Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/808092/?format=api
{ "id": 808092, "url": "http://patchwork.ozlabs.org/api/patches/808092/?format=api", "web_url": "http://patchwork.ozlabs.org/project/skiboot/patch/1504164285-15095-7-git-send-email-cclaudio@linux.vnet.ibm.com/", "project": { "id": 44, "url": "http://patchwork.ozlabs.org/api/projects/44/?format=api", "name": "skiboot firmware development", "link_name": "skiboot", "list_id": "skiboot.lists.ozlabs.org", "list_email": "skiboot@lists.ozlabs.org", "web_url": "http://github.com/open-power/skiboot", "scm_url": "http://github.com/open-power/skiboot", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<1504164285-15095-7-git-send-email-cclaudio@linux.vnet.ibm.com>", "list_archive_url": null, "date": "2017-08-31T07:24:37", "name": "[v2,06/14] libstb: rename drivers/romcode.* to cvc/c1vc.*", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": false, "hash": "709971ee9a1dca534df83c1835b089b202668d8c", "submitter": { "id": 69305, "url": "http://patchwork.ozlabs.org/api/people/69305/?format=api", "name": "Claudio Carvalho", "email": "cclaudio@linux.vnet.ibm.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/skiboot/patch/1504164285-15095-7-git-send-email-cclaudio@linux.vnet.ibm.com/mbox/", "series": [ { "id": 760, "url": "http://patchwork.ozlabs.org/api/series/760/?format=api", "web_url": "http://patchwork.ozlabs.org/project/skiboot/list/?series=760", "date": "2017-08-31T07:24:31", "name": "libstb: simplify the initialization of cvc drivers", "version": 2, "mbox": "http://patchwork.ozlabs.org/series/760/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/808092/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/808092/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "skiboot@lists.ozlabs.org" ], "Delivered-To": [ "patchwork-incoming@bilbo.ozlabs.org", "skiboot@lists.ozlabs.org" ], "Received": [ "from lists.ozlabs.org (lists.ozlabs.org [103.22.144.68])\n\t(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xjYp60MFsz9sNr\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu, 31 Aug 2017 17:26:22 +1000 (AEST)", "from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3])\n\tby lists.ozlabs.org (Postfix) with ESMTP id 3xjYp55Z8vzDqTy\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu, 31 Aug 2017 17:26:21 +1000 (AEST)", "from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com\n\t[148.163.156.1])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256\n\tbits)) (No client certificate requested)\n\tby lists.ozlabs.org (Postfix) with ESMTPS id 3xjYmq07tzzDqXl\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 17:25:14 +1000 (AEST)", "from pps.filterd (m0098396.ppops.net [127.0.0.1])\n\tby mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id\n\tv7V7O1iv084960\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:25:13 -0400", "from e16.ny.us.ibm.com (e16.ny.us.ibm.com [129.33.205.206])\n\tby mx0a-001b2d01.pphosted.com with ESMTP id 2cpc4g7f3h-1\n\t(version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT)\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:25:12 -0400", "from localhost\n\tby e16.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use\n\tOnly! Violators will be prosecuted\n\tfor <skiboot@lists.ozlabs.org> from <cclaudio@linux.vnet.ibm.com>;\n\tThu, 31 Aug 2017 03:25:11 -0400", "from b01cxnp22033.gho.pok.ibm.com (9.57.198.23)\n\tby e16.ny.us.ibm.com (146.89.104.203) with IBM ESMTP SMTP Gateway:\n\tAuthorized Use Only! Violators will be prosecuted; \n\tThu, 31 Aug 2017 03:25:10 -0400", "from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com\n\t[9.57.199.109])\n\tby b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP\n\tid v7V7PAKM23986290\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 07:25:10 GMT", "from localhost (unknown [127.0.0.1])\n\tby IMSVA (Postfix) with SMTP id 12EBB112061\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:24:56 -0400 (EDT)", "from legolas.ibm.com (unknown [9.85.193.48])\n\tby b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id DDF6A112051;\n\tThu, 31 Aug 2017 03:24:48 -0400 (EDT)" ], "X-IMSS-HAND-OFF-DIRECTIVE": "127.0.0.1:10026", "From": "Claudio Carvalho <cclaudio@linux.vnet.ibm.com>", "To": "skiboot@lists.ozlabs.org", "Date": "Thu, 31 Aug 2017 04:24:37 -0300", "X-Mailer": "git-send-email 2.7.4", "In-Reply-To": "<1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com>", "References": "<1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com>", "X-TM-AS-GCONF": "00", "x-cbid": "17083107-0024-0000-0000-000002C8374B", "X-IBM-SpamModules-Scores": "", "X-IBM-SpamModules-Versions": "BY=3.00007640; HX=3.00000241; KW=3.00000007;\n\tPH=3.00000004; SC=3.00000226; SDB=6.00910097; UDB=6.00456511;\n\tIPR=6.00690378; \n\tBA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009;\n\tZB=6.00000000; \n\tZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938;\n\tXFM=3.00000015; UTC=2017-08-31 07:25:11", "X-IBM-AV-DETECTION": "SAVI=unused REMOTE=unused XFE=unused", "x-cbparentid": "17083107-0025-0000-0000-00004544BA88", "Message-Id": "<1504164285-15095-7-git-send-email-cclaudio@linux.vnet.ibm.com>", "X-Proofpoint-Virus-Version": "vendor=fsecure engine=2.50.10432:, ,\n\tdefinitions=2017-08-31_02:, , signatures=0", "X-Proofpoint-Spam-Details": "rule=outbound_notspam policy=outbound score=0\n\tspamscore=0 suspectscore=4\n\tmalwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam\n\tadjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000\n\tdefinitions=main-1708310114", "Subject": "[Skiboot] [PATCH v2 06/14] libstb: rename drivers/romcode.* to\n\tcvc/c1vc.*", "X-BeenThere": "skiboot@lists.ozlabs.org", "X-Mailman-Version": "2.1.23", "Precedence": "list", "List-Id": "Mailing list for skiboot development <skiboot.lists.ozlabs.org>", "List-Unsubscribe": "<https://lists.ozlabs.org/options/skiboot>,\n\t<mailto:skiboot-request@lists.ozlabs.org?subject=unsubscribe>", "List-Archive": "<http://lists.ozlabs.org/pipermail/skiboot/>", "List-Post": "<mailto:skiboot@lists.ozlabs.org>", "List-Help": "<mailto:skiboot-request@lists.ozlabs.org?subject=help>", "List-Subscribe": "<https://lists.ozlabs.org/listinfo/skiboot>,\n\t<mailto:skiboot-request@lists.ozlabs.org?subject=subscribe>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=\"utf-8\"", "Content-Transfer-Encoding": "base64", "Errors-To": "skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org", "Sender": "\"Skiboot\"\n\t<skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>" }, "content": "This gives a better name to the driver/romcode.* files and also moves\nthem to a better place. The function names are also renamed accordingly.\n\nRomcode provides an API to access the functions provided by the\ncontainer version 1 verification code (c1vc).\n\nSigned-off-by: Claudio Carvalho <cclaudio@linux.vnet.ibm.com>\n---\n asm/Makefile.inc | 2 +-\n asm/c1vc_entry.S | 51 ++++++++++++++++\n asm/rom_entry.S | 52 -----------------\n libstb/Makefile.inc | 3 +-\n libstb/cvc/Makefile.inc | 11 ++++\n libstb/cvc/c1vc.c | 138 ++++++++++++++++++++++++++++++++++++++++++++\n libstb/cvc/c1vc.h | 24 ++++++++\n libstb/drivers/Makefile.inc | 2 +-\n libstb/drivers/romcode.c | 138 --------------------------------------------\n libstb/drivers/romcode.h | 24 --------\n libstb/rom.c | 6 +-\n 11 files changed, 231 insertions(+), 220 deletions(-)\n create mode 100644 asm/c1vc_entry.S\n delete mode 100644 asm/rom_entry.S\n create mode 100644 libstb/cvc/Makefile.inc\n create mode 100644 libstb/cvc/c1vc.c\n create mode 100644 libstb/cvc/c1vc.h\n delete mode 100644 libstb/drivers/romcode.c\n delete mode 100644 libstb/drivers/romcode.h", "diff": "diff --git a/asm/Makefile.inc b/asm/Makefile.inc\nindex 2e678fd..6b61c9b 100644\n--- a/asm/Makefile.inc\n+++ b/asm/Makefile.inc\n@@ -1,7 +1,7 @@\n # -*-Makefile-*-\n \n SUBDIRS += asm \n-ASM_OBJS = head.o lock.o misc.o kernel-wrapper.o rom_entry.o\n+ASM_OBJS = head.o lock.o misc.o kernel-wrapper.o c1vc_entry.o\n ASM=asm/built-in.o\n \n # Add extra dependency to the kernel wrapper\ndiff --git a/asm/c1vc_entry.S b/asm/c1vc_entry.S\nnew file mode 100644\nindex 0000000..f215415\n--- /dev/null\n+++ b/asm/c1vc_entry.S\n@@ -0,0 +1,51 @@\n+# IBM_PROLOG_BEGIN_TAG\n+# This is an automatically generated prolog.\n+#\n+# $Source: src/usr/secureboot/base/rom_entry.S $\n+#\n+# OpenPOWER HostBoot Project\n+#\n+# COPYRIGHT International Business Machines Corp. 2013,2016\n+#\n+# Licensed under the Apache License, Version 2.0 (the \"License\");\n+# you may not use this file except in compliance with the License.\n+# You may obtain a copy of the License at\n+#\n+# http://www.apache.org/licenses/LICENSE-2.0\n+#\n+# Unless required by applicable law or agreed to in writing, software\n+# distributed under the License is distributed on an \"AS IS\" BASIS,\n+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n+# implied. See the License for the specific language governing\n+# permissions and limitations under the License.\n+#\n+# IBM_PROLOG_END_TAG\n+\n+#.include \"kernel/ppcconsts.S\"\n+\n+.section .text\n+\n+.global __c1vc_verify\n+.global __c1vc_sha512\n+\n+__c1vc_verify:\n+__c1vc_sha512:\n+\n+ std %r2, 40(%r1)\n+ mflr %r0\n+ std %r0, 16(%r1)\n+ stdu %r1, -128(%r1)\n+ li %r2, 0\n+ mtctr %r3\n+ mr %r3, %r4\n+ mr %r4, %r5\n+ mr %r5, %r6\n+ mr %r6, %r7\n+ mr %r7, %r8\n+ bctrl\n+ addi %r1, %r1, 128\n+ ld %r2, 40(%r1)\n+ ld %r0, 16(%r1)\n+ mtlr %r0\n+ blr\n+\ndiff --git a/asm/rom_entry.S b/asm/rom_entry.S\ndeleted file mode 100644\nindex 26d1b96..0000000\n--- a/asm/rom_entry.S\n+++ /dev/null\n@@ -1,52 +0,0 @@\n-# IBM_PROLOG_BEGIN_TAG\n-# This is an automatically generated prolog.\n-#\n-# $Source: src/usr/secureboot/base/rom_entry.S $\n-#\n-# OpenPOWER HostBoot Project\n-#\n-# COPYRIGHT International Business Machines Corp. 2013,2016\n-#\n-# Licensed under the Apache License, Version 2.0 (the \"License\");\n-# you may not use this file except in compliance with the License.\n-# You may obtain a copy of the License at\n-#\n-# http://www.apache.org/licenses/LICENSE-2.0\n-#\n-# Unless required by applicable law or agreed to in writing, software\n-# distributed under the License is distributed on an \"AS IS\" BASIS,\n-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n-# implied. See the License for the specific language governing\n-# permissions and limitations under the License.\n-#\n-# IBM_PROLOG_END_TAG\n-\n-#.include \"kernel/ppcconsts.S\"\n-\n-.section .text\n-\n-.global call_rom_verify\n-.global call_rom_SHA512\n-\n-call_rom_verify:\n-call_rom_SHA512:\n-\n-call_rom_entry:\n- std %r2, 40(%r1)\n- mflr %r0\n- std %r0, 16(%r1)\n- stdu %r1, -128(%r1)\n- li %r2, 0\n- mtctr %r3\n- mr %r3, %r4\n- mr %r4, %r5\n- mr %r5, %r6\n- mr %r6, %r7\n- mr %r7, %r8\n- bctrl\n- addi %r1, %r1, 128\n- ld %r2, 40(%r1)\n- ld %r0, 16(%r1)\n- mtlr %r0\n- blr\n-\ndiff --git a/libstb/Makefile.inc b/libstb/Makefile.inc\nindex 64be4d6..5389fac 100644\n--- a/libstb/Makefile.inc\n+++ b/libstb/Makefile.inc\n@@ -8,10 +8,11 @@ LIBSTB_SRCS = container.c rom.c tpm_chip.c stb.c\n LIBSTB_OBJS = $(LIBSTB_SRCS:%.c=%.o)\n LIBSTB = $(LIBSTB_DIR)/built-in.o\n \n+include $(SRC)/$(LIBSTB_DIR)/cvc/Makefile.inc\n include $(SRC)/$(LIBSTB_DIR)/drivers/Makefile.inc\n include $(SRC)/$(LIBSTB_DIR)/tss/Makefile.inc\n \n-$(LIBSTB): $(LIBSTB_OBJS:%=$(LIBSTB_DIR)/%) $(DRIVERS) $(TSS)\n+$(LIBSTB): $(LIBSTB_OBJS:%=$(LIBSTB_DIR)/%) $(DRIVERS) $(TSS) $(CVC)\n \n libstb/create-container: libstb/create-container.c\n \t$(call Q, HOSTCC ,$(HOSTCC) $(HOSTCFLAGS) \\\ndiff --git a/libstb/cvc/Makefile.inc b/libstb/cvc/Makefile.inc\nnew file mode 100644\nindex 0000000..8ce86d5\n--- /dev/null\n+++ b/libstb/cvc/Makefile.inc\n@@ -0,0 +1,11 @@\n+# -*-Makefile-*-\n+\n+CVC_DIR = libstb/cvc\n+\n+SUBDIRS += $(CVC_DIR)\n+\n+CVC_SRCS = c1vc.c\n+CVC_OBJS = $(CVC_SRCS:%.c=%.o)\n+CVC = $(CVC_DIR)/built-in.o\n+\n+$(CVC): $(CVC_OBJS:%=$(CVC_DIR)/%)\ndiff --git a/libstb/cvc/c1vc.c b/libstb/cvc/c1vc.c\nnew file mode 100644\nindex 0000000..0ac0d8a\n--- /dev/null\n+++ b/libstb/cvc/c1vc.c\n@@ -0,0 +1,138 @@\n+/* Copyright 2013-2016 IBM Corp.\n+ *\n+ * Licensed under the Apache License, Version 2.0 (the \"License\");\n+ * you may not use this file except in compliance with the License.\n+ * You may obtain a copy of the License at\n+ *\n+ * \thttp://www.apache.org/licenses/LICENSE-2.0\n+ *\n+ * Unless required by applicable law or agreed to in writing, software\n+ * distributed under the License is distributed on an \"AS IS\" BASIS,\n+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n+ * implied.\n+ * See the License for the specific language governing permissions and\n+ * limitations under the License.\n+ */\n+\n+#include <chip.h>\n+#include <xscom.h>\n+#include <string.h>\n+#include <skiboot.h>\n+#include \"../status_codes.h\"\n+#include \"../rom.h\"\n+#include \"c1vc.h\"\n+\n+#define DRIVER_NAME\t\"c1vc\"\n+\n+#define SECURE_ROM_MEMORY_SIZE\t\t(16 * 1024)\n+#define SECURE_ROM_XSCOM_ADDRESS\t0x02020017\n+\n+/*\n+ * From the source code of the ROM code\n+ */\n+#define SECURE_ROM_SHA512_OFFSET\t0x20\n+#define SECURE_ROM_VERIFY_OFFSET\t0x30\n+\n+static const char *compat = \"ibm,secureboot-v1\";\n+static void *securerom_addr = NULL;\n+static sha2_hash_t *hw_key_hash = NULL;\n+\n+/*\n+ * Assembly interfaces to call into ROM code.\n+ * func_ptr is the ROM code function address, followed\n+ * by additional parameters as necessary\n+ */\n+ROM_response __c1vc_verify(void *func_ptr, ROM_container_raw *container,\n+\t\t\t ROM_hw_params *params);\n+void __c1vc_sha512(void *func_ptr, const uint8_t *data, size_t len,\n+\t\t uint8_t *digest);\n+\n+static int c1vc_verify(void *container)\n+{\n+\tROM_hw_params hw_params;\n+\tROM_response rc;\n+\n+\tmemset(&hw_params, 0, sizeof(ROM_hw_params));\n+\tmemcpy(&hw_params.hw_key_hash, hw_key_hash, sizeof(sha2_hash_t));\n+\trc = __c1vc_verify(securerom_addr + SECURE_ROM_VERIFY_OFFSET,\n+\t\t\t (ROM_container_raw*) container, &hw_params);\n+\tif (rc != ROM_DONE) {\n+\t\t/*\n+\t\t * Verify failed. hw_params.log indicates what checking has\n+\t\t * failed. This will abort the boot process.\n+\t\t */\n+\t\tprlog(PR_ERR, \"ROM: %s failed (rc=%d, hw_params.log=0x%llx)\\n\",\n+\t\t __func__, rc, be64_to_cpu(hw_params.log));\n+\t\treturn STB_VERIFY_FAILED;\n+\t}\n+\treturn 0;\n+}\n+\n+static void c1vc_sha512(const uint8_t *data, size_t len, uint8_t *digest)\n+{\n+\tmemset(digest, 0, sizeof(sha2_hash_t));\n+\t__c1vc_sha512(securerom_addr + SECURE_ROM_SHA512_OFFSET,\n+\t\t data, len, digest);\n+}\n+\n+static void c1vc_cleanup(void) {\n+\tif (securerom_addr)\n+\t\tfree(securerom_addr);\n+\thw_key_hash = NULL;\n+}\n+\n+static struct container_verification_code c1vc = {\n+\t.name = DRIVER_NAME,\n+\t.verify = c1vc_verify,\n+\t.sha512 = c1vc_sha512,\n+\t.cleanup = c1vc_cleanup,\n+};\n+\n+void c1vc_probe(const struct dt_node *node)\n+{\n+\t/* This xscom register has the Secure ROM code base address */\n+\tconst uint32_t reg_addr = SECURE_ROM_XSCOM_ADDRESS;\n+\tuint64_t reg_data;\n+\tstruct proc_chip *chip;\n+\tconst char* hash_algo;\n+\n+\tif (!dt_node_is_compatible(node, compat)) {\n+\t\tprlog(PR_DEBUG, \"ROM: %s node is not compatible\\n\",\n+\t\t node->name);\n+\t\treturn;\n+\t}\n+\t/*\n+\t * secureboot-v1 defines containers with sha512 hashes\n+\t */\n+\thash_algo = dt_prop_get(node, \"hash-algo\");\n+\tif (strcmp(hash_algo, \"sha512\")) {\n+\t\t/**\n+\t\t * @fwts-label ROMHashAlgorithmInvalid\n+\t\t * @fwts-advice Hostboot creates the ibm,secureboot node and\n+\t\t * the hash-algo property. Check that the ibm,secureboot node\n+\t\t * layout has not changed.\n+\t\t */\n+\t\tprlog(PR_ERR, \"ROM: hash-algo=%s not expected\\n\", hash_algo);\n+\t\treturn;\n+\t}\n+\thw_key_hash = (sha2_hash_t*) dt_prop_get(node, \"hw-key-hash\");\n+\tsecurerom_addr = malloc(SECURE_ROM_MEMORY_SIZE);\n+\tassert(securerom_addr);\n+\t/*\n+\t * The logic that contains the ROM within the processor is implemented\n+\t * in a way that it only responds to CI (cache inhibited) operations.\n+\t * Due to performance issues we copy the verification code from the\n+\t * secure ROM to RAM and we use memcpy_from_ci to do that.\n+\t */\n+\tchip = next_chip(NULL);\n+\txscom_read(chip->id, reg_addr, ®_data);\n+\tmemcpy_from_ci(securerom_addr, (void*) reg_data,\n+\t\t SECURE_ROM_MEMORY_SIZE);\n+\t/*\n+\t * Skiboot runs with IR (Instruction Relocation) &\n+\t * DR (Data Relocation) off, so there is no need to either MMIO\n+\t * the ROM code or set the memory region as executable.\n+ * skiboot accesses the physical memory directly. Real mode.\n+\t */\n+\trom_set_driver(&c1vc);\n+}\ndiff --git a/libstb/cvc/c1vc.h b/libstb/cvc/c1vc.h\nnew file mode 100644\nindex 0000000..f0d2a3d\n--- /dev/null\n+++ b/libstb/cvc/c1vc.h\n@@ -0,0 +1,24 @@\n+/* Copyright 2013-2016 IBM Corp.\n+ *\n+ * Licensed under the Apache License, Version 2.0 (the \"License\");\n+ * you may not use this file except in compliance with the License.\n+ * You may obtain a copy of the License at\n+ *\n+ * http://www.apache.org/licenses/LICENSE-2.0\n+ *\n+ * Unless required by applicable law or agreed to in writing, software\n+ * distributed under the License is distributed on an \"AS IS\" BASIS,\n+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n+ * implied.\n+ * See the License for the specific language governing permissions and\n+ * limitations under the License.\n+ */\n+\n+#ifndef __C1VC_H\n+#define __C1VC_H\n+\n+#include <device.h>\n+\n+extern void c1vc_probe(const struct dt_node *node);\n+\n+#endif /* __C1VC_H */\ndiff --git a/libstb/drivers/Makefile.inc b/libstb/drivers/Makefile.inc\nindex d0f88ea..6425208 100644\n--- a/libstb/drivers/Makefile.inc\n+++ b/libstb/drivers/Makefile.inc\n@@ -4,7 +4,7 @@ DRIVERS_DIR = libstb/drivers\n \n SUBDIRS += $(DRIVERS_DIR)\n \n-DRIVERS_SRCS = romcode.c tpm_i2c_interface.c tpm_i2c_nuvoton.c sw_driver.c sha512.c\n+DRIVERS_SRCS = tpm_i2c_interface.c tpm_i2c_nuvoton.c sw_driver.c sha512.c\n DRIVERS_OBJS = $(DRIVERS_SRCS:%.c=%.o)\n DRIVERS = $(DRIVERS_DIR)/built-in.o\n \ndiff --git a/libstb/drivers/romcode.c b/libstb/drivers/romcode.c\ndeleted file mode 100644\nindex 68f1230..0000000\n--- a/libstb/drivers/romcode.c\n+++ /dev/null\n@@ -1,138 +0,0 @@\n-/* Copyright 2013-2016 IBM Corp.\n- *\n- * Licensed under the Apache License, Version 2.0 (the \"License\");\n- * you may not use this file except in compliance with the License.\n- * You may obtain a copy of the License at\n- *\n- * \thttp://www.apache.org/licenses/LICENSE-2.0\n- *\n- * Unless required by applicable law or agreed to in writing, software\n- * distributed under the License is distributed on an \"AS IS\" BASIS,\n- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n- * implied.\n- * See the License for the specific language governing permissions and\n- * limitations under the License.\n- */\n-\n-#include <chip.h>\n-#include <xscom.h>\n-#include <string.h>\n-#include <skiboot.h>\n-#include \"../status_codes.h\"\n-#include \"../rom.h\"\n-#include \"romcode.h\"\n-\n-#define DRIVER_NAME\t\"romcode\"\n-\n-#define ROMCODE_MEMORY_SIZE\t(16 * 1024)\n-#define ROMCODE_XSCOM_ADDRESS\t0x02020017\n-\n-/*\n- * From the source code of the ROM code\n- */\n-#define ROMCODE_SHA512_OFFSET\t\t0x20\n-#define ROMCODE_VERIFY_OFFSET\t\t0x30\n-\n-static const char *compat = \"ibm,secureboot-v1\";\n-static void *romcode_base_addr = NULL;\n-static sha2_hash_t *hw_key_hash = NULL;\n-\n-/*\n- * Assembly interfaces to call into ROM code.\n- * func_ptr is the ROM code function address, followed\n- * by additional parameters as necessary\n- */\n-ROM_response call_rom_verify(void *func_ptr, ROM_container_raw *container,\n-\t\t\t ROM_hw_params *params);\n-void call_rom_SHA512(void *func_ptr, const uint8_t *data, size_t len,\n-\t\t uint8_t *digest);\n-\n-static int romcode_verify(void *container)\n-{\n-\tROM_hw_params hw_params;\n-\tROM_response rc;\n-\n-\tmemset(&hw_params, 0, sizeof(ROM_hw_params));\n-\tmemcpy(&hw_params.hw_key_hash, hw_key_hash, sizeof(sha2_hash_t));\n-\trc = call_rom_verify(romcode_base_addr + ROMCODE_VERIFY_OFFSET,\n-\t\t\t (ROM_container_raw*) container, &hw_params);\n-\tif (rc != ROM_DONE) {\n-\t\t/*\n-\t\t * Verify failed. hw_params.log indicates what checking has\n-\t\t * failed. This will abort the boot process.\n-\t\t */\n-\t\tprlog(PR_ERR, \"ROM: %s failed (rc=%d, hw_params.log=0x%llx)\\n\",\n-\t\t __func__, rc, be64_to_cpu(hw_params.log));\n-\t\treturn STB_VERIFY_FAILED;\n-\t}\n-\treturn 0;\n-}\n-\n-static void romcode_sha512(const uint8_t *data, size_t len, uint8_t *digest)\n-{\n-\tmemset(digest, 0, sizeof(sha2_hash_t));\n-\tcall_rom_SHA512(romcode_base_addr + ROMCODE_SHA512_OFFSET,\n-\t\t\tdata, len, digest);\n-}\n-\n-static void romcode_cleanup(void) {\n-\tif (romcode_base_addr)\n-\t\tfree(romcode_base_addr);\n-\thw_key_hash = NULL;\n-}\n-\n-static struct container_verification_code c1vc = {\n-\t.name = DRIVER_NAME,\n-\t.verify = romcode_verify,\n-\t.sha512 = romcode_sha512,\n-\t.cleanup = romcode_cleanup\n-};\n-\n-void romcode_probe(const struct dt_node *node)\n-{\n-\t/* This xscom register has the ROM code base address */\n-\tconst uint32_t reg_addr = ROMCODE_XSCOM_ADDRESS;\n-\tuint64_t reg_data;\n-\tstruct proc_chip *chip;\n-\tconst char* hash_algo;\n-\n-\tif (!dt_node_is_compatible(node, compat)) {\n-\t\tprlog(PR_DEBUG, \"ROM: %s node is not compatible\\n\",\n-\t\t node->name);\n-\t\treturn;\n-\t}\n-\t/*\n-\t * secureboot-v1 defines containers with sha512 hashes\n-\t */\n-\thash_algo = dt_prop_get(node, \"hash-algo\");\n-\tif (strcmp(hash_algo, \"sha512\")) {\n-\t\t/**\n-\t\t * @fwts-label ROMHashAlgorithmInvalid\n-\t\t * @fwts-advice Hostboot creates the ibm,secureboot node and\n-\t\t * the hash-algo property. Check that the ibm,secureboot node\n-\t\t * layout has not changed.\n-\t\t */\n-\t\tprlog(PR_ERR, \"ROM: hash-algo=%s not expected\\n\", hash_algo);\n-\t\treturn;\n-\t}\n-\thw_key_hash = (sha2_hash_t*) dt_prop_get(node, \"hw-key-hash\");\n-\tromcode_base_addr = malloc(ROMCODE_MEMORY_SIZE);\n-\tassert(romcode_base_addr);\n-\t/*\n-\t * The logic that contains the ROM within the processor is implemented\n-\t * in a way that it only responds to CI (cache inhibited) operations.\n-\t * Due to performance issues we copy the verification code from the\n-\t * secure ROM to RAM and we use memcpy_from_ci to do that.\n-\t */\n-\tchip = next_chip(NULL);\n-\txscom_read(chip->id, reg_addr, ®_data);\n-\tmemcpy_from_ci(romcode_base_addr, (void*) reg_data,\n-\t\t ROMCODE_MEMORY_SIZE);\n-\t/*\n-\t * Skiboot runs with IR (Instruction Relocation) &\n-\t * DR (Data Relocation) off, so there is no need to either MMIO\n-\t * the ROM code or set the memory region as executable.\n- * skiboot accesses the physical memory directly. Real mode.\n-\t */\n-\trom_set_driver(&c1vc);\n-}\ndiff --git a/libstb/drivers/romcode.h b/libstb/drivers/romcode.h\ndeleted file mode 100644\nindex 4152eae..0000000\n--- a/libstb/drivers/romcode.h\n+++ /dev/null\n@@ -1,24 +0,0 @@\n-/* Copyright 2013-2016 IBM Corp.\n- *\n- * Licensed under the Apache License, Version 2.0 (the \"License\");\n- * you may not use this file except in compliance with the License.\n- * You may obtain a copy of the License at\n- *\n- * http://www.apache.org/licenses/LICENSE-2.0\n- *\n- * Unless required by applicable law or agreed to in writing, software\n- * distributed under the License is distributed on an \"AS IS\" BASIS,\n- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n- * implied.\n- * See the License for the specific language governing permissions and\n- * limitations under the License.\n- */\n-\n-#ifndef __ROMCODE_H\n-#define __ROMCODE_H\n-\n-#include <device.h>\n-\n-extern void romcode_probe(const struct dt_node *node);\n-\n-#endif /* __ROMCODE_H */\ndiff --git a/libstb/rom.c b/libstb/rom.c\nindex 27b65c9..9054420 100644\n--- a/libstb/rom.c\n+++ b/libstb/rom.c\n@@ -16,7 +16,7 @@\n \n #include <skiboot.h>\n #include \"rom.h\"\n-#include \"drivers/romcode.h\"\n+#include \"cvc/c1vc.h\"\n #include \"drivers/sw_driver.h\"\n \n static struct container_verification_code *c1vc = NULL;\n@@ -26,8 +26,8 @@ struct container_verification_code* rom_init(const struct dt_node *node __unused\n \tif (c1vc)\n \t\tgoto end;\n \n-\t/* ROM drivers supported */\n-\tromcode_probe(node);\n+\t/* CVC drivers supported */\n+\tc1vc_probe(node);\n \n \tif (!c1vc)\n \t\tstb_software_probe(node);\n", "prefixes": [ "v2", "06/14" ] }