From f0d7c809d23c2cf44c0be0ff594c14aff22d6f04 Mon Sep 17 00:00:00 2001 From: Stephen Cprek Date: Mon, 6 Feb 2017 12:31:42 -0600 Subject: Add SecureROM version info and Change SBE update to use max HBBL size The HBBL also contains the securerom code and hw keys' hash for verification purposes. So looking for the end of the HBBL code leaves out those sections Change-Id: I73a1b5c50e3a5b3f642ca569b90e79dbe4c4ba1e Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35979 Tested-by: Jenkins Server Tested-by: FSP CI Jenkins Tested-by: Jenkins OP Build CI Reviewed-by: Martin Gloff Reviewed-by: Nicholas E. Bofferding Reviewed-by: Daniel M. Crowell --- src/bootloader/bl_start.S | 6 ---- src/bootloader/bootloader.C | 77 ++++++++++++++++++++++++++++----------------- src/bootloader/makefile | 4 ++- 3 files changed, 51 insertions(+), 36 deletions(-) (limited to 'src/bootloader') diff --git a/src/bootloader/bl_start.S b/src/bootloader/bl_start.S index 99843a1eb..4af665523 100644 --- a/src/bootloader/bl_start.S +++ b/src/bootloader/bl_start.S @@ -31,7 +31,6 @@ .set SBE_HB_PNORSIZEMB, sbe_hb_structures+6 ;// uint16_t .set SBE_HB_BLLOADSIZE, sbe_hb_structures+8 ;// uint64_t .set HBBL_BASE_ADDRESS, base_load_address -.set HBBL_END_EYECATCHER, 0x4842424C656E6400 ;// 'HBBLend.' .set HBBL_END_ADDRESS, end_load_address .set HBBL_system_reset, 0x100 .set HBBL_machine_check, 0x200 @@ -423,11 +422,6 @@ bootloader_hbbSection: hbi_ImageId: .space 128 - .balign 16 -.global bootloader_end_eyecatcher -bootloader_end_eyecatcher: - .quad HBBL_END_EYECATCHER - .global bootloader_end_address bootloader_end_address: .quad HBBL_END_ADDRESS diff --git a/src/bootloader/bootloader.C b/src/bootloader/bootloader.C index e1386189d..4d764cd04 100644 --- a/src/bootloader/bootloader.C +++ b/src/bootloader/bootloader.C @@ -69,7 +69,6 @@ namespace Bootloader{ sizeof(sha2_hash_t)); } - // @TODO RTC:167740 remove magic number check once fsp/op signs HBB /** * @brief Memcmp a vaddr to the known secureboot magic number * @@ -97,24 +96,48 @@ namespace Bootloader{ const sha2_hash_t* i_hwKeyHash) { #ifdef CONFIG_SECUREBOOT - // @TODO RTC:167740 remove magic number check once fsp/op signs HBB - if (cmpSecurebootMagicNumber(reinterpret_cast - (i_pContainer))) + BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_START); + + uint64_t l_rc = 0; + + // @TODO RTC:166848 Move find/get secure rom logic out of ROM verify + // Find secure ROM addr + // Get starting address of ROM size and code which is the next 8 byte + // aligned address after the bootloader end. + // [hbbl][pad:8:if-applicable][securerom-size:8][securerom] + const void* l_pBootloaderEnd = &bootloader_end_address; + uint64_t l_bootloaderSize = 0; + memcpy (&l_bootloaderSize, l_pBootloaderEnd, sizeof(l_bootloaderSize)); + uint64_t l_rom_startAddr = getHRMOR() + ALIGN_8(l_bootloaderSize); + // Get Rom Size + // @TODO RTC:166848 Store size so hb can use + uint64_t l_secureRomSize = 0; + memcpy (&l_secureRomSize, reinterpret_cast(l_rom_startAddr), + sizeof(l_secureRomSize)); + l_rom_startAddr += sizeof(l_secureRomSize); + + // Beginning of SecureROM has a info structure + // Get Secure ROM info + const auto l_pSecRomInfo = reinterpret_cast( + l_rom_startAddr); + + // # @TODO RTC:170136 terminate in this case + // Ensure SecureRom is actually present + if ( !secureRomInfoValid(l_pSecRomInfo) ) + { + BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_NO_EYECATCH); + } + // # @TODO RTC:170136 terminate in this case + else if ( !cmpSecurebootMagicNumber(reinterpret_cast + (i_pContainer))) + { + BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_NO_MAGIC_NUM); + } + else { - BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_START); - - uint64_t l_rc = 0; - - const void * l_pBootloaderEnd = &bootloader_end_address; - - // Get starting address of ROM code which is the next 8 byte aligned - // address after the bootloader end. - uint64_t l_size = 0; - memcpy (&l_size, l_pBootloaderEnd, sizeof(l_size)); - uint64_t l_rom_startAddr = getHRMOR() + ALIGN_8(l_size); - // Set startAddr to ROM_verify() function at an offset of Secure ROM uint64_t l_rom_verify_startAddr = l_rom_startAddr + + l_pSecRomInfo->branchtableOffset + ROM_VERIFY_FUNCTION_OFFSET; // Declare local input struct @@ -128,18 +151,17 @@ namespace Bootloader{ // Use current hw hash key memcpy (&l_hw_parms.hw_key_hash, i_hwKeyHash, sizeof(sha2_hash_t)); - const ROM_container_raw* l_container = - reinterpret_cast(i_pContainer); + const auto l_container = reinterpret_cast + (i_pContainer); l_rc = call_rom_verify(reinterpret_cast (l_rom_verify_startAddr), l_container, &l_hw_parms); - if (l_rc != 0) { // Verification of Container failed. - BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_FAIL); + BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_FAIL); /*@ * @errortype * @moduleid MOD_BOOTLOADER_VERIFY @@ -156,11 +178,7 @@ namespace Bootloader{ } - BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_SUCCESS); - } - else - { - BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_SKIP); + BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_SUCCESS); } #endif } @@ -260,10 +278,11 @@ namespace Bootloader{ verifyContainer(l_src_addr, &l_hwKeyHash); // Increment past secure header -#ifdef CONFIG_SECUREBOOT - l_src_addr += PAGE_SIZE/sizeof(uint64_t); - l_hbbLength -= PAGE_SIZE; -#endif + if (isSecureSection(PNOR::HB_BASE_CODE)) + { + l_src_addr += PAGE_SIZE/sizeof(uint64_t); + l_hbbLength -= PAGE_SIZE; + } // Copy HBB image into address where it executes for(uint32_t i = 0; diff --git a/src/bootloader/makefile b/src/bootloader/makefile index 598236b79..ee1688774 100644 --- a/src/bootloader/makefile +++ b/src/bootloader/makefile @@ -5,7 +5,7 @@ # # OpenPOWER HostBoot Project # -# Contributors Listed Below - COPYRIGHT 2015,2016 +# Contributors Listed Below - COPYRIGHT 2015,2017 # [+] International Business Machines Corp. # # @@ -30,6 +30,8 @@ EXTRAINCDIR += ${ROOTPATH}/src/include/usr/ EXTRAINCDIR += ${ROOTPATH}/src/include/usr/pnor/ EXTRAINCDIR += ${ROOTPATH}/src/include/usr/lpc/ +COMMONFLAGS += -DBOOTLOADER + OBJS += bl_start.o OBJS += bootloader.o OBJS += bl_pnorAccess.o -- cgit v1.2.3