diff options
| author | Stephen Cprek <smcprek@us.ibm.com> | 2017-10-31 13:01:30 -0500 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-11-19 15:54:51 -0500 |
| commit | 81279c1d146d8ee920494c7817cdd72f165dd373 (patch) | |
| tree | d616d0914823c8c25592e8276e0610ba1c9d2a28 /src/usr/secureboot/common | |
| parent | 63a026113332464fc3bcc73369ba35bfe8f62b6f (diff) | |
| download | blackbird-hostboot-81279c1d146d8ee920494c7817cdd72f165dd373.tar.gz blackbird-hostboot-81279c1d146d8ee920494c7817cdd72f165dd373.zip | |
Secure Boot: Fix lid load from HB reserved memory issues at runtime
- Force all PNOR sections we load from HB rserved memory to be secure
Only exception is the RINGOVD section, in which we use a fake header
- Add fake header when Secureboot compiled out or a section is never
signed as there is no secure header preserved in virtual memory
RTC: 171708
RTC: 180063
Change-Id: Ibbbd7be24ee7b199e73451c63b2c2d1f86a2c2d8
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/49020
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot/common')
| -rw-r--r-- | src/usr/secureboot/common/containerheader.C | 76 |
1 files changed, 72 insertions, 4 deletions
diff --git a/src/usr/secureboot/common/containerheader.C b/src/usr/secureboot/common/containerheader.C index 069a587d9..dd43551d2 100644 --- a/src/usr/secureboot/common/containerheader.C +++ b/src/usr/secureboot/common/containerheader.C @@ -34,7 +34,7 @@ namespace SECUREBOOT void ContainerHeader::parse_header(const void* i_header) { - assert(i_header != NULL); + assert(i_header != nullptr); const uint8_t* l_hdr = reinterpret_cast<const uint8_t*>(i_header); /*---- Parse ROM_container_raw ----*/ @@ -94,6 +94,68 @@ void ContainerHeader::parse_header(const void* i_header) print(); } +void ContainerHeader::initVars() +{ + memset(&iv_headerInfo, 0x00, sizeof(iv_headerInfo)); + memset(iv_hwKeyHash, 0, sizeof(SHA512_t)); + memset(iv_componentId,0x00,sizeof(iv_componentId)); +} + +void ContainerHeader::genFakeHeader(const size_t i_totalSize, + const char* const i_compId) +{ + SecureHeaderInfo info {}; + assert(iv_fakeHeader.data() != nullptr, "Internal fake header buffer nullptr"); + + uint8_t* l_hdr = reinterpret_cast<uint8_t*>(iv_fakeHeader.data()); + + /*---- ROM_container_raw ----*/ + info.hw_hdr.magic_number = ROM_MAGIC_NUMBER; + info.hw_hdr.version = CONTAINER_VERSION; + info.hw_hdr.container_size = i_totalSize; + // The rom code has a placeholder for the prefix in the first struct so + // skip it + size_t l_size = offsetof(ROM_container_raw, prefix); + memcpy(l_hdr, &info.hw_hdr, l_size); + l_hdr += l_size; + + /*---- ROM_prefix_header_raw ----*/ + info.hw_prefix_hdr.ver_alg.version = HEADER_VERSION; + info.hw_prefix_hdr.ver_alg.hash_alg = HASH_ALG_SHA512; + info.hw_prefix_hdr.ver_alg.sig_alg = SIG_ALG_ECDSA521; + info.hw_prefix_hdr.sw_key_count = 1; + info.hw_prefix_hdr.payload_size = sizeof(ecc_key_t); + + l_size = offsetof(ROM_prefix_header_raw, ecid); + l_size += info.hw_prefix_hdr.ecid_count * ECID_SIZE; + memcpy(l_hdr, &info.hw_prefix_hdr, l_size); + l_hdr += l_size; + + /*---- Parse ROM_prefix_data_raw ----*/ + // Skip over variable number of sw keys as they are already zeroed out + l_size = offsetof(ROM_prefix_data_raw, sw_pkey_p); + l_size += info.hw_prefix_hdr.sw_key_count * sizeof(ecc_key_t); + l_hdr += l_size; + + /*---- ROM_sw_header_raw ----*/ + info.sw_hdr.ver_alg.version = 1; + strncpy(info.sw_hdr.component_id, i_compId,SW_HDR_COMP_ID_SIZE_BYTES); + info.sw_hdr.ver_alg.hash_alg = HASH_ALG_SHA512; + info.sw_hdr.ver_alg.sig_alg = SIG_ALG_ECDSA521; + info.sw_hdr.payload_size = i_totalSize - PAGE_SIZE; + + l_size = offsetof(ROM_sw_header_raw, ecid); + l_size += info.hw_prefix_hdr.ecid_count * ECID_SIZE; + memcpy(l_hdr, &info.sw_hdr, l_size); + l_hdr += l_size; + + /*---- Parse ROM_sw_sig_raw ----*/ + // No-op already zeroed out + + iv_pHdrStart = reinterpret_cast<const uint8_t*>(iv_fakeHeader.data()); + parse_header(iv_fakeHeader.data()); +} + void ContainerHeader::print() const { #ifdef HOSTBOOT_DEBUG @@ -218,9 +280,9 @@ void ContainerHeader::validate() void ContainerHeader::safeMemCpyAndInc(void* i_dest, const uint8_t* &io_hdr, const size_t i_size) { - assert(i_dest != NULL, "ContainerHeader: dest ptr NULL"); - assert(io_hdr != NULL, "ContainerHeader: current header location ptr NULL"); - assert(iv_pHdrStart != NULL, "ContainerHeader: start of header ptr NULL"); + assert(i_dest != nullptr, "ContainerHeader: dest ptr NULL"); + assert(io_hdr != nullptr, "ContainerHeader: current header location ptr NULL"); + assert(iv_pHdrStart != nullptr, "ContainerHeader: start of header ptr NULL"); TRACDCOMP(g_trac_secure,"dest: 0x%X src: 0x%X size: 0x%X",i_dest, io_hdr, i_size); @@ -265,4 +327,10 @@ void ContainerHeader::genHwKeyHash() } #endif +const uint8_t* ContainerHeader::fakeHeader() const +{ + assert(iv_fakeHeader.data() != nullptr, "Fake header should not be nullptr"); + return iv_fakeHeader.data(); +} + }; //end of SECUREBOOT namespace |
