diff options
| author | Chen Du <duchen@us.ibm.com> | 2019-03-04 10:56:19 -0600 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2019-05-09 16:10:29 -0500 |
| commit | bbbd68a140c9b34ccded9273d91e6b5bc97d0f28 (patch) | |
| tree | 930afab97b728563743d597510fe3e473bd998b3 /src/usr/pnor | |
| parent | 6aeba3917d4d42f6b99a059eeacc57c850dca6b9 (diff) | |
| download | talos-hostboot-bbbd68a140c9b34ccded9273d91e6b5bc97d0f28.tar.gz talos-hostboot-bbbd68a140c9b34ccded9273d91e6b5bc97d0f28.zip | |
Add page tables to read only partitions
Changed partitions (WOFDATA, MEMD)
to be signed with a hash page table bit. This generates
a hash page table in the protected payload which will be
used to validate pages in the unprotected payload
Change-Id: I9be4b1f6e65b9a52a8b6ba23affdacc4d89f5295
RTC: 179519
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/72776
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/pnor')
| -rw-r--r-- | src/usr/pnor/pnorrp.C | 14 | ||||
| -rw-r--r-- | src/usr/pnor/spnorrp.C | 217 | ||||
| -rw-r--r-- | src/usr/pnor/spnorrp.H | 13 |
3 files changed, 212 insertions, 32 deletions
diff --git a/src/usr/pnor/pnorrp.C b/src/usr/pnor/pnorrp.C index af6ccf3fa..cb70eb94c 100644 --- a/src/usr/pnor/pnorrp.C +++ b/src/usr/pnor/pnorrp.C @@ -522,6 +522,7 @@ errlHndl_t PnorRP::getSectionInfo( PNOR::SectionId i_section, #ifdef CONFIG_SECUREBOOT o_info.secure = iv_TOC[id].secure; + o_info.size = iv_TOC[id].size; o_info.secureProtectedPayloadSize = 0; // for non secure sections // the protected payload size // defaults to zero @@ -591,6 +592,17 @@ errlHndl_t PnorRP::getSectionInfo( PNOR::SectionId i_section, // was done previously in pnor_common.C o_info.size -= PAGESIZE; + // Need to change size to accommodate for hash table + if (l_conHdr.sb_flags()->sw_hash) + { + o_info.vaddr += payloadTextSize; + // Hash page table needs to use containerSize as the base + // and subtract off header and hash table size + o_info.size = l_conHdr.totalContainerSize() - PAGE_SIZE - + payloadTextSize; + o_info.hasHashTable = true; + } + // cache the value in SectionInfo struct so that we can // parse the container header less often o_info.secureProtectedPayloadSize = payloadTextSize; @@ -598,11 +610,11 @@ errlHndl_t PnorRP::getSectionInfo( PNOR::SectionId i_section, else #endif { + o_info.size = iv_TOC[id].size; o_info.vaddr = iv_TOC[id].virtAddr; } o_info.flashAddr = iv_TOC[id].flashAddr; - o_info.size = iv_TOC[id].size; o_info.eccProtected = ((iv_TOC[id].integrity & FFS_INTEG_ECC_PROTECT) != 0) ? true : false; o_info.sha512Version = ((iv_TOC[id].version & FFS_VERS_SHA512) diff --git a/src/usr/pnor/spnorrp.C b/src/usr/pnor/spnorrp.C index 5b1ef5b03..a58f1c566 100644 --- a/src/usr/pnor/spnorrp.C +++ b/src/usr/pnor/spnorrp.C @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2011,2018 */ +/* Contributors Listed Below - COPYRIGHT 2011,2019 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -41,6 +41,7 @@ #include <secureboot/trustedbootif.H> #include <secureboot/header.H> #include <sys/task.h> +#include <arch/ppc.H> extern trace_desc_t* g_trac_pnor; @@ -363,6 +364,15 @@ uint64_t SPnorRP::verifySections(SectionId i_id, PNOR::SectionIdToString(i_id)); } + // If hash table exists, need to adjust sizes + if (l_info.hasHashTable) + { + io_rec->hasHashTable = true; + l_info.vaddr -= l_info.secureProtectedPayloadSize; + l_info.size += l_info.secureProtectedPayloadSize; + io_rec->hashTableVaddr = l_info.vaddr; + } + l_info.vaddr -= PAGESIZE; // back up a page to expose the secure header l_info.size += PAGESIZE; // add a page to size to account for the header @@ -643,13 +653,23 @@ uint64_t SPnorRP::verifySections(SectionId i_id, SHA512_DIGEST_LENGTH); } - // set permissions on the secured pages to writable + // set permissions to be writable + // in the case of HPT this is the header + HPT + // in the case of no HPT this is the header + text region l_errhdl = setPermission(io_rec->secAddr, l_protectedSizeWithHdr, WRITABLE); - if(l_errhdl) + if (l_errhdl) { - TRACFCOMP(g_trac_pnor,"SPnorRP::verifySections set permissions " - "failed on text section"); + if (l_info.hasHashTable) + { + TRACFCOMP(g_trac_pnor, ERR_MRK"SPnorRP::verifySections set permissions " + "failed on header + hash page table"); + } + else + { + TRACFCOMP(g_trac_pnor, ERR_MRK"SPnorRP::verifySections set permissions " + "failed on header + text section"); + } break; } @@ -691,10 +711,18 @@ uint64_t SPnorRP::verifySections(SectionId i_id, break; } - - l_errhdl = setPermission(io_rec->secAddr + l_protectedSizeWithHdr, - unprotectedPayloadSize, - WRITABLE | WRITE_TRACKED); + if (l_info.hasHashTable) + { + l_errhdl = setPermission(io_rec->secAddr + l_protectedSizeWithHdr, + unprotectedPayloadSize, + READ_ONLY); + } + else + { + l_errhdl = setPermission(io_rec->secAddr + l_protectedSizeWithHdr, + unprotectedPayloadSize, + WRITABLE | WRITE_TRACKED); + } if(l_errhdl) { TRACFCOMP(g_trac_pnor,"SPnorRP::verifySections set permissions " @@ -704,8 +732,11 @@ uint64_t SPnorRP::verifySections(SectionId i_id, // Register the write tracked memory range to be flushed on // shutdown. - INITSERVICE::registerBlock(io_rec->secAddr + l_protectedSizeWithHdr, - unprotectedPayloadSize, SPNOR_PRIORITY); + if (!l_info.hasHashTable) + { + INITSERVICE::registerBlock(io_rec->secAddr + l_protectedSizeWithHdr, + unprotectedPayloadSize, SPNOR_PRIORITY); + } } else { @@ -738,6 +769,83 @@ uint64_t SPnorRP::verifySections(SectionId i_id, return l_rc; } +int64_t getHashPageTableIndex(const int64_t i_vaddr) +{ + return (i_vaddr / static_cast<int64_t>(PAGE_SIZE)) + 1; +} + + +PAGE_TABLE_ENTRY_t* getHashPageTableEntry(const int64_t i_vaddr, + const uint64_t i_hash_vaddr) +{ + int64_t l_index = getHashPageTableIndex(i_vaddr); + int64_t l_offset = l_index * HASH_PAGE_TABLE_ENTRY_SIZE; + + // l_offset is the offset for the start of the hash page table + // i_hash_vaddr is the vaddr for the start of the hash in SECURE + // subtract off DELTA of 3GB to get into TEMP space + return reinterpret_cast<PAGE_TABLE_ENTRY_t*>(l_offset + i_hash_vaddr - + VMM_VADDR_SPNOR_DELTA); +} + +errlHndl_t verify_page(const int64_t i_offset_vaddr, const uint64_t i_hash_vaddr, + const uint64_t i_hash_size) +{ + errlHndl_t l_errl = nullptr; + + // Get current hash page table entry in TEMP space + PAGE_TABLE_ENTRY_t* l_pageTableEntry = + getHashPageTableEntry(i_offset_vaddr, i_hash_vaddr); + + // Get previous hash page table entry in TEMP space + PAGE_TABLE_ENTRY_t* l_prevPageTableEntry = + getHashPageTableEntry(i_offset_vaddr - PAGE_SIZE, i_hash_vaddr); + + // Concatenate previous hash with current page data + std::vector< std::pair<void*,size_t> > l_blobs; + l_blobs.push_back(std::make_pair<void*,size_t>(l_prevPageTableEntry, + HASH_PAGE_TABLE_ENTRY_SIZE)); + + // To get to PNOR space, we have the address of the hash in SECURE space and + // we add hash table size to get passed the hash page table. Then we add + // i_offset_vaddr, the offset of the requested vaddr, to end up at the + // requested vaddr in SECURE space. Finally we subtract off 2 DELTAS of + // 3GB each to get to the requested vaddr in PNOR space + l_blobs.push_back(std::make_pair<void*,size_t>( + reinterpret_cast<void*>(i_offset_vaddr + + i_hash_vaddr + i_hash_size - + 2 * VMM_VADDR_SPNOR_DELTA), + PAGE_SIZE)); + SHA512_t l_curPageHash = {0}; + SECUREBOOT::hashConcatBlobs(l_blobs, l_curPageHash); + + // Compare existing hash page table entry with the derived one. + if (memcmp(l_pageTableEntry,l_curPageHash,HASH_PAGE_TABLE_ENTRY_SIZE) != 0) + { + TRACFCOMP(g_trac_pnor, "ERROR:>PNOR::verify_page secureboot verify fail on vaddr 0x%016llX", + i_hash_vaddr + i_hash_size + i_offset_vaddr); + /*@ + * @severity ERRL_SEV_CRITICAL_SYS_TERM + * @moduleid MOD_SPNORRP_VERIFY_PAGE + * @reasoncode RC_VERIFY_PAGE_FAILED + * @userdata1 Kernel RC + * @userdata2 Virtual address accessed + * + * @devdesc Secureboot page verify failure + * @custdesc Corrupted flash image or firmware error during system boot + */ + l_errl = new ERRORLOG::ErrlEntry(ERRORLOG::ERRL_SEV_CRITICAL_SYS_TERM, + MOD_SPNORRP_VERIFY_PAGE, + RC_VERIFY_PAGE_FAILED, + TO_UINT64(EACCES), + i_offset_vaddr, + ERRORLOG::ErrlEntry::ADD_SW_CALLOUT); + l_errl->collectTrace(PNOR_COMP_NAME); + l_errl->collectTrace(SECURE_COMP_NAME); + } + return l_errl; +} + /** @@ -769,6 +877,7 @@ void SPnorRP::waitForMessage() // data[0] = virtual address requested // data[1] = address to place contents + uint64_t requested_vaddr = message->data[0]; eff_addr = reinterpret_cast<uint8_t*>(message->data[0]); user_addr = reinterpret_cast<uint8_t*>(message->data[1]); @@ -819,10 +928,34 @@ void SPnorRP::waitForMessage() TRACDCOMP( g_trac_pnor, "SPnorRP::waitForMessage got a" " request to read from secure space - " "message : user_addr=%p, eff_addr=%p, msgtype=%d, " - "textSize=0x%.16llX secAddr0x%.16llX", user_addr, + "textSize=0x%.16llX secAddr=0x%.16llX", user_addr, eff_addr, message->type, l_rec.textSize, l_rec.secAddr); + // If record has an associated hash page table, then we + // want to verify the page with the hash table in temp + if (SECUREBOOT::enabled() && l_rec.hasHashTable) + { + // Pass in the offset of just the data + int64_t offset_vaddr = requested_vaddr - + l_rec.hashTableVaddr - l_rec.textSize; + + // There is no hash table entry when we try to + // verify the header + if (offset_vaddr >= 0) { + l_errhdl = verify_page(offset_vaddr, + l_rec.hashTableVaddr, + l_rec.textSize); + } + + if (l_errhdl) + { + SECUREBOOT::handleSecurebootFailure(l_errhdl, false, true); + status_rc = -EFAULT; + break; + } + } + // determine the source of the data depending on // whether it is part of the secure payload. // by the way, this if could be removed to make this @@ -843,8 +976,8 @@ void SPnorRP::waitForMessage() // if the page came from temp space then free up // the temp page now that we're done with it // NOTE: secAddr points to Secure Header - if (eff_addr < ( (l_rec.secAddr + PAGESIZE) + - l_rec.textSize)) + if (!l_rec.hasHashTable && (eff_addr < ( (l_rec.secAddr + PAGESIZE) + + l_rec.textSize))) { mm_remove_pages(RELEASE, eff_addr - delta, PAGESIZE); @@ -924,7 +1057,6 @@ void SPnorRP::waitForMessage() // cache the record to use fields later as hints l_rec = *l_record; - } while (0); } break; @@ -936,7 +1068,7 @@ void SPnorRP::waitForMessage() do { // Disallow unload of HBB, HBI and Targeting if (l_id == HB_BASE_CODE || - l_id == HB_EXT_CODE || + l_id == HB_EXT_CODE || l_id == HB_DATA) { TRACFCOMP( g_trac_pnor, ERR_MRK"SPnorRP::waitForMessage> Secure unload of HBB, HBI, and targeting is not allowed secId=%d", l_id); @@ -998,7 +1130,7 @@ void SPnorRP::waitForMessage() size_t l_sizeWithHdr = PAGESIZE + l_rec->textSize; // if the section has an unsecured portion - if (l_sizeWithHdr != l_rec->infoSize) + if (l_sizeWithHdr != l_rec->infoSize && !l_rec->hasHashTable) { TRACFCOMP( g_trac_pnor, ERR_MRK"SPnorRP::waitForMessage> Attempting to unload an unsupported section: 0x%X textsize+hdr: 0x%llX infosize: 0x%llX (the two sizes must be equal)", l_id, l_sizeWithHdr, l_rec->infoSize); /*@ @@ -1031,6 +1163,40 @@ void SPnorRP::waitForMessage() } TRACDCOMP(g_trac_pnor,"Completely unloading %s", PNOR::SectionIdToString(l_id)); + if (l_rec->hasHashTable) + { + // remove unprotected pages + l_errhdl = removePages(l_rec->secAddr + PAGE_SIZE + l_rec->textSize, + l_rec->infoSize - PAGE_SIZE - l_rec->textSize); + if (l_errhdl) + { + TRACFCOMP(g_trac_pnor, + ERR_MRK"SPnorRP::waitForMessage> " + "removePages failed for address " + "0x%11X of length 0x%11X", + l_rec->secAddr + PAGE_SIZE + l_rec->textSize, + l_rec->infoSize - PAGE_SIZE - l_rec->textSize); + status_rc = -EFAULT; + break; + } + + l_errhdl = setPermission(l_rec->secAddr + PAGE_SIZE + l_rec->textSize, + l_rec->infoSize - PAGE_SIZE - l_rec->textSize, + NO_ACCESS); + if (l_errhdl) + { + TRACFCOMP(g_trac_pnor, + ERR_MRK"SPnorRP::waitForMessage> " + "setPermission failed for address " + "0x%11X of length 0x%11X", + l_rec->secAddr + PAGE_SIZE + l_rec->textSize, + l_rec->infoSize - PAGE_SIZE - l_rec->textSize); + + status_rc = -EFAULT; + break; + } + } + l_errhdl = removePages(l_rec->secAddr, l_sizeWithHdr); if (l_errhdl) @@ -1039,21 +1205,21 @@ void SPnorRP::waitForMessage() ERR_MRK"SPnorRP::waitForMessage> " "removePages failed for address " "0x%llX of length 0x%llX", l_rec->secAddr, - l_sizeWithHdr); + l_sizeWithHdr); status_rc = -EFAULT; break; } l_errhdl = setPermission(l_rec->secAddr, - l_sizeWithHdr, - NO_ACCESS); + l_sizeWithHdr, + NO_ACCESS); if (l_errhdl) { TRACFCOMP( g_trac_pnor, ERR_MRK"SPnorRP::waitForMessage> " "setPermission failed for address " "0x%llX of length 0x%llX", l_rec->secAddr, - l_sizeWithHdr); + l_sizeWithHdr); status_rc = -EFAULT; break; @@ -1067,7 +1233,7 @@ void SPnorRP::waitForMessage() l_sizeWithHdr); if (l_errhdl) { - TRACFCOMP( g_trac_pnor, + TRACFCOMP(g_trac_pnor, ERR_MRK"SPnorRP::waitForMessage> " "removePages failed for address " "0x%llX of length 0x%llX", l_tempAddr, @@ -1083,16 +1249,15 @@ void SPnorRP::waitForMessage() l_sizeWithHdr); l_errhdl = setPermission(l_tempAddr, - l_sizeWithHdr, - NO_ACCESS); + l_sizeWithHdr, + NO_ACCESS); if (l_errhdl) { - TRACFCOMP( g_trac_pnor, + TRACFCOMP(g_trac_pnor, ERR_MRK"SPnorRP::waitForMessage> " "setPermission failed for address " "0x%llX of length 0x%llX", l_tempAddr, l_sizeWithHdr); - status_rc = -EFAULT; break; } diff --git a/src/usr/pnor/spnorrp.H b/src/usr/pnor/spnorrp.H index 11da539ef..578858e5e 100644 --- a/src/usr/pnor/spnorrp.H +++ b/src/usr/pnor/spnorrp.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2011,2017 */ +/* Contributors Listed Below - COPYRIGHT 2011,2019 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -113,13 +113,16 @@ class SPnorRP * Keep track of secured payload size and secure section addresses */ struct LoadRecord{ - uint8_t* secAddr; - size_t textSize; - size_t infoSize; + uint8_t* secAddr; // virtual address of the start of the record + uint64_t hashTableVaddr; // virtual address of the hash table (if it exists) + size_t textSize; // size of the protected payload, not including header + size_t infoSize; // size of the entire partition size_t refCount; + bool hasHashTable; // indicates if the record has a hash table + SHA512_t payloadTextHash; LoadRecord() - :secAddr(nullptr), textSize(0), infoSize(0), refCount(0) + :secAddr(nullptr), hashTableVaddr(0), textSize(0), infoSize(0), refCount(0), hasHashTable(false) { memset(&payloadTextHash[0], 0, SHA512_DIGEST_LENGTH); } |
