Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/808100/?format=api
{ "id": 808100, "url": "http://patchwork.ozlabs.org/api/patches/808100/?format=api", "web_url": "http://patchwork.ozlabs.org/project/skiboot/patch/1504164285-15095-11-git-send-email-cclaudio@linux.vnet.ibm.com/", "project": { "id": 44, "url": "http://patchwork.ozlabs.org/api/projects/44/?format=api", "name": "skiboot firmware development", "link_name": "skiboot", "list_id": "skiboot.lists.ozlabs.org", "list_email": "skiboot@lists.ozlabs.org", "web_url": "http://github.com/open-power/skiboot", "scm_url": "http://github.com/open-power/skiboot", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<1504164285-15095-11-git-send-email-cclaudio@linux.vnet.ibm.com>", "list_archive_url": null, "date": "2017-08-31T07:24:41", "name": "[v2,10/14] libstb: move cvc initialization to stb.c", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": false, "hash": "6d300322fc32c98850e461f5d7af2f82435948bf", "submitter": { "id": 69305, "url": "http://patchwork.ozlabs.org/api/people/69305/?format=api", "name": "Claudio Carvalho", "email": "cclaudio@linux.vnet.ibm.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/skiboot/patch/1504164285-15095-11-git-send-email-cclaudio@linux.vnet.ibm.com/mbox/", "series": [ { "id": 760, "url": "http://patchwork.ozlabs.org/api/series/760/?format=api", "web_url": "http://patchwork.ozlabs.org/project/skiboot/list/?series=760", "date": "2017-08-31T07:24:31", "name": "libstb: simplify the initialization of cvc drivers", "version": 2, "mbox": "http://patchwork.ozlabs.org/series/760/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/808100/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/808100/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "skiboot@lists.ozlabs.org" ], "Delivered-To": [ "patchwork-incoming@bilbo.ozlabs.org", "skiboot@lists.ozlabs.org" ], "Received": [ "from lists.ozlabs.org (lists.ozlabs.org [103.22.144.68])\n\t(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xjYqr2NMVz9sNc\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu, 31 Aug 2017 17:27:52 +1000 (AEST)", "from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3])\n\tby lists.ozlabs.org (Postfix) with ESMTP id 3xjYqr1RDDzDqms\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu, 31 Aug 2017 17:27:52 +1000 (AEST)", "from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com\n\t[148.163.158.5])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256\n\tbits)) (No client certificate requested)\n\tby lists.ozlabs.org (Postfix) with ESMTPS id 3xjYn13y2mzDqXc\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 17:25:25 +1000 (AEST)", "from pps.filterd (m0098416.ppops.net [127.0.0.1])\n\tby mx0b-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id\n\tv7V7O0x1179817\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:25:23 -0400", "from e15.ny.us.ibm.com (e15.ny.us.ibm.com [129.33.205.205])\n\tby mx0b-001b2d01.pphosted.com with ESMTP id 2cpca8eht1-1\n\t(version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT)\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:25:22 -0400", "from localhost\n\tby e15.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use\n\tOnly! Violators will be prosecuted\n\tfor <skiboot@lists.ozlabs.org> from <cclaudio@linux.vnet.ibm.com>;\n\tThu, 31 Aug 2017 03:25:22 -0400", "from b01cxnp23033.gho.pok.ibm.com (9.57.198.28)\n\tby e15.ny.us.ibm.com (146.89.104.202) with IBM ESMTP SMTP Gateway:\n\tAuthorized Use Only! Violators will be prosecuted; \n\tThu, 31 Aug 2017 03:25:21 -0400", "from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com\n\t[9.57.199.109])\n\tby b01cxnp23033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP\n\tid v7V7PKkK1835286\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 07:25:20 GMT", "from localhost (unknown [127.0.0.1])\n\tby IMSVA (Postfix) with SMTP id 490E6112034\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:25:06 -0400 (EDT)", "from legolas.ibm.com (unknown [9.85.193.48])\n\tby b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id 1ED58112034;\n\tThu, 31 Aug 2017 03:24:56 -0400 (EDT)" ], "X-IMSS-HAND-OFF-DIRECTIVE": "127.0.0.1:10026", "From": "Claudio Carvalho <cclaudio@linux.vnet.ibm.com>", "To": "skiboot@lists.ozlabs.org", "Date": "Thu, 31 Aug 2017 04:24:41 -0300", "X-Mailer": "git-send-email 2.7.4", "In-Reply-To": "<1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com>", "References": "<1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com>", "X-TM-AS-GCONF": "00", "x-cbid": "17083107-0036-0000-0000-00000261AE05", "X-IBM-SpamModules-Scores": "", "X-IBM-SpamModules-Versions": "BY=3.00007640; HX=3.00000241; KW=3.00000007;\n\tPH=3.00000004; SC=3.00000226; SDB=6.00910097; UDB=6.00456510;\n\tIPR=6.00690378; \n\tBA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009;\n\tZB=6.00000000; \n\tZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938;\n\tXFM=3.00000015; UTC=2017-08-31 07:25:21", "X-IBM-AV-DETECTION": "SAVI=unused REMOTE=unused XFE=unused", "x-cbparentid": "17083107-0037-0000-0000-0000419CB182", "Message-Id": "<1504164285-15095-11-git-send-email-cclaudio@linux.vnet.ibm.com>", "X-Proofpoint-Virus-Version": "vendor=fsecure engine=2.50.10432:, ,\n\tdefinitions=2017-08-31_02:, , signatures=0", "X-Proofpoint-Spam-Details": "rule=outbound_notspam policy=outbound score=0\n\tspamscore=0 suspectscore=4\n\tmalwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam\n\tadjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000\n\tdefinitions=main-1708310114", "Subject": "[Skiboot] [PATCH v2 10/14] libstb: move cvc initialization to stb.c", "X-BeenThere": "skiboot@lists.ozlabs.org", "X-Mailman-Version": "2.1.23", "Precedence": "list", "List-Id": "Mailing list for skiboot development <skiboot.lists.ozlabs.org>", "List-Unsubscribe": "<https://lists.ozlabs.org/options/skiboot>,\n\t<mailto:skiboot-request@lists.ozlabs.org?subject=unsubscribe>", "List-Archive": "<http://lists.ozlabs.org/pipermail/skiboot/>", "List-Post": "<mailto:skiboot@lists.ozlabs.org>", "List-Help": "<mailto:skiboot-request@lists.ozlabs.org?subject=help>", "List-Subscribe": "<https://lists.ozlabs.org/listinfo/skiboot>,\n\t<mailto:skiboot-request@lists.ozlabs.org?subject=subscribe>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=\"utf-8\"", "Content-Transfer-Encoding": "base64", "Errors-To": "skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org", "Sender": "\"Skiboot\"\n\t<skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>" }, "content": "cvc stands for container verification code.\n\nBy moving the probe function of each cvc driver to stb.c, this\nsimplifies the current cvc initialization and also the addition of new\ncvc drivers in the future.\n\nIn order to move all the cvc initialization to stb.c, this also adds the\nfunc_addr parameter to both verify and sha512 cvc hooks.\n\nfunc_addr = cvc base address + function offset.\n\nrom.c and rom.h are no longer required.\n\nSigned-off-by: Claudio Carvalho <cclaudio@linux.vnet.ibm.com>\n---\n libstb/Makefile.inc | 2 +-\n libstb/container.h | 2 +\n libstb/cvc/c1vc.c | 109 ++++++--------------------------\n libstb/cvc/c1vc.h | 11 +++-\n libstb/cvc/c1vc_mbedtls.c | 48 +++-----------\n libstb/cvc/c1vc_mbedtls.h | 14 ++++-\n libstb/rom.c | 55 ----------------\n libstb/rom.h | 43 -------------\n libstb/stb.c | 156 ++++++++++++++++++++++++++++++++++++++++++----\n 9 files changed, 198 insertions(+), 242 deletions(-)\n delete mode 100644 libstb/rom.c\n delete mode 100644 libstb/rom.h", "diff": "diff --git a/libstb/Makefile.inc b/libstb/Makefile.inc\nindex 8a78fb6..217f3fc 100644\n--- a/libstb/Makefile.inc\n+++ b/libstb/Makefile.inc\n@@ -4,7 +4,7 @@ LIBSTB_DIR = libstb\n \n SUBDIRS += $(LIBSTB_DIR)\n \n-LIBSTB_SRCS = container.c rom.c tpm_chip.c stb.c\n+LIBSTB_SRCS = container.c tpm_chip.c stb.c\n LIBSTB_OBJS = $(LIBSTB_SRCS:%.c=%.o)\n LIBSTB = $(LIBSTB_DIR)/built-in.o\n \ndiff --git a/libstb/container.h b/libstb/container.h\nindex c125bc1..1233e7e 100644\n--- a/libstb/container.h\n+++ b/libstb/container.h\n@@ -19,7 +19,9 @@\n \n #include <stdint.h>\n #include <stdlib.h>\n+#include <stdbool.h>\n #include <ccan/endian/endian.h>\n+#include <ccan/short_types/short_types.h>\n \n #define SECURE_BOOT_HEADERS_SIZE\t4096\n #define SHA256_DIGEST_LENGTH\t\t32\ndiff --git a/libstb/cvc/c1vc.c b/libstb/cvc/c1vc.c\nindex 0ac0d8a..04ebc89 100644\n--- a/libstb/cvc/c1vc.c\n+++ b/libstb/cvc/c1vc.c\n@@ -19,120 +19,51 @@\n #include <string.h>\n #include <skiboot.h>\n #include \"../status_codes.h\"\n-#include \"../rom.h\"\n+#include \"../container.h\"\n #include \"c1vc.h\"\n \n-#define DRIVER_NAME\t\"c1vc\"\n-\n-#define SECURE_ROM_MEMORY_SIZE\t\t(16 * 1024)\n-#define SECURE_ROM_XSCOM_ADDRESS\t0x02020017\n-\n /*\n- * From the source code of the ROM code\n- */\n-#define SECURE_ROM_SHA512_OFFSET\t0x20\n-#define SECURE_ROM_VERIFY_OFFSET\t0x30\n-\n-static const char *compat = \"ibm,secureboot-v1\";\n-static void *securerom_addr = NULL;\n-static sha2_hash_t *hw_key_hash = NULL;\n-\n-/*\n- * Assembly interfaces to call into ROM code.\n- * func_ptr is the ROM code function address, followed\n- * by additional parameters as necessary\n+ * Assembly interfaces to call into the Container v1 Verification Code.\n+ * func_ptr: C1VC base address + offset\n */\n ROM_response __c1vc_verify(void *func_ptr, ROM_container_raw *container,\n \t\t\t ROM_hw_params *params);\n void __c1vc_sha512(void *func_ptr, const uint8_t *data, size_t len,\n \t\t uint8_t *digest);\n \n-static int c1vc_verify(void *container)\n+int c1vc_verify(void *func_addr, const char *name, void *container,\n+\t\tconst void *hw_key_hash, size_t hw_key_hash_size)\n {\n \tROM_hw_params hw_params;\n \tROM_response rc;\n \n \tmemset(&hw_params, 0, sizeof(ROM_hw_params));\n-\tmemcpy(&hw_params.hw_key_hash, hw_key_hash, sizeof(sha2_hash_t));\n-\trc = __c1vc_verify(securerom_addr + SECURE_ROM_VERIFY_OFFSET,\n-\t\t\t (ROM_container_raw*) container, &hw_params);\n+\tmemcpy(&hw_params.hw_key_hash, hw_key_hash, hw_key_hash_size);\n+\trc = __c1vc_verify(func_addr, (ROM_container_raw*) container, &hw_params);\n \tif (rc != ROM_DONE) {\n \t\t/*\n-\t\t * Verify failed. hw_params.log indicates what checking has\n-\t\t * failed. This will abort the boot process.\n+\t\t * Container verification failed, the boot process will probably\n+\t\t * be halted by the caller.\n+\t\t *\n+\t\t * The value returned in params.log indicates what checking has\n+\t\t * failed and it is one of the return codes defined in\n+\t\t * /hostboot/src/include/securerom/status_codes.H\n \t\t */\n-\t\tprlog(PR_ERR, \"ROM: %s failed (rc=%d, hw_params.log=0x%llx)\\n\",\n-\t\t __func__, rc, be64_to_cpu(hw_params.log));\n+\t\tprerror(\"STB: %s verification FAILED (rc=%d, hw_params.log=0x%llx)\\n\",\n+\t\t\tname, rc, be64_to_cpu(hw_params.log));\n \t\treturn STB_VERIFY_FAILED;\n \t}\n \treturn 0;\n }\n \n-static void c1vc_sha512(const uint8_t *data, size_t len, uint8_t *digest)\n+void c1vc_sha512(void *func_addr, const uint8_t *data, size_t len,\n+\t\t uint8_t *digest)\n {\n \tmemset(digest, 0, sizeof(sha2_hash_t));\n-\t__c1vc_sha512(securerom_addr + SECURE_ROM_SHA512_OFFSET,\n-\t\t data, len, digest);\n+\t__c1vc_sha512(func_addr, data, len, digest);\n }\n \n-static void c1vc_cleanup(void) {\n-\tif (securerom_addr)\n-\t\tfree(securerom_addr);\n-\thw_key_hash = NULL;\n-}\n-\n-static struct container_verification_code c1vc = {\n-\t.name = DRIVER_NAME,\n-\t.verify = c1vc_verify,\n-\t.sha512 = c1vc_sha512,\n-\t.cleanup = c1vc_cleanup,\n-};\n-\n-void c1vc_probe(const struct dt_node *node)\n+void __attrconst c1vc_cleanup(void)\n {\n-\t/* This xscom register has the Secure ROM code base address */\n-\tconst uint32_t reg_addr = SECURE_ROM_XSCOM_ADDRESS;\n-\tuint64_t reg_data;\n-\tstruct proc_chip *chip;\n-\tconst char* hash_algo;\n-\n-\tif (!dt_node_is_compatible(node, compat)) {\n-\t\tprlog(PR_DEBUG, \"ROM: %s node is not compatible\\n\",\n-\t\t node->name);\n-\t\treturn;\n-\t}\n-\t/*\n-\t * secureboot-v1 defines containers with sha512 hashes\n-\t */\n-\thash_algo = dt_prop_get(node, \"hash-algo\");\n-\tif (strcmp(hash_algo, \"sha512\")) {\n-\t\t/**\n-\t\t * @fwts-label ROMHashAlgorithmInvalid\n-\t\t * @fwts-advice Hostboot creates the ibm,secureboot node and\n-\t\t * the hash-algo property. Check that the ibm,secureboot node\n-\t\t * layout has not changed.\n-\t\t */\n-\t\tprlog(PR_ERR, \"ROM: hash-algo=%s not expected\\n\", hash_algo);\n-\t\treturn;\n-\t}\n-\thw_key_hash = (sha2_hash_t*) dt_prop_get(node, \"hw-key-hash\");\n-\tsecurerom_addr = malloc(SECURE_ROM_MEMORY_SIZE);\n-\tassert(securerom_addr);\n-\t/*\n-\t * The logic that contains the ROM within the processor is implemented\n-\t * in a way that it only responds to CI (cache inhibited) operations.\n-\t * Due to performance issues we copy the verification code from the\n-\t * secure ROM to RAM and we use memcpy_from_ci to do that.\n-\t */\n-\tchip = next_chip(NULL);\n-\txscom_read(chip->id, reg_addr, ®_data);\n-\tmemcpy_from_ci(securerom_addr, (void*) reg_data,\n-\t\t SECURE_ROM_MEMORY_SIZE);\n-\t/*\n-\t * Skiboot runs with IR (Instruction Relocation) &\n-\t * DR (Data Relocation) off, so there is no need to either MMIO\n-\t * the ROM code or set the memory region as executable.\n- * skiboot accesses the physical memory directly. Real mode.\n-\t */\n-\trom_set_driver(&c1vc);\n+\treturn;\n }\ndiff --git a/libstb/cvc/c1vc.h b/libstb/cvc/c1vc.h\nindex f0d2a3d..fd5588b 100644\n--- a/libstb/cvc/c1vc.h\n+++ b/libstb/cvc/c1vc.h\n@@ -17,8 +17,15 @@\n #ifndef __C1VC_H\n #define __C1VC_H\n \n-#include <device.h>\n+#include <compiler.h>\n+#include <stdint.h>\n \n-extern void c1vc_probe(const struct dt_node *node);\n+int c1vc_verify(void *func_addr, const char *name, void *container,\n+\t\tconst void *hw_key_hash, size_t hw_key_hash_size);\n+\n+void c1vc_sha512(void *func_addr, const uint8_t *data, size_t len,\n+\t\t uint8_t *digest);\n+\n+void __attrconst c1vc_cleanup(void);\n \n #endif /* __C1VC_H */\ndiff --git a/libstb/cvc/c1vc_mbedtls.c b/libstb/cvc/c1vc_mbedtls.c\nindex 4cf8e13..f677a68 100644\n--- a/libstb/cvc/c1vc_mbedtls.c\n+++ b/libstb/cvc/c1vc_mbedtls.c\n@@ -14,21 +14,22 @@\n * limitations under the License.\n */\n \n-#include <chip.h>\n #include <string.h>\n-#include <skiboot.h>\n-#include \"../rom.h\"\n #include \"../mbedtls/sha512.h\"\n+#include \"../container.h\"\n #include \"c1vc_mbedtls.h\"\n \n-static sha2_hash_t *hw_key_hash = NULL;\n-\n-static int c1vc_mbedtls_verify(void *container __unused)\n+int __attrconst c1vc_mbedtls_verify(void *func_addr __unused,\n+\t\t\t\t const char* name __unused,\n+\t\t\t\t void *container __unused,\n+\t\t\t\t const void *hw_key_hash __unused,\n+\t\t\t\t size_t hw_key_hash_size __unused)\n {\n \treturn -100;\n }\n \n-static void c1vc_mbedtls_sha512(const uint8_t *data, size_t len, uint8_t *digest)\n+void c1vc_mbedtls_sha512(void *func_addr __unused,\n+\t\t\t const uint8_t *data, size_t len, uint8_t *digest)\n {\n \tmbedtls_sha512_context ctx;\n \tmbedtls_sha512_init(&ctx);\n@@ -39,38 +40,7 @@ static void c1vc_mbedtls_sha512(const uint8_t *data, size_t len, uint8_t *digest\n \tmbedtls_sha512_free(&ctx);\n }\n \n-static void c1vc_mbedtls_cleanup(void)\n+void __attrconst c1vc_mbedtls_cleanup(void)\n {\n \treturn;\n }\n-\n-static struct container_verification_code c1vc = {\n-\t.name = \"software\",\n-\t.verify = c1vc_mbedtls_verify,\n-\t.sha512 = c1vc_mbedtls_sha512,\n-\t.cleanup = c1vc_mbedtls_cleanup\n-};\n-\n-void c1vc_mbedtls_probe(const struct dt_node *node)\n-{\n-\tconst char* hash_algo;\n-\n-\tif (!dt_node_is_compatible(node, \"ibm,secureboot-v1-softrom\")) {\n-\t\treturn;\n-\t}\n-\n-\thash_algo = dt_prop_get(node, \"hash-algo\");\n-\tif (strcmp(hash_algo, \"sha512\")) {\n-\t\t/**\n-\t\t * @fwts-label ROMHashAlgorithmInvalid\n-\t\t * @fwts-advice Hostboot creates the ibm,secureboot node and\n-\t\t * the hash-algo property. Check that the ibm,secureboot node\n-\t\t * layout has not changed.\n-\t\t */\n-\t\tprlog(PR_ERR, \"ROM: hash-algo=%s not expected\\n\", hash_algo);\n-\t\treturn;\n-\t}\n-\thw_key_hash = (sha2_hash_t*) dt_prop_get(node, \"hw-key-hash\");\n-\n-\trom_set_driver(&c1vc);\n-}\ndiff --git a/libstb/cvc/c1vc_mbedtls.h b/libstb/cvc/c1vc_mbedtls.h\nindex 9027138..f24e940 100644\n--- a/libstb/cvc/c1vc_mbedtls.h\n+++ b/libstb/cvc/c1vc_mbedtls.h\n@@ -17,8 +17,18 @@\n #ifndef __C1VC_MBEDTLS_H\n #define __C1VC_MBEDTLS_H\n \n-#include <device.h>\n+#include <compiler.h>\n+#include <stdint.h>\n \n-extern void c1vc_mbedtls_probe(const struct dt_node *node);\n+int __attrconst c1vc_mbedtls_verify(void *func_addr __unused,\n+\t\t\t\t const char* name __unused,\n+\t\t\t\t void *container __unused,\n+\t\t\t\t const void *hw_key_hash __unused,\n+\t\t\t\t size_t hw_key_hash_size __unused);\n+\n+void c1vc_mbedtls_sha512(void *func_addr __unused,\n+\t\t\t const uint8_t *data, size_t len, uint8_t *digest);\n+\n+void __attrconst c1vc_mbedtls_cleanup(void);\n \n #endif /* __C1VC_MBEDTLS_H */\ndiff --git a/libstb/rom.c b/libstb/rom.c\ndeleted file mode 100644\nindex 04ab364..0000000\n--- a/libstb/rom.c\n+++ /dev/null\n@@ -1,55 +0,0 @@\n-/* Copyright 2013-2016 IBM Corp.\n- *\n- * Licensed under the Apache License, Version 2.0 (the \"License\");\n- * you may not use this file except in compliance with the License.\n- * You may obtain a copy of the License at\n- *\n- * http://www.apache.org/licenses/LICENSE-2.0\n- *\n- * Unless required by applicable law or agreed to in writing, software\n- * distributed under the License is distributed on an \"AS IS\" BASIS,\n- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n- * implied.\n- * See the License for the specific language governing permissions and\n- * limitations under the License.\n- */\n-\n-#include <skiboot.h>\n-#include \"rom.h\"\n-#include \"cvc/c1vc.h\"\n-#include \"cvc/c1vc_mbedtls.h\"\n-\n-static struct container_verification_code *c1vc = NULL;\n-\n-struct container_verification_code* rom_init(const struct dt_node *node __unused)\n-{\n-\tif (c1vc)\n-\t\tgoto end;\n-\n-\t/* CVC drivers supported */\n-\tc1vc_probe(node);\n-\n-\tif (!c1vc)\n-\t\tc1vc_mbedtls_probe(node);\n-\n-\tif (!c1vc)\n-\t\tprlog(PR_NOTICE, \"ROM: no rom driver found\\n\");\n-end:\n-\treturn c1vc;\n-}\n-\n-void rom_set_driver(struct container_verification_code *driver)\n-{\n-\tif (c1vc) {\n-\t\t/**\n-\t\t * @fwts-label ROMAlreadyRegistered\n-\t\t * @fwts-advice ibm,secureboot already registered. Check if\n-\t\t * rom_init called twice or the same driver is probed twice\n-\t\t */\n-\t\tprlog(PR_WARNING, \"ROM: %s driver already registered\\n\",\n-\t\t c1vc->name);\n-\t\treturn;\n-\t}\n-\tc1vc = driver;\n-\tprlog(PR_NOTICE, \"ROM: %s driver registered\\n\", c1vc->name);\n-}\ndiff --git a/libstb/rom.h b/libstb/rom.h\ndeleted file mode 100644\nindex 972a19b..0000000\n--- a/libstb/rom.h\n+++ /dev/null\n@@ -1,43 +0,0 @@\n-/* Copyright 2013-2016 IBM Corp.\n- *\n- * Licensed under the Apache License, Version 2.0 (the \"License\");\n- * you may not use this file except in compliance with the License.\n- * You may obtain a copy of the License at\n- *\n- * http://www.apache.org/licenses/LICENSE-2.0\n- *\n- * Unless required by applicable law or agreed to in writing, software\n- * distributed under the License is distributed on an \"AS IS\" BASIS,\n- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n- * implied.\n- * See the License for the specific language governing permissions and\n- * limitations under the License.\n- */\n-\n-#ifndef __ROM_H\n-#define __ROM_H\n-\n-#include <stdint.h>\n-#include <stdbool.h>\n-#include <stdlib.h>\n-#include \"container.h\"\n-\n-struct container_verification_code {\n-\tconst char* name;\n-\tint (*verify)(void *container);\n-\tvoid (*sha512)(const uint8_t *data, size_t len, uint8_t *digest);\n-\tvoid (*cleanup)(void);\n-};\n-\n-/*\n- * Load a compatible driver to access the functions of the\n- * verification code flashed in the secure ROM\n- */\n-extern struct container_verification_code* rom_init(const struct dt_node *node);\n-\n-/*\n- * Set the rom driver that will be used\n- */\n-extern void rom_set_driver(struct container_verification_code *driver);\n-\n-#endif /* __ROM_H */\ndiff --git a/libstb/stb.c b/libstb/stb.c\nindex a238378..ee5771a 100644\n--- a/libstb/stb.c\n+++ b/libstb/stb.c\n@@ -20,19 +20,35 @@\n #include <string.h>\n #include <stdio.h>\n #include <nvram.h>\n+#include <chip.h>\n+#include <xscom.h>\n #include \"stb.h\"\n #include \"status_codes.h\"\n #include \"container.h\"\n-#include \"rom.h\"\n #include \"tpm_chip.h\"\n+#include \"cvc/c1vc.h\"\n+#include \"cvc/c1vc_mbedtls.h\"\n \n /* For debugging only */\n //#define STB_DEBUG\n \n-static bool secure_mode = false;\n-static bool trusted_mode = false;\n+struct container_verification_code {\n+\tconst char *name;\n+\tuint64_t verify_addr;\n+\tuint64_t sha512_addr;\n+\tvoid (*sha512)(void *func_addr, const uint8_t *data, size_t len,\n+\t\t uint8_t *digest);\n+\tint (*verify)(void *func_addr, const char *name, void *container,\n+\t\t const void *hw_key_hash, size_t hw_key_hash_size);\n+\tvoid (*cleanup)(void);\n+};\n \n static struct container_verification_code *c1vc = NULL;\n+static void *secure_rom_mem = NULL;\n+static const void* hw_key_hash = NULL;\n+static size_t hw_key_hash_size;\n+static bool secure_mode = false;\n+static bool trusted_mode = false;\n \n /*\n * This maps a PCR for each resource we can measure. The PCR number is\n@@ -88,9 +104,102 @@ static void sb_enforce(void)\n \tabort();\n }\n \n+static int c1vc_mbedtls_init(struct dt_node *node)\n+{\n+\tconst char* hash_algo;\n+\n+\thash_algo = dt_prop_get(node, \"hash-algo\");\n+\tif (strcmp(hash_algo, \"sha512\")) {\n+\t\t/**\n+\t\t * @fwts-label HashAlgoInvalidSoftrom\n+\t\t * @fwts-advice Hash algorithm invalid, secureboot containers\n+\t\t * version 1 requires sha512. If you're running the latest POWER\n+\t\t * firmware, so probably there is a bug in mambo tcl script that\n+\t\t * creates the hash-algo property.\n+\t\t */\n+\t\tprerror(\"STB: %s FAILED, hash-algo=%s not supported\\n\",\n+\t\t\t__func__, hash_algo);\n+\t\treturn -1;\n+\t}\n+\thw_key_hash_size = SHA512_DIGEST_LENGTH;\n+\thw_key_hash = dt_prop_get_def_size(node, \"hw-key-hash\", NULL,\n+\t\t\t\t\t &hw_key_hash_size);\n+\n+\tc1vc = malloc(sizeof(struct container_verification_code));\n+\tassert(c1vc);\n+\tc1vc->sha512_addr = 0;\n+\tc1vc->sha512 = c1vc_mbedtls_sha512;\n+\tc1vc->verify_addr = 0;\n+\tc1vc->verify = c1vc_mbedtls_verify;\n+\tc1vc->cleanup = c1vc_mbedtls_cleanup;\n+\tc1vc->name = \"c1vc_mbedtls\";\n+\n+\tprlog(PR_INFO, \"STB: 'ibm,secureboot-v1-softrom' initialized\\n\");\n+\treturn 0;\n+}\n+\n+#define SECURE_ROM_MEMORY_SIZE\t\t(16 * 1024)\n+#define SECURE_ROM_XSCOM_ADDRESS\t0x02020017\n+\n+#define SECURE_ROM_SHA512_OFFSET\t0x20\n+#define SECURE_ROM_VERIFY_OFFSET\t0x30\n+\n+static int c1vc_rom_init(struct dt_node *parent)\n+{\n+\tconst uint32_t reg_addr = SECURE_ROM_XSCOM_ADDRESS;\n+\tuint64_t reg_data;\n+\tstruct proc_chip *chip;\n+\tconst char* hash_algo;\n+\n+\thash_algo = dt_prop_get(parent, \"hash-algo\");\n+\tif (strcmp(hash_algo, \"sha512\")) {\n+\t\t/**\n+\t\t * @fwts-label HashAlgoInvalid\n+\t\t * @fwts-advice Hash algorithm invalid, secureboot containers\n+\t\t * version 1 requires sha512. If you're running the latest POWER\n+\t\t * firmware, so probably there is a bug in the device tree\n+\t\t * received from hostboot.\n+\t\t */\n+\t\tprerror(\"STB: %s FAILED, hash-algo=%s not supported\\n\", __func__,\n+\t\t\thash_algo);\n+\t\treturn -1;\n+\t}\n+\thw_key_hash_size = SHA512_DIGEST_LENGTH;\n+\thw_key_hash = dt_prop_get_def_size(parent, \"hw-key-hash\", NULL,\n+\t\t\t\t\t &hw_key_hash_size);\n+\n+\tc1vc = malloc(sizeof(struct container_verification_code));\n+\tassert(c1vc);\n+\tsecure_rom_mem = malloc(SECURE_ROM_MEMORY_SIZE);\n+\tassert(secure_rom_mem);\n+\t/*\n+\t * The logic that contains the ROM within the processor is implemented\n+\t * in a way that it only responds to CI (cache inhibited) operations.\n+\t * Due to performance issues we copy the verification code from the\n+\t * secure ROM to RAM. We use memcpy_from_ci() to do that.\n+\t */\n+\tchip = next_chip(NULL);\n+\txscom_read(chip->id, reg_addr, ®_data);\n+\tmemcpy_from_ci(secure_rom_mem, (void*) reg_data,\n+\t\t SECURE_ROM_MEMORY_SIZE);\n+\n+\tc1vc->sha512_addr = (uint64_t) secure_rom_mem + SECURE_ROM_SHA512_OFFSET;\n+\tc1vc->sha512 = c1vc_sha512;\n+\n+\tc1vc->verify_addr = (uint64_t) secure_rom_mem + SECURE_ROM_VERIFY_OFFSET;\n+\tc1vc->verify = c1vc_verify;\n+\n+\tc1vc->cleanup = c1vc_cleanup;\n+\tc1vc->name = \"c1vc\";\n+\n+\tprlog(PR_INFO, \"STB: 'ibm,secureboot-v1' initialized\\n\");\n+\treturn 0;\n+}\n+\n void stb_init(void)\n {\n \tstruct dt_node *node;\n+\tint rc = -1;\n \n \tnode = dt_find_by_path(dt_root, \"/ibm,secureboot\");\n \tif (!node) {\n@@ -118,13 +227,36 @@ void stb_init(void)\n \n \tif (!secure_mode && !trusted_mode)\n \t\treturn;\n-\tc1vc = rom_init(node);\n-\tif (secure_mode && !c1vc) {\n-\t\tprlog(PR_EMERG, \"STB: compatible romcode driver not found\\n\");\n-\t\tsb_enforce();\n+\n+\tif (dt_node_is_compatible(node, \"ibm,secureboot-v1\")) {\n+\t\trc = c1vc_rom_init(node);\n+\t} else if (dt_node_is_compatible(node, \"ibm,secureboot-v1-softrom\")) {\n+\t\trc = c1vc_mbedtls_init(node);\n+\t} else {\n+\t\t/**\n+\t\t * @fwts-label SecureBootNotCompatible\n+\t\t * @fwts-advice Compatible secureboot driver not found. If you\n+\t\t * are running the latest skiboot version, probably there is a\n+\t\t * problem when the /ibm,secureboot/compatible property is\n+\t\t * created.\n+\t\t */\n+\t\tprerror(\"STB: secureboot init FAILED, '%s' node not compatible (BUG).\\n\",\n+\t\t\tnode->name);\n+\t\tgoto enforce;\n \t}\n+\n+\t/* cvc init failed? */\n+\tif (rc)\n+\t\tgoto enforce;\n+\n \tif (trusted_mode)\n \t\ttpm_init();\n+\treturn;\n+\n+enforce:\n+\tif (secure_mode)\n+\t\tsb_enforce();\n+\treturn;\n }\n \n int stb_final(void)\n@@ -228,8 +360,9 @@ int tb_measure(enum resource_id id, void *buf, size_t len)\n \t\t\tabort();\n \t\t}\n \n-\t\tc1vc->sha512((void*) buf + SECURE_BOOT_HEADERS_SIZE,\n-\t\t\t\t len - SECURE_BOOT_HEADERS_SIZE, digest);\n+\t\tc1vc->sha512((void*) c1vc->sha512_addr,\n+\t\t\t buf + SECURE_BOOT_HEADERS_SIZE,\n+\t\t\t len - SECURE_BOOT_HEADERS_SIZE, digest);\n \n \t\tprlog(PR_INFO, \"STB: %s sha512 hash re-calculated\\n\", name);\n \t\tif (memcmp(digestp, digest, TPM_ALG_SHA256_SIZE) != 0) {\n@@ -243,7 +376,7 @@ int tb_measure(enum resource_id id, void *buf, size_t len)\n \t\t\t\tabort();\n \t\t}\n \t} else {\n-\t\tc1vc->sha512(buf, len, digest);\n+\t\tc1vc->sha512((void*) c1vc->sha512_addr, buf, len, digest);\n \t\tprlog(PR_INFO, \"STB: %s sha512 hash calculated\\n\", name);\n \t}\n \n@@ -288,7 +421,8 @@ int sb_verify(enum resource_id id, void *buf, size_t len)\n \t\t __func__, id, buf, len);\n \t\tsb_enforce();\n \t}\n-\tif (c1vc->verify(buf)) {\n+\tif (c1vc->verify((void*) c1vc->verify_addr, name, buf,\n+\t\t\t hw_key_hash, hw_key_hash_size)) {\n \t\tprlog(PR_EMERG, \"STB: %s failed: resource %s, \"\n \t\t \"eyecatcher 0x%016llx\\n\", __func__, name,\n \t\t *((uint64_t*)buf));\n", "prefixes": [ "v2", "10/14" ] }