Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/808102/?format=api
{ "id": 808102, "url": "http://patchwork.ozlabs.org/api/patches/808102/?format=api", "web_url": "http://patchwork.ozlabs.org/project/skiboot/patch/1504164285-15095-15-git-send-email-cclaudio@linux.vnet.ibm.com/", "project": { "id": 44, "url": "http://patchwork.ozlabs.org/api/projects/44/?format=api", "name": "skiboot firmware development", "link_name": "skiboot", "list_id": "skiboot.lists.ozlabs.org", "list_email": "skiboot@lists.ozlabs.org", "web_url": "http://github.com/open-power/skiboot", "scm_url": "http://github.com/open-power/skiboot", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<1504164285-15095-15-git-send-email-cclaudio@linux.vnet.ibm.com>", "list_archive_url": null, "date": "2017-08-31T07:24:45", "name": "[v2,14/14] libstb/stb.c: fix log messages", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": false, "hash": "5e0e96294d3d9d4363de538e36561c32ec71a1b7", "submitter": { "id": 69305, "url": "http://patchwork.ozlabs.org/api/people/69305/?format=api", "name": "Claudio Carvalho", "email": "cclaudio@linux.vnet.ibm.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/skiboot/patch/1504164285-15095-15-git-send-email-cclaudio@linux.vnet.ibm.com/mbox/", "series": [ { "id": 760, "url": "http://patchwork.ozlabs.org/api/series/760/?format=api", "web_url": "http://patchwork.ozlabs.org/project/skiboot/list/?series=760", "date": "2017-08-31T07:24:31", "name": "libstb: simplify the initialization of cvc drivers", "version": 2, "mbox": "http://patchwork.ozlabs.org/series/760/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/808102/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/808102/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "skiboot@lists.ozlabs.org" ], "Delivered-To": [ "patchwork-incoming@bilbo.ozlabs.org", "skiboot@lists.ozlabs.org" ], "Received": [ "from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3])\n\t(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xjYrF4rsRz9sNc\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu, 31 Aug 2017 17:28:13 +1000 (AEST)", "from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3])\n\tby lists.ozlabs.org (Postfix) with ESMTP id 3xjYrF3xzZzDr2S\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu, 31 Aug 2017 17:28:13 +1000 (AEST)", "from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com\n\t[148.163.156.1])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256\n\tbits)) (No client certificate requested)\n\tby lists.ozlabs.org (Postfix) with ESMTPS id 3xjYn25QtNzDqTt\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 17:25:26 +1000 (AEST)", "from pps.filterd (m0098409.ppops.net [127.0.0.1])\n\tby mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id\n\tv7V7O5Is048741\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:25:24 -0400", "from e12.ny.us.ibm.com (e12.ny.us.ibm.com [129.33.205.202])\n\tby mx0a-001b2d01.pphosted.com with ESMTP id 2cp9ds1d79-1\n\t(version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT)\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:25:24 -0400", "from localhost\n\tby e12.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use\n\tOnly! Violators will be prosecuted\n\tfor <skiboot@lists.ozlabs.org> from <cclaudio@linux.vnet.ibm.com>;\n\tThu, 31 Aug 2017 03:25:23 -0400", "from b01cxnp22035.gho.pok.ibm.com (9.57.198.25)\n\tby e12.ny.us.ibm.com (146.89.104.199) with IBM ESMTP SMTP Gateway:\n\tAuthorized Use Only! Violators will be prosecuted; \n\tThu, 31 Aug 2017 03:25:21 -0400", "from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com\n\t[9.57.199.109])\n\tby b01cxnp22035.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP\n\tid v7V7PKor33030212\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 07:25:20 GMT", "from localhost (unknown [127.0.0.1])\n\tby IMSVA (Postfix) with SMTP id 5E127112034\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:25:06 -0400 (EDT)", "from legolas.ibm.com (unknown [9.85.193.48])\n\tby b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id D840B11204B;\n\tThu, 31 Aug 2017 03:25:04 -0400 (EDT)" ], "X-IMSS-HAND-OFF-DIRECTIVE": "127.0.0.1:10026", "From": "Claudio Carvalho <cclaudio@linux.vnet.ibm.com>", "To": "skiboot@lists.ozlabs.org", "Date": "Thu, 31 Aug 2017 04:24:45 -0300", "X-Mailer": "git-send-email 2.7.4", "In-Reply-To": "<1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com>", "References": "<1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com>", "X-TM-AS-GCONF": "00", "x-cbid": "17083107-0048-0000-0000-000001DC4D52", "X-IBM-SpamModules-Scores": "", "X-IBM-SpamModules-Versions": "BY=3.00007640; HX=3.00000241; KW=3.00000007;\n\tPH=3.00000004; SC=3.00000226; SDB=6.00910097; UDB=6.00456510;\n\tIPR=6.00690378; \n\tBA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009;\n\tZB=6.00000000; \n\tZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938;\n\tXFM=3.00000015; UTC=2017-08-31 07:25:22", "X-IBM-AV-DETECTION": "SAVI=unused REMOTE=unused XFE=unused", "x-cbparentid": "17083107-0049-0000-0000-00004267EF84", "Message-Id": "<1504164285-15095-15-git-send-email-cclaudio@linux.vnet.ibm.com>", "X-Proofpoint-Virus-Version": "vendor=fsecure engine=2.50.10432:, ,\n\tdefinitions=2017-08-31_02:, , signatures=0", "X-Proofpoint-Spam-Details": "rule=outbound_notspam policy=outbound score=0\n\tspamscore=0 suspectscore=1\n\tmalwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam\n\tadjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000\n\tdefinitions=main-1708310114", "Subject": "[Skiboot] [PATCH v2 14/14] libstb/stb.c: fix log messages", "X-BeenThere": "skiboot@lists.ozlabs.org", "X-Mailman-Version": "2.1.23", "Precedence": "list", "List-Id": "Mailing list for skiboot development <skiboot.lists.ozlabs.org>", "List-Unsubscribe": "<https://lists.ozlabs.org/options/skiboot>,\n\t<mailto:skiboot-request@lists.ozlabs.org?subject=unsubscribe>", "List-Archive": "<http://lists.ozlabs.org/pipermail/skiboot/>", "List-Post": "<mailto:skiboot@lists.ozlabs.org>", "List-Help": "<mailto:skiboot-request@lists.ozlabs.org?subject=help>", "List-Subscribe": "<https://lists.ozlabs.org/listinfo/skiboot>,\n\t<mailto:skiboot-request@lists.ozlabs.org?subject=subscribe>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=\"utf-8\"", "Content-Transfer-Encoding": "base64", "Errors-To": "skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org", "Sender": "\"Skiboot\"\n\t<skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>" }, "content": "This just makes sure that the stb log messages are following the same\nlogic.\n\nSigned-off-by: Claudio Carvalho <cclaudio@linux.vnet.ibm.com>\n---\n libstb/stb.c | 78 ++++++++++++++++++++++++++----------------------------------\n 1 file changed, 34 insertions(+), 44 deletions(-)", "diff": "diff --git a/libstb/stb.c b/libstb/stb.c\nindex cf40b2c..da0c534 100644\n--- a/libstb/stb.c\n+++ b/libstb/stb.c\n@@ -311,16 +311,13 @@ int stb_final(void)\n int tb_measure(enum resource_id id, void *buf, size_t len)\n {\n \tuint8_t digest[SHA512_DIGEST_LENGTH];\n-\tconst uint8_t *digestp;\n+\tconst uint8_t *payload_hash = NULL;\n \tconst char *name;\n \tTPM_Pcr pcr;\n \n-\tdigestp = NULL;\n-\tif (!trusted_mode) {\n-\t\tprlog(PR_INFO, \"STB: %s skipped resource %d, \"\n-\t\t \"trusted_mode=0\\n\", __func__, id);\n-\t\treturn STB_TRUSTED_MODE_DISABLED;\n-\t}\n+\tif (!trusted_mode)\n+\t\treturn 1;\n+\n \tname = flash_map_resource_name(id);\n \tif (!name) {\n \t\t/**\n@@ -343,56 +340,49 @@ int tb_measure(enum resource_id id, void *buf, size_t len)\n \t}\n \tif (!buf) {\n \t\t/**\n-\t\t * @fwts-label STBNullResourceReceived\n-\t\t * @fwts-advice Null resource passed to tb_measure. This has\n-\t\t * come from the resource load framework and likely indicates a\n-\t\t * bug in the framework.\n+\t\t * @fwts-label ResourceNotMeasuredNull\n+\t\t * @fwts-advice This is a bug. The tb_measure() caller provided\n+\t\t * a NULL container.\n \t\t */\n-\t\tprlog(PR_ERR, \"STB: %s failed: resource %s, buf null\\n\",\n-\t\t __func__, name);\n-\t\treturn STB_ARG_ERROR;\n+\t\tprlog(PR_ERR, \"STB: %s NOT MEASURED, it's null\\n\", name);\n+\t\treturn -1;\n \t}\n \tmemset(digest, 0, SHA512_DIGEST_LENGTH);\n-\t/*\n-\t * In secure mode we can use the sw-payload-hash from the container\n-\t * header to measure the container payload. Otherwise we must calculate\n-\t * the hash of the container payload (if it's a container) or the image\n-\t * (if it's not a container)\n-\t */\n+\n \tif (stb_is_container(buf, len)) {\n-\t\tdigestp = stb_sw_payload_hash(buf, len);\n-\t\tif(!digestp) {\n-\t\t\tprlog(PR_EMERG, \"STB Container is corrupt, can't find hash\\n\");\n+\t\tpayload_hash = stb_sw_payload_hash(buf, len);\n+\t\tif(!payload_hash) {\n+\t\t\tprlog(PR_EMERG, \"STB: %s container NOT MEASURED, \"\n+\t\t\t \"sw-payload-hash not found\\n\", name);\n \t\t\treturn -1;\n \t\t}\n \n \t\tc1vc->sha512((void*) c1vc->sha512_addr,\n \t\t\t buf + SECURE_BOOT_HEADERS_SIZE,\n \t\t\t len - SECURE_BOOT_HEADERS_SIZE, digest);\n-\n-\t\tprlog(PR_INFO, \"STB: %s sha512 hash re-calculated\\n\", name);\n-\t\tif (memcmp(digestp, digest, TPM_ALG_SHA256_SIZE) != 0) {\n-\t\t\tprlog(PR_ALERT, \"STB: HASH IN CONTAINER DOESN'T MATCH CONTENT!\\n\");\n-\t\t\tprlog(PR_ALERT, \"STB: Container hash:\\n\");\n-\t\t\tstb_print_data(digestp, TPM_ALG_SHA256_SIZE);\n-\t\t\tprlog(PR_ALERT, \"STB: Computed hash (on %lx bytes):\\n\", len);\n+\t\tprlog(PR_INFO, \"STB: %s sw-payload-hash calculated\\n\", name);\n+\n+\t\tif (memcmp(payload_hash, digest, TPM_ALG_SHA256_SIZE) != 0) {\n+\t\t\tprlog(PR_ALERT, \"STB: %s NOT MEASURED, \"\n+\t\t\t \"sw-payload-hash doesn't match content\\n\", name);\n+\t\t\tprlog(PR_ALERT, \"STB: %s sw-payload-hash:\\n\", name);\n+\t\t\tstb_print_data(payload_hash, TPM_ALG_SHA256_SIZE);\n+\t\t\tprlog(PR_ALERT, \"STB: %s computed hash (on %lx bytes):\\n\",\n+\t\t\t name, len);\n \t\t\tstb_print_data(digest, TPM_ALG_SHA256_SIZE);\n \t\t\treturn -1;\n \t\t}\n \t} else {\n \t\tc1vc->sha512((void*) c1vc->sha512_addr, buf, len, digest);\n-\t\tprlog(PR_INFO, \"STB: %s sha512 hash calculated\\n\", name);\n+\t\tprlog(PR_INFO, \"STB: %s hash calculated\\n\", name);\n \t}\n \n #ifdef STB_DEBUG\n-\t/* print the payload/image hash */\n-\tprlog(PR_NOTICE, \"STB: %s hash:\\n\", resource_map[r].name);\n \tstb_print_data(digest, TPM_ALG_SHA256_SIZE);\n #endif\n \t/*\n-\t * Measure the resource. Since the ROM code doesn't provide a sha1 hash\n-\t * algorithm, the sha512 hash is truncated to match the size required\n-\t * by each PCR bank.\n+\t * Measure the resource to the same PCR number in both sha256 and sha1\n+\t * PCR banks. The sha512 hash provided is truncated accordingly.\n \t */\n \treturn tpm_extendl(pcr,\n \t\t\t TPM_ALG_SHA256, digest, TPM_ALG_SHA256_SIZE,\n@@ -405,11 +395,8 @@ int sb_verify(enum resource_id id, void *buf, size_t len)\n \tconst char *name;\n \tint rc = -1;\n \n-\tif (!secure_mode) {\n-\t\tprlog(PR_INFO, \"STB: %s skipped resource %d, \"\n-\t\t \"secure_mode=0\\n\", __func__, id);\n-\t\treturn STB_SECURE_MODE_DISABLED;\n-\t}\n+\tif (!secure_mode)\n+\t\treturn 1;\n \n \tname = flash_map_resource_name(id);\n \tif (!name) {\n@@ -417,9 +404,12 @@ int sb_verify(enum resource_id id, void *buf, size_t len)\n \t\t \"resource_id=%d unknown\\n\", id);\n \t\tsb_enforce();\n \t}\n-\tif (!buf || len < SECURE_BOOT_HEADERS_SIZE) {\n-\t\tprlog(PR_EMERG, \"STB: %s arg error: id %d, buf %p, len %zd\\n\",\n-\t\t __func__, id, buf, len);\n+\tif (!buf) {\n+\t\tprlog(PR_EMERG, \"STB: %s NOT VERIFIED, it's null\\n\", name);\n+\t\tsb_enforce();\n+\t}\n+\tif (len < SECURE_BOOT_HEADERS_SIZE) {\n+\t\tprlog(PR_EMERG, \"STB: %s NOT VERIFIED, it's too small\\n\", name);\n \t\tsb_enforce();\n \t}\n \tif (!stb_is_container(buf, len)) {\n", "prefixes": [ "v2", "14/14" ] }