diff options
author | Nick Bofferding <bofferdn@us.ibm.com> | 2017-10-20 21:13:34 -0500 |
---|---|---|
committer | William G. Hoffa <wghoffa@us.ibm.com> | 2017-11-03 09:45:20 -0400 |
commit | 07d75753d59419ea6ba9ee3bd930e0aa8e7e7fd5 (patch) | |
tree | 78633da60312ff8cfd54807f787219036e976621 /src/usr/secureboot/base/test/securerommgrtest.H | |
parent | 47f275a6bd3b2104a82d9786122afd6fe25f05de (diff) | |
download | talos-hostboot-07d75753d59419ea6ba9ee3bd930e0aa8e7e7fd5.tar.gz talos-hostboot-07d75753d59419ea6ba9ee3bd930e0aa8e7e7fd5.zip |
Secure Boot: Enforce PNOR section component IDs
- In secure mode, bootloader will enforce that HBB component ID is set
- In secure mode, Hostboot will enforce that PNOR component IDs are set
Change-Id: I04f3bbc45417b3229003c56e1083e1fc31c01cd7
RTC: 179422
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/48711
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot/base/test/securerommgrtest.H')
-rw-r--r-- | src/usr/secureboot/base/test/securerommgrtest.H | 129 |
1 files changed, 128 insertions, 1 deletions
diff --git a/src/usr/secureboot/base/test/securerommgrtest.H b/src/usr/secureboot/base/test/securerommgrtest.H index 7db0dc2cc..4a445b52f 100644 --- a/src/usr/secureboot/base/test/securerommgrtest.H +++ b/src/usr/secureboot/base/test/securerommgrtest.H @@ -25,7 +25,7 @@ #ifndef __SECUREROMMANAGERTEST_H #define __SECUREROMMANAGERTEST_H - +#include <array> #include <sys/mm.h> #include <sys/mmio.h> #include <vfs/vfs.H> @@ -35,6 +35,7 @@ #include <secureboot/service.H> #include <secureboot/secure_reasoncodes.H> #include <kernel/bltohbdatamgr.H> +#include <stddef.h> #include "../securerommgr.H" @@ -398,6 +399,132 @@ class SecureRomManagerTest : public CxxTest::TestSuite TRACFCOMP(g_trac_secure,EXIT_MRK"SecureRomManagerTest::test_hash_page_table_verify"); } + void test_verifyComponent(void) + { + errlHndl_t pError = nullptr; + + // Signed file variables + const char* signedFile_name = "secureboot_signed_container"; + void* signedFile_pageAddr = nullptr; + size_t signedFile_size = 0; + uint64_t signedFile_vaddr = 0; + + do { + + struct verifyComponentTest + { + const char* pActualCompId; + const char* pRefCompId; + bool shouldPass; + }; + + const std::vector<verifyComponentTest> tests = + { {"ABCD1234","ABCD12345", true }, + {"ABCD1234","ABCD1234" , true }, + {"ABCD1234","ABCD123" , false}, + {"ABCD123" ,"ABCD12345", false}, + {"ABCD123" ,"ABCD1234" , false}, + {"ABCD123" ,"ABCD123" , true }, + {"A" ,"A" , true }, + {"A" ,"B" , false}, + {"A" ,"AB" , false}, + {"A" ,"" , false}, + {"" ,"A" , false}, + {"" ,"" , true } }; + + // Call utility function + pError = loadSignedFile( signedFile_name, + signedFile_pageAddr, + signedFile_size, + signedFile_vaddr); + + if (pError) + { + TS_FAIL("SecureRomManagerTest::test_verifyComponent: " + "loadSignedFile() Failed"); + errlCommit(pError, SECURE_COMP_ID); + break; + } + + char pHeader[MAX_SECURE_HEADER_SIZE]={0}; + memcpy(pHeader,signedFile_pageAddr,sizeof(pHeader)); + + char* const pCompIdInContainer = pHeader + + offsetof(ROM_container_raw,prefix) + + offsetof(ROM_prefix_header_raw,ecid) + + offsetof(ROM_prefix_data_raw,sw_pkey_q) + + offsetof(ROM_sw_header_raw,component_id); + + const size_t compIdSize = sizeof(ROM_sw_header_raw::component_id); + + for(const auto& test : tests) + { + memset(pCompIdInContainer,0x00,compIdSize); + strncpy(pCompIdInContainer,test.pActualCompId,compIdSize); + SECUREBOOT::ContainerHeader containerHeader(pHeader); + + pError = SECUREBOOT::verifyComponent( + containerHeader, + test.pRefCompId); + if(pError) + { + if(test.shouldPass) + { + TS_FAIL("SecureRomManagerTest::test_verifyContainer: " + "Expected SECUREBOOT::verifyComponent to pass, but it " + "failed. Actual component ID was [%s], reference " + "component ID was [%s]", + test.pActualCompId, + test.pRefCompId); + errlCommit(pError, SECURE_COMP_ID); + } + else // Should fail + { + // But verify it's the right fail + if( ( pError->reasonCode() + != SECUREBOOT::RC_ROM_VERIFY) + || ( pError->moduleId() + != SECUREBOOT::MOD_SECURE_VERIFY_COMPONENT)) + { + TS_FAIL("SecureRomManagerTest::test_verifyContainer: " + "Expected SECUREBOOT::verifyComponent to fail with " + "reason code of 0x%04X and module ID of 0x%02, but " + "failed with reason code of 0x%04X and module ID " + "of 0x%02X. Actual component ID was [%s], " + "reference component ID was [%s]", + SECUREBOOT::RC_ROM_VERIFY, + SECUREBOOT::MOD_SECURE_VERIFY_COMPONENT, + pError->reasonCode(), + pError->moduleId(), + test.pActualCompId, + test.pRefCompId); + errlCommit(pError, SECURE_COMP_ID); + } + else + { + delete pError; + pError = nullptr; + } + } + } + else if(!test.shouldPass) + { + TS_FAIL("SecureRomManagerTest::test_verifyContainer: " + "Expected SECUREBOOT::verifyComponent to fail, but it " + "passed. Actual component ID was [%s], reference " + "component ID was [%s]", + test.pActualCompId, + test.pRefCompId); + } + } + + } while(0); + + if ( signedFile_pageAddr != nullptr ) + { + unloadSignedFile( signedFile_pageAddr, signedFile_size); + } + } }; /**********************************************************************/ |