diff options
author | Nick Bofferding <bofferdn@us.ibm.com> | 2017-01-25 13:10:08 -0600 |
---|---|---|
committer | William G. Hoffa <wghoffa@us.ibm.com> | 2017-02-02 15:06:55 -0500 |
commit | a42bbccdd949bc4b78e856087019c73a126420d4 (patch) | |
tree | 5fdc402c77c9578d3ddbcd4095cfe887f0f44cf6 /src/usr/secureboot/base | |
parent | 31591a027b6d76be0cd081d3bcce2e746fdc7623 (diff) | |
download | talos-hostboot-a42bbccdd949bc4b78e856087019c73a126420d4.tar.gz talos-hostboot-a42bbccdd949bc4b78e856087019c73a126420d4.zip |
Support extending sections to PCRs
- Ported p8 secureboot PCR extension code
Change-Id: I2bbf6ee6b2980c2fbe32dfb9cad25e9e2aba3285
RTC: 167581
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35632
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot/base')
-rw-r--r-- | src/usr/secureboot/base/header.C | 85 | ||||
-rw-r--r-- | src/usr/secureboot/base/securerom.C | 66 | ||||
-rw-r--r-- | src/usr/secureboot/base/securerom.H | 28 | ||||
-rw-r--r-- | src/usr/secureboot/base/service.C | 2 | ||||
-rw-r--r-- | src/usr/secureboot/base/test/secureromtest.H | 8 |
5 files changed, 123 insertions, 66 deletions
diff --git a/src/usr/secureboot/base/header.C b/src/usr/secureboot/base/header.C index 37ba7ca72..4aba9481f 100644 --- a/src/usr/secureboot/base/header.C +++ b/src/usr/secureboot/base/header.C @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2013,2016 */ +/* Contributors Listed Below - COPYRIGHT 2013,2017 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -26,6 +26,7 @@ #include <sys/mm.h> #include <sys/mmio.h> #include <kernel/console.H> +#include <errno.h> namespace SECUREBOOT { @@ -34,53 +35,65 @@ namespace SECUREBOOT return Singleton<Header>::instance(); } - // TODO securebootp9 this implementation native to p9 appears to be doing - // approximately the same thing as p8's loadSecurely() method. We need to - // confirm and merge together or leave separate and merely remove comment. - void Header::loadBaseHeader() + // @TODO RTC 168021 Converge on a single method of reading the secure + // header + void Header::loadSecurely() { - // Calculate original address of the secureboot header. - // Zero is purposefully not mapped into the VMM tables, so we - // can't use that for the virtual-to-real translation. Since - // this object is in the base image, EA = HRMOR | PA, so we can - // use PA - EA to find the HRMOR. - uint64_t addr = mm_virt_to_phys(this) - - reinterpret_cast<uint64_t>(this); - addr -= PAGESIZE; - - // Map in the header. - void* origHeader = mm_block_map(reinterpret_cast<void*>(addr), - PAGESIZE); - - // Copy header to a save area. - // In the future we might want to just extract pieces of the - // header. The header is important when we start updating - // the TPM PCRs. - iv_data = malloc(PAGESIZE); - memcpy(iv_data, origHeader, PAGESIZE); - - // Unmap the header. - mm_block_unmap(origHeader); + //@TODO RTC 167581 + // When RTC 166848 is available, pull in real header return; } - // TODO securebootp9 this implementation of the follwoing two methods need - // to be added based on p8 code - void Header::loadSecurely() - { - } - + // @TODO RTC 168021 Converge on a single method of reading the secure + // header void Header::setNonSecurely( - const void* i_pHeader) + const void* const i_pHeader) { + // Fatal code bug if already loaded + assert(iv_data == nullptr,"BUG! In setNonSecurely(), " + "a cached header is already present."); + + // Fatal code bug if called with nullptr pointer + assert(i_pHeader != nullptr,"BUG! In setNonSecurely(), " + "caller passed a nullptr header."); + + iv_data = calloc(1,PAGESIZE); + memcpy(iv_data,i_pHeader,PAGE_SIZE); } void Header::getHeader( - const void*& o_pHeader ) const + const void*& o_pHeader) const { // Fatal code bug if queried before loaded - assert(iv_data!=nullptr); + assert(iv_data!=nullptr,"BUG! In getHeader(), " + "header is not present."); o_pHeader = iv_data; } + + void Header::_calcSecureLoadAddr( + const void*& o_pCode) const + { + //@TODO RTC 167581 + // When RTC 166848 is available, pull in real header + + // Determine the secure address where the HBB image was loaded by SBE. + // Regardless of whether security is enabled or not, HBB always ends up + // at the secure load address (which corresponds to the HRMOR). + // + // Zero is purposefully not mapped into the VMM tables, so we + // can't use that for the virtual-to-real translation. Since + // this object is in the base (HBB) image, PA = HRMOR | EA, so we can + // use PA - EA to find the HRMOR. + const void* hrmor = reinterpret_cast<const void*>( + mm_virt_to_phys( + const_cast<SECUREBOOT::Header*>(this)) - + reinterpret_cast<uint64_t>(this)); + + // HRMOR lookup should never fail + assert( reinterpret_cast<uint64_t>(hrmor) + != static_cast<uint64_t>(-EFAULT)); + + o_pCode = hrmor; + } } diff --git a/src/usr/secureboot/base/securerom.C b/src/usr/secureboot/base/securerom.C index dd1428f33..74c2a18bb 100644 --- a/src/usr/secureboot/base/securerom.C +++ b/src/usr/secureboot/base/securerom.C @@ -84,20 +84,27 @@ errlHndl_t verifyContainer(void * i_container, const sha2_hash_t* i_hwKeyHash) errlHndl_t hashBlob(const void * i_blob, size_t i_size, SHA512_t io_buf) { return Singleton<SecureROM>::instance().hashBlob(i_blob, i_size, io_buf); +} +/** + * @brief Hash concatenation of 2 Blobs + * + */ +errlHndl_t hashConcatBlobs(const blobPair_t &i_blobs, SHA512_t o_buf) +{ + return Singleton<SecureROM>::instance().hashConcatBlobs(i_blobs, o_buf); } /* - * @brief Externally available hardware hash key function + * @brief Externally available hardware keys' hash retrieval function */ -void getHwHashKeys(sha2_hash_t o_hash) +void getHwKeyHash(sha2_hash_t o_hash) { - return Singleton<SecureROM>::instance().getHwHashKeys(o_hash); + return Singleton<SecureROM>::instance().getHwKeyHash(o_hash); } }; //end SECUREBOOT namespace - /******************** Public Methods ********************/ @@ -259,13 +266,13 @@ errlHndl_t SecureROM::initialize() /* Retrieve HW Hash Keys From The System */ /***************************************************************/ - // @todo RTC:RTC:34080 - Support for SecureROM::getHwHashKeys() - l_errl = SecureROM::getHwHashKeys(); + // @todo RTC:RTC:34080 - Support for SecureROM::getHwKeyHash() + l_errl = SecureROM::getHwKeyHash(); if (l_errl != NULL) { TRACFCOMP(g_trac_secure,ERR_MRK"SecureROM::initialize():" - " SecureROM::getHwHashKeys() returned an error"); + " SecureROM::getHwKeyHash() returned an error"); l_errl->collectTrace(SECURE_COMP_NAME,256); break; @@ -329,8 +336,8 @@ errlHndl_t SecureROM::verifyContainer(void * i_container, // struct elements my_ecid, entry_point and log memset(&l_hw_parms, 0, sizeof(ROM_hw_params)); - // Now set hw_key_hash, which is of type sha2_hash_t, to iv_hash_key - memcpy (&l_hw_parms.hw_key_hash, &iv_hash_key, sizeof(sha2_hash_t)); + // Now set hw_key_hash, which is of type sha2_hash_t, to iv_key_hash + memcpy (&l_hw_parms.hw_key_hash, &iv_key_hash, sizeof(sha2_hash_t)); TRACFBIN(g_trac_secure,"SecureROM::verifyContainer(): hw_key_hash", l_hw_parms.hw_key_hash, sizeof(sha2_hash_t)); @@ -384,6 +391,7 @@ errlHndl_t SecureROM::verifyContainer(void * i_container, /*@ * @errortype + * @severity ERRL_SEV_UNRECOVERABLE * @moduleid SECUREBOOT::MOD_SECURE_ROM_VERIFY * @reasoncode SECUREBOOT::RC_ROM_VERIFY * @userdata1 l_rc @@ -457,6 +465,28 @@ errlHndl_t SecureROM::hashBlob(const void * i_blob, size_t i_size, SHA512_t io_b return l_errl; } +/** + * @brief Hash concatenation of N Blobs + */ +errlHndl_t SecureROM::hashConcatBlobs(const blobPair_t &i_blobs, + SHA512_t o_buf) const +{ + errlHndl_t pError = nullptr; + std::vector<uint8_t> concatBuf; + for (const auto &it : i_blobs) + { + assert(it.first != nullptr, "BUG! In SecureROM::hashConcatBlobs(), " + "User passed in nullptr blob pointer"); + const uint8_t* const blob = static_cast<const uint8_t*>(it.first); + const auto blobSize = it.second; + concatBuf.insert(concatBuf.end(), blob, blob + blobSize); + } + + // Call hash blob on new concatenated buffer + pError = hashBlob(concatBuf.data(),concatBuf.size(),o_buf); + + return pError; +} /******************** Internal Methods @@ -470,8 +500,8 @@ SecureROM::SecureROM() { TRACDCOMP(g_trac_secure, "SecureROM::SecureROM()>"); - // Clear out iv_hash_keys, which is of type sha2_hash_t - memset(&iv_hash_key, 0, sizeof(sha2_hash_t) ); + // Clear out iv_key_hash, which is of type sha2_hash_t + memset(&iv_key_hash, 0, sizeof(sha2_hash_t) ); } @@ -547,26 +577,26 @@ void SecureROM::_cleanup() /** - * @brief Retrieves HW Keys from the system + * @brief Retrieves HW keys' hash from the system */ -errlHndl_t SecureROM::getHwHashKeys() +errlHndl_t SecureROM::getHwKeyHash() { errlHndl_t l_errl = NULL; - TRACFCOMP(g_trac_secure,INFO_MRK"SecureROM::getHwHashKeys() NOT supported"); + TRACFCOMP(g_trac_secure,INFO_MRK"SecureROM::getHwKeyHash() NOT supported"); - // @todo RTC:34080 - Add support for getting HW Hash Keys from System + // @todo RTC:34080 - Add support for getting HW keys' hash from System return l_errl; } /** - * @brief Retrieve the internal hardware hash key from secure ROM object. + * @brief Retrieve the internal hardware keys' hash from secure ROM object. */ -void SecureROM::getHwHashKeys(sha2_hash_t o_hash) +void SecureROM::getHwKeyHash(sha2_hash_t o_hash) { - memcpy(o_hash, iv_hash_key, sizeof(sha2_hash_t)); + memcpy(o_hash, iv_key_hash, sizeof(sha2_hash_t)); } /** diff --git a/src/usr/secureboot/base/securerom.H b/src/usr/secureboot/base/securerom.H index 4bb4fd54e..3704209d9 100644 --- a/src/usr/secureboot/base/securerom.H +++ b/src/usr/secureboot/base/securerom.H @@ -71,13 +71,28 @@ class SecureROM errlHndl_t hashBlob(const void * i_blob, size_t i_size, SHA512_t io_buf) const; /** - * @brief Retrieve the internal hardware hash key from secure ROM + * @brief Retrieve the internal hardware keys' hash from secure ROM * object. * * @param[out] o_hash Reference to the sha2_hash_t array to copy the * hash to. */ - void getHwHashKeys(sha2_hash_t o_hash); + void getHwKeyHash(sha2_hash_t o_hash); + + /* + * @brief Hash the concatenation of N Blobs + * + * Asserts if any blob pointer is NULL + * + * @param[in] i_blobs Vector of pairs composed of a void + * pointer to effective address and size + * of the blob to concatenate + * @param[out] o_buf SHA512 hash + * + * @return errlHndl_t NULL on success + */ + errlHndl_t hashConcatBlobs (const blobPair_t &i_blobs, + SHA512_t o_buf) const; protected: @@ -104,21 +119,20 @@ class SecureROM void * iv_device_ptr; /** - * Hash Key Retrieved From System + * HW key' hash retrieved from system */ - sha2_hash_t iv_hash_key; - + sha2_hash_t iv_key_hash; /******************************************** * Private Functions ********************************************/ /** - * @brief Retrieves HW Keys from the system + * @brief Retrieves HW keys' hash from the system * * @return errlHndl_t NULL on success */ - errlHndl_t getHwHashKeys(); + errlHndl_t getHwKeyHash(); /** * @brief Static instance function for testcase only diff --git a/src/usr/secureboot/base/service.C b/src/usr/secureboot/base/service.C index beed71616..6a8a35935 100644 --- a/src/usr/secureboot/base/service.C +++ b/src/usr/secureboot/base/service.C @@ -68,7 +68,7 @@ void* initializeBase(void* unused) // Load original secureboot header. if (enabled()) { - Singleton<Header>::instance().loadBaseHeader(); + Singleton<Header>::instance().loadSecurely(); } // Extend memory footprint into lower portion of cache. diff --git a/src/usr/secureboot/base/test/secureromtest.H b/src/usr/secureboot/base/test/secureromtest.H index 805b5bc2b..8a4ff4043 100644 --- a/src/usr/secureboot/base/test/secureromtest.H +++ b/src/usr/secureboot/base/test/secureromtest.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2013,2016 */ +/* Contributors Listed Below - COPYRIGHT 2013,2017 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -62,7 +62,7 @@ void unloadSignedFile( void * & io_signedFile_pageAddr, // secureboot_signed_container was generated using this hw hash key. If another // key is in pibmem, this test will always fail. -const uint64_t hw_hash_key[] = +const uint64_t hw_key_hash[] = { 0x40d487ff7380ed6a, 0xd54775d5795fea0d, @@ -129,8 +129,8 @@ class SecureROMTest : public CxxTest::TestSuite return; } - // Set hw hash key - memcpy (& l_sRom.iv_hash_key, &hw_hash_key, sizeof(sha2_hash_t)); + // Set hardware keys' hash + memcpy (& l_sRom.iv_key_hash, &hw_key_hash, sizeof(sha2_hash_t)); /*******************************************************************/ /* Call verify function */ |