diff options
| author | Stephen Cprek <smcprek@us.ibm.com> | 2017-01-27 12:05:45 -0600 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-03-10 13:44:11 -0500 |
| commit | 6f2f153d6b5132a5604ce068be8ac8cf4cb7b14e (patch) | |
| tree | 7d1fb2ddbfdf9b83e235534a6f31600effcc1a32 /src/kernel | |
| parent | 41cfdf72da59cc35815c34698ae201b777ecae7c (diff) | |
| download | talos-hostboot-6f2f153d6b5132a5604ce068be8ac8cf4cb7b14e.tar.gz talos-hostboot-6f2f153d6b5132a5604ce068be8ac8cf4cb7b14e.zip | |
Relocate ROM code after HBBL has been verified
Create Bootloader to hostboot data manager to control how
the shared data is accessed and modified.
Change-Id: I54cb543ed289810ab6afb07d333313f5662bce0e
RTC: 166848
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35617
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Tested-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/kernel')
| -rw-r--r-- | src/kernel/bltohbdatamgr.C | 211 | ||||
| -rw-r--r-- | src/kernel/kernel.C | 55 | ||||
| -rw-r--r-- | src/kernel/makefile | 4 | ||||
| -rw-r--r-- | src/kernel/pagemgr.C | 22 |
4 files changed, 284 insertions, 8 deletions
diff --git a/src/kernel/bltohbdatamgr.C b/src/kernel/bltohbdatamgr.C new file mode 100644 index 000000000..f165ae87b --- /dev/null +++ b/src/kernel/bltohbdatamgr.C @@ -0,0 +1,211 @@ +/* IBM_PROLOG_BEGIN_TAG */ +/* This is an automatically generated prolog. */ +/* */ +/* $Source: src/kernel/bltohbdatamgr.C $ */ +/* */ +/* OpenPOWER HostBoot Project */ +/* */ +/* Contributors Listed Below - COPYRIGHT 2017 */ +/* [+] International Business Machines Corp. */ +/* */ +/* */ +/* Licensed under the Apache License, Version 2.0 (the "License"); */ +/* you may not use this file except in compliance with the License. */ +/* You may obtain a copy of the License at */ +/* */ +/* http://www.apache.org/licenses/LICENSE-2.0 */ +/* */ +/* Unless required by applicable law or agreed to in writing, software */ +/* distributed under the License is distributed on an "AS IS" BASIS, */ +/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */ +/* implied. See the License for the specific language governing */ +/* permissions and limitations under the License. */ +/* */ +/* IBM_PROLOG_END_TAG */ +#include <kernel/bltohbdatamgr.H> +#include <util/align.H> +#include <kernel/console.H> +#include <assert.h> + +// Global and only BlToHbDataManager instance +BlToHbDataManager g_BlToHbDataManager; + +//////////////////////////////////////////////////////////////////////////////// +//--------------------------------- Private ----------------------------------// +//////////////////////////////////////////////////////////////////////////////// + +// Set static variables to control use +Bootloader::BlToHbData BlToHbDataManager::iv_data; +bool BlToHbDataManager::iv_instantiated = false; +bool BlToHbDataManager::iv_initialized = false; +bool BlToHbDataManager::iv_dataValid = false; +size_t BlToHbDataManager::iv_preservedSize = 0; + +void BlToHbDataManager::validAssert() const +{ + if(!iv_dataValid) + { + printk("E> BlToHbDataManager is invalid, cannot access\n"); + kassert(iv_dataValid); + } +} + +void BlToHbDataManager::print() const +{ + if(iv_dataValid) + { + printkd("\nBlToHbData (all addr HRMOR relative):\n"); + printkd("-- eyeCatch = 0x%lX (%s)\n", iv_data.eyeCatch, + reinterpret_cast<char*>(&iv_data.eyeCatch)); + printkd("-- version = 0x%lX\n", iv_data.version); + printkd("-- branchtableOffset = 0x%lX\n", iv_data.branchtableOffset); + printkd("-- SecureRom Addr = 0x%lX Size = 0x%lX\n", getSecureRomAddr(), + iv_data.secureRomSize); + printkd("-- HW keys' Hash Addr = 0x%lX Size = 0x%lX\n", getHwKeysHashAddr(), + iv_data.hwKeysHashSize); + printkd("-- HBB header Addr = 0x%lX Size = 0x%lX\n", getHbbHeaderAddr(), + iv_data.hbbHeaderSize); + printkd("-- Reserved Size = 0x%lX\n", iv_preservedSize); + printkd("\n"); + } +} + +//////////////////////////////////////////////////////////////////////////////// +//---------------------------------- Public ----------------------------------// +//////////////////////////////////////////////////////////////////////////////// + +BlToHbDataManager::BlToHbDataManager() +{ + // Allow only one instantiation + if (iv_instantiated) + { + printk("E> A BlToHbDataManager class instance already exists\n"); + kassert(!iv_instantiated); + } + iv_instantiated = true; +} + +void BlToHbDataManager::initValid (const Bootloader::BlToHbData& i_data) +{ + // Allow only one initializer call + if (iv_initialized) + { + printk("E> BlToHbDataManager class previously initialized\n"); + kassert(!iv_initialized); + } + + // Simple assertion checks + kassert(i_data.eyeCatch>0); + kassert(i_data.version>0); + kassert(i_data.branchtableOffset>0); + kassert(i_data.secureRom!=nullptr); + kassert(i_data.hwKeysHash!=nullptr); + kassert(i_data.hbbHeader!=nullptr); + kassert(i_data.secureRomSize>0); + kassert(i_data.hwKeysHashSize>0); + kassert(i_data.hbbHeaderSize>0); + + // Set internal static data + iv_data.eyeCatch = i_data.eyeCatch; + iv_data.version = i_data.version; + iv_data.branchtableOffset = i_data.branchtableOffset; + iv_data.secureRom = i_data.secureRom; + iv_data.secureRomSize = i_data.secureRomSize; + iv_data.hwKeysHash = i_data.hwKeysHash; + iv_data.hwKeysHashSize = i_data.hwKeysHashSize; + iv_data.hbbHeader = i_data.hbbHeader; + iv_data.hbbHeaderSize = i_data.hbbHeaderSize; + + // Size of data that needs to be preserved and pinned. + iv_preservedSize = ALIGN_PAGE(iv_data.secureRomSize + + iv_data.hwKeysHashSize + + iv_data.hbbHeaderSize ); + iv_initialized = true; + iv_dataValid = true; + print(); +} + +void BlToHbDataManager::initInvalid () +{ + // Allow only one initializer call + if (iv_initialized) + { + printk("E> BlToHbDataManager class previously initialized\n"); + kassert(!iv_initialized); + } + + iv_initialized = true; + iv_dataValid = false; + print(); +} + +const uint64_t BlToHbDataManager::getBranchtableOffset() const +{ + validAssert(); + return iv_data.branchtableOffset; +} + +const void* BlToHbDataManager::getSecureRom() const +{ + validAssert(); + return iv_data.secureRom; +} + +const uint64_t BlToHbDataManager::getSecureRomAddr() const +{ + validAssert(); + return reinterpret_cast<uint64_t>(iv_data.secureRom); +} + +const size_t BlToHbDataManager::getSecureRomSize() const +{ + validAssert(); + return iv_data.secureRomSize; +} + +const void* BlToHbDataManager::getHwKeysHash() const +{ + validAssert(); + return iv_data.hwKeysHash; +} + +const uint64_t BlToHbDataManager::getHwKeysHashAddr() const +{ + validAssert(); + return reinterpret_cast<uint64_t>(iv_data.hwKeysHash); +} + +const size_t BlToHbDataManager::getHwKeysHashSize() const +{ + validAssert(); + return iv_data.hwKeysHashSize; +} + +const void* BlToHbDataManager::getHbbHeader() const +{ + validAssert(); + return iv_data.hbbHeader; +} + +const uint64_t BlToHbDataManager::getHbbHeaderAddr() const +{ + validAssert(); + return reinterpret_cast<uint64_t>(iv_data.hbbHeader); +} + +const size_t BlToHbDataManager::getHbbHeaderSize() const +{ + validAssert(); + return iv_data.hbbHeaderSize; +} + +const size_t BlToHbDataManager::getPreservedSize() const +{ + validAssert(); + return iv_preservedSize; +} + +const bool BlToHbDataManager::isValid() const +{ + return iv_dataValid; +}
\ No newline at end of file diff --git a/src/kernel/kernel.C b/src/kernel/kernel.C index 8ae092458..f470723ce 100644 --- a/src/kernel/kernel.C +++ b/src/kernel/kernel.C @@ -5,7 +5,9 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* COPYRIGHT International Business Machines Corp. 2010,2014 */ +/* Contributors Listed Below - COPYRIGHT 2010,2017 */ +/* [+] International Business Machines Corp. */ +/* */ /* */ /* Licensed under the Apache License, Version 2.0 (the "License"); */ /* you may not use this file except in compliance with the License. */ @@ -35,6 +37,9 @@ #include <sys/vfs.h> #include <kernel/deferred.H> #include <kernel/misc.H> +#include <util/align.H> +#include <securerom/sha512.H> +#include <kernel/bltohbdatamgr.H> #include <stdlib.h> @@ -64,6 +69,54 @@ int main() Kernel& kernel = Singleton<Kernel>::instance(); kernel.cppBootstrap(); + + // Get pointer to BL and HB comm data + const auto l_pBltoHbData = reinterpret_cast<const Bootloader::BlToHbData*>( + BLTOHB_COMM_DATA_ADDR); + + if ( Bootloader::BlToHbDataValid(l_pBltoHbData) ) + { + printk("Valid BL to HB communication data\n"); + + // Make copy of structure so to not modify original pointers + auto l_blToHbDataCopy = *l_pBltoHbData; + + // Get destination location that will be preserved by the pagemgr + auto l_pBltoHbDataStart = reinterpret_cast<uint8_t *>( + VmmManager::BLTOHB_DATA_START); + // Copy in SecureRom + memcpy(l_pBltoHbDataStart, + l_blToHbDataCopy.secureRom, + l_blToHbDataCopy.secureRomSize); + // Change pointer to new location and increment + l_blToHbDataCopy.secureRom = l_pBltoHbDataStart; + l_pBltoHbDataStart += l_blToHbDataCopy.secureRomSize; + + // Copy in HW keys' Hash + memcpy(l_pBltoHbDataStart, + l_blToHbDataCopy.hwKeysHash, + l_blToHbDataCopy.hwKeysHashSize); + // Change pointer to new location and increment + l_blToHbDataCopy.hwKeysHash = l_pBltoHbDataStart; + l_pBltoHbDataStart += l_blToHbDataCopy.hwKeysHashSize; + + // Copy in HBB header + memcpy(l_pBltoHbDataStart, + l_blToHbDataCopy.hbbHeader, + l_blToHbDataCopy.hbbHeaderSize); + // Change pointer to new location + l_blToHbDataCopy.hbbHeader = l_pBltoHbDataStart; + + // Initialize Secureboot Data class + g_BlToHbDataManager.initValid(l_blToHbDataCopy); + } + else + { + printk("Invalid BL to HB communication data\n"); + // Force invalidation of securebootdata + g_BlToHbDataManager.initInvalid(); + } + kernel.memBootstrap(); kernel.cpuBootstrap(); diff --git a/src/kernel/makefile b/src/kernel/makefile index cf5a69aa7..ddf3909ab 100644 --- a/src/kernel/makefile +++ b/src/kernel/makefile @@ -5,7 +5,7 @@ # # OpenPOWER HostBoot Project # -# Contributors Listed Below - COPYRIGHT 2010,2016 +# Contributors Listed Below - COPYRIGHT 2010,2017 # [+] International Business Machines Corp. # # @@ -67,5 +67,7 @@ OBJS += machchk.o OBJS += doorbell.o OBJS += workitem.o +OBJS += bltohbdatamgr.o + include ${ROOTPATH}/config.mk diff --git a/src/kernel/pagemgr.C b/src/kernel/pagemgr.C index c5e7d6960..66f62e6da 100644 --- a/src/kernel/pagemgr.C +++ b/src/kernel/pagemgr.C @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2010,2015 */ +/* Contributors Listed Below - COPYRIGHT 2010,2017 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -36,6 +36,7 @@ #include <sys/syscall.h> #include <assert.h> #include <kernel/memstate.H> +#include <kernel/bltohbdatamgr.H> size_t PageManager::cv_coalesce_count = 0; @@ -208,6 +209,15 @@ void PageManager::_initialize() page_t* endAddr = reinterpret_cast<page_t*>(VmmManager::INITIAL_MEM_SIZE); printk("Initializing PageManager starting at %p...", startAddr); + // Add on secureboot data size to end of reserved space + size_t securebootDataSize = 0; + if (g_BlToHbDataManager.isValid()) + { + securebootDataSize = g_BlToHbDataManager.getPreservedSize(); + } + size_t l_endReservedPage = VmmManager::END_RESERVED_PAGE + + securebootDataSize; + // Calculate chunks along the top half of the L3 and erase them. uint64_t currentBlock = reinterpret_cast<uint64_t>(startAddr); do @@ -225,17 +235,17 @@ void PageManager::_initialize() // Check if this block starts in the hole. if ((currentBlock >= VmmManager::FIRST_RESERVED_PAGE) && - (currentBlock < VmmManager::END_RESERVED_PAGE)) + (currentBlock < l_endReservedPage)) { // End of the block is in the hole, skip. - if (endBlock < VmmManager::END_RESERVED_PAGE) + if (endBlock < l_endReservedPage) { currentBlock = ALIGN_MEGABYTE(endBlock); continue; } // Advance the current block past the hole. - currentBlock = VmmManager::END_RESERVED_PAGE; + currentBlock = l_endReservedPage; } // Check if the block is has the hole in it. @@ -243,7 +253,7 @@ void PageManager::_initialize() (currentBlock < VmmManager::FIRST_RESERVED_PAGE)) { // Hole is at the end of the block, shrink it down. - if (endBlock < VmmManager::END_RESERVED_PAGE) + if (endBlock < l_endReservedPage) { endBlock = VmmManager::FIRST_RESERVED_PAGE; } @@ -262,7 +272,7 @@ void PageManager::_initialize() iv_heap.addMemory(currentBlock, hole_end / PAGESIZE); totalPages += (hole_end / PAGESIZE); - currentBlock = VmmManager::END_RESERVED_PAGE; + currentBlock = l_endReservedPage; } } |
