diff options
author | Nick Bofferding <bofferdn@us.ibm.com> | 2017-01-30 13:52:49 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-03-03 13:51:19 -0500 |
commit | a9eefaa1086c7a3cc51e374c52a7c04397968fd5 (patch) | |
tree | b0f15275d1fab88785d6efe8c47d3ad6ea3bc377 /src/usr/secureboot/base | |
parent | a0437b216feaa77f81cfa3738844a0b761a9e99d (diff) | |
download | talos-hostboot-a9eefaa1086c7a3cc51e374c52a7c04397968fd5.tar.gz talos-hostboot-a9eefaa1086c7a3cc51e374c52a7c04397968fd5.zip |
Support DRTM RIT protection
- Added mailbox scratch register 7 definition
- Added DRTM functions
- Added set/clear security switch register functions
- Added additional security switch bit definitions
- Added secureboot extended library to host DRTM functions
- Inhibited TPM start command in DRTM flow
- Added new config options for DRTM and DRTM RIT protection
- Added new DRTM attribute to indicate if DRTM is active
- Added new DRTM attribute to hold DRTM payload address
- Added new DRTM attribute to initiate DRTM in lieu of loading payload
- Updated target service init to determine DRTM settings
- Updated host start payload step to initiate DRTM if conditions are met
- Updated host MPIPL service to verify DRTM payload and clean up DRTM HW state
- Updated host gard step to verify DRTM HW state
- Rerouted PCR extensions to PCR 17 in DRTM boot
- Use locality 2 for all PCR extensions in DRTM boot
- Inhibit extension logging (for now) in DRTM boot
- Only extend seperator to PCR 17 in DRTM boot
Change-Id: Id52c36c3a64ca002571396d605caa308d9dc0199
RTC: 157140
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35633
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot/base')
-rw-r--r-- | src/usr/secureboot/base/service.C | 16 | ||||
-rw-r--r-- | src/usr/secureboot/base/settings.C | 135 |
2 files changed, 151 insertions, 0 deletions
diff --git a/src/usr/secureboot/base/service.C b/src/usr/secureboot/base/service.C index a381c4fd2..54b7d7fb7 100644 --- a/src/usr/secureboot/base/service.C +++ b/src/usr/secureboot/base/service.C @@ -109,6 +109,22 @@ errlHndl_t getJumperState(SecureJumperState& o_state, TARGETING::Target* i_targ) return Singleton<Settings>::instance().getJumperState(o_state, i_targ); } +errlHndl_t clearSecuritySwitchBits( + const std::vector<SECUREBOOT::ProcSecurity>& i_bits, + TARGETING::Target* const i_pTarget) +{ + return Singleton<Settings>::instance().clearSecuritySwitchBits( + i_bits, i_pTarget); +} + +errlHndl_t setSecuritySwitchBits( + const std::vector<SECUREBOOT::ProcSecurity>& i_bits, + TARGETING::Target* const i_pTarget) +{ + return Singleton<Settings>::instance().setSecuritySwitchBits( + i_bits, i_pTarget); +} + void handleSecurebootFailure(errlHndl_t &io_err, bool i_waitForShutdown) { TRACFCOMP( g_trac_secure, ENTER_MRK"handleSecurebootFailure()"); diff --git a/src/usr/secureboot/base/settings.C b/src/usr/secureboot/base/settings.C index bd8f129f0..83e5365e3 100644 --- a/src/usr/secureboot/base/settings.C +++ b/src/usr/secureboot/base/settings.C @@ -129,6 +129,141 @@ namespace SECUREBOOT return l_errl; } + errlHndl_t Settings::clearSecuritySwitchBits( + const std::vector<SECUREBOOT::ProcSecurity>& i_bits, + TARGETING::Target* const i_pTarget) const + { + uint64_t bitsToClear = 0; + for(const auto &bit : i_bits) + { + bitsToClear |= static_cast<uint64_t>(bit); + } + + auto pError = writeSecurityRegister( + i_pTarget, + static_cast<uint64_t>(ProcSecurity::SwitchRegisterClear), + bitsToClear); + + if(pError) + { + SB_ERR("clearSecuritySwitchBits: writeSecurityRegister " + "(SwitchRegisterClear) failed. Target HUID = 0x%08X, data = " + "0x%016llX.", + get_huid(i_pTarget),bitsToClear); + SB_ERR("clearSecuritySwitchBits: plid=0x%08X, eid=0x%08X, " + "reason=0x%04X", + ERRL_GETPLID_SAFE(pError), + ERRL_GETEID_SAFE(pError), + ERRL_GETRC_SAFE(pError)); + } + + return pError; + } + + errlHndl_t Settings::setSecuritySwitchBits( + const std::vector<SECUREBOOT::ProcSecurity>& i_bits, + TARGETING::Target* const i_pTarget) const + { + uint64_t bitsToSet = 0; + for(const auto &bit : i_bits) + { + bitsToSet |= static_cast<uint64_t>(bit); + } + + auto pError = writeSecurityRegister( + i_pTarget, + static_cast<uint64_t>(ProcSecurity::SwitchRegister), + bitsToSet); + + if(pError) + { + SB_ERR("setSecuritySwitchBits: writeSecurityRegister " + "(SwitchRegister) failed. Target HUID = 0x%08X, data = " + "0x%016llX.", + get_huid(i_pTarget),bitsToSet); + SB_ERR("setSecuritySwitchBits: plid=0x%08X, eid=0x%08X, " + "reason=0x%04X", + ERRL_GETPLID_SAFE(pError), + ERRL_GETEID_SAFE(pError), + ERRL_GETRC_SAFE(pError)); + } + + return pError; + } + + errlHndl_t Settings::writeSecurityRegister( + TARGETING::Target* const i_pTarget, + const uint64_t i_scomAddress, + const uint64_t i_data) const + { + errlHndl_t pError = nullptr; + + do + { + + // Target must be the sentinel or some other non-NULL proc value + if ( (i_pTarget != TARGETING::MASTER_PROCESSOR_CHIP_TARGET_SENTINEL) + && ( (i_pTarget == nullptr) + || ( (i_pTarget->getAttr<TARGETING::ATTR_TYPE>()) + != (TARGETING::TYPE_PROC) ) ) ) + { + SB_ERR("writeSecurityRegister: Caller invoked API with bad target; " + "Target HUID = 0x%08X.",get_huid(i_pTarget)); + /*@ + * @errortype + * @severity ERRL_SEV_UNRECOVERABLE + * @moduleid SECUREBOOT::MOD_SECURE_WRITE_REG + * @reasoncode SECUREBOOT::RC_SECURE_BAD_TARGET + * @userdata1 Target pointer value + * @userdata2 Target's HUID or 0 if NULL target pointer + * @devdesc Invalid target used to write security + * register. + * @custdesc Unexpected internal firmware error. + */ + pError = new ERRORLOG::ErrlEntry( + ERRORLOG::ERRL_SEV_UNRECOVERABLE, + SECUREBOOT::MOD_SECURE_WRITE_REG, + SECUREBOOT::RC_SECURE_BAD_TARGET, + reinterpret_cast<uint64_t>(i_pTarget), + TO_UINT64(get_huid(i_pTarget)), + true); + pError->collectTrace(SECURE_COMP_NAME, ERROR_TRACE_SIZE); + break; + } + + // Write security switch settings to processor + const size_t expSize = sizeof(i_data); + size_t actSize = expSize; + pError = deviceWrite( + i_pTarget, + const_cast<uint64_t*>(&i_data), actSize, + DEVICE_SCOM_ADDRESS(i_scomAddress)); + if (nullptr != pError) + { + SB_ERR("writeSecurityRegister: deviceWrite failed; target HUID = " + "0x%08X, SCOM addr = 0x%016llX, data = 0x%016llX.", + get_huid(i_pTarget),i_scomAddress,i_data); + break; + } + + assert(actSize == expSize, + "writeSecurityRegister: BUG! size returned from device write (%d) " + "is not the expected size of %d",actSize,expSize); + + } while(0); + + if(pError) + { + SB_ERR("writeSecurityRegister: plid=0x%08X, eid=0x%08X, " + "reason=0x%04X", + ERRL_GETPLID_SAFE(pError), + ERRL_GETEID_SAFE(pError), + ERRL_GETRC_SAFE(pError)); + } + + return pError; + } + errlHndl_t Settings::readSecurityRegister(Target* i_targ, const uint64_t i_scomAddress, uint64_t& o_regValue) const |