talos-hostboot/src/usr/secureboot/common, branch master

Secure Boot: Check integrity of dynamically sized secure header copies

2018-03-12T18:20:57+00:00

When reading a secure header, the container header object can overrun a buffer when number of ECIDs or software keys specified is greater than the supported amount. This change implements hard enforcement to ensure that this is no longer possible. Change-Id: Ife9194763f858b37e2de6f12fa01d74da1145df3 CQ: SW419735 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/55088 CI-Ready: Nicholas E. Bofferding Tested-by: Jenkins Server Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Reviewed-by: ILYA SMIRNOV Reviewed-by: Michael Baiocchi Reviewed-by: Marshall J. Wilks Tested-by: FSP CI Jenkins Reviewed-by: William G. Hoffa

Secure Boot: Remove utilmem from verify container fail path

2018-02-07T22:54:50+00:00

When the Hostboot extended image verification fails, it calls FFDC collection routine which invokes UtilMem functionality that is contained in the extended image. This creates a circular loop of dependency that cannot be satisfied. The FFDC collection was fixed to remove use of UtilMem while providing same function Change-Id: Id7a15ae68ec316c5d6d6779143d1409f5333e816 Backport: release-fips910 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/53456 Reviewed-by: ILYA SMIRNOV Tested-by: Jenkins Server Reviewed-by: Michael Baiocchi Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Tested-by: FSP CI Jenkins Reviewed-by: Daniel M. Crowell

Collect better FFDC on ROM verification errors

2018-01-31T16:09:11+00:00

Collect both the UTIL and RUNTIME component traces on a ROM verify failure Added a new Errlog User Details sections "Verify Info" containing the component name, ID(s), measured, and expected hashes Change-Id: I0d0408128e05807bb906be5ee365d56d1416693f CQ:SW413889 Backport:release-fips910 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/52593 Reviewed-by: Michael Baiocchi Reviewed-by: Nicholas E. Bofferding Tested-by: Jenkins Server Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Tested-by: FSP CI Jenkins Reviewed-by: Marshall J. Wilks Reviewed-by: Daniel M. Crowell

Fix incorrect size for entries going into hb resv memory

2017-12-12T22:16:19+00:00

Sections that do not have Secure Headers and need one injected were not passing in the correct size to preverifiedlidmgr. e.g. RINGOVD section or when SB is compiled out Change-Id: I6e8c775a9a1d3f89473c55af6efc8109fb378c99 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/50545 Tested-by: Jenkins Server Tested-by: FSP CI Jenkins Reviewed-by: Nicholas E. Bofferding Reviewed-by: Michael Baiocchi Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Reviewed-by: Daniel M. Crowell

Create a Trusted boot trace component and collect trace on errors

2017-12-05T20:16:08+00:00

Error log trace never included "TRBOOT" trace Change-Id: I0ff99d3d3cc78a7a25c576059d69d1644a2c802d RTC: 181899 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/50077 Tested-by: Jenkins Server Tested-by: Jenkins OP Build CI Tested-by: FSP CI Jenkins Reviewed-by: Michael Baiocchi Reviewed-by: Nicholas E. Bofferding Reviewed-by: Daniel M. Crowell

Handle ContainerHeader asserts more nicely with error logs

2017-12-05T19:37:19+00:00

Change-Id: I2dfd02bd7c7f5b5356cd93ca967482c2d7f79ec1 RTC: 178520 RTC: 181899 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/49966 Tested-by: Jenkins Server Tested-by: Jenkins OP Build CI Tested-by: FSP CI Jenkins Reviewed-by: Michael Baiocchi Reviewed-by: Daniel M. Crowell

Secure Boot: Fix lid load from HB reserved memory issues at runtime

2017-11-19T20:54:51+00:00

- Force all PNOR sections we load from HB rserved memory to be secure Only exception is the RINGOVD section, in which we use a fake header - Add fake header when Secureboot compiled out or a section is never signed as there is no secure header preserved in virtual memory RTC: 171708 RTC: 180063 Change-Id: Ibbbd7be24ee7b199e73451c63b2c2d1f86a2c2d8 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/49020 Tested-by: Jenkins Server Reviewed-by: Nicholas E. Bofferding Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Reviewed-by: Marshall J. Wilks Tested-by: FSP CI Jenkins Reviewed-by: Michael Baiocchi Reviewed-by: Daniel M. Crowell

Support selecting fips or op-build for signing process

2017-11-09T22:50:21+00:00

Adds a new '--build-type' option to genPnorImages.pl to specify either fspbuild or opbuild, which adds the appropriate magic value to the secure header during the signing process. Change-Id: I46a97f88666a5cc925797d3ad0e870a5f5bac89a RTC:163655 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/48930 Tested-by: Jenkins Server Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Tested-by: FSP CI Jenkins Reviewed-by: Stephen M. Cprek Reviewed-by: Michael Baiocchi Reviewed-by: William G. Hoffa

Secure Boot: Support reading component ID from container's SW header

2017-09-21T16:31:26+00:00

- Repurposed container SW header reserved field for component ID - Parse component ID when reading container header - Implement user API to read component ID Change-Id: I005f0e1cb20d4022333d05bfe86d88bf706f60de Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/46173 Tested-by: Jenkins Server Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Tested-by: FSP CI Jenkins Reviewed-by: Michael Baiocchi Reviewed-by: Stephen M. Cprek Reviewed-by: Daniel M. Crowell

Move containerHeader class to secureboot common directory

2017-08-09T17:37:21+00:00

RTC: 175115 Change-Id: Ia12949a63100202895be315cb7febb85df3cda3e Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/44131 Tested-by: Jenkins Server Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Tested-by: FSP CI Jenkins Reviewed-by: Nicholas E. Bofferding Reviewed-by: Michael Baiocchi Reviewed-by: Daniel M. Crowell