business Machines Corp.                              */
+/*                                                                        */
 /*                                                                        */
 /* Licensed under the Apache License, Version 2.0 (the "License");        */
 /* you may not use this file except in compliance with the License.       */
@@ -25,6 +27,10 @@
 
 #include <stdint.h>
 
+#ifdef __HOSTBOOT_MODULE
+#include <assert.h>
+#endif
+
 /** @file ecc.H
  *  @brief Interfaces for the P8 8-byte ECC algorithm.
  */
@@ -78,6 +84,23 @@ namespace ECC
     eccStatus removeECC(uint8_t* io_src,
                         uint8_t* o_dst, size_t i_dstSz);
 
+#ifdef __HOSTBOOT_MODULE
+    /** Given the size of Data, return the size of Data+ECC
+     *
+     *  @param[in] i_sizeWithoutEcc Size in bytes of data without ECC
+     *
+     *  @note i_sizeWithoutEcc must be a multiple of 8 bytes or will assert
+     *
+     * @return size of data with ECC
+     */
+    inline size_t sizeWithEcc(const size_t i_sizeWithoutEcc)
+    {
+        bool noRemainder = (i_sizeWithoutEcc % 8) == 0 ? true : false;
+        assert (noRemainder, "PNOR::ECC::sizeWithEcc: input needs to be multiple of 8 bytes");
+        return (i_sizeWithoutEcc * 9) / 8;
+    }
+#endif
+
 }
 }
 
diff --git a/src/include/usr/sbe/sbeif.H b/src/include/usr/sbe/sbeif.H
index 09666df02..bdb09a493 100644
--- a/src/include/usr/sbe/sbeif.H
+++ b/src/include/usr/sbe/sbeif.H
@@ -27,6 +27,8 @@
 
 #include <errl/errlentry.H>
 #include <pnor/pnorif.H>
+#include <secureboot/service.H>
+#include <i2c/eepromif.H>
 
 namespace SBE
 {
@@ -36,7 +38,6 @@ namespace SBE
 
     typedef uint8_t sbe_image_version_t[SBE_IMAGE_VERSION_SIZE];
 
-
     /**
      * @brief Gets a pointer to the proper SBE image in PNOR
      *
@@ -100,6 +101,25 @@ namespace SBE
      */
     errlHndl_t updateSbeBootSeeprom(TARGETING::Target* i_target);
 
+    /**
+     * @brief Retrieves the HW Key Hash from the Bootloader (HBBL) Section
+     *        of the SBE Image located on a SBE Seeprom
+     *
+     * @param[in] i_target    Target Processor of the SBE SEEPPROM.
+     *                        Assert if nullptr.
+     *
+     * @param[in] i_seeprom   Specific SEEPROM on the processor to read the
+     *                        HW Key Hash from.
+     *                        Assert if neither SBE_PRIMARY nor SBE_BACKUP.
+     *
+     * @param[out] o_hash     HW Key Hash returned from the Processor SEEPROM
+     *
+     * @return errlHndl_t     Error log handle on failure; otherwise nullptr
+     */
+    errlHndl_t getHwKeyHashFromSbeSeeprom(TARGETING::Target* i_target,
+                                          EEPROM::eeprom_chip_types_t i_seeprom,
+                                          SHA512_t o_hash);
+
 } //end namespace SBE
 
 #endif /* _SBEIF_H */
diff --git a/src/include/usr/sbe/sbereasoncodes.H b/src/include/usr/sbe/sbereasoncodes.H
index 611c0153e..380a65aeb 100644
--- a/src/include/usr/sbe/sbereasoncodes.H
+++ b/src/include/usr/sbe/sbereasoncodes.H
@@ -61,6 +61,7 @@ enum sbeModuleId
     SBE_WRITE_SBE_IMAGE                 = 0x10,
     SBE_GET_SBE_IMAGE_SIZE              = 0x11,
     SBE_APPEND_HBBL                     = 0x13,
+    SBE_GET_HW_KEY_HASH                 = 0x14,
 };
 
 /**