summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/include/securerom/ROM.H89
-rw-r--r--src/include/usr/secureboot/containerheader.H4
-rw-r--r--src/include/usr/secureboot/rom.H195
-rw-r--r--src/usr/pnor/pnorrp.C4
-rw-r--r--src/usr/pnor/spnorrp.C4
-rw-r--r--src/usr/secureboot/base/containerheader.C6
-rw-r--r--src/usr/secureboot/base/securerom.H93
7 files changed, 98 insertions, 297 deletions
diff --git a/src/include/securerom/ROM.H b/src/include/securerom/ROM.H
index 808a87468..b8ace6e71 100644
--- a/src/include/securerom/ROM.H
+++ b/src/include/securerom/ROM.H
@@ -35,8 +35,6 @@
#define HASH_ALG_SHA512 1
#define SIG_ALG_ECDSA521 1
-#define ROM_MAGIC_NUMBER 0x17082011
-
typedef struct
{
uint16_t version; // (1: see versions above)
@@ -130,4 +128,91 @@ extern void ROM_sreset (void);
extern "C" ROM_response ROM_verify (ROM_container_raw* container,
ROM_hw_params* params);
+/************************* END OF ORIGINAL ROM CODE ***************************/
+
+/* Offsets needed to call functions in jump table at start of ROM code.
+ See img/securerom.list.bz2 and search for SHA512_Hash and ROM_verify
+ E.g.
+ 0000000000000018 <_SHA512_Hash>:
+ 0000000000000028 <_ROM_verify>:
+*/
+#define SHA512_HASH_FUNCTION_OFFSET 0x18
+#define ROM_VERIFY_FUNCTION_OFFSET 0x28
+
+// Need this for the following definition
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+// Interfaces for Assembly Functions to call into Secure ROM
+// - 1st parameter is address of function offset into Secure ROM,
+// followed by additional parameters as necssary
+
+/**
+ * @brief Call rom verify code against system hash keys
+ *
+ * @param[in] void* Address of function offset into Secure ROM
+ * @param[in] ROM_container_raw* Pointer to effective address of container
+ * @param[in] ROM_hw_params* HW params to pass in. Includes HW keys' hash
+ *
+ * @return ROM_response ROM_DONE on sucess ROM_FAILURE otherwise
+ */
+ROM_response call_rom_verify(void*, ROM_container_raw*, ROM_hw_params*);
+
+/**
+ * @brief Call rom SHA512 code
+ *
+ * @param[in] void* Address of function offset into Secure ROM
+ * @param[in] sha2_byte* Pointer to effective address of blob to hash
+ * @param[in] size_t Size of blob to hash
+ * @param[in/out] sha2_hash_t* Pointer to resulting hash value
+ *
+ * @return N/A
+ */
+void call_rom_SHA512(void*, const sha2_byte *, size_t, sha2_hash_t*);
+
+#ifdef __cplusplus
+}
+#endif
+
+// Consts used for container header validation
+const uint32_t ROM_MAGIC_NUMBER = 0x17082011;
+const uint16_t ROM_VERSION = 1;
+const uint8_t ROM_HASH_ALG = 1;
+const uint8_t ROM_SIG_ALG = 1;
+const uint8_t HW_KEY_COUNT = 3;
+const uint8_t SW_KEY_COUNT_MIN = 1;
+const uint8_t SW_KEY_COUNT_MAX = 3;
+const size_t MAX_SECURE_HEADER_SIZE = 4096;
+
+// Security Flags
+
+// HW Security Flags
+enum HW_SB_FLAGS
+{
+ HB_FW_FLAG = 0x80000000,
+ OPAL_FLAG = 0x40000000,
+ PHYP_FLAG = 0x20000000,
+ KEY_TRANSITION_FLAG = 0x00000001
+};
+
+// SW Security Flags
+enum SW_SB_FLAGS
+{
+ // placeholder
+};
+
+// Structure to store all hw and sw flag values in a container header
+struct sb_flags_t
+{
+ sb_flags_t() : hw_hb_fw(false), hw_opal(false), hw_phyp(false),
+ hw_key_transition(false) {}
+ bool hw_hb_fw;
+ bool hw_opal;
+ bool hw_phyp;
+ bool hw_key_transition;
+};
+
+
#endif
diff --git a/src/include/usr/secureboot/containerheader.H b/src/include/usr/secureboot/containerheader.H
index c5188e629..cf97a08bd 100644
--- a/src/include/usr/secureboot/containerheader.H
+++ b/src/include/usr/secureboot/containerheader.H
@@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
-/* Contributors Listed Below - COPYRIGHT 2016 */
+/* Contributors Listed Below - COPYRIGHT 2016,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
@@ -27,7 +27,7 @@
#include <errl/errlentry.H>
#include <secureboot/service.H>
-#include <secureboot/rom.H>
+#include <securerom/ROM.H>
// Forward Declaration
class SecureROMTest;
diff --git a/src/include/usr/secureboot/rom.H b/src/include/usr/secureboot/rom.H
deleted file mode 100644
index 45f9c5dd4..000000000
--- a/src/include/usr/secureboot/rom.H
+++ /dev/null
@@ -1,195 +0,0 @@
-/* IBM_PROLOG_BEGIN_TAG */
-/* This is an automatically generated prolog. */
-/* */
-/* $Source: src/include/usr/secureboot/rom.H $ */
-/* */
-/* OpenPOWER HostBoot Project */
-/* */
-/* Contributors Listed Below - COPYRIGHT 2016 */
-/* [+] International Business Machines Corp. */
-/* */
-/* */
-/* Licensed under the Apache License, Version 2.0 (the "License"); */
-/* you may not use this file except in compliance with the License. */
-/* You may obtain a copy of the License at */
-/* */
-/* http://www.apache.org/licenses/LICENSE-2.0 */
-/* */
-/* Unless required by applicable law or agreed to in writing, software */
-/* distributed under the License is distributed on an "AS IS" BASIS, */
-/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */
-/* implied. See the License for the specific language governing */
-/* permissions and limitations under the License. */
-/* */
-/* IBM_PROLOG_END_TAG */
-#ifndef __SECUREBOOT_ROM_H
-#define __SECUREBOOT_ROM_H
-
-// Consts used for container header validation
-const uint32_t MAGIC_NUMBER = 0x17082011;
-const uint16_t ROM_VERSION = 1;
-const uint8_t ROM_HASH_ALG = 1;
-const uint8_t ROM_SIG_ALG = 1;
-const uint8_t HW_KEY_COUNT = 3;
-const uint8_t SW_KEY_COUNT_MIN = 1;
-const uint8_t SW_KEY_COUNT_MAX = 3;
-const size_t MAX_SECURE_HEADER_SIZE = 4096;
-
-// Security Flags
-
-// HW Security Flags
-enum HW_SB_FLAGS
-{
- HB_FW_FLAG = 0x80000000,
- OPAL_FLAG = 0x40000000,
- PHYP_FLAG = 0x20000000,
- KEY_TRANSITION_FLAG = 0x00000001
-};
-
-// SW Security Flags
-enum SW_SB_FLAGS
-{
- // placeholder
-};
-
-// Structure to store all hw and sw flag values in a container header
-struct sb_flags_t
-{
- sb_flags_t() : hw_hb_fw(false), hw_opal(false), hw_phyp(false),
- hw_key_transition(false) {}
- bool hw_hb_fw;
- bool hw_opal;
- bool hw_phyp;
- bool hw_key_transition;
-};
-
-/******************************************************************/
-/* Start of Chip Logic Secure ROM include section */
-/******************************************************************/
-// These defines come from the following directory:
-// /afs/awd/projects/eclipz/c22/libs/tp/logic/p8m/head/trusted_boot_rom/src
-
-/* From hw_utils.h: */
-#define ECID_SIZE 16
-#define PIBMEM 0x00080000
-#define PIBMEM_HW_KEY_HASH (PIBMEM +0x0008)
-
-/* From ecverify.h */
-#define EC_COORDBYTES 66 /* P-521 */
-typedef uint8_t ecc_key_t[2*EC_COORDBYTES];
-typedef uint8_t ecc_signature_t[2*EC_COORDBYTES];
-
-/* From sha512.h: */
-#define SHA512_DIGEST_LENGTH 64
-typedef uint8_t __attribute__((aligned(8))) sha2_hash_t[ \
- SHA512_DIGEST_LENGTH / sizeof(uint8_t) ];
-
-typedef uint8_t sha2_byte; /* Exactly 1 byte */
-
-/* From ROM.h */
-typedef enum { ROM_DONE, ROM_FAILED, PHYP_PARTIAL } ROM_response;
-
-/* From ROM.h */
-typedef struct {
- uint16_t version; // (1: see versions above)
- uint8_t hash_alg; // (1: SHA-512)
- uint8_t sig_alg; // (1: SHA-512/ECDSA-521)
-}__attribute__((packed)) ROM_version_raw;
-
-typedef struct {
- uint32_t magic_number; // (17082011)
- uint16_t version; // (1: see versions above)
- uint64_t container_size; // filled by caller
- uint64_t target_hrmor; // filled by caller
- uint64_t stack_pointer; // filled by caller
- //bottom of stack -> 128k added by rom code to get real stack pointer
- ecc_key_t hw_pkey_a;
- ecc_key_t hw_pkey_b;
- ecc_key_t hw_pkey_c;
- uint64_t prefix; // prefix header place holder
- // followed by sw header (if not special prefix)
- // followed by optional unprotected payload data
-}__attribute__((packed)) ROM_container_raw;
-
-typedef struct {
- ROM_version_raw ver_alg;
- uint64_t code_start_offset;
- uint64_t reserved;
- uint32_t flags;
- uint8_t sw_key_count;
- uint64_t payload_size;
- sha2_hash_t payload_hash;
- uint8_t ecid_count;
- uint8_t ecid[ECID_SIZE]; // optional ecid place holder ecid_count * ecid_size(128 bits)
- // followed by prefix data (sig,keys) key raw
-}__attribute__((packed)) ROM_prefix_header_raw;
-
-#define PREFIX_HEADER_SIZE(_p) (sizeof(ROM_prefix_header_raw)+((_p->ecid_count-1)*ECID_SIZE))
-
-typedef struct {
- ecc_signature_t hw_sig_a;
- ecc_signature_t hw_sig_b;
- ecc_signature_t hw_sig_c;
- ecc_key_t sw_pkey_p;
- ecc_key_t sw_pkey_q;
- ecc_key_t sw_pkey_r;
-}__attribute__((packed)) ROM_prefix_data_raw;
-
-typedef struct {
- ROM_version_raw ver_alg;
- uint64_t code_start_offset;
- uint64_t reserved;
- uint32_t flags;
- uint8_t reserved_0;
- uint64_t payload_size;
- sha2_hash_t payload_hash;
- uint8_t ecid_count;
- uint8_t ecid[ECID_SIZE]; // optional ecid place holder ecid_count * ecid_size(128 bits)
- // followed by sw sig raw
-}__attribute__((packed)) ROM_sw_header_raw;
-
-#define SW_HEADER_SIZE(_p) (sizeof(ROM_sw_header_raw)+((_p->ecid_count-1)*ECID_SIZE))
-
-typedef struct {
- ecc_signature_t sw_sig_p;
- ecc_signature_t sw_sig_q;
- ecc_signature_t sw_sig_r;
- // followed by zero's padding to 4K
- // followed by protected sw payload_data
- // followed by unprotected sw payload_text
-}__attribute__((packed)) ROM_sw_sig_raw;
-
-typedef struct {
- sha2_hash_t hw_key_hash;
- uint8_t my_ecid[ECID_SIZE];
- uint64_t entry_point;
- uint64_t log;
-}__attribute__((packed)) ROM_hw_params;
-
-// Need this for the following definition
-#ifdef __cplusplus
-extern "C"
-{
-#endif
-
-// Interfaces for Assembly Functions to call into Secure ROM
-// - 1st parameter is address of function offset into Secure ROM,
-// followed by additional parameters as necssary
-
-ROM_response call_rom_verify(void*, ROM_container_raw*, ROM_hw_params*);
-void call_rom_SHA512(void*, const sha2_byte *, size_t, sha2_hash_t*);
-
-#ifdef __cplusplus
-}
-#endif
-
-/* Offsets needed to call functions in jump table at start of */
-/* SecureROM code - see .../trusted_boot_rom/bootrom.dis */
-#define SHA512_HASH_FUNCTION_OFFSET 0x20
-#define ROM_VERIFY_FUNCTION_OFFSET 0x30
-
-/******************************************************************/
-/* End of Chip Logic ROM include section */
-/******************************************************************/
-
-#endif
diff --git a/src/usr/pnor/pnorrp.C b/src/usr/pnor/pnorrp.C
index ab7c66f23..b13473248 100644
--- a/src/usr/pnor/pnorrp.C
+++ b/src/usr/pnor/pnorrp.C
@@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
-/* Contributors Listed Below - COPYRIGHT 2011,2016 */
+/* Contributors Listed Below - COPYRIGHT 2011,2017 */
/* [+] Google Inc. */
/* [+] International Business Machines Corp. */
/* */
@@ -562,7 +562,7 @@ errlHndl_t PnorRP::getSectionInfo( PNOR::SectionId i_section,
else
{
uint32_t l_badMagicHeader = 0;
- memcpy(&l_badMagicHeader, l_vaddr, sizeof(MAGIC_NUMBER));
+ memcpy(&l_badMagicHeader, l_vaddr, sizeof(ROM_MAGIC_NUMBER));
TRACFCOMP( g_trac_pnor, ERR_MRK"PnorRP::getSectionInfo: magic number not valid to parse container for section = %s magic number = 0x%X",
o_info.name, l_badMagicHeader);
/*@
diff --git a/src/usr/pnor/spnorrp.C b/src/usr/pnor/spnorrp.C
index 8fdd5d4e0..5f03f46c8 100644
--- a/src/usr/pnor/spnorrp.C
+++ b/src/usr/pnor/spnorrp.C
@@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
-/* Contributors Listed Below - COPYRIGHT 2011,2016 */
+/* Contributors Listed Below - COPYRIGHT 2011,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
@@ -921,7 +921,7 @@ errlHndl_t SPnorRP::keyTransitionCheck(const uint8_t *i_vaddr) const
bool PNOR::cmpSecurebootMagicNumber(const uint8_t* i_vaddr)
{
- return memcmp(&MAGIC_NUMBER, i_vaddr, sizeof(MAGIC_NUMBER)) == 0;
+ return memcmp(&ROM_MAGIC_NUMBER, i_vaddr, sizeof(ROM_MAGIC_NUMBER)) == 0;
}
errlHndl_t PNOR::hasSecurebootMagicNumber(const SectionId i_section,
diff --git a/src/usr/secureboot/base/containerheader.C b/src/usr/secureboot/base/containerheader.C
index a807d7d12..7c518adbf 100644
--- a/src/usr/secureboot/base/containerheader.C
+++ b/src/usr/secureboot/base/containerheader.C
@@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
-/* Contributors Listed Below - COPYRIGHT 2016 */
+/* Contributors Listed Below - COPYRIGHT 2016,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
@@ -44,7 +44,7 @@ void ContainerHeader::parse_header(const void* i_header)
// Early check if magic number is valid, as a quick check to try and prevent
// any storage exceptions while parsing header.
- assert(iv_headerInfo.hw_hdr.magic_number == MAGIC_NUMBER,
+ assert(iv_headerInfo.hw_hdr.magic_number == ROM_MAGIC_NUMBER,
"ContainerHeader: magic number = 0x%08X not valid",
iv_headerInfo.hw_hdr.magic_number);
@@ -195,7 +195,7 @@ const SHA512_t* ContainerHeader::hwKeyHash() const
void ContainerHeader::validate()
{
iv_isValid = (iv_hdrBytesRead <= MAX_SECURE_HEADER_SIZE)
- && (iv_headerInfo.hw_hdr.magic_number == MAGIC_NUMBER)
+ && (iv_headerInfo.hw_hdr.magic_number == ROM_MAGIC_NUMBER)
&& (iv_headerInfo.hw_hdr.version == ROM_VERSION)
&& (iv_headerInfo.hw_prefix_hdr.ver_alg.version == ROM_VERSION)
&& (iv_headerInfo.hw_prefix_hdr.ver_alg.hash_alg == ROM_HASH_ALG)
diff --git a/src/usr/secureboot/base/securerom.H b/src/usr/secureboot/base/securerom.H
index bfb16f88b..4bb4fd54e 100644
--- a/src/usr/secureboot/base/securerom.H
+++ b/src/usr/secureboot/base/securerom.H
@@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
-/* Contributors Listed Below - COPYRIGHT 2013,2016 */
+/* Contributors Listed Below - COPYRIGHT 2013,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
@@ -26,97 +26,8 @@
#ifndef __SECUREBOOT_SECUREROM_H
#define __SECUREBOOT_SECUREROM_H
-/** @file SecureRom.H
- *
- * @brief SecureROM class definition and miscellaneious defines
- * needed to work with Secure ROM binary
- */
-
#include <errl/errlentry.H>
-
-
-/******************************************************************/
-/* Start of Chip Logic Secure ROM include section */
-/******************************************************************/
-// These defines come from the following directory:
-// /afs/awd/projects/eclipz/c22/libs/tp/logic/p8m/head/trusted_boot_rom/src
-// and are needed to run functions in the SecureROM code stored in memory
-
-/* From hw_utils.h: */
-#define ECID_SIZE 16
-
-
-/* From ecverify.h */
-#define EC_COORDBYTES 66 /* P-521 */
-typedef uint8_t ecc_key_t[2*EC_COORDBYTES];
-
-
-/* From sha512.h: */
-#define SHA512_DIGEST_LENGTH 64
-typedef uint8_t __attribute__((aligned(8))) sha2_hash_t[ \
- SHA512_DIGEST_LENGTH / sizeof(uint8_t) ];
-
-typedef uint8_t sha2_byte; /* Exactly 1 byte */
-
-// This is the interface that call_rom_SHA512 calls into
-// void SHA512_Hash(const sha2_byte *data, size_t len, sha2_hash_t *result);
-
-
-/* From ROM.h */
-typedef enum { ROM_DONE, ROM_FAILED, PHYP_PARTIAL } ROM_response;
-
-typedef struct {
- uint32_t magic_number; // (17082011)
- uint16_t version; // (1: see versions above)
- uint64_t container_size; // filled by caller
- uint64_t target_hrmor; // filled by caller
- uint64_t stack_pointer; // filled by caller
- //bottom of stack -> 128k added by rom code to get real stack pointer
- ecc_key_t hw_pkey_a;
- ecc_key_t hw_pkey_b;
- ecc_key_t hw_pkey_c;
- uint64_t prefix; // prefix header place holder
- // followed by sw header (if not special prefix)
- // followed by optional unprotected payload data
-}__attribute__((packed)) ROM_container_raw;
-
-
-typedef struct {
- sha2_hash_t hw_key_hash;
- uint8_t my_ecid[ECID_SIZE];
- uint64_t entry_point;
- uint64_t log;
-}__attribute__((packed)) ROM_hw_params;
-
-
-// Need this for the following definition
-#ifdef __cplusplus
-extern "C"
-{
-#endif
-
-// Interfaces for Assembly Functions to call into Secure ROM
-// - 1st parameter is address of function offset into Secure ROM,
-// followed by additional parameters as necssary
-
-ROM_response call_rom_verify(void*, ROM_container_raw*, ROM_hw_params*);
-void call_rom_SHA512(void*, const sha2_byte *, size_t, sha2_hash_t*);
-
-#ifdef __cplusplus
-}
-#endif
-
-
-/* Offsets needed to call functions in jump table at start of */
-/* SecureROM code - see .../trusted_boot_rom/bootrom.dis */
-#define SHA512_HASH_FUNCTION_OFFSET 0x20
-#define ROM_VERIFY_FUNCTION_OFFSET 0x30
-
-
-/******************************************************************/
-/* End of Chip Logic Secure ROM include section */
-/******************************************************************/
-
+#include <securerom/ROM.H>
/** @class SecureROM
* @brief Class for loading and interacting with SecureROM in memory
OpenPOWER on IntegriCloud