diff options
author | Stephen Cprek <smcprek@us.ibm.com> | 2017-05-18 13:10:15 -0500 |
---|---|---|
committer | William G. Hoffa <wghoffa@us.ibm.com> | 2017-06-06 00:43:51 -0400 |
commit | d6edfb5f14ce156929ead04874972c5e40f5f19b (patch) | |
tree | 3f0869ed032df47b165d0262c9305d1d93d0169c /src/include | |
parent | 24aed9157a24f7ce3e3cb6570fb69494415a78ec (diff) | |
download | talos-hostboot-d6edfb5f14ce156929ead04874972c5e40f5f19b.tar.gz talos-hostboot-d6edfb5f14ce156929ead04874972c5e40f5f19b.zip |
Create map of SecureROM function types, versions, and offsets
Done to audit different algorithm versions and provide easy
lookup to simplify filling in HDAT
Change-Id: Iee1514efca9deb1af1341c2557c543b2ced81845
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/40776
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
Diffstat (limited to 'src/include')
-rw-r--r-- | src/include/securerom/ROM.H | 38 | ||||
-rw-r--r-- | src/include/usr/secureboot/service.H | 7 |
2 files changed, 45 insertions, 0 deletions
diff --git a/src/include/securerom/ROM.H b/src/include/securerom/ROM.H index 9d928de28..fbfbae3e0 100644 --- a/src/include/securerom/ROM.H +++ b/src/include/securerom/ROM.H @@ -278,5 +278,43 @@ struct sb_flags_t bool hw_key_transition; ///< Indicates this is a key transition container }; +/** + * @brief Type used to specify Secure Boot function types + */ +typedef uint32_t sbFuncType_t; +/** + * @brief Secure Boot function types + */ +enum SB_FUNC_TYPES : sbFuncType_t +{ + SHA512 = 0x0000, + ECDSA521 = 0x0001, + MAX_TYPES, + INVALID = 0xFFFF +}; + +/** + * @brief Type used to specify Secure Boot function type versions + */ +typedef uint32_t sbFuncVer_t; +/** + * @brief Secure Boot function type versions + */ +enum SB_FUNC_VERS : sbFuncVer_t +{ + // All external function definitions extern'd in ROM.H and implemented in + // rom_entry.S + + // SHA512 Hash function definition(s) per version + SHA512_INIT = 0x0001, // void call_rom_SHA512(void*, const sha2_byte *, size_t, sha2_hash_t*); + + // ECDSA521 function definition(s) per version + ECDSA521_INIT = 0x0001, // ROM_response call_rom_verify(void*, const ROM_container_raw*, ROM_hw_params*); +}; + +/** + * @brief Array of current secure rom function types used + */ +extern const std::array<sbFuncType_t, SB_FUNC_TYPES::MAX_TYPES> SecRomFuncTypes; #endif diff --git a/src/include/usr/secureboot/service.H b/src/include/usr/secureboot/service.H index c8c094fdf..8826fe252 100644 --- a/src/include/usr/secureboot/service.H +++ b/src/include/usr/secureboot/service.H @@ -31,6 +31,7 @@ #include <utility> #include <cstdint> #include <securerom/sha512.H> +#include <securerom/ROM.H> typedef uint8_t SHA512_t[SHA512_DIGEST_LENGTH]; @@ -199,6 +200,12 @@ namespace SECUREBOOT TARGETING::Target* i_pProc = TARGETING::MASTER_PROCESSOR_CHIP_TARGET_SENTINEL); + /* Defition in securerommgr.H */ + sbFuncVer_t getSecRomFuncVersion(const sbFuncType_t i_funcType); + + /* Defition in securerommgr.H */ + uint64_t getSecRomFuncOffset(const sbFuncType_t i_funcType); + /** * @brief Verify Signed Container * |