summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephen Cprek <smcprek@us.ibm.com>2017-02-06 12:31:42 -0600
committerDaniel M. Crowell <dcrowell@us.ibm.com>2017-03-01 14:04:03 -0500
commitf0d7c809d23c2cf44c0be0ff594c14aff22d6f04 (patch)
treebbb67150e4e1d2a6309c4bed69ab70473d02e7ce
parentd3d4ae7c89e6b35fffa8857170762992dc3c6538 (diff)
downloadtalos-hostboot-f0d7c809d23c2cf44c0be0ff594c14aff22d6f04.tar.gz
talos-hostboot-f0d7c809d23c2cf44c0be0ff594c14aff22d6f04.zip
Add SecureROM version info and Change SBE update to use max HBBL size
The HBBL also contains the securerom code and hw keys' hash for verification purposes. So looking for the end of the HBBL code leaves out those sections Change-Id: I73a1b5c50e3a5b3f642ca569b90e79dbe4c4ba1e Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35979 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Martin Gloff <mgloff@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat
-rw-r--r--src/bootloader/bl_start.S6
-rw-r--r--src/bootloader/bootloader.C77
-rw-r--r--src/bootloader/makefile4
-rw-r--r--src/build/debug/Hostboot/BlTrace.pm9
-rwxr-xr-xsrc/build/mkrules/hbfw/img/makefile10
-rw-r--r--src/include/array3
-rw-r--r--src/include/bootloader/bootloader.H7
-rw-r--r--src/include/bootloader/bootloader_trace.H25
-rw-r--r--src/include/bootloader/bootloaderif.H35
-rw-r--r--src/include/securerom/ROM.H56
-rw-r--r--src/include/usr/sbe/sbeif.H15
-rw-r--r--src/include/usr/sbe/sbereasoncodes.H2
-rw-r--r--src/makefile2
-rw-r--r--src/securerom.ld3
-rw-r--r--src/securerom/makefile2
-rw-r--r--src/securerom/secureromasm.S (renamed from src/securerom/branchtable.S)45
-rw-r--r--src/usr/pnor/pnor_utils.C27
-rw-r--r--src/usr/sbe/sbe_update.C143
-rw-r--r--src/usr/sbe/sbe_update.H6
-rw-r--r--src/usr/sbe/test/sbeupdatetest.H48
20 files changed, 240 insertions, 285 deletions
diff --git a/src/bootloader/bl_start.S b/src/bootloader/bl_start.S
index 99843a1eb..4af665523 100644
--- a/src/bootloader/bl_start.S
+++ b/src/bootloader/bl_start.S
@@ -31,7 +31,6 @@
.set SBE_HB_PNORSIZEMB, sbe_hb_structures+6 ;// uint16_t
.set SBE_HB_BLLOADSIZE, sbe_hb_structures+8 ;// uint64_t
.set HBBL_BASE_ADDRESS, base_load_address
-.set HBBL_END_EYECATCHER, 0x4842424C656E6400 ;// 'HBBLend.'
.set HBBL_END_ADDRESS, end_load_address
.set HBBL_system_reset, 0x100
.set HBBL_machine_check, 0x200
@@ -423,11 +422,6 @@ bootloader_hbbSection:
hbi_ImageId:
.space 128
- .balign 16
-.global bootloader_end_eyecatcher
-bootloader_end_eyecatcher:
- .quad HBBL_END_EYECATCHER
-
.global bootloader_end_address
bootloader_end_address:
.quad HBBL_END_ADDRESS
diff --git a/src/bootloader/bootloader.C b/src/bootloader/bootloader.C
index e1386189d..4d764cd04 100644
--- a/src/bootloader/bootloader.C
+++ b/src/bootloader/bootloader.C
@@ -69,7 +69,6 @@ namespace Bootloader{
sizeof(sha2_hash_t));
}
- // @TODO RTC:167740 remove magic number check once fsp/op signs HBB
/**
* @brief Memcmp a vaddr to the known secureboot magic number
*
@@ -97,24 +96,48 @@ namespace Bootloader{
const sha2_hash_t* i_hwKeyHash)
{
#ifdef CONFIG_SECUREBOOT
- // @TODO RTC:167740 remove magic number check once fsp/op signs HBB
- if (cmpSecurebootMagicNumber(reinterpret_cast<const uint8_t*>
- (i_pContainer)))
+ BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_START);
+
+ uint64_t l_rc = 0;
+
+ // @TODO RTC:166848 Move find/get secure rom logic out of ROM verify
+ // Find secure ROM addr
+ // Get starting address of ROM size and code which is the next 8 byte
+ // aligned address after the bootloader end.
+ // [hbbl][pad:8:if-applicable][securerom-size:8][securerom]
+ const void* l_pBootloaderEnd = &bootloader_end_address;
+ uint64_t l_bootloaderSize = 0;
+ memcpy (&l_bootloaderSize, l_pBootloaderEnd, sizeof(l_bootloaderSize));
+ uint64_t l_rom_startAddr = getHRMOR() + ALIGN_8(l_bootloaderSize);
+ // Get Rom Size
+ // @TODO RTC:166848 Store size so hb can use
+ uint64_t l_secureRomSize = 0;
+ memcpy (&l_secureRomSize, reinterpret_cast<void*>(l_rom_startAddr),
+ sizeof(l_secureRomSize));
+ l_rom_startAddr += sizeof(l_secureRomSize);
+
+ // Beginning of SecureROM has a info structure
+ // Get Secure ROM info
+ const auto l_pSecRomInfo = reinterpret_cast<SecureRomInfo*>(
+ l_rom_startAddr);
+
+ // # @TODO RTC:170136 terminate in this case
+ // Ensure SecureRom is actually present
+ if ( !secureRomInfoValid(l_pSecRomInfo) )
+ {
+ BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_NO_EYECATCH);
+ }
+ // # @TODO RTC:170136 terminate in this case
+ else if ( !cmpSecurebootMagicNumber(reinterpret_cast<const uint8_t*>
+ (i_pContainer)))
+ {
+ BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_NO_MAGIC_NUM);
+ }
+ else
{
- BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_START);
-
- uint64_t l_rc = 0;
-
- const void * l_pBootloaderEnd = &bootloader_end_address;
-
- // Get starting address of ROM code which is the next 8 byte aligned
- // address after the bootloader end.
- uint64_t l_size = 0;
- memcpy (&l_size, l_pBootloaderEnd, sizeof(l_size));
- uint64_t l_rom_startAddr = getHRMOR() + ALIGN_8(l_size);
-
// Set startAddr to ROM_verify() function at an offset of Secure ROM
uint64_t l_rom_verify_startAddr = l_rom_startAddr
+ + l_pSecRomInfo->branchtableOffset
+ ROM_VERIFY_FUNCTION_OFFSET;
// Declare local input struct
@@ -128,18 +151,17 @@ namespace Bootloader{
// Use current hw hash key
memcpy (&l_hw_parms.hw_key_hash, i_hwKeyHash, sizeof(sha2_hash_t));
- const ROM_container_raw* l_container =
- reinterpret_cast<const ROM_container_raw*>(i_pContainer);
+ const auto l_container = reinterpret_cast<const ROM_container_raw*>
+ (i_pContainer);
l_rc = call_rom_verify(reinterpret_cast<void*>
(l_rom_verify_startAddr),
l_container,
&l_hw_parms);
-
if (l_rc != 0)
{
// Verification of Container failed.
- BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_FAIL);
+ BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_FAIL);
/*@
* @errortype
* @moduleid MOD_BOOTLOADER_VERIFY
@@ -156,11 +178,7 @@ namespace Bootloader{
}
- BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_SUCCESS);
- }
- else
- {
- BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_HBB_SKIP);
+ BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_SUCCESS);
}
#endif
}
@@ -260,10 +278,11 @@ namespace Bootloader{
verifyContainer(l_src_addr, &l_hwKeyHash);
// Increment past secure header
-#ifdef CONFIG_SECUREBOOT
- l_src_addr += PAGE_SIZE/sizeof(uint64_t);
- l_hbbLength -= PAGE_SIZE;
-#endif
+ if (isSecureSection(PNOR::HB_BASE_CODE))
+ {
+ l_src_addr += PAGE_SIZE/sizeof(uint64_t);
+ l_hbbLength -= PAGE_SIZE;
+ }
// Copy HBB image into address where it executes
for(uint32_t i = 0;
diff --git a/src/bootloader/makefile b/src/bootloader/makefile
index 598236b79..ee1688774 100644
--- a/src/bootloader/makefile
+++ b/src/bootloader/makefile
@@ -5,7 +5,7 @@
#
# OpenPOWER HostBoot Project
#
-# Contributors Listed Below - COPYRIGHT 2015,2016
+# Contributors Listed Below - COPYRIGHT 2015,2017
# [+] International Business Machines Corp.
#
#
@@ -30,6 +30,8 @@ EXTRAINCDIR += ${ROOTPATH}/src/include/usr/
EXTRAINCDIR += ${ROOTPATH}/src/include/usr/pnor/
EXTRAINCDIR += ${ROOTPATH}/src/include/usr/lpc/
+COMMONFLAGS += -DBOOTLOADER
+
OBJS += bl_start.o
OBJS += bootloader.o
OBJS += bl_pnorAccess.o
diff --git a/src/build/debug/Hostboot/BlTrace.pm b/src/build/debug/Hostboot/BlTrace.pm
index 5ce06d13c..12c9873cc 100644
--- a/src/build/debug/Hostboot/BlTrace.pm
+++ b/src/build/debug/Hostboot/BlTrace.pm
@@ -34,11 +34,12 @@ my %traceText = (
"11" => "Main getHBBSection returned",
"12" => "Main handleMMIO to working location returned",
"13" => "Main removeECC returned",
+ "14" => "Main verify started",
+ "15" => "Main verify succeeded",
+ "16" => "Main copy HBB to running location done",
+ "17" => "Main verify skip verification - no eyecatch ",
# @TODO RTC:167740 remove magic number check once fsp/op signs HBB
- "14" => "main verifyBaseImage skip verification - no magic number ",
- "15" => "main verifyBaseImage started",
- "16" => "main verifyBaseImage succeeded",
- "17" => "Main copy HBB to running location done",
+ "18" => "Main verify skip verification - no magic number ",
"20" => "HandleMMIO started",
"21" => "HandleMMIO started using BYTESIZE",
"24" => "HandleMMIO started using WORDSIZE",
diff --git a/src/build/mkrules/hbfw/img/makefile b/src/build/mkrules/hbfw/img/makefile
index 037e3592e..ac2a6b2af 100755
--- a/src/build/mkrules/hbfw/img/makefile
+++ b/src/build/mkrules/hbfw/img/makefile
@@ -95,9 +95,6 @@ FINAL_OUTPUT_IMAGES = ${HBBL_FINAL_IMG} ${HBB_FINAL_IMG} ${HBI_FINAL_IMG} \
${PAYLOAD_FINAL_IMG} ${RINGOVD_FINAL_IMG} ${SBKT_FINAL_IMG} \
${WOFDATA_FINAL_IMG}
-# Temp images
-HB_TEMP_IMG = hb_temp.bin
-
# Aggregate
ALL_DEFAULT_IMAGES = ${DEFAULT_INPUT_IMAGES} ${FINAL_OUTPUT_IMAGES}
@@ -138,10 +135,15 @@ gen_default_images: cp_hbfiles
# Remove offset from start of Bootloader image for HBBL partition
# Actual code is offset from HRMOR by 12k = 12 1k-blocks (space
# reserved for exception vectors)
+ # Note: ibs=8 conv=sync to ensure this ends at an 8byte boundary for the
+ # securerom code to start at.
dd if=${BOOTLDR_IMG} of=${HBBL_IMG} ibs=8 skip=1536 conv=sync
- # Append Hostboot securerom code to the HBBL section
+ # Append Hostboot securerom code size to HBBL
+ du -b ${HB_SECROM_IMG} | cut -f1 | xargs printf "%016x" | sed 's/.\{2\}/\\\\x&/g' | xargs echo -n -e >> ${HBBL_IMG}
+ # Append Hostboot securerom code after its size
cat ${HB_SECROM_IMG} >> ${HBBL_IMG}
+ # result [hbbl][pad:8:if-applicable][securerom-size:8][securerom]
# Call script to generate final bin files for default images
${GEN_PNOR_IMAGE_SCRIPT} ${DEFAULT_PARAMS}
diff --git a/src/include/array b/src/include/array
index 59c313046..76b1371c8 100644
--- a/src/include/array
+++ b/src/include/array
@@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
-/* Contributors Listed Below - COPYRIGHT 2016 */
+/* Contributors Listed Below - COPYRIGHT 2016,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
@@ -36,6 +36,7 @@
#define __STDC_LIMIT_MACROS
#endif
#include <stdint.h>
+#include <algorithm>
namespace std
{
diff --git a/src/include/bootloader/bootloader.H b/src/include/bootloader/bootloader.H
index ac10628fb..102d23a77 100644
--- a/src/include/bootloader/bootloader.H
+++ b/src/include/bootloader/bootloader.H
@@ -38,6 +38,7 @@
#include <common/ffs_hb.H>
#include <kernel/terminate.H>
#include <kernel/hbterminatetypes.H>
+#include <bootloader/bootloaderif.H>
extern "C" void task_end_stub();
extern "C" void enterHBB(uint64_t i_hbb_hrmor, uint64_t i_hbb_offset);
@@ -166,15 +167,11 @@ namespace Bootloader{
* HBB is copied to its running location and its execution is started.
*/
- /** Max size of HBBL without ECC. Must match PNOR layout for eyeCatch HBBL*/
-#define MAX_HBBL_SIZE (20 * KILOBYTE)
- /** Size of exception vector reserved space at start of the HBBL section*/
-#define HBBL_EXCEPTION_VECTOR_SIZE (12 * KILOBYTE)
/** HW Keys hash is placed in the last 64 bytes of the HBBL */
#define HW_KEYS_HASH_ADDR (getHRMOR() + HBBL_EXCEPTION_VECTOR_SIZE \
+ MAX_HBBL_SIZE - 64)
/** Location of working copy of HBB with ECC */
-#define HBB_ECC_WORKING_ADDR (getHRMOR() - ( 1*MEGABYTE))
+#define HBB_ECC_WORKING_ADDR (getHRMOR() + ( 1*MEGABYTE))
/** Location of working copy of HBB without ECC */
#define HBB_WORKING_ADDR (getHRMOR() - ( 1*MEGABYTE))
diff --git a/src/include/bootloader/bootloader_trace.H b/src/include/bootloader/bootloader_trace.H
index 93b937308..980f90881 100644
--- a/src/include/bootloader/bootloader_trace.H
+++ b/src/include/bootloader/bootloader_trace.H
@@ -60,18 +60,21 @@ enum BootloaderTraces
/** Bootloader main removeECC returned */
BTLDR_TRC_MAIN_REMOVEECC_RTN = 0x13,
- // @TODO RTC:167740 remove magic number check once fsp/op signs HBB
- /** Bootloader main verifyBaseImage skip verification - no magic number */
- BTLDR_TRC_MAIN_VERIFY_HBB_SKIP = 0x14,
-
- /** Bootloader main verifyBaseImage started */
- BTLDR_TRC_MAIN_VERIFY_HBB_START = 0x15,
+ /** Bootloader main verifyContainer started */
+ BTLDR_TRC_MAIN_VERIFY_START = 0x14,
- /** Bootloader main verifyBaseImage succeeded */
- BTLDR_TRC_MAIN_VERIFY_HBB_SUCCESS = 0x16,
+ /** Bootloader main verifyContainer succeeded */
+ BTLDR_TRC_MAIN_VERIFY_SUCCESS = 0x15,
/** Bootloader main copy HBB to running location done */
- BTLDR_TRC_MAIN_COPY_HBB_DONE = 0x17,
+ BTLDR_TRC_MAIN_COPY_HBB_DONE = 0x16,
+
+ /** Bootloader main verifyContainer skip verification - no eyecatch */
+ BTLDR_TRC_MAIN_VERIFY_NO_EYECATCH = 0x17,
+
+ // @TODO RTC:167740 remove magic number check once fsp/op signs HBB
+ /** Bootloader main verifyContainer skip verification - no magic number */
+ BTLDR_TRC_MAIN_VERIFY_NO_MAGIC_NUM = 0x18,
/** Bootloader handleMMIO started */
BTLDR_TRC_HANDLEMMIO_START = 0x20,
@@ -169,8 +172,8 @@ enum BootloaderTraces
/** Bootloader PNOR Access getHBBSection findTOC no HBB section */
BTLDR_TRC_PA_GETHBBSECTION_FINDTOC_NOHBB = 0xFA,
- /** Bootloader main verifyBaseImage failed */
- BTLDR_TRC_MAIN_VERIFY_HBB_FAIL = 0xFB,
+ /** Bootloader main verifyContainer failed */
+ BTLDR_TRC_MAIN_VERIFY_FAIL = 0xFB,
};
#ifndef BOOTLOADER_TRACE
diff --git a/src/include/bootloader/bootloaderif.H b/src/include/bootloader/bootloaderif.H
new file mode 100644
index 000000000..beffe7c0f
--- /dev/null
+++ b/src/include/bootloader/bootloaderif.H
@@ -0,0 +1,35 @@
+/* IBM_PROLOG_BEGIN_TAG */
+/* This is an automatically generated prolog. */
+/* */
+/* $Source: src/include/bootloader/bootloaderif.H $ */
+/* */
+/* OpenPOWER HostBoot Project */
+/* */
+/* Contributors Listed Below - COPYRIGHT 2017 */
+/* [+] International Business Machines Corp. */
+/* */
+/* */
+/* Licensed under the Apache License, Version 2.0 (the "License"); */
+/* you may not use this file except in compliance with the License. */
+/* You may obtain a copy of the License at */
+/* */
+/* http://www.apache.org/licenses/LICENSE-2.0 */
+/* */
+/* Unless required by applicable law or agreed to in writing, software */
+/* distributed under the License is distributed on an "AS IS" BASIS, */
+/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */
+/* implied. See the License for the specific language governing */
+/* permissions and limitations under the License. */
+/* */
+/* IBM_PROLOG_END_TAG */
+#ifndef __BOOT_LOADERIF_H
+#define __BOOT_LOADERIF_H
+
+// Max size of HBBL without ECC. Must match PNOR layout for eyeCatch HBBL
+// Must be aligned CACHELINE_SIZE of 128 bytes
+#define MAX_HBBL_SIZE (20 * KILOBYTE)
+
+// Size of exception vector reserved space at start of the HBBL section
+#define HBBL_EXCEPTION_VECTOR_SIZE (12 * KILOBYTE)
+
+#endif \ No newline at end of file
diff --git a/src/include/securerom/ROM.H b/src/include/securerom/ROM.H
index 4a47b2502..9e3d7d4ca 100644
--- a/src/include/securerom/ROM.H
+++ b/src/include/securerom/ROM.H
@@ -29,6 +29,8 @@
#include <securerom/hw_utils.H>
#include <securerom/sha512.H>
#include <securerom/ecverify.H>
+#include <string.h>
+#include <array>
#define CONTAINER_VERSION 1
#define HEADER_VERSION 1
@@ -130,15 +132,65 @@ extern "C" ROM_response ROM_verify (ROM_container_raw* container,
/************************* END OF ORIGINAL ROM CODE ***************************/
-/* Offsets needed to call functions in jump table at start of ROM code.
- See img/securerom.list.bz2 and search for SHA512_Hash and ROM_verify
+/* Offsets relative to branchtable start to call functions in SecureROM code.
+ See img/securerom.list.bz2 and search for SHA512_Hash and ROM_verify, then
+ subtract the branch table offset
E.g.
+ 0000000000000040 <_SHA512_Hash>:
+ 0000000000000050 <_ROM_verify>:
+
+ Search for branchtableoffset
+ 0000000000000010 <branchtableoffset>:
+ 10 00000010: 00 00 00 00 .long 0x0
+ 14 00000014: 00 00 00 28 .long 0x28
+
+ Subtraction (0x28) results in relative offset from branch table start
0000000000000018 <_SHA512_Hash>:
0000000000000028 <_ROM_verify>:
+
+ Note: If the SecureRomInfo change size, these will be affected.
+ See src/securerom/secureromasm.S for more info.
*/
#define SHA512_HASH_FUNCTION_OFFSET 0x18
#define ROM_VERIFY_FUNCTION_OFFSET 0x28
+// Version info at SECUREROM_VERSION_STRUCTURE_OFFSET
+// - [8 bytes] - eyeCatch
+// - [8 bytes] - version
+// - [8 bytes] - branchtable offset
+// - [16 bytes] - reserved
+struct SecureRomInfo
+{
+ uint64_t eyeCatch;
+ uint64_t version;
+ uint64_t branchtableOffset;
+ std::array<uint64_t,2> reserved;
+}__attribute__((packed));
+
+// Expected securerom eye catch
+const uint64_t SECROM_EYECATCHER = 0x23534543524F4D00; // #SECROM\0
+
+// Used for version checking as the SecureRomInfo structure changes
+enum SecureRomInfoVersion
+{
+ // [release:4][version:4]
+ SECUREROM_INFO_ADDED = 0x0000000900000001
+};
+
+/**
+ * @brief Checks if secureROM is valid by checking the eyeCatch and version
+ *
+ * @param[in] SecureRomInfo* Pointer to SecureRomInfo - Must not be NULL
+ *
+ * @return bool true if valid; false otherwise
+ */
+inline bool secureRomInfoValid (const SecureRomInfo * i_secureRomInfo)
+{
+ // Ensure EyeCatch and Version are valid
+ return (i_secureRomInfo->eyeCatch == SECROM_EYECATCHER) &&
+ (i_secureRomInfo->version >= SECUREROM_INFO_ADDED);
+}
+
// Need this for the following definition
#ifdef __cplusplus
extern "C"
diff --git a/src/include/usr/sbe/sbeif.H b/src/include/usr/sbe/sbeif.H
index 67937b9b4..be7924869 100644
--- a/src/include/usr/sbe/sbeif.H
+++ b/src/include/usr/sbe/sbeif.H
@@ -60,21 +60,6 @@ namespace SBE
sbe_image_version_t* o_version = NULL);
/**
- * @brief Gets a pointer to the HBBL image in PNOR
- *
- * @param[out] o_imgPtr Pointer to HBBL Image mapped in PNOR
- * Note: Pointer moved past any header(s)
- *
- * @param[out] o_imgSize Size of the HBBL Image in PNOR
- * Note: Size does not include any header(s)
- *
- * @return errlHndl_t Error log handle on failure.
- */
- errlHndl_t findHBBLInPnor(void*& o_imgPtr,
- size_t& o_imgSize);
-
-
- /**
* @brief Iterates through all the functional processors and updates
* the SBE Image in a SEEPROM, if necessary.
*
diff --git a/src/include/usr/sbe/sbereasoncodes.H b/src/include/usr/sbe/sbereasoncodes.H
index 8126060e4..611c0153e 100644
--- a/src/include/usr/sbe/sbereasoncodes.H
+++ b/src/include/usr/sbe/sbereasoncodes.H
@@ -60,7 +60,6 @@ enum sbeModuleId
SBE_READ_SBE_IMAGE = 0x0F,
SBE_WRITE_SBE_IMAGE = 0x10,
SBE_GET_SBE_IMAGE_SIZE = 0x11,
- HBBL_FIND_IN_PNOR = 0x12,
SBE_APPEND_HBBL = 0x13,
};
@@ -101,7 +100,6 @@ enum sbeReasonCode
SBE_MASTER_VERSION_DOWNLEVEL = SBE_COMP_ID | 0x15,
SBE_IMAGE_GET_SET_SCALAR_FAIL = SBE_COMP_ID | 0x16,
- HBBL_END_DATA_NOT_FOUND = SBE_COMP_ID | 0x17,
ERROR_FROM_XIP_DELETE = SBE_COMP_ID | 0x18,
ERROR_FROM_XIP_FIND = SBE_COMP_ID | 0x19,
diff --git a/src/makefile b/src/makefile
index 6d1b1246d..6a1040291 100644
--- a/src/makefile
+++ b/src/makefile
@@ -75,13 +75,13 @@ BOOTLDR_OBJECTS += forceattn_p8.o
BOOTLDR_OBJECTS += string_utils.o
BOOTLDR_OBJECTS += rom_entry.o
-SECUREROM_OBJECTS += branchtable.o
SECUREROM_OBJECTS += ROM.o
SECUREROM_OBJECTS += ecverify.o
SECUREROM_OBJECTS += hw_utils.o
SECUREROM_OBJECTS += sha512.o
SECUREROM_OBJECTS += string_utils.o
SECUREROM_OBJECTS += rom_entry.o
+SECUREROM_OBJECTS += secureromasm.o
DIRECT_BOOT_OBJECTS += start.o
DIRECT_BOOT_OBJECTS += kernel.o
diff --git a/src/securerom.ld b/src/securerom.ld
index 4159440a6..c0d357885 100644
--- a/src/securerom.ld
+++ b/src/securerom.ld
@@ -25,7 +25,8 @@
SECTIONS {
.text : {
- *(.branchtable)
+ *(.text.securerominfo)
+ *(.text.branchtable)
*(.text)
*(.text._*)
*(.text.*)
diff --git a/src/securerom/makefile b/src/securerom/makefile
index bd769aa6d..9c9f42017 100644
--- a/src/securerom/makefile
+++ b/src/securerom/makefile
@@ -38,12 +38,12 @@ LDFLAGS += -N
ASMFLAGS += -D__ASSEMBLER__
-OBJS += branchtable.o
OBJS += ROM.o
OBJS += sha512.o
OBJS += ecverify.o
OBJS += hw_utils.o
OBJS += rom_entry.o
+OBJS += secureromasm.o
OPT_LEVEL = -Os
diff --git a/src/securerom/branchtable.S b/src/securerom/secureromasm.S
index 86a1f92a8..12f174906 100644
--- a/src/securerom/branchtable.S
+++ b/src/securerom/secureromasm.S
@@ -1,11 +1,11 @@
# IBM_PROLOG_BEGIN_TAG
# This is an automatically generated prolog.
#
-# $Source: src/securerom/branchtable.S $
+# $Source: src/securerom/secureromasm.S $
#
# OpenPOWER HostBoot Project
#
-# Contributors Listed Below - COPYRIGHT 2016,2017
+# Contributors Listed Below - COPYRIGHT 2017
# [+] International Business Machines Corp.
#
#
@@ -22,14 +22,37 @@
# permissions and limitations under the License.
#
# IBM_PROLOG_END_TAG
+.include "kernel/ppcconsts.S"
+
#****************************************************************************
-#* branch table - a more stable location for software entering rom code
+#* SecureROM info - useful info used by HBBL. Must match ROM.H
#****************************************************************************
+.set SECROM_EYECATCHER, 0x23534543524F4D00 ;// uint64_t '#SECROM.'
+.set SECROM_VERSION, 0x0000000900000001 ;// uint64_t
-.include "kernel/ppcconsts.S"
+# Before the SecureRom code starts there is SecureRomInfo see ROM.H
+# - [8 bytes] - eyeCatch
+# - [8 bytes] - version
+# - [8 bytes] - branchtable offset
+# - [16 bytes] - reserved
+.section .text.securerominfo
+
+eyeCatch:
+ .quad SECROM_EYECATCHER
+
+version:
+ .quad SECROM_VERSION
-branchtable:
- .section ".branchtable","ax"
+branchtableoffset:
+ .quad .text.branchtable
+
+reserved:
+ .zero 16 ;// 'reserve 16 bytes'
+
+#****************************************************************************
+#* branch table - a more stable location for software entering rom code
+#****************************************************************************
+.section .text.branchtable
.globl _SHA512_Init
_SHA512_Init:
@@ -66,19 +89,21 @@ _ROM_verify:
springboard:
b boingboing
boingboing:
+ # @TODO RTC:156485 ROM blob will have to change to allow PHyp to use,
+ # unless PHyp directly uses
mfspr r2, CFAR ;// get address of springboard
- addi r2, r2, _SHA512_Init-springboard ;// base address
+ addi r2, r2, .text.securerominfo-springboard ;// base address
add r0, r0, r2 ;// calculate entry relative
addi r2, r2, 0x4000 ;//TOC+0x8000 part 1
addi r2, r2, (__toc_start+0x4000)@l ;//TOC+0x8000 part 2
mtctr r0
bctr ;// jump
-# could put other assembly ocde routines here to conserver ROM space
+# could put other assembly code routines here to conserve ROM space
# including the sreset routine
-# need to align on securerombase+0x100 !!!
- .org .branchtable+0x100
+# need to align on branchtablebase+0x100 !!!
+ .org .text.branchtable+0x100
.globl _rom_sreset
_rom_sreset:
li r0, rom_sreset@l
diff --git a/src/usr/pnor/pnor_utils.C b/src/usr/pnor/pnor_utils.C
index 1890499bc..5af2993cb 100644
--- a/src/usr/pnor/pnor_utils.C
+++ b/src/usr/pnor/pnor_utils.C
@@ -361,19 +361,22 @@ void PNOR::parseEntries (ffs_hdr* i_ffs_hdr,
bool PNOR::isSecureSection(const uint32_t i_section)
{
-// TODO securebootp9 uncomment these sections as they become ready for
-// inclusion in p9. Remove this comment after the last one.
#ifdef CONFIG_SECUREBOOT
- return i_section == HB_BASE_CODE;
-// return i_section == HB_EXT_CODE ||
-// i_section == HB_DATA ||
-// i_section == SBE_IPL ||
-// i_section == CENTAUR_SBE ||
-// i_section == PAYLOAD ||
-// i_section == SBKT ||
-// i_section == OCC ||
-// i_section == HB_RUNTIME;
- return false;
+ #ifdef BOOTLOADER
+ return i_section == HB_BASE_CODE;
+ // TODO securebootp9 uncomment these sections as they become ready for
+ // inclusion in p9. Remove this comment after the last one.
+ #else
+ // return i_section == HB_EXT_CODE ||
+ // i_section == HB_DATA ||
+ // i_section == SBE_IPL ||
+ // i_section == CENTAUR_SBE ||
+ // i_section == PAYLOAD ||
+ // i_section == SBKT ||
+ // i_section == OCC ||
+ // i_section == HB_RUNTIME;
+ return false;
+ #endif
#else
return false;
#endif
diff --git a/src/usr/sbe/sbe_update.C b/src/usr/sbe/sbe_update.C
index 95dc2bc87..199379d44 100644
--- a/src/usr/sbe/sbe_update.C
+++ b/src/usr/sbe/sbe_update.C
@@ -71,6 +71,7 @@
#include <p9_perv_scom_addresses.H>
#include <initservice/mboxRegs.H>
+#include <bootloader/bootloaderif.H>
// ----------------------------------------------
@@ -737,104 +738,6 @@ namespace SBE
return err;
}
-
-/////////////////////////////////////////////////////////////////////
- errlHndl_t findHBBLInPnor(void*& o_imgPtr,
- size_t& o_imgSize)
- {
- errlHndl_t err = NULL;
- PNOR::SectionInfo_t pnorInfo;
- hbblEndData_t* hbblEndData = NULL;
- PNOR::SectionId pnorSectionId = PNOR::HB_BOOTLOADER;
-
- o_imgPtr = NULL;
- o_imgSize = 0;
-
- TRACDCOMP( g_trac_sbe,
- ENTER_MRK"findHBBLInPnor()" );
-
- do{
- // Get SBE PNOR section info from PNOR RP
- err = getSectionInfo( pnorSectionId,
- pnorInfo );
-
- if(err)
- {
- TRACFCOMP( g_trac_sbe, ERR_MRK"findHBBLInPnor: Error calling "
- "getSectionInfo() rc=0x%.4X",
- err->reasonCode() );
- break;
- }
-
- TRACUCOMP( g_trac_sbe,
- INFO_MRK"findHBBLInPnor: sectionId=0x%X. "
- "pnor vaddr = 0x%.16X",
- pnorSectionId, pnorInfo.vaddr);
-
- // Look for HBBL end data on 16-byte boundary start at offset
- // HBBL_FUZZY_END_ADDRESS
- // Note: Code takes up at least the first HBBL_FUZZY_END_ADDRESS
- // bytes of the HBBL image, so start at that offset to search
- // for this data.
- uint64_t hbblAbsoluteEnd = pnorInfo.vaddr + pnorInfo.size;
- uint64_t hbblAddr = pnorInfo.vaddr + HBBL_FUZZY_END_ADDRESS;
- while( hbblAddr < hbblAbsoluteEnd )
- {
- hbblEndData = reinterpret_cast<hbblEndData_t*>(hbblAddr);
-
- if( HBBL_END_EYECATCHER == hbblEndData->eyecatcher )
- {
- TRACUCOMP( g_trac_sbe,
- INFO_MRK"findHBBLInPnor: hbblEndData = %p, "
- "hbblEndData.address = 0x%.16X",
- hbblEndData, hbblEndData->address);
- break;
- }
-
- hbblAddr += sizeof(hbblEndData_t);
- }
-
- if( hbblAddr >= hbblAbsoluteEnd )
- {
- //The HBBL partition does not have the HBBL end data
- TRACFCOMP( g_trac_sbe, ERR_MRK"findHBBLInPnor: HBBL partition "
- "does not have the HBBL end data" );
-
- /*@
- * @errortype
- * @moduleid HBBL_FIND_IN_PNOR
- * @reasoncode HBBL_END_DATA_NOT_FOUND
- * @userdata1 HBBL PNOR Section Address
- * @userdata2 HBBL PNOR Section Size
- * @devdesc HBBL partition did not have end data
- * @custdesc A problem occurred while updating processor
- * boot code.
- */
- err = new ErrlEntry(ERRL_SEV_UNRECOVERABLE,
- HBBL_FIND_IN_PNOR,
- HBBL_END_DATA_NOT_FOUND,
- pnorInfo.vaddr,
- pnorInfo.size);
- err->collectTrace(SBE_COMP_NAME);
- err->addProcedureCallout( HWAS::EPUB_PRC_SP_CODE,
- HWAS::SRCI_PRIORITY_HIGH );
-
- break;
- }
-
- o_imgPtr = reinterpret_cast<void*>( pnorInfo.vaddr );
- o_imgSize = hbblEndData->address - HBBL_START_ADDRESS;
-
- }while(0);
-
- TRACDCOMP( g_trac_sbe,
- EXIT_MRK"findHBBLInPnor(): o_imgPtr=%p, o_imgSize=0x%X",
- o_imgPtr, o_imgSize );
-
- return err;
- }
-
-
/////////////////////////////////////////////////////////////////////
errlHndl_t appendHbblToSbe(void* i_section,
uint32_t i_section_size,
@@ -1909,43 +1812,31 @@ namespace SBE
/*******************************************/
/* Get PNOR HBBL Information */
/*******************************************/
- void* hbblPnorPtr = NULL;
- size_t hbblPnorImageSize = 0;
- size_t hbblCachelineSize = 0;
-
- err = findHBBLInPnor(hbblPnorPtr,
- hbblPnorImageSize);
+ // Get SBE PNOR section info from PNOR RP
+ PNOR::SectionInfo_t pnorInfo;
+ err = getSectionInfo( PNOR::HB_BOOTLOADER, pnorInfo );
if(err)
{
- TRACFCOMP( g_trac_sbe, ERR_MRK"getSbeInfoState() - "
- "Error getting HBBL Version from PNOR, "
- "RC=0x%X, PLID=0x%lX",
- ERRL_GETRC_SAFE(err),
- ERRL_GETPLID_SAFE(err));
+ TRACFCOMP( g_trac_sbe, ERR_MRK"getSbeInfoState: Error calling "
+ "getSectionInfo() rc=0x%.4X",
+ err->reasonCode() );
break;
}
- else
- {
- TRACFCOMP( g_trac_sbe, "getSbeInfoState() - "
- "hbblPnorPtr=%p, hbblPnorImageSize=0x%08X (%d)",
- hbblPnorPtr, hbblPnorImageSize, hbblPnorImageSize);
- }
-
- hbblCachelineSize = ALIGN_X(hbblPnorImageSize, CACHELINE_SIZE);
-
- TRACUCOMP( g_trac_sbe, "getSbeInfoState() - HBBL: "
- "maxSize=0x%X, actSize=0x%X, cachelineSize=0x%X",
- HBBL_MAX_SIZE, hbblPnorImageSize,
- hbblCachelineSize);
-
+ const void* hbblPnorPtr = reinterpret_cast<const void*>(
+ pnorInfo.vaddr);
+ // Use max hbbl size and not the PNOR size. The PNOR size can grow
+ // to add a secure header, but the code size limit is still 20K.
+ TRACFCOMP( g_trac_sbe, "getSbeInfoState() - "
+ "hbblPnorPtr=%p, hbblMaxSize=0x%08X (%d)",
+ hbblPnorPtr, MAX_HBBL_SIZE, MAX_HBBL_SIZE);
/*******************************************/
/* Append HBBL Image from PNOR to SBE */
/* Image from PNOR */
/*******************************************/
uint32_t sbeHbblImgSize =
- static_cast<uint32_t>(sbePnorImageSize + hbblCachelineSize);
+ static_cast<uint32_t>(sbePnorImageSize + MAX_HBBL_SIZE);
// copy SBE image from PNOR to memory
sbeHbblImgPtr = (void*)SBE_HBBL_IMG_VADDR;
@@ -1953,8 +1844,8 @@ namespace SBE
sbePnorPtr,
sbePnorImageSize);
- err = appendHbblToSbe(hbblPnorPtr, // HBBL Image to append
- hbblCachelineSize, // Size of HBBL Image
+ err = appendHbblToSbe(const_cast<void*>(hbblPnorPtr), // HBBL Image to append
+ MAX_HBBL_SIZE, // Size of HBBL Image
sbeHbblImgPtr, // SBE, HBBL Image
sbeHbblImgSize); // Available/used
diff --git a/src/usr/sbe/sbe_update.H b/src/usr/sbe/sbe_update.H
index 008252145..ff436f419 100644
--- a/src/usr/sbe/sbe_update.H
+++ b/src/usr/sbe/sbe_update.H
@@ -91,12 +91,6 @@ namespace SBE
const uint64_t NONSECURE_VER_EYECATCH = 0x56455253494F4E00; //'VERSION\0'
const uint32_t SUPPORTED_TOC_VER = 0x00000001;
- // PNOR HBBL Partition constants
- const uint64_t HBBL_START_ADDRESS = 0x0000000000003000;
- const uint64_t HBBL_FUZZY_END_ADDRESS = 0x1400;
- const size_t HBBL_MAX_SIZE = 20*KILOBYTE; // 20KB
- const uint64_t HBBL_END_EYECATCHER = 0x4842424C656E6400; // 'HBBLend\0'
-
// Cacheline Size
const uint64_t CACHELINE_SIZE = 128;
diff --git a/src/usr/sbe/test/sbeupdatetest.H b/src/usr/sbe/test/sbeupdatetest.H
index 7fd5295f6..e9210b102 100644
--- a/src/usr/sbe/test/sbeupdatetest.H
+++ b/src/usr/sbe/test/sbeupdatetest.H
@@ -675,54 +675,6 @@ class SBEUpdateTest: public CxxTest::TestSuite
}
-
- /**
- * @brief This function will test SBE Update's ability
- * to find HBBL images in PNOR
- */
-
- void testFindHBBLInPnor ( void )
- {
- errlHndl_t err = NULL;
- uint64_t fails = 0x0;
- uint64_t total = 0x0;
-
- void* hbblImgPtr = NULL;
- size_t hbblImgSize = 0;
-
- do{
-
- TRACFCOMP( g_trac_sbe,
- ENTER_MRK"testFindHBBLInPnor()" );
-
- total++;
- err = findHBBLInPnor(hbblImgPtr,
- hbblImgSize);
-
- if(err || (hbblImgPtr == NULL) || (hbblImgSize == 0) )
- {
- fails++;
- TRACFCOMP( g_trac_sbe, ERR_MRK"testFindHBBLInPnor() - "
- "failure finding HBBL image, hbblImgPtr=%p, "
- "hbblImgSize=0x%x",
- hbblImgPtr, hbblImgSize );
- TS_FAIL("testFindHBBLInPnor() -failure finding HBBL image!");
- errlCommit( err,
- SBE_COMP_ID );
-
- }
- TRACDBIN(g_trac_sbe, "testFindHBBLInPnor()-Proc PNOR Image",
- hbblImgPtr, 0x80);
-
- TRACFCOMP( g_trac_sbe,
- EXIT_MRK"testFindHBBLInPnor - %d/%d fails",
- fails, total );
-
- }while(0);
-
- }
-
-
/**
* @brief This function will run through the functions used to collect
* SBE information on a single target, determine if that target
OpenPOWER on IntegriCloud