diff options
author | Stephen Cprek <smcprek@us.ibm.com> | 2017-11-20 16:56:44 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-12-18 17:27:59 -0500 |
commit | 9ae6e9595f9773d295b7e3ade47088f554c1ed48 (patch) | |
tree | f33427b681154991423fb9faad3476bf4aa17ff4 /src/usr/secureboot/base | |
parent | 8392e4f606607e505bb99de2a8d229ae69be5efe (diff) | |
download | talos-hostboot-9ae6e9595f9773d295b7e3ade47088f554c1ed48.tar.gz talos-hostboot-9ae6e9595f9773d295b7e3ade47088f554c1ed48.zip |
Remove Secure Boot workarounds
- Removing the magic number checks that would block sb functionality
if things didn't appear secure
- Remove Best Effort Policy and all of its related code
- Remove the legacy PCR extension
- Remove the non-secure header preservation path.
- Always load HB base image header from the bl to hb data path
vs settings unsecurely out of pnor
Change-Id: Ie638384ac50ed47850985c959ea7a32e5757d64e
RTC: 178520
RTC: 155374
RTC: 173489
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/49925
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot/base')
-rw-r--r-- | src/usr/secureboot/base/header.C | 25 | ||||
-rw-r--r-- | src/usr/secureboot/base/securerommgr.C | 174 | ||||
-rw-r--r-- | src/usr/secureboot/base/securerommgr.H | 9 | ||||
-rw-r--r-- | src/usr/secureboot/base/service.C | 12 | ||||
-rw-r--r-- | src/usr/secureboot/base/settings.C | 20 |
5 files changed, 55 insertions, 185 deletions
diff --git a/src/usr/secureboot/base/header.C b/src/usr/secureboot/base/header.C index f2c41069c..77d756934 100644 --- a/src/usr/secureboot/base/header.C +++ b/src/usr/secureboot/base/header.C @@ -36,28 +36,15 @@ namespace SECUREBOOT return Singleton<Header>::instance(); } - // @TODO RTC 178520 Converge on a single method of reading the secure - // header - void Header::loadSecurely() + void Header::loadHeader() { - const void* const pSecureHeader = g_BlToHbDataManager.getHbbHeader(); + const void* const pHeader = g_BlToHbDataManager.getHbbHeader(); // Fatal code bug if called with nullptr pointer - assert(pSecureHeader != nullptr, - "BUG! In Header::loadSecurely(), expected valid address for base " - "image header in secure mode, but got nullptr."); - _set(pSecureHeader); - } - - // @TODO RTC 178520 Converge on a single method of reading the secure - // header - void Header::setNonSecurely( - const void* const i_pHeader) - { - // Fatal code bug if called with nullptr pointer - assert(i_pHeader != nullptr,"BUG! In Header::setNonSecurely(), " - "caller passed a nullptr header address."); - _set(i_pHeader); + assert(pHeader != nullptr, + "BUG! In Header::loadHeader(), expected valid address for base " + "image header, but got nullptr."); + _set(pHeader); } void Header::_set( diff --git a/src/usr/secureboot/base/securerommgr.C b/src/usr/secureboot/base/securerommgr.C index b894be4a9..d5dac06d8 100644 --- a/src/usr/secureboot/base/securerommgr.C +++ b/src/usr/secureboot/base/securerommgr.C @@ -66,11 +66,6 @@ errlHndl_t initializeSecureRomManager(void) return Singleton<SecureRomManager>::instance().initialize(); } -bool secureRomValidPolicy() -{ - return Singleton<SecureRomManager>::instance().secureRomValidPolicy(); -} - /** * @brief Verify Signed Container */ @@ -78,11 +73,8 @@ errlHndl_t verifyContainer(void * i_container, const SHA512_t* i_hwKeyHash) { errlHndl_t l_errl = nullptr; - if(Singleton<SecureRomManager>::instance().secureRomValidPolicy()) - { - l_errl = Singleton<SecureRomManager>::instance(). + l_errl = Singleton<SecureRomManager>::instance(). verifyContainer(i_container,i_hwKeyHash); - } return l_errl; } @@ -148,15 +140,8 @@ errlHndl_t verifyComponentId( */ void hashBlob(const void * i_blob, size_t i_size, SHA512_t o_buf) { - if(Singleton<SecureRomManager>::instance().secureRomValidPolicy()) - { - return Singleton<SecureRomManager>::instance(). + return Singleton<SecureRomManager>::instance(). hashBlob(i_blob, i_size, o_buf); - } - else - { - memset(o_buf, 0, sizeof(SHA512_t)); - } } /** @@ -165,11 +150,8 @@ void hashBlob(const void * i_blob, size_t i_size, SHA512_t o_buf) */ void hashConcatBlobs(const blobPair_t &i_blobs, SHA512_t o_buf) { - if(Singleton<SecureRomManager>::instance().secureRomValidPolicy()) - { return Singleton<SecureRomManager>::instance(). hashConcatBlobs(i_blobs, o_buf); - } } /* @@ -177,11 +159,7 @@ void hashConcatBlobs(const blobPair_t &i_blobs, SHA512_t o_buf) */ void getHwKeyHash(SHA512_t o_hash) { - // @TODO RTC:170136 remove isValid check - if(Singleton<SecureRomManager>::instance().secureRomValidPolicy()) - { - return Singleton<SecureRomManager>::instance().getHwKeyHash(o_hash); - } + return Singleton<SecureRomManager>::instance().getHwKeyHash(o_hash); } sbFuncVer_t getSecRomFuncVersion(const sbFuncType_t i_funcType) @@ -219,43 +197,27 @@ errlHndl_t SecureRomManager::initialize() do{ // Check if bootloader to hostboot data is valid. iv_secureromValid = g_BlToHbDataManager.isValid(); - + // Enforce that the securerom is valid if (!iv_secureromValid) { - // Allow skipping functionality if secure rom is invalid if best - // effort policy enabled - if(SECUREBOOT::bestEffortPolicy()) - { - TRACFCOMP(g_trac_secure,INFO_MRK"SecureRomManager::initialize(): SecureROM invalid, skipping functionality"); -#ifdef CONFIG_CONSOLE - CONSOLE::displayf(SECURE_COMP_NAME, "SecureROM invalid - skipping functionality"); -#endif - printk("SecureRomManager SecureROM invalid -- skipping functionality\n"); - // Can skip the rest of this function - break; - } - // Otherwise enforce securerom to be valid. - else - { - TRACFCOMP(g_trac_secure,ERR_MRK"SecureRomManager::initialize(): SecureROM invalid"); + TRACFCOMP(g_trac_secure,ERR_MRK"SecureRomManager::initialize(): SecureROM invalid"); #ifdef CONFIG_CONSOLE - CONSOLE::displayf(SECURE_COMP_NAME, ERR_MRK"SecureROM invalid"); + CONSOLE::displayf(SECURE_COMP_NAME, ERR_MRK"SecureROM invalid"); #endif - printk("ERR> SecureRomManager SecureROM invalid\n"); - /*@ - * @errortype - * @moduleid SECUREBOOT::MOD_SECURE_ROM_INIT - * @reasoncode SECUREBOOT::RC_SECROM_INVALID - * @devdesc Valid securerom not present - * @custdesc Security failure occurred during the IPL of - * the system. - */ - l_errl = new ERRORLOG::ErrlEntry( ERRORLOG::ERRL_SEV_UNRECOVERABLE, - SECUREBOOT::MOD_SECURE_ROM_INIT, - SECUREBOOT::RC_SECROM_INVALID); - l_errl->collectTrace(SECURE_COMP_NAME,ERROR_TRACE_SIZE); - break; - } + printk("ERR> SecureRomManager SecureROM invalid\n"); + /*@ + * @errortype + * @moduleid SECUREBOOT::MOD_SECURE_ROM_INIT + * @reasoncode SECUREBOOT::RC_SECROM_INVALID + * @devdesc Valid securerom not present + * @custdesc Security failure occurred during the IPL of + * the system. + */ + l_errl = new ERRORLOG::ErrlEntry( ERRORLOG::ERRL_SEV_UNRECOVERABLE, + SECUREBOOT::MOD_SECURE_ROM_INIT, + SECUREBOOT::RC_SECROM_INVALID); + l_errl->collectTrace(SECURE_COMP_NAME,ERROR_TRACE_SIZE); + break; } TRACFCOMP(g_trac_secure,"SecureRomManager::initialize(): SecureROM valid, enabling functionality"); @@ -366,12 +328,6 @@ errlHndl_t SecureRomManager::verifyContainer(void * i_container, do{ - // Check if secureboot data is valid. - if (!secureRomValidPolicy()) - { - // Can skip the rest of this function - break; - } // Check to see if ROM has already been initialized // This should have been done early in IPL so assert if this // is not the case as system is in a bad state @@ -477,29 +433,25 @@ void SecureRomManager::hashBlob(const void * i_blob, size_t i_size, SHA512_t o_b TRACDCOMP(g_trac_secure,INFO_MRK"SecureRomManager::hashBlob()"); - // Check if secureboot data is valid. - if (secureRomValidPolicy()) - { - // Check to see if ROM has already been initialized - // This should have been done early in IPL so assert if this - // is not the case as system is in a bad state - assert(iv_securerom != nullptr); + // Check to see if ROM has already been initialized + // This should have been done early in IPL so assert if this + // is not the case as system is in a bad state + assert(iv_securerom != nullptr); - // Set startAddr to ROM_SHA512() function at an offset of Secure ROM - uint64_t l_rom_SHA512_startAddr = - reinterpret_cast<uint64_t>(iv_securerom) + - getSecRomFuncOffset(SB_FUNC_TYPES::SHA512); + // Set startAddr to ROM_SHA512() function at an offset of Secure ROM + uint64_t l_rom_SHA512_startAddr = + reinterpret_cast<uint64_t>(iv_securerom) + + getSecRomFuncOffset(SB_FUNC_TYPES::SHA512); - call_rom_SHA512(reinterpret_cast<void*>(l_rom_SHA512_startAddr), - reinterpret_cast<const sha2_byte*>(i_blob), - i_size, - reinterpret_cast<SHA512_t*>(o_buf)); + call_rom_SHA512(reinterpret_cast<void*>(l_rom_SHA512_startAddr), + reinterpret_cast<const sha2_byte*>(i_blob), + i_size, + reinterpret_cast<SHA512_t*>(o_buf)); - TRACUCOMP(g_trac_secure,"SecureRomManager::hashBlob(): " - "call_rom_SHA512: blob=%p size=0x%X addr=%p (iv_d_p=%p)", - i_blob, i_size, l_rom_SHA512_startAddr, - iv_securerom); - } + TRACUCOMP(g_trac_secure,"SecureRomManager::hashBlob(): " + "call_rom_SHA512: blob=%p size=0x%X addr=%p (iv_d_p=%p)", + i_blob, i_size, l_rom_SHA512_startAddr, + iv_securerom); TRACDCOMP(g_trac_secure,EXIT_MRK"SecureRomManager::hashBlob()"); } @@ -510,42 +462,18 @@ void SecureRomManager::hashBlob(const void * i_blob, size_t i_size, SHA512_t o_b void SecureRomManager::hashConcatBlobs(const blobPair_t &i_blobs, SHA512_t o_buf) const { - // Check if secureboot data is valid. - if (secureRomValidPolicy()) + std::vector<uint8_t> concatBuf; + for (const auto &it : i_blobs) { - std::vector<uint8_t> concatBuf; - for (const auto &it : i_blobs) - { - assert(it.first != nullptr, "BUG! In SecureRomManager::hashConcatBlobs(), " - "User passed in nullptr blob pointer"); - const uint8_t* const blob = static_cast<const uint8_t*>(it.first); - const auto blobSize = it.second; - concatBuf.insert(concatBuf.end(), blob, blob + blobSize); - } - - // Call hash blob on new concatenated buffer - hashBlob(concatBuf.data(),concatBuf.size(),o_buf); + assert(it.first != nullptr, "BUG! In SecureRomManager::hashConcatBlobs(), " + "User passed in nullptr blob pointer"); + const uint8_t* const blob = static_cast<const uint8_t*>(it.first); + const auto blobSize = it.second; + concatBuf.insert(concatBuf.end(), blob, blob + blobSize); } -} -bool SecureRomManager::secureRomValidPolicy() const -{ - bool l_policy = true; - if (bestEffortPolicy()) - { - // Set policy based on secure ROM status - l_policy = iv_secureromValid; - } - else - { - // Assert secure rom is valid in this mode. - // The initialize function should have created an error log already if - // this case is false, so this code path should not be hit. - assert(iv_secureromValid==true, "SecureRomManager cannot operate with invalid secure rom"); - l_policy = true; - } - - return l_policy; + // Call hash blob on new concatenated buffer + hashBlob(concatBuf.data(),concatBuf.size(),o_buf); } /******************** @@ -557,12 +485,8 @@ bool SecureRomManager::secureRomValidPolicy() const */ void SecureRomManager::getHwKeyHash() { - // Check if secureboot data is valid. - if (secureRomValidPolicy()) - { - iv_key_hash = reinterpret_cast<const SHA512_t*>( + iv_key_hash = reinterpret_cast<const SHA512_t*>( g_BlToHbDataManager.getHwKeysHash()); - } } /** @@ -570,11 +494,7 @@ void SecureRomManager::getHwKeyHash() */ void SecureRomManager::getHwKeyHash(SHA512_t o_hash) { - // Check if secureboot data is valid. - if (secureRomValidPolicy()) - { - memcpy(o_hash, iv_key_hash, sizeof(SHA512_t)); - } + memcpy(o_hash, iv_key_hash, sizeof(SHA512_t)); } const SecureRomManager::SecRomFuncTypeOffsetMap_t diff --git a/src/usr/secureboot/base/securerommgr.H b/src/usr/secureboot/base/securerommgr.H index b221d2c10..4358c4981 100644 --- a/src/usr/secureboot/base/securerommgr.H +++ b/src/usr/secureboot/base/securerommgr.H @@ -97,15 +97,6 @@ class SecureRomManager void hashConcatBlobs (const blobPair_t &i_blobs, SHA512_t o_buf) const; /* - * @brief Determines if best effort policy is enabled and allowed when - * SecureROM is invalid. - * Asserts secure rom is valid if bestEffortPolicy is false - * - * @return bool - True if enabled, false otherwise - */ - bool secureRomValidPolicy() const; - - /* * @brief Get offset of function from the start of the SecureROM * * @param[in] i_funcType Secure Boot function type to get version of diff --git a/src/usr/secureboot/base/service.C b/src/usr/secureboot/base/service.C index ce4f5ecbf..21900a5fa 100644 --- a/src/usr/secureboot/base/service.C +++ b/src/usr/secureboot/base/service.C @@ -315,11 +315,8 @@ void* initializeBase(void* unused) } #endif - // Load original secureboot header. - if (enabled()) - { - Singleton<Header>::instance().loadSecurely(); - } + // Load original header. + Singleton<Header>::instance().loadHeader(); } while(0); return l_errl; @@ -332,11 +329,6 @@ bool enabled() } #endif -bool bestEffortPolicy() -{ - return Singleton<Settings>::instance().getBestEffortPolicy(); -} - errlHndl_t getSecuritySwitch(uint64_t& o_regValue, TARGETING::Target* i_pProc) { return Singleton<Settings>::instance().getSecuritySwitch(o_regValue, diff --git a/src/usr/secureboot/base/settings.C b/src/usr/secureboot/base/settings.C index 386a330ba..eb25aea11 100644 --- a/src/usr/secureboot/base/settings.C +++ b/src/usr/secureboot/base/settings.C @@ -101,21 +101,6 @@ namespace SECUREBOOT securitySwitchValue,cbsValue); } #endif - -#ifdef CONFIG_SECUREBOOT_BEST_EFFORT - iv_bestEffortPolicy = true; -#else - if (iv_enabled) - { - iv_bestEffortPolicy = false; - } - else - { - iv_bestEffortPolicy = true; - } -#endif - SB_INF("getBestEffortPolicy() state:%i",iv_bestEffortPolicy); - printk("SECUREBOOT::bestEffortPolicy() state:%i\n", iv_bestEffortPolicy); } bool Settings::getEnabled() const @@ -123,11 +108,6 @@ namespace SECUREBOOT return iv_enabled; } - bool Settings::getBestEffortPolicy() const - { - return iv_bestEffortPolicy; - } - errlHndl_t Settings::getJumperState(SecureJumperState& o_state, Target* i_pProc) const { |