diff options
author | Stephen Cprek <smcprek@us.ibm.com> | 2017-01-03 12:29:49 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-02-01 17:25:56 -0500 |
commit | 2e898b1a6eb2c8322e8b50a206464addecfd6734 (patch) | |
tree | b6b25d58d474d0b874dc58b528ce947f0b8d1358 | |
parent | 51ab7d511392a76f8fc00a98998f73f2dbb5c3a3 (diff) | |
download | talos-hostboot-2e898b1a6eb2c8322e8b50a206464addecfd6734.tar.gz talos-hostboot-2e898b1a6eb2c8322e8b50a206464addecfd6734.zip |
Verify HBB in HBBL using ROM code
Puts ROM code into the HBBL image page aligned after
the end of HBBL
Change-Id: I1a07dd912c07557b2a43dfbadc5394a7d212c841
RTC: 143902
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/34293
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Martin Gloff <mgloff@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
-rw-r--r-- | src/bootloader/bootloader.C | 133 | ||||
-rw-r--r-- | src/build/debug/Hostboot/BlTrace.pm | 25 | ||||
-rw-r--r-- | src/build/mkrules/dist.targets.mk | 11 | ||||
-rwxr-xr-x | src/build/mkrules/hbfw/img/makefile | 13 | ||||
-rw-r--r-- | src/include/bootloader/bootloader_trace.H | 18 | ||||
-rw-r--r-- | src/include/bootloader/hbblreasoncodes.H | 1 | ||||
-rw-r--r-- | src/include/securerom/ROM.H | 6 | ||||
-rw-r--r-- | src/makefile | 3 | ||||
-rw-r--r-- | src/securerom/makefile | 1 | ||||
-rw-r--r-- | src/securerom/rom_entry.S (renamed from src/usr/secureboot/base/rom_entry.S) | 6 | ||||
-rw-r--r-- | src/usr/pnor/pnor_utils.C | 3 | ||||
-rw-r--r-- | src/usr/secureboot/base/makefile | 1 |
12 files changed, 191 insertions, 30 deletions
diff --git a/src/bootloader/bootloader.C b/src/bootloader/bootloader.C index 5c6032524..97805f87e 100644 --- a/src/bootloader/bootloader.C +++ b/src/bootloader/bootloader.C @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2015,2016 */ +/* Contributors Listed Below - COPYRIGHT 2015,2017 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -37,9 +37,17 @@ #include <ecc.H> #include <stdlib.h> +#include <util/align.H> +#include <string.h> +#include <limits.h> + +#include <securerom/ROM.H> +#include <config.h> +#include <secureboot/secure_reasoncodes.H> extern uint64_t kernel_other_thread_spinlock; extern PNOR::SectionData_t bootloader_hbbSection; +extern char bootloader_end_address; namespace Bootloader{ /** @@ -50,13 +58,111 @@ namespace Bootloader{ */ uint8_t *g_blScratchSpace = NULL; - /** Apply Secure Signature Validation function. + // @TODO RTC:166847 - remove tmp_hw_key_hash and use actual hw key hash + const uint64_t tmp_hw_key_hash[] = + { + 0x40d487ff7380ed6a, + 0xd54775d5795fea0d, + 0xe2f541fea9db06b8, + 0x466a42a320e65f75, + 0xb48665460017d907, + 0x515dc2a5f9fc5095, + 0x4d6ee0c9b67d219d, + 0xfb7085351d01d6d1 + }; + + // @TODO RTC:167740 remove magic number check once fsp/op signs HBB + /** + * @brief Memcmp a vaddr to the known secureboot magic number + * + * @param[in] i_vaddr: vaddr of secureboot header to check for magic number + * Note: must point to a buffer of size >= 4 bytes + * + * @return bool - True if the magic number and starting bytes of the vaddr + * match. False otherwise. + */ + bool cmpSecurebootMagicNumber(const uint8_t* i_vaddr) + { + return memcmp(&ROM_MAGIC_NUMBER, i_vaddr, sizeof(ROM_MAGIC_NUMBER))==0; + } + + /** + * @brief Verify Container against system hash keys * - * @note Currently just a stub. + * @param[in] i_pContainer Void pointer to effective address + * of container + * NOTE : no-op if Config Secureboot not enabled. + * + * @return N/A */ - void applySecureSignatureValidation() + void verifyContainer(const void * i_pContainer) { - // (just an empty stub function for now) @TODO RTC:143902 +#ifdef CONFIG_SECUREBOOT + // @TODO RTC:167740 remove magic number check once fsp/op signs HBB + if (cmpSecurebootMagicNumber(reinterpret_cast<const uint8_t*> + (i_pContainer))) + { + BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_START); + + uint64_t l_rc = 0; + + const void * l_pBootloaderEnd = &bootloader_end_address; + + // Get starting address of ROM code which is the next 8 byte aligned + // address after the bootloader end. + uint64_t l_size = 0; + memcpy (&l_size, l_pBootloaderEnd, sizeof(l_size)); + uint64_t l_rom_startAddr = getHRMOR() + ALIGN_8(l_size); + + // Set startAddr to ROM_verify() function at an offset of Secure ROM + uint64_t l_rom_verify_startAddr = l_rom_startAddr + + ROM_VERIFY_FUNCTION_OFFSET; + + // Declare local input struct + ROM_hw_params l_hw_parms; + + // Clear/zero-out the struct since we want 0 ('zero') values for + // struct elements my_ecid, entry_point and log + memset(&l_hw_parms, 0, sizeof(ROM_hw_params)); + + // Use current hw hash key + memcpy (&l_hw_parms.hw_key_hash, &tmp_hw_key_hash, sizeof(sha2_hash_t)); + + const ROM_container_raw* l_container = + reinterpret_cast<const ROM_container_raw*>(i_pContainer); + + l_rc = call_rom_verify(reinterpret_cast<void*> + (l_rom_verify_startAddr), + l_container, + &l_hw_parms); + + if (l_rc != 0) + { + // Verification of Container failed. + BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_FAIL); + /*@ + * @errortype + * @moduleid MOD_BOOTLOADER_VERIFY + * @reasoncode SECUREBOOT::RC_ROM_VERIFY + * @userdata1 ROM return code + * @userdata2 ROM_hw_params log + * @devdesc ROM verification failed + * @custdesc Platform security violation detected + */ + bl_terminate(MOD_BOOTLOADER_VERIFY, + SECUREBOOT::RC_ROM_VERIFY, + l_rc, + l_hw_parms.log); + + } + + BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_SUCCESS); + } + else + { + BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_SKIP); + } +#endif } @@ -88,7 +194,6 @@ namespace Bootloader{ uint8_t l_tocUsed = 0; g_blScratchSpace = reinterpret_cast<uint8_t*>(HBBL_SCRATCH_SPACE_ADDR); - // Get location of HB base code in PNOR from TOC // @TODO RTC:138268 Support multiple sides of PNOR in bootloader bl_pnorAccess::getHBBSection(l_pnorEnd, @@ -139,17 +244,23 @@ namespace Bootloader{ if (rc != PNOR::ECC::UNCORRECTABLE) { - // Apply secure signature validation @TODO RTC:143902 - applySecureSignatureValidation(); - BOOTLOADER_TRACE(BTLDR_TRC_MAIN_APPLYSECSIGVAL_RTN); - - // Copy HBB image into address where it executes uint64_t *l_src_addr = reinterpret_cast<uint64_t*>(HBB_WORKING_ADDR | IGNORE_HRMOR_MASK); + uint64_t *l_dest_addr = reinterpret_cast<uint64_t*>(HBB_RUNNING_ADDR | IGNORE_HRMOR_MASK); + // ROM verification of HBB image + verifyContainer(l_src_addr); + + // Increment past secure header +#ifdef CONFIG_SECUREBOOT + l_src_addr += PAGE_SIZE/sizeof(uint64_t); + l_hbbLength -= PAGE_SIZE; +#endif + + // Copy HBB image into address where it executes for(uint32_t i = 0; i < l_hbbLength / sizeof(uint64_t); i++) diff --git a/src/build/debug/Hostboot/BlTrace.pm b/src/build/debug/Hostboot/BlTrace.pm index aeecf2ec4..ce8e526fd 100644 --- a/src/build/debug/Hostboot/BlTrace.pm +++ b/src/build/debug/Hostboot/BlTrace.pm @@ -5,7 +5,7 @@ # # OpenPOWER HostBoot Project # -# Contributors Listed Below - COPYRIGHT 2016 +# Contributors Listed Below - COPYRIGHT 2016,2017 # [+] International Business Machines Corp. # # @@ -34,8 +34,11 @@ my %traceText = ( "11" => "Main getHBBSection returned", "12" => "Main handleMMIO to working location returned", "13" => "Main removeECC returned", - "14" => "Main applySecureSignatureValidation returned", - "15" => "Main copy HBB to running location done", + # @TODO RTC:167740 remove magic number check once fsp/op signs HBB + "14" => "main verifyBaseImage skip verification - no magic number ", + "15" => "main verifyBaseImage started", + "16" => "main verifyBaseImage succeeded", + "17" => "Main copy HBB to running location done", "20" => "HandleMMIO started", "21" => "HandleMMIO started using BYTESIZE", "24" => "HandleMMIO started using WORDSIZE", @@ -71,6 +74,7 @@ my %traceText = ( "F8" => "Utils parseEntries size extends beyond Flash", "F9" => "PNOR Access getHBBSection findTOC error", "FA" => "PNOR Access getHBBSection findTOC no HBB section", + "FB" => "main verifyBaseImage failed", ); sub formatTrace @@ -97,9 +101,20 @@ sub formatTrace $traceDataRaw .= " "; } - if ($traceText{$traceHexStr} ne "") + if (exists $traceText{$traceHexStr}) { - $traceDataText .= "$traceHexStr $traceText{$traceHexStr}\n"; + if ($traceText{$traceHexStr} ne "") + { + $traceDataText .= "$traceHexStr $traceText{$traceHexStr}\n"; + } + else + { + $traceDataText .= "$traceHexStr NO TRACE TEXT FOUND - check BlTrace.pm\n"; + } + } + else + { + $traceDataText .= "$traceHexStr UNKNOWN HEX FOUND - check BlTrace.pm\n"; } } diff --git a/src/build/mkrules/dist.targets.mk b/src/build/mkrules/dist.targets.mk index 5bae3dd0e..e7a3d99ca 100644 --- a/src/build/mkrules/dist.targets.mk +++ b/src/build/mkrules/dist.targets.mk @@ -5,7 +5,7 @@ # # OpenPOWER HostBoot Project # -# Contributors Listed Below - COPYRIGHT 2013,2016 +# Contributors Listed Below - COPYRIGHT 2013,2017 # [+] International Business Machines Corp. # # @@ -108,6 +108,7 @@ COPY_RENAME_FILES = \ img/makefile:src/build/mkrules/hbfw/img/makefile:fsp \ hbicore.bin:img/hbicore$(UNDERSCORE_TEST).bin:vpo \ img/hostboot_bootloader.bin:img/hbibl.bin:fsp,openpower,vpo \ + img/hostboot_securerom.bin:img/securerom.bin:fsp,openpower,vpo \ img/hostboot.bin:img/hbicore$(UNDERSCORE_TEST).bin:fsp,openpower \ img/hostboot_extended.bin:img/hbicore$(UNDERSCORE_TEST)_extended.bin:fsp,openpower \ img/hostboot_runtime.bin:img/hbirt$(UNDERSCORE_TEST).bin:fsp,openpower \ @@ -120,8 +121,11 @@ COPY_RENAME_FILES = \ hbibl.syms:img/hbibl.syms:tools,vpo,openpower \ hbibl.list.bz2:img/hbibl.list.bz2:tools,vpo,openpower \ hbibl.bin.modinfo:img/hbibl.bin.modinfo:tools,vpo,openpower \ + securerom.syms:img/securerom.syms:tools,vpo,openpower \ + securerom.list.bz2:img/securerom.list.bz2:tools,vpo,openpower \ + securerom.bin.modinfo:img/securerom.bin.modinfo:tools,vpo,openpower \ $(foreach file, $(call ROOTPATH_WILDCARD,src/build/debug/Hostboot/*.pm), \ - Hostboot/$(notdir $(file)):$(file):tools,vpo,openpower) + Hostboot/$(notdir $(file)):$(file):tools,vpo,openpower) # # Symbolic links created in the target. @@ -193,6 +197,9 @@ simics.tar_CONTENTS = \ img/hbibl.syms \ img/hbibl.list.bz2 \ img/hbibl.bin.modinfo \ + img/securerom.syms \ + img/securerom.list.bz2 \ + img/securerom.bin.modinfo \ img/errlparser \ img/isteplist.csv \ img/hbotStringFile \ diff --git a/src/build/mkrules/hbfw/img/makefile b/src/build/mkrules/hbfw/img/makefile index 553b76f2f..9420dfd02 100755 --- a/src/build/mkrules/hbfw/img/makefile +++ b/src/build/mkrules/hbfw/img/makefile @@ -5,7 +5,7 @@ # # OpenPOWER HostBoot Project # -# Contributors Listed Below - COPYRIGHT 2012,2016 +# Contributors Listed Below - COPYRIGHT 2012,2017 # [+] International Business Machines Corp. # # @@ -56,11 +56,12 @@ ENGD_SRCPATH = ${SRCPATH:S/hbfw\/img/engd\/href/g} # Input default images BOOTLDR_IMG = hostboot_bootloader.bin HBBL_IMG = hbbl.bin +HB_SECROM_IMG = hostboot_securerom.bin HBB_IMG = hostboot.bin HBB_ECC_IMG = hostboot.bin.ecc HBI_IMG = hostboot_extended.bin HBRT_IMG = hostboot_runtime.bin -BASE_IMAGES = ${BOOTLDR_IMG} ${HBB_IMG} ${HBI_IMG} ${HBRT_IMG} +BASE_IMAGES = ${BOOTLDR_IMG} ${HB_SECROM_IMG} ${HBB_IMG} ${HBI_IMG} ${HBRT_IMG} # Input fake images HBI_FAKE_IMG = hostboot_extended.bin.fake @@ -92,6 +93,9 @@ FINAL_OUTPUT_IMAGES = ${HBBL_FINAL_IMG} ${HBB_FINAL_IMG} ${HBI_FINAL_IMG} \ ${DJVPD_FINAL_IMG} ${MVPD_FINAL_IMG} ${CVPD_FINAL_IMG} \ ${PAYLOAD_FINAL_IMG} ${RINGOVD_FINAL_IMG} ${SBKT_FINAL_IMG} +# Temp images +HB_TEMP_IMG = hb_temp.bin + # Aggregate ALL_DEFAULT_IMAGES = ${DEFAULT_INPUT_IMAGES} ${FINAL_OUTPUT_IMAGES} @@ -128,7 +132,10 @@ gen_default_images: cp_hbfiles # Remove offset from start of Bootloader image for HBBL partition # Actual code is offset from HRMOR by 12k = 12 1k-blocks (space # reserved for exception vectors) - dd if=${BOOTLDR_IMG} of=${HBBL_IMG} ibs=1k skip=12 conv=sync + dd if=${BOOTLDR_IMG} of=${HBBL_IMG} ibs=8 skip=1536 conv=sync + + # Append Hostboot securerom code to the HBBl section + cat ${HB_SECROM_IMG} >> ${HBBL_IMG} # Call script to generate final bin files for default images ${GEN_PNOR_IMAGE_SCRIPT} ${DEFAULT_PARAMS} diff --git a/src/include/bootloader/bootloader_trace.H b/src/include/bootloader/bootloader_trace.H index 8f8ab8da3..93b937308 100644 --- a/src/include/bootloader/bootloader_trace.H +++ b/src/include/bootloader/bootloader_trace.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2015,2016 */ +/* Contributors Listed Below - COPYRIGHT 2015,2017 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -60,11 +60,18 @@ enum BootloaderTraces /** Bootloader main removeECC returned */ BTLDR_TRC_MAIN_REMOVEECC_RTN = 0x13, - /** Bootloader main applySecureSignatureValidation returned */ - BTLDR_TRC_MAIN_APPLYSECSIGVAL_RTN = 0x14, + // @TODO RTC:167740 remove magic number check once fsp/op signs HBB + /** Bootloader main verifyBaseImage skip verification - no magic number */ + BTLDR_TRC_MAIN_VERIFY_HBB_SKIP = 0x14, + + /** Bootloader main verifyBaseImage started */ + BTLDR_TRC_MAIN_VERIFY_HBB_START = 0x15, + + /** Bootloader main verifyBaseImage succeeded */ + BTLDR_TRC_MAIN_VERIFY_HBB_SUCCESS = 0x16, /** Bootloader main copy HBB to running location done */ - BTLDR_TRC_MAIN_COPY_HBB_DONE = 0x15, + BTLDR_TRC_MAIN_COPY_HBB_DONE = 0x17, /** Bootloader handleMMIO started */ BTLDR_TRC_HANDLEMMIO_START = 0x20, @@ -161,6 +168,9 @@ enum BootloaderTraces /** Bootloader PNOR Access getHBBSection findTOC no HBB section */ BTLDR_TRC_PA_GETHBBSECTION_FINDTOC_NOHBB = 0xFA, + + /** Bootloader main verifyBaseImage failed */ + BTLDR_TRC_MAIN_VERIFY_HBB_FAIL = 0xFB, }; #ifndef BOOTLOADER_TRACE diff --git a/src/include/bootloader/hbblreasoncodes.H b/src/include/bootloader/hbblreasoncodes.H index 10a6ebbf5..2b2ee0010 100644 --- a/src/include/bootloader/hbblreasoncodes.H +++ b/src/include/bootloader/hbblreasoncodes.H @@ -47,6 +47,7 @@ namespace Bootloader MOD_BOOTLOADER_MAIN = 0x02, /**< bootloader.C : main */ MOD_PNORACC_READTOC = 0x03, /**< bl_pnorAccess.C : read TOC */ MOD_PNORACC_GETHBBSECT = 0x04, /**< bl_pnorAccess.C : get HBB sect */ + MOD_BOOTLOADER_VERIFY = 0x05, /**< bootloader.C : verifyContainer */ }; diff --git a/src/include/securerom/ROM.H b/src/include/securerom/ROM.H index b8ace6e71..4a47b2502 100644 --- a/src/include/securerom/ROM.H +++ b/src/include/securerom/ROM.H @@ -154,11 +154,13 @@ extern "C" * * @param[in] void* Address of function offset into Secure ROM * @param[in] ROM_container_raw* Pointer to effective address of container - * @param[in] ROM_hw_params* HW params to pass in. Includes HW keys' hash + * @param[in/out] ROM_hw_params* HW params to pass in (including HW keys' hash) + * Additionally, error information is written to + * the HW params log. * * @return ROM_response ROM_DONE on sucess ROM_FAILURE otherwise */ -ROM_response call_rom_verify(void*, ROM_container_raw*, ROM_hw_params*); +ROM_response call_rom_verify(void*, const ROM_container_raw*, ROM_hw_params*); /** * @brief Call rom SHA512 code diff --git a/src/makefile b/src/makefile index 97374f01b..586c01879 100644 --- a/src/makefile +++ b/src/makefile @@ -72,6 +72,8 @@ BOOTLDR_OBJECTS += bl_pnor_utils.o BOOTLDR_OBJECTS += bl_pnor_ecc.o BOOTLDR_OBJECTS += bl_terminate.o BOOTLDR_OBJECTS += forceattn_p8.o +BOOTLDR_OBJECTS += string_utils.o +BOOTLDR_OBJECTS += rom_entry.o SECUREROM_OBJECTS += branchtable.o SECUREROM_OBJECTS += ROM.o @@ -79,6 +81,7 @@ SECUREROM_OBJECTS += ecverify.o SECUREROM_OBJECTS += hw_utils.o SECUREROM_OBJECTS += sha512.o SECUREROM_OBJECTS += string_utils.o +SECUREROM_OBJECTS += rom_entry.o DIRECT_BOOT_OBJECTS += start.o DIRECT_BOOT_OBJECTS += kernel.o diff --git a/src/securerom/makefile b/src/securerom/makefile index e1c5cc8cf..bd769aa6d 100644 --- a/src/securerom/makefile +++ b/src/securerom/makefile @@ -43,6 +43,7 @@ OBJS += ROM.o OBJS += sha512.o OBJS += ecverify.o OBJS += hw_utils.o +OBJS += rom_entry.o OPT_LEVEL = -Os diff --git a/src/usr/secureboot/base/rom_entry.S b/src/securerom/rom_entry.S index 71f7462bf..cb7b3537c 100644 --- a/src/usr/secureboot/base/rom_entry.S +++ b/src/securerom/rom_entry.S @@ -1,11 +1,13 @@ # IBM_PROLOG_BEGIN_TAG # This is an automatically generated prolog. # -# $Source: src/usr/secureboot/base/rom_entry.S $ +# $Source: src/securerom/rom_entry.S $ # # OpenPOWER HostBoot Project # -# COPYRIGHT International Business Machines Corp. 2013,2014 +# Contributors Listed Below - COPYRIGHT 2013,2017 +# [+] International Business Machines Corp. +# # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/src/usr/pnor/pnor_utils.C b/src/usr/pnor/pnor_utils.C index ee3355347..986ea1bf6 100644 --- a/src/usr/pnor/pnor_utils.C +++ b/src/usr/pnor/pnor_utils.C @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2011,2016 */ +/* Contributors Listed Below - COPYRIGHT 2011,2017 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -363,6 +363,7 @@ bool PNOR::isSecureSection(const uint32_t i_section) // TODO securebootp9 uncomment these sections as they become ready for // inclusion in p9. Remove this comment after the last one. #ifdef CONFIG_SECUREBOOT + return i_section == HB_BASE_CODE; // return i_section == HB_EXT_CODE || // i_section == HB_DATA || // i_section == SBE_IPL || diff --git a/src/usr/secureboot/base/makefile b/src/usr/secureboot/base/makefile index a2de4cdb3..883e48123 100644 --- a/src/usr/secureboot/base/makefile +++ b/src/usr/secureboot/base/makefile @@ -45,6 +45,7 @@ VPATH += ../common EXTRAINCDIR += ${ROOTPATH}/src/usr/secureboot/trusted/base VPATH += ${ROOTPATH}/src/usr/secureboot/trusted/base +VPATH += ${ROOTPATH}/src/securerom CFLAGS += -iquote ../ include ${ROOTPATH}/config.mk |