Support extending sections to PCRs

- Ported p8 secureboot PCR extension code

Change-Id: I2bbf6ee6b2980c2fbe32dfb9cad25e9e2aba3285
RTC: 167581
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35632
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>

1 files changed, 49 insertions, 36 deletions

diff --git a/src/usr/secureboot/base/header.C b/src/usr/secureboot/base/header.C
index 37ba7ca72..4aba9481f 100644
--- a/src/usr/secureboot/base/header.C
+++ b/src/usr/secureboot/base/header.C
@@ -5,7 +5,7 @@
 /*                                                                        */
 /* OpenPOWER HostBoot Project                                             */
 /*                                                                        */
-/* Contributors Listed Below - COPYRIGHT 2013,2016                        */
+/* Contributors Listed Below - COPYRIGHT 2013,2017                        */
 /* [+] International Business Machines Corp.                              */
 /*                                                                        */
 /*                                                                        */
@@ -26,6 +26,7 @@
 #include <sys/mm.h>
 #include <sys/mmio.h>
 #include <kernel/console.H>
+#include <errno.h>
 
 namespace SECUREBOOT
 {
@@ -34,53 +35,65 @@ namespace SECUREBOOT
         return Singleton<Header>::instance();
     }
 
-    // TODO securebootp9 this implementation native to p9 appears to be doing
-    // approximately the same thing as p8's loadSecurely() method. We need to
-    // confirm and merge together or leave separate and merely remove comment.
-    void Header::loadBaseHeader()
+    // @TODO RTC 168021 Converge on a single method of reading the secure
+    // header
+    void Header::loadSecurely()
     {
-        // Calculate original address of the secureboot header.
-        //      Zero is purposefully not mapped into the VMM tables, so we
-        //      can't use that for the virtual-to-real translation.  Since
-        //      this object is in the base image, EA = HRMOR | PA, so we can
-        //      use PA - EA to find the HRMOR.
-        uint64_t addr = mm_virt_to_phys(this) -
-                            reinterpret_cast<uint64_t>(this);
-        addr -= PAGESIZE;
-
-        // Map in the header.
-        void* origHeader = mm_block_map(reinterpret_cast<void*>(addr),
-                                        PAGESIZE);
-
-        // Copy header to a save area.
-        //     In the future we might want to just extract pieces of the
-        //     header.  The header is important when we start updating
-        //     the TPM PCRs.
-        iv_data = malloc(PAGESIZE);
-        memcpy(iv_data, origHeader, PAGESIZE);
-
-        // Unmap the header.
-        mm_block_unmap(origHeader);
+        //@TODO  RTC 167581
+        // When RTC 166848 is available, pull in real header
 
         return;
     }
 
-    // TODO securebootp9 this implementation of the follwoing two methods need
-    // to be added based on p8 code
-    void Header::loadSecurely()
-    {
-    }
-
+    // @TODO RTC 168021 Converge on a single method of reading the secure
+    // header
     void Header::setNonSecurely(
-        const void* i_pHeader)
+        const void* const i_pHeader)
     {
+        // Fatal code bug if already loaded
+        assert(iv_data == nullptr,"BUG! In setNonSecurely(), "
+            "a cached header is already present.");
+
+        // Fatal code bug if called with nullptr pointer
+        assert(i_pHeader != nullptr,"BUG! In setNonSecurely(), "
+            "caller passed a nullptr header.");
+
+        iv_data = calloc(1,PAGESIZE);
+        memcpy(iv_data,i_pHeader,PAGE_SIZE);
     }
 
     void Header::getHeader(
-        const void*& o_pHeader ) const
+        const void*& o_pHeader) const
     {
         // Fatal code bug if queried before loaded
-        assert(iv_data!=nullptr);
+        assert(iv_data!=nullptr,"BUG! In getHeader(), "
+            "header is not present.");
         o_pHeader = iv_data;
     }
+
+    void Header::_calcSecureLoadAddr(
+        const void*& o_pCode) const
+    {
+        //@TODO  RTC 167581
+        // When RTC 166848 is available, pull in real header
+
+        // Determine the secure address where the HBB image was loaded by SBE.
+        // Regardless of whether security is enabled or not, HBB always ends up
+        // at the secure load address (which corresponds to the HRMOR).
+        //
+        // Zero is purposefully not mapped into the VMM tables, so we
+        // can't use that for the virtual-to-real translation.  Since
+        // this object is in the base (HBB) image, PA = HRMOR | EA, so we can
+        // use PA - EA to find the HRMOR.
+        const void* hrmor = reinterpret_cast<const void*>(
+            mm_virt_to_phys(
+                const_cast<SECUREBOOT::Header*>(this)) -
+                    reinterpret_cast<uint64_t>(this));
+
+        // HRMOR lookup should never fail
+        assert(   reinterpret_cast<uint64_t>(hrmor)
+               != static_cast<uint64_t>(-EFAULT));
+
+        o_pCode = hrmor;
+    }
 }