From 5284cb4636143bc16ce06c10f40133639e35a3be Mon Sep 17 00:00:00 2001 From: Mike Baiocchi Date: Mon, 27 Mar 2017 08:13:15 -0500 Subject: Read the HW Key Hash from a Processor's SBE Seeprom This commit adds an interface to read the HW Key Hash located in the HBBL section of each Processor's two SBE Seeproms. Change-Id: I906434269746c296c646f7b0594575c58b145294 RTC: 167585 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/38465 Tested-by: Jenkins Server Tested-by: Jenkins OP Build CI Reviewed-by: Nicholas E. Bofferding Tested-by: FSP CI Jenkins Reviewed-by: Martin Gloff Reviewed-by: Stephen M. Cprek Reviewed-by: Daniel M. Crowell --- src/usr/sbe/test/sbeupdatetest.H | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) (limited to 'src/usr/sbe/test') diff --git a/src/usr/sbe/test/sbeupdatetest.H b/src/usr/sbe/test/sbeupdatetest.H index e9210b102..876b8e874 100644 --- a/src/usr/sbe/test/sbeupdatetest.H +++ b/src/usr/sbe/test/sbeupdatetest.H @@ -41,6 +41,7 @@ #include #include #include "../sbe_update.H" +#include extern trace_desc_t* g_trac_sbe; @@ -830,6 +831,36 @@ class SBEUpdateTest: public CxxTest::TestSuite break; } + total++; + SHA512_t hash = {0}; + err = getHwKeyHashFromSbeSeeprom(sbeState.target, + EEPROM::SBE_BACKUP, + hash); + + if(err) + { + fails++; + TS_FAIL("testSbeUpdateTarget() - getHwKeyHashFromSbeSeeprom() failed."); + break; + } + + // Make sure that the HW Key Hash returned is the system hash + SHA512_t sys_hash = {0}; + SECUREBOOT::getHwKeyHash(sys_hash); + if ( memcmp(hash, sys_hash, sizeof(SHA512_t)) != 0 ) + { + TRACFCOMP( g_trac_sbe, ERR_MRK"testSbeUpdateTarget(): " + "HW Key Hashes do not match!"); + fails++; + TS_FAIL("testSbeUpdateTarget() - getHwKeyHashFromSbeSeeprom() did not return system hash"); + + TRACFBIN( g_trac_sbe, "testSbeUpdateTarget() hash", + hash, sizeof(SHA512_t)); + TRACFBIN( g_trac_sbe, "testSbeUpdateTarget() sys_hash", + sys_hash, sizeof(SHA512_t)); + + break; + } }while(0); -- cgit v1.2.1