summaryrefslogtreecommitdiffstats
path: root/src/include/securerom
diff options
context:
space:
mode:
Diffstat (limited to 'src/include/securerom')
-rw-r--r--src/include/securerom/ROM.H133
-rw-r--r--src/include/securerom/ecverify.H55
-rw-r--r--src/include/securerom/hw_utils.H430
-rw-r--r--src/include/securerom/sha512.H51
-rw-r--r--src/include/securerom/status_codes.H113
5 files changed, 782 insertions, 0 deletions
diff --git a/src/include/securerom/ROM.H b/src/include/securerom/ROM.H
new file mode 100644
index 000000000..315a436d0
--- /dev/null
+++ b/src/include/securerom/ROM.H
@@ -0,0 +1,133 @@
+/* IBM_PROLOG_BEGIN_TAG */
+/* This is an automatically generated prolog. */
+/* */
+/* $Source: src/include/securerom/ROM.H $ */
+/* */
+/* OpenPOWER HostBoot Project */
+/* */
+/* Contributors Listed Below - COPYRIGHT 2016,2017 */
+/* [+] International Business Machines Corp. */
+/* */
+/* */
+/* Licensed under the Apache License, Version 2.0 (the "License"); */
+/* you may not use this file except in compliance with the License. */
+/* You may obtain a copy of the License at */
+/* */
+/* http://www.apache.org/licenses/LICENSE-2.0 */
+/* */
+/* Unless required by applicable law or agreed to in writing, software */
+/* distributed under the License is distributed on an "AS IS" BASIS, */
+/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */
+/* implied. See the License for the specific language governing */
+/* permissions and limitations under the License. */
+/* */
+/* IBM_PROLOG_END_TAG */
+/****************************************************************************
+ *
+ ****************************************************************************/
+#ifndef ROM_H
+#define ROM_H
+
+/****************************************************************************/
+#ifndef PHYPLIBFUNCTIONS
+#include <hw_utils.h>
+#endif
+#include <sha512.h>
+#include <ecverify.h>
+
+/****************************************************************************/
+#define CONTAINER_VERSION 1
+#define HEADER_VERSION 1
+#define HASH_ALG_SHA512 1
+#define SIG_ALG_ECDSA521 1
+
+#define HBI_BASE_SIGNING_KEY 0x80000000
+
+#define ROM_MAGIC_NUMBER 0x17082011
+
+typedef struct {
+ uint16_t version; // (1: see versions above)
+ uint8_t hash_alg; // (1: SHA-512)
+ uint8_t sig_alg; // (1: SHA-512/ECDSA-521)
+}__attribute__((packed)) ROM_version_raw;
+
+typedef struct {
+ uint32_t magic_number; // (17082011)
+ uint16_t version; // (1: see versions above)
+ uint64_t container_size; // filled by caller
+ uint64_t target_hrmor; // filled by caller
+ uint64_t stack_pointer; // filled by caller //bottom of stack -> 128k added by rom code to get real stack pointer
+ ecc_key_t hw_pkey_a;
+ ecc_key_t hw_pkey_b;
+ ecc_key_t hw_pkey_c;
+ uint64_t prefix; // prefix header place holder
+ // followed by sw header (if not special prefix)
+ // followed by optional unprotected payload data
+}__attribute__((packed)) ROM_container_raw;
+
+typedef struct {
+ ROM_version_raw ver_alg;
+ uint64_t code_start_offset;
+ uint64_t reserved;
+ uint32_t flags;
+ uint8_t sw_key_count;
+ uint64_t payload_size;
+ sha2_hash_t payload_hash;
+ uint8_t ecid_count;
+ uint8_t ecid[ECID_SIZE]; // optional ecid place holder ecid_count * ecid_size(128 bits)
+ // followed by prefix data (sig,keys) key raw
+}__attribute__((packed)) ROM_prefix_header_raw;
+
+#define PREFIX_HEADER_SIZE(_p) (sizeof(ROM_prefix_header_raw)+((_p->ecid_count-1)*ECID_SIZE))
+
+typedef struct {
+ ecc_signature_t hw_sig_a;
+ ecc_signature_t hw_sig_b;
+ ecc_signature_t hw_sig_c;
+ ecc_key_t sw_pkey_p;
+ ecc_key_t sw_pkey_q;
+ ecc_key_t sw_pkey_r;
+}__attribute__((packed)) ROM_prefix_data_raw;
+
+typedef struct {
+ ROM_version_raw ver_alg;
+ uint64_t code_start_offset;
+ uint64_t reserved;
+ uint32_t flags;
+ uint8_t reserved_0;
+ uint64_t payload_size;
+ sha2_hash_t payload_hash;
+ uint8_t ecid_count;
+ uint8_t ecid[ECID_SIZE]; // optional ecid place holder ecid_count * ecid_size(128 bits)
+ // followed by sw sig raw
+}__attribute__((packed)) ROM_sw_header_raw;
+
+#define SW_HEADER_SIZE(_p) (sizeof(ROM_sw_header_raw)+((_p->ecid_count-1)*ECID_SIZE))
+
+typedef struct {
+ ecc_signature_t sw_sig_p;
+ ecc_signature_t sw_sig_q;
+ ecc_signature_t sw_sig_r;
+ // followed by zero's padding to 4K
+ // followed by protected sw payload_data
+ // followed by unprotected sw payload_text
+}__attribute__((packed)) ROM_sw_sig_raw;
+
+/****************************************************************************/
+typedef enum { ROM_DONE, ROM_FAILED, PHYP_PARTIAL } ROM_response;
+
+#ifndef PHYPLIBFUNCTIONS
+typedef struct {
+ sha2_hash_t hw_key_hash;
+ uint8_t my_ecid[ECID_SIZE];
+ uint64_t entry_point;
+ uint64_t log;
+}__attribute__((packed)) ROM_hw_params;
+
+//extern void ROM_instruction_start (void);
+extern void ROM_sreset (void);
+extern ROM_response ROM_verify (ROM_container_raw* container,
+ ROM_hw_params* params);
+#endif
+
+#endif
diff --git a/src/include/securerom/ecverify.H b/src/include/securerom/ecverify.H
new file mode 100644
index 000000000..b7c707803
--- /dev/null
+++ b/src/include/securerom/ecverify.H
@@ -0,0 +1,55 @@
+/* IBM_PROLOG_BEGIN_TAG */
+/* This is an automatically generated prolog. */
+/* */
+/* $Source: src/include/securerom/ecverify.H $ */
+/* */
+/* OpenPOWER HostBoot Project */
+/* */
+/* Contributors Listed Below - COPYRIGHT 2016,2017 */
+/* [+] International Business Machines Corp. */
+/* */
+/* */
+/* Licensed under the Apache License, Version 2.0 (the "License"); */
+/* you may not use this file except in compliance with the License. */
+/* You may obtain a copy of the License at */
+/* */
+/* http://www.apache.org/licenses/LICENSE-2.0 */
+/* */
+/* Unless required by applicable law or agreed to in writing, software */
+/* distributed under the License is distributed on an "AS IS" BASIS, */
+/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */
+/* implied. See the License for the specific language governing */
+/* permissions and limitations under the License. */
+/* */
+/* IBM_PROLOG_END_TAG */
+/*----------------------------------------------------------------------
+ * (C) COPYRIGHT INTERNATIONAL BUSINESS MACHINES CORPORATION 2010
+ * ALL RIGHTS RESERVED
+ * IBM Research, Zurich and IBM Crypto Competency Center, Copenhagen
+ *----------------------------------------------------------------------
+ * Author: Tamas Visegrady (tvi@zurich.ibm.com)
+ *----------------------------------------------------------------------*/
+
+#if !defined(__ECVERIFY_H__)
+#define __ECVERIFY_H__
+
+/** ECDSA verification on fixed curve
+ */
+
+#define EC_HASHBYTES 64 /* SHA-256 */
+#define EC_COORDBYTES 66 /* P-521 */
+
+typedef uint8_t ecc_key_t[2*EC_COORDBYTES];
+typedef uint8_t ecc_signature_t[2*EC_COORDBYTES];
+
+/** Returns positive if signature verified
+ * zero if parameters are valid but signature verification fails
+ * negative if parameters (such as point) are invalid
+ */
+int ec_verify (const uint8_t *publicpt, /* 2*EC_COORDBYTES */
+ const uint8_t *hash, /* EC_HASHBYTES */
+ const uint8_t *signature) ; /* 2*EC_COORDBYTES */
+
+#define NDEBUG
+
+#endif /* defined(__ECVERIFY_H__) */
diff --git a/src/include/securerom/hw_utils.H b/src/include/securerom/hw_utils.H
new file mode 100644
index 000000000..324cdfc25
--- /dev/null
+++ b/src/include/securerom/hw_utils.H
@@ -0,0 +1,430 @@
+/* IBM_PROLOG_BEGIN_TAG */
+/* This is an automatically generated prolog. */
+/* */
+/* $Source: src/include/securerom/hw_utils.H $ */
+/* */
+/* OpenPOWER HostBoot Project */
+/* */
+/* Contributors Listed Below - COPYRIGHT 2016,2017 */
+/* [+] International Business Machines Corp. */
+/* */
+/* */
+/* Licensed under the Apache License, Version 2.0 (the "License"); */
+/* you may not use this file except in compliance with the License. */
+/* You may obtain a copy of the License at */
+/* */
+/* http://www.apache.org/licenses/LICENSE-2.0 */
+/* */
+/* Unless required by applicable law or agreed to in writing, software */
+/* distributed under the License is distributed on an "AS IS" BASIS, */
+/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */
+/* implied. See the License for the specific language governing */
+/* permissions and limitations under the License. */
+/* */
+/* IBM_PROLOG_END_TAG */
+/****************************************************************************
+ *
+ ****************************************************************************/
+#ifndef HW_UTILS_H
+#define HW_UTILS_H
+
+#include <stdint.h>
+
+#include "sha512.h"
+#include "status_codes.h"
+
+#define ECID_SIZE 16
+#define CACHE_LINE 128
+#define XSCOM_MASK 0x0003fe0000000000ull // bit 14:22 implemented
+#define HRMOR_MASK 0x0003fffffe000000ull // 32MB aligned
+#define STACK_MASK 0x0003fffffffff000ull // 4KB page aligned //WEH bug fix
+#define ENTRY_MASK 0x7ffffffffffffffCull // 4Byte page aligned
+
+#define HRMOR_IGNORE 0x8000000000000000ull
+#define HRMOR_RELATIVE(_a) ((_a)&~HRMOR_IGNORE)
+#define ABSOLUTE_ADDR(_a) ((_a)|HRMOR_IGNORE)
+
+
+#define CONTEXT 0
+
+#ifdef EMULATE_HW
+
+extern int FAIL;
+extern int GOOD;
+
+#define HOST_RESET_VECTOR 0x100
+
+#define TEST_SYSTEM_MEMORY (64*1024*1024)
+#define TRUSTED_MEMORY_BASE (8*1024*1024) // should be 256MB
+#define TOTAL_TEST_MEMORY (TEST_SYSTEM_MEMORY+4*1024)
+#define MEMORY_MASK 0x7fffffffffffffffull
+#define CACHE_MASK 0x7fffffffffffff80ull // 128B cache line aligned
+
+#define PHYSICAL(_a) ((_a)&MEMORY_MASK)
+
+#define LOG(_c) Log(CONTEXT|(_c))
+#define CHECK_STOP(_m) Check_Stop(_m)
+#define ERROR_STOP(_c,_m) Error_Stop(CONTEXT|(_c), _m)
+
+typedef struct {
+ uint64_t GPR[32];
+ uint64_t SCRATCH0;
+ uint64_t SCRATCH1;
+ uint64_t SCRATCH2;
+ uint64_t SCRATCH3;
+ uint64_t HRMOR;
+ struct {
+ uint64_t value;
+ uint64_t mask;
+ } FSP_BAR;
+ uint8_t ECID[ECID_SIZE];
+ sha2_hash_t PIBMEM_HW_KEY_HASH;
+ uint8_t* data; // 64M+4K malloc/mmap
+ uint8_t* memory; // 64M (4K aligned)
+ int mfd;
+} hw_settings;
+
+extern hw_settings HW;
+
+#define r1 HW.GPR[1]
+#define r2 HW.GPR[2]
+
+extern void HW_Init (void);
+extern void HW_Free (void);
+
+extern void Log (uint64_t code);
+extern void Error (uint64_t code);
+extern void Check_Stop (char* msg);
+extern void Error_Stop (uint64_t code, char* msg);
+
+extern void assem_DCBI (uint64_t addr);
+extern void assem_DCBZ (uint64_t addr);
+extern void assem_DCBST (uint8_t* addr);
+extern void assem_ICBI (uint64_t* addr);
+extern void assem_SYNC (void);
+extern void assem_ISYNC (void);
+
+extern void mtspr_HRMOR (uint64_t addr);
+//extern uint64_t mfspr_HRMOR (void);
+
+static inline uint64_t mfspr_SCRATCH0(void) {
+ return HW.SCRATCH0;
+}
+
+static inline void mtspr_SCRATCH0(uint64_t val) {
+ HW.SCRATCH0 = val;
+}
+
+static inline uint64_t mfspr_SCRATCH1(void) {
+ return HW.SCRATCH1;
+}
+
+static inline void mtspr_SCRATCH1(uint64_t val) {
+ HW.SCRATCH1 = val;
+}
+
+static inline void mtspr_SCRATCH2(uint64_t val) {
+ HW.SCRATCH2 = val;
+}
+
+static inline uint64_t mfspr_SCRATCH2(void) {
+ return HW.SCRATCH2;
+}
+
+static inline void mtspr_SCRATCH3(uint64_t val) {
+ HW.SCRATCH3 = val;
+}
+
+static inline uint64_t mfspr_SCRATCH3(void) {
+ return HW.SCRATCH3;
+}
+
+extern uint64_t getscom_FSP_BAR_value (uint64_t base);
+extern uint64_t getscom_FSP_BAR_mask (uint64_t base);
+
+extern void getscom_HW_ECID (uint64_t base, uint8_t* buf);
+extern void getscom_PIBMEM_HW_Key_Hash (uint64_t base, uint8_t* buf);
+
+extern uint64_t physical_addr (uint64_t addr);
+extern uint8_t* Convert_Mem_Addr (uint64_t);
+extern uint64_t Convert_Mem_Offset (uint8_t*);
+
+/****************************************************************************/
+extern uint16_t GET16 (uint16_t data);
+extern uint32_t GET32 (uint32_t data);
+extern uint64_t GET64 (uint64_t data);
+
+#else //emulate_hw
+
+/* SPRs numbers -- the wrong ones: */
+//#define SPRG0 272 /* Software Special Purpose Register 0 */
+//#define SPRG1 273 /* Software Special Purpose Register 1 */
+//#define SPRG2 274 /* Software Special Purpose Register 2 */
+//#define SPRG3 275 /* Software Special Purpose Register 3 */
+
+#define SPRC 276
+#define SPRC_SCRATCH0 0x0000000000000040
+#define SPRC_SCRATCH1 0x0000000000000048
+#define SPRC_SCRATCH2 0x0000000000000050
+#define SPRC_SCRATCH3 0x0000000000000058
+#define SPRC_AVP_out 0x00000000000001C8
+#define SPRD 277
+
+#define HRMOR 313
+
+#define HMER 336
+#define HMER_XSCOM_FAIL 0x0080000000000000 //Bit 8
+#define HMER_XSCOM_DONE 0x0040000000000000 //Bit 9
+#define HMER_XSCOM_RSLT 0x0000070000000000 //Bit 21-23
+#define HMER_XSCOM_RTRY 0x0000010000000000 //RSLT = 001 = retry
+
+/* SCOM Register addresses */
+#define OTP 0x00018000
+#define OTP_ECID OTP +0x0000
+#define PIBMEM 0x00080000
+#define PIBMEM_HW_KEY_HASH PIBMEM +0x0008
+
+#define ALTD_UNTRUSTED_BAR_ADDR_REG 0x02020015
+#define ALTD_UNTRUSTED_BAR_MASK_ADDR_REG 0x02020016
+#define PSIHB_NOTRUST_BAR0 0x02013f40
+#define PSIHB_NOTRUST_BAR0MASK 0x02013f42
+#define PSIHB_NOTRUST_BAR1 0x02013f41
+#define PSIHB_NOTRUST_BAR1MASK 0x02013f43
+
+/****************************************************************************/
+static inline void assem_DCBI(uint64_t addr) {
+ asm volatile(" dcbi 0,%0 " : : "r" (addr) : "memory");
+}
+/****************************************************************************/
+static inline void assem_DCBZ(uint64_t addr) {
+ asm volatile(" dcbz 0,%0 " : : "r" (addr) : "memory");
+}
+/****************************************************************************/
+static inline void assem_ICBI(uint64_t* addr) {
+ asm volatile(" icbi 0,%0 " : : "r" (addr) : "memory");
+}
+/****************************************************************************/
+static inline void assem_SYNC(void) {
+ asm volatile("sync 0":::"memory");
+}
+/****************************************************************************/
+static inline void assem_ISYNC(void) {
+ asm volatile("isync":::"memory");
+}
+/****************************************************************************/
+
+static inline uint64_t mfspr(int reg) {
+ unsigned long val;
+ asm volatile("mfspr %0, %1" : "=r" (val) : "i" (reg));
+ return val;
+}
+
+static inline void mtspr(int reg, uint64_t val) {
+ asm volatile("mtspr %0, %1" : : "i" (reg), "r" (val));
+}
+
+/****************************************************************************/
+//
+//static inline uint64_t mfspr_HRMOR(void) {
+// unsigned long val;
+// asm volatile("mfspr %0, %1" : "=r" (val) : "i" (HRMOR));
+// return val;
+//}
+
+static inline void mtspr_HRMOR(uint64_t addr) {
+ asm volatile("mtspr %0, %1" : : "i" (HRMOR), "r" (addr & HRMOR_MASK));
+}
+
+/****************************************************************************/
+#if !(CONFIG_MAMBO && CONFIG_MAMBO_WITHOUT_SCRATCH)
+
+static inline uint64_t mfspr_SCRATCH0(void) {
+ mtspr(SPRC,SPRC_SCRATCH0);
+ return mfspr(SPRD);
+}
+
+static inline void mtspr_SCRATCH0(uint64_t val) {
+ mtspr(SPRC,SPRC_SCRATCH0);
+ mtspr(SPRD,val);
+}
+
+static inline uint64_t mfspr_SCRATCH1(void) {
+ mtspr(SPRC,SPRC_SCRATCH1);
+ return mfspr(SPRD);
+}
+
+static inline void mtspr_SCRATCH1(uint64_t val) {
+ mtspr(SPRC,SPRC_SCRATCH1);
+ mtspr(SPRD,val);
+}
+
+static inline void mtspr_SCRATCH2(uint64_t val) {
+ mtspr(SPRC,SPRC_SCRATCH2);
+ mtspr(SPRD,val);
+}
+
+static inline void mtspr_SCRATCH3(uint64_t val) {
+ mtspr(SPRC,SPRC_SCRATCH3);
+ mtspr(SPRD,val);
+}
+
+#else
+
+ #define mfspr_SCRATCH0() ci_read( 0x80C0FFEE00000000ull)
+ #define mtspr_SCRATCH0(value) ci_write(0x80C0FFEE00000000ull,(value))
+ #define mfspr_SCRATCH1() ci_read( 0x80C0FFEE00000008ull)
+ #define mtspr_SCRATCH1(value) ci_write(0x80C0FFEE00000008ull,(value))
+ #define mfspr_SCRATCH2() ci_read( 0x80C0FFEE00000010ull)
+ #define mtspr_SCRATCH2(value) ci_write(0x80C0FFEE00000010ull,(value))
+ #define mfspr_SCRATCH3() ci_read( 0x80C0FFEE00000018ull)
+ #define mtspr_SCRATCH3(value) ci_write(0x80C0FFEE00000018ull,(value))
+
+#endif
+/****************************************************************************/
+
+void __attribute__((noreturn)) Check_Stop(void);
+
+/****************************************************************************/
+
+#define LOG(_c) mtspr_SCRATCH2(CONTEXT|(_c))
+#define ERROR_STOP(_c,_m) { mtspr_SCRATCH3(ERROR_EVENT|CONTEXT|(_c)); asm volatile("b .Check_Stop"); }
+
+
+/****************************************************************************/
+/* Bit 56, 61, 62, 63 is not used in XSCOM addresss and must be 0
+ */
+#define PCB2PBUS(scom_addr) \
+ ((((scom_addr) & 0x7FFFFFF0) << 4) | \
+ (((scom_addr) & 0x0000000F) << 3))
+
+
+static inline uint64_t ci_read(const uint64_t reg) {
+ unsigned long val;
+ asm volatile( "ldcix %0, 0, %1"
+ : "=r" (val) // output, %0
+ : "r" (reg) // input, %1
+ // no impacts
+ );
+ //old prism code:
+ //asm volatile( "ld %0, 0(%1)\n"
+ // "eieio"
+ // : "=r" (val) /* output */
+ // : "r" (reg) /* input */
+ // );
+ return val;
+}
+
+
+static inline void ci_write(const uint64_t reg, uint64_t val) {
+ asm volatile("stdcix %0, 0, %1"
+ : // no outputs
+ : "r" (val), "r" (reg) // inputs, %0, %1
+ : "memory" // affects memory
+ );
+ //old prism code:
+ //asm volatile("st %0, 0(%1)\n"
+ // "eieio"
+ // : /* output */
+ // : "r" (val) , "r" (reg) /* input */
+ // : "memory");
+}
+
+#ifndef CONFIG_MAMBO
+
+ #define getscom(a, b) _getscom((a)+PCB2PBUS(b))
+ static inline uint64_t _getscom(uint64_t addr) {
+ mtspr(HMER,0);
+ uint64_t value;
+ uint64_t rslt;
+ do {
+ value = ci_read(addr);
+ do {
+ rslt = mfspr(HMER)&(HMER_XSCOM_RSLT|HMER_XSCOM_DONE|HMER_XSCOM_FAIL);
+ } while( (rslt & HMER_XSCOM_DONE)==0 );
+ } while(rslt == (HMER_XSCOM_RTRY|HMER_XSCOM_DONE|HMER_XSCOM_FAIL) ); // 001 retry
+ if(rslt != HMER_XSCOM_DONE){
+ ERROR_STOP(XSCOM_ERROR,"XScom read returned unexpected result code");
+ }
+ return value;
+ }
+
+ #define putscom(xscom_base, scom_addr, value) _putscom(xscom_base + PCB2PBUS(scom_addr),value)
+ static inline void _putscom(uint64_t addr, uint64_t value) {
+ mtspr(HMER,0);
+ uint64_t rslt = -1;
+ do {
+ ci_write(addr,value);
+ do {
+ rslt = mfspr(HMER)&(HMER_XSCOM_RSLT|HMER_XSCOM_DONE|HMER_XSCOM_FAIL);
+ } while( (rslt & HMER_XSCOM_DONE)==0 );
+ } while(rslt == (HMER_XSCOM_RTRY|HMER_XSCOM_DONE|HMER_XSCOM_FAIL) ); // 001 retry
+ if(rslt != HMER_XSCOM_DONE){
+ ERROR_STOP(XSCOM_ERROR,"XScom write returned unexpected result code");
+ }
+ }
+
+#else
+
+ #define getscom(xscom_base, scom_addr) ci_read(xscom_base+scom_addr*8)
+ #define putscom(xscom_base, scom_addr, value) ci_write(xscom_base+scom_addr*8,value)
+
+#endif
+
+
+
+static inline uint64_t popcountll(uint64_t input) {
+ unsigned long result;
+ asm volatile("popcntd %0, %1" : "=r" (result) : "r" (input));
+ return result;
+}
+
+/****************************************************************************/
+static inline void getscom_HW_ECID(uint64_t base, uint8_t* buf) {
+ uint64_t* buf64 = (uint64_t *) buf;
+ unsigned int i;
+// uint64_t sum=0; // detect any change after fuse programming
+ for(i=0; i<ECID_SIZE/sizeof(uint64_t);i++) {
+ uint64_t val=getscom(base,OTP_ECID+i);
+// sum += popcountll(val);
+ buf64[i] = val;
+ }
+// const unsigned int count = sizeof(sha2_hash_t)/sizeof(uint64_t);
+// uint64_t lastval=getscom(base,OTP_HW_KEY_HASH+count);
+// if(((lastval & 0x00000000FFFF0000UL)>>16) != (~sum)) {
+// ERROR_STOP(OTP_ECID_INVPOPSUM_CHECK,"Inverted Populationcount of ECID does not match");
+// }
+}
+
+/****************************************************************************/
+static inline void getscom_PIBMEM_HW_Key_Hash(uint64_t base, uint8_t* buf) {
+
+ uint64_t* buf64 = (uint64_t *) buf;
+ unsigned int i;
+ const unsigned int count = sizeof(sha2_hash_t)/sizeof(uint64_t);
+ uint64_t sum=0; // detect any change after fuse programming
+ for(i=0; i<count;i++) {
+ uint64_t val=getscom(base,PIBMEM_HW_KEY_HASH+i);
+ sum += popcountll(val);
+ buf64[i] = val;
+ }
+ //uint64_t lastval=getscom(base,OTP_HW_KEY_HASH+count);
+ //sum += popcountll(lastval & 0xFFFFFFFFFFFF0000UL);
+ //if((lastval & 0x000000000000FFFFUL) != (~sum)) {
+ // ERROR_STOP(OTP_KEY_INVPOPSUM_CHECK,"Inverted Populationcount of ECID does not match");
+ //}
+}
+
+/****************************************************************************/
+
+#define Convert_Mem_Addr(_addr) ((uint8_t*) (_addr))
+#define Convert_Mem_Offset(_addr) ((uint64_t) (_addr))
+
+#define physical_addr(_addr) _addr
+
+#define GET16(_data) _data
+#define GET32(_data) _data
+#define GET64(_data) _data
+
+#endif //emulate_hw - else case
+
+#endif
diff --git a/src/include/securerom/sha512.H b/src/include/securerom/sha512.H
new file mode 100644
index 000000000..4a87aaf4e
--- /dev/null
+++ b/src/include/securerom/sha512.H
@@ -0,0 +1,51 @@
+/* IBM_PROLOG_BEGIN_TAG */
+/* This is an automatically generated prolog. */
+/* */
+/* $Source: src/include/securerom/sha512.H $ */
+/* */
+/* OpenPOWER HostBoot Project */
+/* */
+/* Contributors Listed Below - COPYRIGHT 2016,2017 */
+/* [+] International Business Machines Corp. */
+/* */
+/* */
+/* Licensed under the Apache License, Version 2.0 (the "License"); */
+/* you may not use this file except in compliance with the License. */
+/* You may obtain a copy of the License at */
+/* */
+/* http://www.apache.org/licenses/LICENSE-2.0 */
+/* */
+/* Unless required by applicable law or agreed to in writing, software */
+/* distributed under the License is distributed on an "AS IS" BASIS, */
+/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */
+/* implied. See the License for the specific language governing */
+/* permissions and limitations under the License. */
+/* */
+/* IBM_PROLOG_END_TAG */
+#ifndef SHA512_H
+#define SHA512_H
+
+#define SHA512_BLOCK_LENGTH 128
+#define SHA512_DIGEST_LENGTH 64
+
+#include <stdlib.h>
+
+typedef uint8_t __attribute__((aligned(8))) sha2_hash_t[ SHA512_DIGEST_LENGTH / sizeof(uint8_t) ];
+
+typedef uint8_t sha2_byte; /* Exactly 1 byte */
+typedef uint32_t sha2_word32; /* Exactly 4 bytes */
+typedef uint64_t sha2_word64; /* Exactly 8 bytes */
+
+typedef struct _SHA512_CTX {
+ uint64_t state[8];
+ uint64_t bitcount[2];
+ uint8_t buffer[SHA512_BLOCK_LENGTH];
+} SHA512_CTX;
+
+void SHA512_Init(SHA512_CTX* context);
+void SHA512_Update(SHA512_CTX* context, const sha2_byte *data, size_t len);
+void SHA512_Final(SHA512_CTX* context, sha2_hash_t *result);
+
+void SHA512_Hash(const sha2_byte *data, size_t len, sha2_hash_t *result);
+
+#endif
diff --git a/src/include/securerom/status_codes.H b/src/include/securerom/status_codes.H
new file mode 100644
index 000000000..a2f94f597
--- /dev/null
+++ b/src/include/securerom/status_codes.H
@@ -0,0 +1,113 @@
+/* IBM_PROLOG_BEGIN_TAG */
+/* This is an automatically generated prolog. */
+/* */
+/* $Source: src/include/securerom/status_codes.H $ */
+/* */
+/* OpenPOWER HostBoot Project */
+/* */
+/* Contributors Listed Below - COPYRIGHT 2016,2017 */
+/* [+] International Business Machines Corp. */
+/* */
+/* */
+/* Licensed under the Apache License, Version 2.0 (the "License"); */
+/* you may not use this file except in compliance with the License. */
+/* You may obtain a copy of the License at */
+/* */
+/* http://www.apache.org/licenses/LICENSE-2.0 */
+/* */
+/* Unless required by applicable law or agreed to in writing, software */
+/* distributed under the License is distributed on an "AS IS" BASIS, */
+/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */
+/* implied. See the License for the specific language governing */
+/* permissions and limitations under the License. */
+/* */
+/* IBM_PROLOG_END_TAG */
+/****************************************************************************
+ *
+ ****************************************************************************/
+#ifndef STATUS_CODES_H
+#define STATUS_CODES_H
+
+// Error extension code
+#ifndef EMULATE_HW
+#define ERROR_EVENT 0xFFFFFFFFFFFF8000
+#else
+#define ERROR_EVENT 0xFFFFFFFFFFFF8000ull
+#endif
+
+// context codes
+#define ROM_INSTRUCTION_START 0x0100
+#define C_INSTRUCTION_START 0x0200
+#define ROM_SELFTEST 0x0300
+#define ROM_VERIFY 0x0400
+// documentaion 0x0600 C_INSTRUCTION_START call of ROM_VERIFY
+#define ROM_SRESET 0x0E00
+
+#define PHYP_VERIFY 0x1500
+#define PHYP_SHA512_HASH 0x1600
+
+// progress/test codes
+#define BEGIN 0x0001
+
+#define TRUSTED_MEM_BAR 0x0012
+
+#define CONTAINER_LOW_TEST 0x0013
+
+#define XSCOM_LOW_TEST 0x0010
+#define XSCOM_VALID_TEST 0x0011
+
+#define MAGIC_NUMBER_TEST 0x0020
+#define CONTAINER_VERSION_TEST 0x0021
+#define PREFIX_VER_ALG_TEST 0x0022
+#define HEADER_VER_ALG_TEST 0x0023
+
+#define STACK_LOW_TEST 0x0030
+#define STACK_VALID_TEST 0x0031
+#define STACK_TRUST_TEST 0x0032
+#define STACK_ZERO_DONE 0x0033
+
+#define SHA_GOOD_TEST 0x0040
+#define SHA_BAD_TEST 0x0041
+#define ECDSA_GOOD_TEST 0x0042
+#define ECDSA_BAD_TEST 0x0043
+#define SELFTEST_DONE 0x0044
+
+#define TARGET_LOW_TEST 0x0050
+#define TARGET_VALID_TEST 0x0051
+#define TARGET_TRUST_TEST 0x0052
+#define STACK_VS_TARGET_TEST 0x0053
+#define TARGET_ZERO_DONE 0x0054
+#define CONTAINER_COPY_DONE 0x0055
+
+#define HBI_KEY_TEST 0x0056
+
+#define CONTAINER_VERIFY_DONE 0x0057
+#define STACK_CLEANUP_DONE 0x0058
+
+#define OTP_ECID_INVPOPSUM_CHECK 0x0059
+#define OTP_KEY_INVPOPSUM_CHECK 0x005A
+
+#define HW_KEY_HASH_TEST 0x0060
+#define HW_SIGNATURE_TEST 0x0061
+#define PREFIX_ECID_TEST 0x0062
+#define PREFIX_HASH_TEST 0x0063
+#define SPECIAL_NO_ECID_TEST 0x0064
+#define SPECIAL_SIZE_0_TEST 0x0065
+#define SW_KEY_PROTECTION_TEST 0x0066
+
+#define SW_SIGNATURE_TEST 0x0070
+#define HEADER_ECID_TEST 0x0071
+#define HEADER_HASH_TEST 0x0072
+#define CODE_PROTECTION_TEST 0x0073
+
+#define ENTRY_VALID_TEST 0x0080
+
+#define PARTIAL 0x0002
+#define COMPLETED 0x0003
+
+#define EXECUTION_ERROR 0x00EE
+#define XSCOM_ERROR 0xAFEE
+
+#define RETURNED_ERROR 0xD00F
+
+#endif
OpenPOWER on IntegriCloud