Talos™ II skiboot sources https://git.raptorcs.com/git/talos-skiboot/atom?h=master 2018-03-01T02:28:28+00:00 2018-03-01T02:28:28+00:00 Pridhiviraj Paidipeddi ppaidipe@linux.vnet.ibm.com 2018-02-27T09:56:19+00:00 urn:sha1:f24db9e5c8c481bab13bb9739d48c46af00f9f6b Currently we are logging secure verify/enforce messages in PR_EMERG level even when there is no secureboot mode enabled. So reduce the log level to PR_ERR when secureboot mode is OFF. Signed-off-by: Pridhiviraj Paidipeddi <ppaidipe@linux.vnet.ibm.com> Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com> 2018-02-09T00:21:42+00:00 Stewart Smith stewart@linux.vnet.ibm.com 2018-02-08T03:28:17+00:00 urn:sha1:fd5d3fea1e540e9275207d2a9d3bb20181ca904f Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com> 2018-02-09T00:21:42+00:00 Stewart Smith stewart@linux.vnet.ibm.com 2018-02-08T03:26:31+00:00 urn:sha1:5cb93cd26e195479695be1aadf4baff9611fd243 Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com> 2018-02-09T00:21:42+00:00 Pridhiviraj Paidipeddi ppaidipe@linux.vnet.ibm.com 2018-02-06T02:16:32+00:00 urn:sha1:2109b81d9f78c59b4099b625e18d34a66baa1b71 Currently in OPAL init time at various stages we are loading various PNOR partition containers from the flash device. When we load a flash resource STB calls the CVC verify and trusted measure(sha512) functions. So when we have a flash resource gets loaded before STB initialization, then cvc verify function fails to start the verify and enforce the boot. Below is one of the example failure where our VERSION partition gets loading early in the boot stage without STB initialization done. This is with secure mode off. STB: VERSION NOT VERIFIED, invalid param. buf=0x305ed930, len=4096 key-hash=0x0 hash-size=0 In the same code path when secure mode is on, the boot process will abort. So this patch fixes this issue by calling cvc verify only if we have STB init was done. And also we need a permanent fix in init path to ensure STB init gets done at first place and then start loading all other flash resources. Signed-off-by: Pridhiviraj Paidipeddi <ppaidipe@linux.vnet.ibm.com> Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com> 2018-02-08T03:22:22+00:00 Pridhiviraj Paidipeddi ppaidipe@linux.vnet.ibm.com 2018-02-07T18:31:13+00:00 urn:sha1:b90b08fc2f9a9e6b54be8f50b804dedb8a52f1e8 Currently libstb logs the verify and hash caluculation messages in PR_INFO level. So when there is a secure boot enforcement happens in loading last flash resource(Ex: BOOTKERNEL), the previous verify and measure messages are not logged to console, which is not clear to the end user which resource is verified and measured. So this patch fixes this by increasing the log level to PR_NOTICE. Signed-off-by: Pridhiviraj Paidipeddi <ppaidipe@linux.vnet.ibm.com> Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com> 2017-12-19T21:54:07+00:00 Stewart Smith stewart@linux.vnet.ibm.com 2017-12-13T09:33:22+00:00 urn:sha1:8c762d5359d6d00ae2ca2d9e5a4e2ae87a402cf0 We check the secure boot containers no matter what, only *enforcing* secure boot if we're booting in secure mode. This gives us an extra layer of checking firmware is legit even when secure mode isn't enabled, as well as being really useful for testing. Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com> 2017-12-19T03:30:57+00:00 Claudio Carvalho cclaudio@linux.vnet.ibm.com 2017-12-09T04:52:32+00:00 urn:sha1:63110a7734e6f22ae7c7cc06576c766ca7a7606a ibm,secureboot-v2 changes: - The Container Verification Code is represented by the ibm,cvc node. - Each ibm,cvc child describes a CVC service. - hash-algo is superseded by hw-key-hash-size. Signed-off-by: Claudio Carvalho <cclaudio@linux.vnet.ibm.com> Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com> 2017-12-19T03:30:57+00:00 Claudio Carvalho cclaudio@linux.vnet.ibm.com 2017-12-09T04:52:21+00:00 urn:sha1:5c2c24ba151121ebb627195322fab3498f834b14 Softrom is used only for testing with mambo. By setting compatible="ibm,secureboot-v1-softrom" in the "ibm,secureboot" node, firmware images can be properly measured even if the Container-Verification-Code (CVC) is not available. In this case, the mbedtls_sha512() function is used to calculate the sha512 hash of the firmware images. This imports the softrom behavior from libstb/drivers/sw_driver.c code into cvc.c, but now softrom is implemented as a flag. When the flag is set, the wrappers for the CVC services work the same way as in sw_driver.c. Signed-off-by: Claudio Carvalho <cclaudio@linux.vnet.ibm.com> Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com> 2017-12-19T03:30:57+00:00 Claudio Carvalho cclaudio@linux.vnet.ibm.com 2017-12-09T04:52:19+00:00 urn:sha1:3ab91fbec937830f184108a244795a2e05cb275c This imports the sb_verify() function from stb.c, but now it calls the CVC verify wrapper in order to verify signed firmware images. The hw-key-hash and hw-key-hash-size initialized in secureboot.c are passed to the CVC verify function wrapper. In secureboot.c, the sb_verify() is renamed to secureboot_verify(). The sb_verify() calls are updated in a subsequent patch. Signed-off-by: Claudio Carvalho <cclaudio@linux.vnet.ibm.com> Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com> 2017-12-19T03:30:57+00:00 Claudio Carvalho cclaudio@linux.vnet.ibm.com 2017-12-09T04:52:16+00:00 urn:sha1:594c7a6ae3cccd4a7eeb5ce2c31d2f958672325c This imports stb_init() from stb.c, but breaking it into multiple files in order to make the code easier to read and to maintain. New files created: secureboot.c, trustedboot.c and cvc.c. The secureboot_init() in secureboot.c also initializes the hardware key hash and the hardware key hash size, which are used to call the CVC verify wrapper. These variables were initialized in the romcode_probe() function, libstb/drivers/romcode.c. The cvc_init() in cvc.c is slightly modified from what exists in stb_init(). Now it calls cvc_register() and cvc_service_register(). Signed-off-by: Claudio Carvalho <cclaudio@linux.vnet.ibm.com> Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>