diff options
| -rw-r--r-- | src/bootloader/bl_start.S | 6 | ||||
| -rw-r--r-- | src/bootloader/bootloader.C | 77 | ||||
| -rw-r--r-- | src/bootloader/makefile | 4 | ||||
| -rw-r--r-- | src/build/debug/Hostboot/BlTrace.pm | 9 | ||||
| -rwxr-xr-x | src/build/mkrules/hbfw/img/makefile | 10 | ||||
| -rw-r--r-- | src/include/array | 3 | ||||
| -rw-r--r-- | src/include/bootloader/bootloader.H | 7 | ||||
| -rw-r--r-- | src/include/bootloader/bootloader_trace.H | 25 | ||||
| -rw-r--r-- | src/include/bootloader/bootloaderif.H | 35 | ||||
| -rw-r--r-- | src/include/securerom/ROM.H | 56 | ||||
| -rw-r--r-- | src/include/usr/sbe/sbeif.H | 15 | ||||
| -rw-r--r-- | src/include/usr/sbe/sbereasoncodes.H | 2 | ||||
| -rw-r--r-- | src/makefile | 2 | ||||
| -rw-r--r-- | src/securerom.ld | 3 | ||||
| -rw-r--r-- | src/securerom/makefile | 2 | ||||
| -rw-r--r-- | src/securerom/secureromasm.S (renamed from src/securerom/branchtable.S) | 45 | ||||
| -rw-r--r-- | src/usr/pnor/pnor_utils.C | 27 | ||||
| -rw-r--r-- | src/usr/sbe/sbe_update.C | 143 | ||||
| -rw-r--r-- | src/usr/sbe/sbe_update.H | 6 | ||||
| -rw-r--r-- | src/usr/sbe/test/sbeupdatetest.H | 48 |
20 files changed, 240 insertions, 285 deletions
diff --git a/src/bootloader/bl_start.S b/src/bootloader/bl_start.S index 99843a1eb..4af665523 100644 --- a/src/bootloader/bl_start.S +++ b/src/bootloader/bl_start.S @@ -31,7 +31,6 @@ .set SBE_HB_PNORSIZEMB, sbe_hb_structures+6 ;// uint16_t .set SBE_HB_BLLOADSIZE, sbe_hb_structures+8 ;// uint64_t .set HBBL_BASE_ADDRESS, base_load_address -.set HBBL_END_EYECATCHER, 0x4842424C656E6400 ;// 'HBBLend.' .set HBBL_END_ADDRESS, end_load_address .set HBBL_system_reset, 0x100 .set HBBL_machine_check, 0x200 @@ -423,11 +422,6 @@ bootloader_hbbSection: hbi_ImageId: .space 128 - .balign 16 -.global bootloader_end_eyecatcher -bootloader_end_eyecatcher: - .quad HBBL_END_EYECATCHER - .global bootloader_end_address bootloader_end_address: .quad HBBL_END_ADDRESS diff --git a/src/bootloader/bootloader.C b/src/bootloader/bootloader.C index e1386189d..4d764cd04 100644 --- a/src/bootloader/bootloader.C +++ b/src/bootloader/bootloader.C @@ -69,7 +69,6 @@ namespace Bootloader{ sizeof(sha2_hash_t)); } - // @TODO RTC:167740 remove magic number check once fsp/op signs HBB /** * @brief Memcmp a vaddr to the known secureboot magic number * @@ -97,24 +96,48 @@ namespace Bootloader{ const sha2_hash_t* i_hwKeyHash) { #ifdef CONFIG_SECUREBOOT - // @TODO RTC:167740 remove magic number check once fsp/op signs HBB - if (cmpSecurebootMagicNumber(reinterpret_cast<const uint8_t*> - (i_pContainer))) + BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_START); + + uint64_t l_rc = 0; + + // @TODO RTC:166848 Move find/get secure rom logic out of ROM verify + // Find secure ROM addr + // Get starting address of ROM size and code which is the next 8 byte + // aligned address after the bootloader end. + // [hbbl][pad:8:if-applicable][securerom-size:8][securerom] + const void* l_pBootloaderEnd = &bootloader_end_address; + uint64_t l_bootloaderSize = 0; + memcpy (&l_bootloaderSize, l_pBootloaderEnd, sizeof(l_bootloaderSize)); + uint64_t l_rom_startAddr = getHRMOR() + ALIGN_8(l_bootloaderSize); + // Get Rom Size + // @TODO RTC:166848 Store size so hb can use + uint64_t l_secureRomSize = 0; + memcpy (&l_secureRomSize, reinterpret_cast<void*>(l_rom_startAddr), + sizeof(l_secureRomSize)); + l_rom_startAddr += sizeof(l_secureRomSize); + + // Beginning of SecureROM has a info structure + // Get Secure ROM info + const auto l_pSecRomInfo = reinterpret_cast<SecureRomInfo*>( + l_rom_startAddr); + + // # @TODO RTC:170136 terminate in this case + // Ensure SecureRom is actually present + if ( !secureRomInfoValid(l_pSecRomInfo) ) + { + BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_NO_EYECATCH); + } + // # @TODO RTC:170136 terminate in this case + else if ( !cmpSecurebootMagicNumber(reinterpret_cast<const uint8_t*> + (i_pContainer))) + { + BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_NO_MAGIC_NUM); + } + else { - BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_START); - - uint64_t l_rc = 0; - - const void * l_pBootloaderEnd = &bootloader_end_address; - - // Get starting address of ROM code which is the next 8 byte aligned - // address after the bootloader end. - uint64_t l_size = 0; - memcpy (&l_size, l_pBootloaderEnd, sizeof(l_size)); - uint64_t l_rom_startAddr = getHRMOR() + ALIGN_8(l_size); - // Set startAddr to ROM_verify() function at an offset of Secure ROM uint64_t l_rom_verify_startAddr = l_rom_startAddr + + l_pSecRomInfo->branchtableOffset + ROM_VERIFY_FUNCTION_OFFSET; // Declare local input struct @@ -128,18 +151,17 @@ namespace Bootloader{ // Use current hw hash key memcpy (&l_hw_parms.hw_key_hash, i_hwKeyHash, sizeof(sha2_hash_t)); - const ROM_container_raw* l_container = - reinterpret_cast<const ROM_container_raw*>(i_pContainer); + const auto l_container = reinterpret_cast<const ROM_container_raw*> + (i_pContainer); l_rc = call_rom_verify(reinterpret_cast<void*> (l_rom_verify_startAddr), l_container, &l_hw_parms); - if (l_rc != 0) { // Verification of Container failed. - BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_FAIL); + BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_FAIL); /*@ * @errortype * @moduleid MOD_BOOTLOADER_VERIFY @@ -156,11 +178,7 @@ namespace Bootloader{ } - BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_SUCCESS); - } - else - { - BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_SKIP); + BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_SUCCESS); } #endif } @@ -260,10 +278,11 @@ namespace Bootloader{ verifyContainer(l_src_addr, &l_hwKeyHash); // Increment past secure header -#ifdef CONFIG_SECUREBOOT - l_src_addr += PAGE_SIZE/sizeof(uint64_t); - l_hbbLength -= PAGE_SIZE; -#endif + if (isSecureSection(PNOR::HB_BASE_CODE)) + { + l_src_addr += PAGE_SIZE/sizeof(uint64_t); + l_hbbLength -= PAGE_SIZE; + } // Copy HBB image into address where it executes for(uint32_t i = 0; diff --git a/src/bootloader/makefile b/src/bootloader/makefile index 598236b79..ee1688774 100644 --- a/src/bootloader/makefile +++ b/src/bootloader/makefile @@ -5,7 +5,7 @@ # # OpenPOWER HostBoot Project # -# Contributors Listed Below - COPYRIGHT 2015,2016 +# Contributors Listed Below - COPYRIGHT 2015,2017 # [+] International Business Machines Corp. # # @@ -30,6 +30,8 @@ EXTRAINCDIR += ${ROOTPATH}/src/include/usr/ EXTRAINCDIR += ${ROOTPATH}/src/include/usr/pnor/ EXTRAINCDIR += ${ROOTPATH}/src/include/usr/lpc/ +COMMONFLAGS += -DBOOTLOADER + OBJS += bl_start.o OBJS += bootloader.o OBJS += bl_pnorAccess.o diff --git a/src/build/debug/Hostboot/BlTrace.pm b/src/build/debug/Hostboot/BlTrace.pm index 5ce06d13c..12c9873cc 100644 --- a/src/build/debug/Hostboot/BlTrace.pm +++ b/src/build/debug/Hostboot/BlTrace.pm @@ -34,11 +34,12 @@ my %traceText = ( "11" => "Main getHBBSection returned", "12" => "Main handleMMIO to working location returned", "13" => "Main removeECC returned", + "14" => "Main verify started", + "15" => "Main verify succeeded", + "16" => "Main copy HBB to running location done", + "17" => "Main verify skip verification - no eyecatch ", # @TODO RTC:167740 remove magic number check once fsp/op signs HBB - "14" => "main verifyBaseImage skip verification - no magic number ", - "15" => "main verifyBaseImage started", - "16" => "main verifyBaseImage succeeded", - "17" => "Main copy HBB to running location done", + "18" => "Main verify skip verification - no magic number ", "20" => "HandleMMIO started", "21" => "HandleMMIO started using BYTESIZE", "24" => "HandleMMIO started using WORDSIZE", diff --git a/src/build/mkrules/hbfw/img/makefile b/src/build/mkrules/hbfw/img/makefile index 037e3592e..ac2a6b2af 100755 --- a/src/build/mkrules/hbfw/img/makefile +++ b/src/build/mkrules/hbfw/img/makefile @@ -95,9 +95,6 @@ FINAL_OUTPUT_IMAGES = ${HBBL_FINAL_IMG} ${HBB_FINAL_IMG} ${HBI_FINAL_IMG} \ ${PAYLOAD_FINAL_IMG} ${RINGOVD_FINAL_IMG} ${SBKT_FINAL_IMG} \ ${WOFDATA_FINAL_IMG} -# Temp images -HB_TEMP_IMG = hb_temp.bin - # Aggregate ALL_DEFAULT_IMAGES = ${DEFAULT_INPUT_IMAGES} ${FINAL_OUTPUT_IMAGES} @@ -138,10 +135,15 @@ gen_default_images: cp_hbfiles # Remove offset from start of Bootloader image for HBBL partition # Actual code is offset from HRMOR by 12k = 12 1k-blocks (space # reserved for exception vectors) + # Note: ibs=8 conv=sync to ensure this ends at an 8byte boundary for the + # securerom code to start at. dd if=${BOOTLDR_IMG} of=${HBBL_IMG} ibs=8 skip=1536 conv=sync - # Append Hostboot securerom code to the HBBL section + # Append Hostboot securerom code size to HBBL + du -b ${HB_SECROM_IMG} | cut -f1 | xargs printf "%016x" | sed 's/.\{2\}/\\\\x&/g' | xargs echo -n -e >> ${HBBL_IMG} + # Append Hostboot securerom code after its size cat ${HB_SECROM_IMG} >> ${HBBL_IMG} + # result [hbbl][pad:8:if-applicable][securerom-size:8][securerom] # Call script to generate final bin files for default images ${GEN_PNOR_IMAGE_SCRIPT} ${DEFAULT_PARAMS} diff --git a/src/include/array b/src/include/array index 59c313046..76b1371c8 100644 --- a/src/include/array +++ b/src/include/array @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2016 */ +/* Contributors Listed Below - COPYRIGHT 2016,2017 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -36,6 +36,7 @@ #define __STDC_LIMIT_MACROS #endif #include <stdint.h> +#include <algorithm> namespace std { diff --git a/src/include/bootloader/bootloader.H b/src/include/bootloader/bootloader.H index ac10628fb..102d23a77 100644 --- a/src/include/bootloader/bootloader.H +++ b/src/include/bootloader/bootloader.H @@ -38,6 +38,7 @@ #include <common/ffs_hb.H> #include <kernel/terminate.H> #include <kernel/hbterminatetypes.H> +#include <bootloader/bootloaderif.H> extern "C" void task_end_stub(); extern "C" void enterHBB(uint64_t i_hbb_hrmor, uint64_t i_hbb_offset); @@ -166,15 +167,11 @@ namespace Bootloader{ * HBB is copied to its running location and its execution is started. */ - /** Max size of HBBL without ECC. Must match PNOR layout for eyeCatch HBBL*/ -#define MAX_HBBL_SIZE (20 * KILOBYTE) - /** Size of exception vector reserved space at start of the HBBL section*/ -#define HBBL_EXCEPTION_VECTOR_SIZE (12 * KILOBYTE) /** HW Keys hash is placed in the last 64 bytes of the HBBL */ #define HW_KEYS_HASH_ADDR (getHRMOR() + HBBL_EXCEPTION_VECTOR_SIZE \ + MAX_HBBL_SIZE - 64) /** Location of working copy of HBB with ECC */ -#define HBB_ECC_WORKING_ADDR (getHRMOR() - ( 1*MEGABYTE)) +#define HBB_ECC_WORKING_ADDR (getHRMOR() + ( 1*MEGABYTE)) /** Location of working copy of HBB without ECC */ #define HBB_WORKING_ADDR (getHRMOR() - ( 1*MEGABYTE)) diff --git a/src/include/bootloader/bootloader_trace.H b/src/include/bootloader/bootloader_trace.H index 93b937308..980f90881 100644 --- a/src/include/bootloader/bootloader_trace.H +++ b/src/include/bootloader/bootloader_trace.H @@ -60,18 +60,21 @@ enum BootloaderTraces /** Bootloader main removeECC returned */ BTLDR_TRC_MAIN_REMOVEECC_RTN = 0x13, - // @TODO RTC:167740 remove magic number check once fsp/op signs HBB - /** Bootloader main verifyBaseImage skip verification - no magic number */ - BTLDR_TRC_MAIN_VERIFY_HBB_SKIP = 0x14, - - /** Bootloader main verifyBaseImage started */ - BTLDR_TRC_MAIN_VERIFY_HBB_START = 0x15, + /** Bootloader main verifyContainer started */ + BTLDR_TRC_MAIN_VERIFY_START = 0x14, - /** Bootloader main verifyBaseImage succeeded */ - BTLDR_TRC_MAIN_VERIFY_HBB_SUCCESS = 0x16, + /** Bootloader main verifyContainer succeeded */ + BTLDR_TRC_MAIN_VERIFY_SUCCESS = 0x15, /** Bootloader main copy HBB to running location done */ - BTLDR_TRC_MAIN_COPY_HBB_DONE = 0x17, + BTLDR_TRC_MAIN_COPY_HBB_DONE = 0x16, + + /** Bootloader main verifyContainer skip verification - no eyecatch */ + BTLDR_TRC_MAIN_VERIFY_NO_EYECATCH = 0x17, + + // @TODO RTC:167740 remove magic number check once fsp/op signs HBB + /** Bootloader main verifyContainer skip verification - no magic number */ + BTLDR_TRC_MAIN_VERIFY_NO_MAGIC_NUM = 0x18, /** Bootloader handleMMIO started */ BTLDR_TRC_HANDLEMMIO_START = 0x20, @@ -169,8 +172,8 @@ enum BootloaderTraces /** Bootloader PNOR Access getHBBSection findTOC no HBB section */ BTLDR_TRC_PA_GETHBBSECTION_FINDTOC_NOHBB = 0xFA, - /** Bootloader main verifyBaseImage failed */ - BTLDR_TRC_MAIN_VERIFY_HBB_FAIL = 0xFB, + /** Bootloader main verifyContainer failed */ + BTLDR_TRC_MAIN_VERIFY_FAIL = 0xFB, }; #ifndef BOOTLOADER_TRACE diff --git a/src/include/bootloader/bootloaderif.H b/src/include/bootloader/bootloaderif.H new file mode 100644 index 000000000..beffe7c0f --- /dev/null +++ b/src/include/bootloader/bootloaderif.H @@ -0,0 +1,35 @@ +/* IBM_PROLOG_BEGIN_TAG */ +/* This is an automatically generated prolog. */ +/* */ +/* $Source: src/include/bootloader/bootloaderif.H $ */ +/* */ +/* OpenPOWER HostBoot Project */ +/* */ +/* Contributors Listed Below - COPYRIGHT 2017 */ +/* [+] International Business Machines Corp. */ +/* */ +/* */ +/* Licensed under the Apache License, Version 2.0 (the "License"); */ +/* you may not use this file except in compliance with the License. */ +/* You may obtain a copy of the License at */ +/* */ +/* http://www.apache.org/licenses/LICENSE-2.0 */ +/* */ +/* Unless required by applicable law or agreed to in writing, software */ +/* distributed under the License is distributed on an "AS IS" BASIS, */ +/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */ +/* implied. See the License for the specific language governing */ +/* permissions and limitations under the License. */ +/* */ +/* IBM_PROLOG_END_TAG */ +#ifndef __BOOT_LOADERIF_H +#define __BOOT_LOADERIF_H + +// Max size of HBBL without ECC. Must match PNOR layout for eyeCatch HBBL +// Must be aligned CACHELINE_SIZE of 128 bytes +#define MAX_HBBL_SIZE (20 * KILOBYTE) + +// Size of exception vector reserved space at start of the HBBL section +#define HBBL_EXCEPTION_VECTOR_SIZE (12 * KILOBYTE) + +#endif
\ No newline at end of file diff --git a/src/include/securerom/ROM.H b/src/include/securerom/ROM.H index 4a47b2502..9e3d7d4ca 100644 --- a/src/include/securerom/ROM.H +++ b/src/include/securerom/ROM.H @@ -29,6 +29,8 @@ #include <securerom/hw_utils.H> #include <securerom/sha512.H> #include <securerom/ecverify.H> +#include <string.h> +#include <array> #define CONTAINER_VERSION 1 #define HEADER_VERSION 1 @@ -130,15 +132,65 @@ extern "C" ROM_response ROM_verify (ROM_container_raw* container, /************************* END OF ORIGINAL ROM CODE ***************************/ -/* Offsets needed to call functions in jump table at start of ROM code. - See img/securerom.list.bz2 and search for SHA512_Hash and ROM_verify +/* Offsets relative to branchtable start to call functions in SecureROM code. + See img/securerom.list.bz2 and search for SHA512_Hash and ROM_verify, then + subtract the branch table offset E.g. + 0000000000000040 <_SHA512_Hash>: + 0000000000000050 <_ROM_verify>: + + Search for branchtableoffset + 0000000000000010 <branchtableoffset>: + 10 00000010: 00 00 00 00 .long 0x0 + 14 00000014: 00 00 00 28 .long 0x28 + + Subtraction (0x28) results in relative offset from branch table start 0000000000000018 <_SHA512_Hash>: 0000000000000028 <_ROM_verify>: + + Note: If the SecureRomInfo change size, these will be affected. + See src/securerom/secureromasm.S for more info. */ #define SHA512_HASH_FUNCTION_OFFSET 0x18 #define ROM_VERIFY_FUNCTION_OFFSET 0x28 +// Version info at SECUREROM_VERSION_STRUCTURE_OFFSET +// - [8 bytes] - eyeCatch +// - [8 bytes] - version +// - [8 bytes] - branchtable offset +// - [16 bytes] - reserved +struct SecureRomInfo +{ + uint64_t eyeCatch; + uint64_t version; + uint64_t branchtableOffset; + std::array<uint64_t,2> reserved; +}__attribute__((packed)); + +// Expected securerom eye catch +const uint64_t SECROM_EYECATCHER = 0x23534543524F4D00; // #SECROM\0 + +// Used for version checking as the SecureRomInfo structure changes +enum SecureRomInfoVersion +{ + // [release:4][version:4] + SECUREROM_INFO_ADDED = 0x0000000900000001 +}; + +/** + * @brief Checks if secureROM is valid by checking the eyeCatch and version + * + * @param[in] SecureRomInfo* Pointer to SecureRomInfo - Must not be NULL + * + * @return bool true if valid; false otherwise + */ +inline bool secureRomInfoValid (const SecureRomInfo * i_secureRomInfo) +{ + // Ensure EyeCatch and Version are valid + return (i_secureRomInfo->eyeCatch == SECROM_EYECATCHER) && + (i_secureRomInfo->version >= SECUREROM_INFO_ADDED); +} + // Need this for the following definition #ifdef __cplusplus extern "C" diff --git a/src/include/usr/sbe/sbeif.H b/src/include/usr/sbe/sbeif.H index 67937b9b4..be7924869 100644 --- a/src/include/usr/sbe/sbeif.H +++ b/src/include/usr/sbe/sbeif.H @@ -60,21 +60,6 @@ namespace SBE sbe_image_version_t* o_version = NULL); /** - * @brief Gets a pointer to the HBBL image in PNOR - * - * @param[out] o_imgPtr Pointer to HBBL Image mapped in PNOR - * Note: Pointer moved past any header(s) - * - * @param[out] o_imgSize Size of the HBBL Image in PNOR - * Note: Size does not include any header(s) - * - * @return errlHndl_t Error log handle on failure. - */ - errlHndl_t findHBBLInPnor(void*& o_imgPtr, - size_t& o_imgSize); - - - /** * @brief Iterates through all the functional processors and updates * the SBE Image in a SEEPROM, if necessary. * diff --git a/src/include/usr/sbe/sbereasoncodes.H b/src/include/usr/sbe/sbereasoncodes.H index 8126060e4..611c0153e 100644 --- a/src/include/usr/sbe/sbereasoncodes.H +++ b/src/include/usr/sbe/sbereasoncodes.H @@ -60,7 +60,6 @@ enum sbeModuleId SBE_READ_SBE_IMAGE = 0x0F, SBE_WRITE_SBE_IMAGE = 0x10, SBE_GET_SBE_IMAGE_SIZE = 0x11, - HBBL_FIND_IN_PNOR = 0x12, SBE_APPEND_HBBL = 0x13, }; @@ -101,7 +100,6 @@ enum sbeReasonCode SBE_MASTER_VERSION_DOWNLEVEL = SBE_COMP_ID | 0x15, SBE_IMAGE_GET_SET_SCALAR_FAIL = SBE_COMP_ID | 0x16, - HBBL_END_DATA_NOT_FOUND = SBE_COMP_ID | 0x17, ERROR_FROM_XIP_DELETE = SBE_COMP_ID | 0x18, ERROR_FROM_XIP_FIND = SBE_COMP_ID | 0x19, diff --git a/src/makefile b/src/makefile index 6d1b1246d..6a1040291 100644 --- a/src/makefile +++ b/src/makefile @@ -75,13 +75,13 @@ BOOTLDR_OBJECTS += forceattn_p8.o BOOTLDR_OBJECTS += string_utils.o BOOTLDR_OBJECTS += rom_entry.o -SECUREROM_OBJECTS += branchtable.o SECUREROM_OBJECTS += ROM.o SECUREROM_OBJECTS += ecverify.o SECUREROM_OBJECTS += hw_utils.o SECUREROM_OBJECTS += sha512.o SECUREROM_OBJECTS += string_utils.o SECUREROM_OBJECTS += rom_entry.o +SECUREROM_OBJECTS += secureromasm.o DIRECT_BOOT_OBJECTS += start.o DIRECT_BOOT_OBJECTS += kernel.o diff --git a/src/securerom.ld b/src/securerom.ld index 4159440a6..c0d357885 100644 --- a/src/securerom.ld +++ b/src/securerom.ld @@ -25,7 +25,8 @@ SECTIONS { .text : { - *(.branchtable) + *(.text.securerominfo) + *(.text.branchtable) *(.text) *(.text._*) *(.text.*) diff --git a/src/securerom/makefile b/src/securerom/makefile index bd769aa6d..9c9f42017 100644 --- a/src/securerom/makefile +++ b/src/securerom/makefile @@ -38,12 +38,12 @@ LDFLAGS += -N ASMFLAGS += -D__ASSEMBLER__ -OBJS += branchtable.o OBJS += ROM.o OBJS += sha512.o OBJS += ecverify.o OBJS += hw_utils.o OBJS += rom_entry.o +OBJS += secureromasm.o OPT_LEVEL = -Os diff --git a/src/securerom/branchtable.S b/src/securerom/secureromasm.S index 86a1f92a8..12f174906 100644 --- a/src/securerom/branchtable.S +++ b/src/securerom/secureromasm.S @@ -1,11 +1,11 @@ # IBM_PROLOG_BEGIN_TAG # This is an automatically generated prolog. # -# $Source: src/securerom/branchtable.S $ +# $Source: src/securerom/secureromasm.S $ # # OpenPOWER HostBoot Project # -# Contributors Listed Below - COPYRIGHT 2016,2017 +# Contributors Listed Below - COPYRIGHT 2017 # [+] International Business Machines Corp. # # @@ -22,14 +22,37 @@ # permissions and limitations under the License. # # IBM_PROLOG_END_TAG +.include "kernel/ppcconsts.S" + #**************************************************************************** -#* branch table - a more stable location for software entering rom code +#* SecureROM info - useful info used by HBBL. Must match ROM.H #**************************************************************************** +.set SECROM_EYECATCHER, 0x23534543524F4D00 ;// uint64_t '#SECROM.' +.set SECROM_VERSION, 0x0000000900000001 ;// uint64_t -.include "kernel/ppcconsts.S" +# Before the SecureRom code starts there is SecureRomInfo see ROM.H +# - [8 bytes] - eyeCatch +# - [8 bytes] - version +# - [8 bytes] - branchtable offset +# - [16 bytes] - reserved +.section .text.securerominfo + +eyeCatch: + .quad SECROM_EYECATCHER + +version: + .quad SECROM_VERSION -branchtable: - .section ".branchtable","ax" +branchtableoffset: + .quad .text.branchtable + +reserved: + .zero 16 ;// 'reserve 16 bytes' + +#**************************************************************************** +#* branch table - a more stable location for software entering rom code +#**************************************************************************** +.section .text.branchtable .globl _SHA512_Init _SHA512_Init: @@ -66,19 +89,21 @@ _ROM_verify: springboard: b boingboing boingboing: + # @TODO RTC:156485 ROM blob will have to change to allow PHyp to use, + # unless PHyp directly uses mfspr r2, CFAR ;// get address of springboard - addi r2, r2, _SHA512_Init-springboard ;// base address + addi r2, r2, .text.securerominfo-springboard ;// base address add r0, r0, r2 ;// calculate entry relative addi r2, r2, 0x4000 ;//TOC+0x8000 part 1 addi r2, r2, (__toc_start+0x4000)@l ;//TOC+0x8000 part 2 mtctr r0 bctr ;// jump -# could put other assembly ocde routines here to conserver ROM space +# could put other assembly code routines here to conserve ROM space # including the sreset routine -# need to align on securerombase+0x100 !!! - .org .branchtable+0x100 +# need to align on branchtablebase+0x100 !!! + .org .text.branchtable+0x100 .globl _rom_sreset _rom_sreset: li r0, rom_sreset@l diff --git a/src/usr/pnor/pnor_utils.C b/src/usr/pnor/pnor_utils.C index 1890499bc..5af2993cb 100644 --- a/src/usr/pnor/pnor_utils.C +++ b/src/usr/pnor/pnor_utils.C @@ -361,19 +361,22 @@ void PNOR::parseEntries (ffs_hdr* i_ffs_hdr, bool PNOR::isSecureSection(const uint32_t i_section) { -// TODO securebootp9 uncomment these sections as they become ready for -// inclusion in p9. Remove this comment after the last one. #ifdef CONFIG_SECUREBOOT - return i_section == HB_BASE_CODE; -// return i_section == HB_EXT_CODE || -// i_section == HB_DATA || -// i_section == SBE_IPL || -// i_section == CENTAUR_SBE || -// i_section == PAYLOAD || -// i_section == SBKT || -// i_section == OCC || -// i_section == HB_RUNTIME; - return false; + #ifdef BOOTLOADER + return i_section == HB_BASE_CODE; + // TODO securebootp9 uncomment these sections as they become ready for + // inclusion in p9. Remove this comment after the last one. + #else + // return i_section == HB_EXT_CODE || + // i_section == HB_DATA || + // i_section == SBE_IPL || + // i_section == CENTAUR_SBE || + // i_section == PAYLOAD || + // i_section == SBKT || + // i_section == OCC || + // i_section == HB_RUNTIME; + return false; + #endif #else return false; #endif diff --git a/src/usr/sbe/sbe_update.C b/src/usr/sbe/sbe_update.C index 95dc2bc87..199379d44 100644 --- a/src/usr/sbe/sbe_update.C +++ b/src/usr/sbe/sbe_update.C @@ -71,6 +71,7 @@ #include <p9_perv_scom_addresses.H> #include <initservice/mboxRegs.H> +#include <bootloader/bootloaderif.H> // ---------------------------------------------- @@ -737,104 +738,6 @@ namespace SBE return err; } - -///////////////////////////////////////////////////////////////////// - errlHndl_t findHBBLInPnor(void*& o_imgPtr, - size_t& o_imgSize) - { - errlHndl_t err = NULL; - PNOR::SectionInfo_t pnorInfo; - hbblEndData_t* hbblEndData = NULL; - PNOR::SectionId pnorSectionId = PNOR::HB_BOOTLOADER; - - o_imgPtr = NULL; - o_imgSize = 0; - - TRACDCOMP( g_trac_sbe, - ENTER_MRK"findHBBLInPnor()" ); - - do{ - // Get SBE PNOR section info from PNOR RP - err = getSectionInfo( pnorSectionId, - pnorInfo ); - - if(err) - { - TRACFCOMP( g_trac_sbe, ERR_MRK"findHBBLInPnor: Error calling " - "getSectionInfo() rc=0x%.4X", - err->reasonCode() ); - break; - } - - TRACUCOMP( g_trac_sbe, - INFO_MRK"findHBBLInPnor: sectionId=0x%X. " - "pnor vaddr = 0x%.16X", - pnorSectionId, pnorInfo.vaddr); - - // Look for HBBL end data on 16-byte boundary start at offset - // HBBL_FUZZY_END_ADDRESS - // Note: Code takes up at least the first HBBL_FUZZY_END_ADDRESS - // bytes of the HBBL image, so start at that offset to search - // for this data. - uint64_t hbblAbsoluteEnd = pnorInfo.vaddr + pnorInfo.size; - uint64_t hbblAddr = pnorInfo.vaddr + HBBL_FUZZY_END_ADDRESS; - while( hbblAddr < hbblAbsoluteEnd ) - { - hbblEndData = reinterpret_cast<hbblEndData_t*>(hbblAddr); - - if( HBBL_END_EYECATCHER == hbblEndData->eyecatcher ) - { - TRACUCOMP( g_trac_sbe, - INFO_MRK"findHBBLInPnor: hbblEndData = %p, " - "hbblEndData.address = 0x%.16X", - hbblEndData, hbblEndData->address); - break; - } - - hbblAddr += sizeof(hbblEndData_t); - } - - if( hbblAddr >= hbblAbsoluteEnd ) - { - //The HBBL partition does not have the HBBL end data - TRACFCOMP( g_trac_sbe, ERR_MRK"findHBBLInPnor: HBBL partition " - "does not have the HBBL end data" ); - - /*@ - * @errortype - * @moduleid HBBL_FIND_IN_PNOR - * @reasoncode HBBL_END_DATA_NOT_FOUND - * @userdata1 HBBL PNOR Section Address - * @userdata2 HBBL PNOR Section Size - * @devdesc HBBL partition did not have end data - * @custdesc A problem occurred while updating processor - * boot code. - */ - err = new ErrlEntry(ERRL_SEV_UNRECOVERABLE, - HBBL_FIND_IN_PNOR, - HBBL_END_DATA_NOT_FOUND, - pnorInfo.vaddr, - pnorInfo.size); - err->collectTrace(SBE_COMP_NAME); - err->addProcedureCallout( HWAS::EPUB_PRC_SP_CODE, - HWAS::SRCI_PRIORITY_HIGH ); - - break; - } - - o_imgPtr = reinterpret_cast<void*>( pnorInfo.vaddr ); - o_imgSize = hbblEndData->address - HBBL_START_ADDRESS; - - }while(0); - - TRACDCOMP( g_trac_sbe, - EXIT_MRK"findHBBLInPnor(): o_imgPtr=%p, o_imgSize=0x%X", - o_imgPtr, o_imgSize ); - - return err; - } - - ///////////////////////////////////////////////////////////////////// errlHndl_t appendHbblToSbe(void* i_section, uint32_t i_section_size, @@ -1909,43 +1812,31 @@ namespace SBE /*******************************************/ /* Get PNOR HBBL Information */ /*******************************************/ - void* hbblPnorPtr = NULL; - size_t hbblPnorImageSize = 0; - size_t hbblCachelineSize = 0; - - err = findHBBLInPnor(hbblPnorPtr, - hbblPnorImageSize); + // Get SBE PNOR section info from PNOR RP + PNOR::SectionInfo_t pnorInfo; + err = getSectionInfo( PNOR::HB_BOOTLOADER, pnorInfo ); if(err) { - TRACFCOMP( g_trac_sbe, ERR_MRK"getSbeInfoState() - " - "Error getting HBBL Version from PNOR, " - "RC=0x%X, PLID=0x%lX", - ERRL_GETRC_SAFE(err), - ERRL_GETPLID_SAFE(err)); + TRACFCOMP( g_trac_sbe, ERR_MRK"getSbeInfoState: Error calling " + "getSectionInfo() rc=0x%.4X", + err->reasonCode() ); break; } - else - { - TRACFCOMP( g_trac_sbe, "getSbeInfoState() - " - "hbblPnorPtr=%p, hbblPnorImageSize=0x%08X (%d)", - hbblPnorPtr, hbblPnorImageSize, hbblPnorImageSize); - } - - hbblCachelineSize = ALIGN_X(hbblPnorImageSize, CACHELINE_SIZE); - - TRACUCOMP( g_trac_sbe, "getSbeInfoState() - HBBL: " - "maxSize=0x%X, actSize=0x%X, cachelineSize=0x%X", - HBBL_MAX_SIZE, hbblPnorImageSize, - hbblCachelineSize); - + const void* hbblPnorPtr = reinterpret_cast<const void*>( + pnorInfo.vaddr); + // Use max hbbl size and not the PNOR size. The PNOR size can grow + // to add a secure header, but the code size limit is still 20K. + TRACFCOMP( g_trac_sbe, "getSbeInfoState() - " + "hbblPnorPtr=%p, hbblMaxSize=0x%08X (%d)", + hbblPnorPtr, MAX_HBBL_SIZE, MAX_HBBL_SIZE); /*******************************************/ /* Append HBBL Image from PNOR to SBE */ /* Image from PNOR */ /*******************************************/ uint32_t sbeHbblImgSize = - static_cast<uint32_t>(sbePnorImageSize + hbblCachelineSize); + static_cast<uint32_t>(sbePnorImageSize + MAX_HBBL_SIZE); // copy SBE image from PNOR to memory sbeHbblImgPtr = (void*)SBE_HBBL_IMG_VADDR; @@ -1953,8 +1844,8 @@ namespace SBE sbePnorPtr, sbePnorImageSize); - err = appendHbblToSbe(hbblPnorPtr, // HBBL Image to append - hbblCachelineSize, // Size of HBBL Image + err = appendHbblToSbe(const_cast<void*>(hbblPnorPtr), // HBBL Image to append + MAX_HBBL_SIZE, // Size of HBBL Image sbeHbblImgPtr, // SBE, HBBL Image sbeHbblImgSize); // Available/used diff --git a/src/usr/sbe/sbe_update.H b/src/usr/sbe/sbe_update.H index 008252145..ff436f419 100644 --- a/src/usr/sbe/sbe_update.H +++ b/src/usr/sbe/sbe_update.H @@ -91,12 +91,6 @@ namespace SBE const uint64_t NONSECURE_VER_EYECATCH = 0x56455253494F4E00; //'VERSION\0' const uint32_t SUPPORTED_TOC_VER = 0x00000001; - // PNOR HBBL Partition constants - const uint64_t HBBL_START_ADDRESS = 0x0000000000003000; - const uint64_t HBBL_FUZZY_END_ADDRESS = 0x1400; - const size_t HBBL_MAX_SIZE = 20*KILOBYTE; // 20KB - const uint64_t HBBL_END_EYECATCHER = 0x4842424C656E6400; // 'HBBLend\0' - // Cacheline Size const uint64_t CACHELINE_SIZE = 128; diff --git a/src/usr/sbe/test/sbeupdatetest.H b/src/usr/sbe/test/sbeupdatetest.H index 7fd5295f6..e9210b102 100644 --- a/src/usr/sbe/test/sbeupdatetest.H +++ b/src/usr/sbe/test/sbeupdatetest.H @@ -675,54 +675,6 @@ class SBEUpdateTest: public CxxTest::TestSuite } - - /** - * @brief This function will test SBE Update's ability - * to find HBBL images in PNOR - */ - - void testFindHBBLInPnor ( void ) - { - errlHndl_t err = NULL; - uint64_t fails = 0x0; - uint64_t total = 0x0; - - void* hbblImgPtr = NULL; - size_t hbblImgSize = 0; - - do{ - - TRACFCOMP( g_trac_sbe, - ENTER_MRK"testFindHBBLInPnor()" ); - - total++; - err = findHBBLInPnor(hbblImgPtr, - hbblImgSize); - - if(err || (hbblImgPtr == NULL) || (hbblImgSize == 0) ) - { - fails++; - TRACFCOMP( g_trac_sbe, ERR_MRK"testFindHBBLInPnor() - " - "failure finding HBBL image, hbblImgPtr=%p, " - "hbblImgSize=0x%x", - hbblImgPtr, hbblImgSize ); - TS_FAIL("testFindHBBLInPnor() -failure finding HBBL image!"); - errlCommit( err, - SBE_COMP_ID ); - - } - TRACDBIN(g_trac_sbe, "testFindHBBLInPnor()-Proc PNOR Image", - hbblImgPtr, 0x80); - - TRACFCOMP( g_trac_sbe, - EXIT_MRK"testFindHBBLInPnor - %d/%d fails", - fails, total ); - - }while(0); - - } - - /** * @brief This function will run through the functions used to collect * SBE information on a single target, determine if that target |
