Patch Detail

HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 808108,
    "url": "http://patchwork.ozlabs.org/api/patches/808108/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/skiboot/patch/1504165372-15971-4-git-send-email-cclaudio@linux.vnet.ibm.com/",
    "project": {
        "id": 44,
        "url": "http://patchwork.ozlabs.org/api/projects/44/?format=api",
        "name": "skiboot firmware development",
        "link_name": "skiboot",
        "list_id": "skiboot.lists.ozlabs.org",
        "list_email": "skiboot@lists.ozlabs.org",
        "web_url": "http://github.com/open-power/skiboot",
        "scm_url": "http://github.com/open-power/skiboot",
        "webscm_url": "",
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<1504165372-15971-4-git-send-email-cclaudio@linux.vnet.ibm.com>",
    "list_archive_url": null,
    "date": "2017-08-31T07:42:50",
    "name": "[3/5] hdata/spira: add ibm,secureboot node",
    "commit_ref": null,
    "pull_url": null,
    "state": "superseded",
    "archived": false,
    "hash": "a03b5e0ee29e8500a39ea2bdfaeba8196bf1d13b",
    "submitter": {
        "id": 69305,
        "url": "http://patchwork.ozlabs.org/api/people/69305/?format=api",
        "name": "Claudio Carvalho",
        "email": "cclaudio@linux.vnet.ibm.com"
    },
    "delegate": null,
    "mbox": "http://patchwork.ozlabs.org/project/skiboot/patch/1504165372-15971-4-git-send-email-cclaudio@linux.vnet.ibm.com/mbox/",
    "series": [
        {
            "id": 762,
            "url": "http://patchwork.ozlabs.org/api/series/762/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/skiboot/list/?series=762",
            "date": "2017-08-31T07:42:47",
            "name": "hdata: add and parse the tpmrel structure",
            "version": 1,
            "mbox": "http://patchwork.ozlabs.org/series/762/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/808108/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/808108/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>",
        "X-Original-To": [
            "incoming@patchwork.ozlabs.org",
            "skiboot@lists.ozlabs.org"
        ],
        "Delivered-To": [
            "patchwork-incoming@bilbo.ozlabs.org",
            "skiboot@lists.ozlabs.org"
        ],
        "Received": [
            "from lists.ozlabs.org (lists.ozlabs.org [103.22.144.68])\n\t(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xjZBD2c0Mz9sRW\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu, 31 Aug 2017 17:43:48 +1000 (AEST)",
            "from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3])\n\tby lists.ozlabs.org (Postfix) with ESMTP id 3xjZBD1qNJzDqgk\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu, 31 Aug 2017 17:43:48 +1000 (AEST)",
            "from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com\n\t[148.163.158.5])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256\n\tbits)) (No client certificate requested)\n\tby lists.ozlabs.org (Postfix) with ESMTPS id 3xjZ9X22fpzDqTm\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 17:43:12 +1000 (AEST)",
            "from pps.filterd (m0098416.ppops.net [127.0.0.1])\n\tby mx0b-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id\n\tv7V7cg4J022736\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:43:09 -0400",
            "from e31.co.us.ibm.com (e31.co.us.ibm.com [32.97.110.149])\n\tby mx0b-001b2d01.pphosted.com with ESMTP id 2cpca8f9mh-1\n\t(version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT)\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:43:09 -0400",
            "from localhost\n\tby e31.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use\n\tOnly! Violators will be prosecuted\n\tfor <skiboot@lists.ozlabs.org> from <cclaudio@linux.vnet.ibm.com>;\n\tThu, 31 Aug 2017 01:43:08 -0600",
            "from b03cxnp08028.gho.boulder.ibm.com (9.17.130.20)\n\tby e31.co.us.ibm.com (192.168.1.131) with IBM ESMTP SMTP Gateway:\n\tAuthorized Use Only! Violators will be prosecuted; \n\tThu, 31 Aug 2017 01:43:06 -0600",
            "from b03ledav005.gho.boulder.ibm.com\n\t(b03ledav005.gho.boulder.ibm.com [9.17.130.236])\n\tby b03cxnp08028.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with\n\tESMTP id v7V7h5Nw32112810\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 00:43:05 -0700",
            "from b03ledav005.gho.boulder.ibm.com (unknown [127.0.0.1])\n\tby IMSVA (Postfix) with ESMTP id C837FBE03A\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 01:43:05 -0600 (MDT)",
            "from legolas.ibm.com (unknown [9.85.193.48])\n\tby b03ledav005.gho.boulder.ibm.com (Postfix) with ESMTP id 3CD5BBE038\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 01:43:05 -0600 (MDT)"
        ],
        "From": "Claudio Carvalho <cclaudio@linux.vnet.ibm.com>",
        "To": "skiboot@lists.ozlabs.org",
        "Date": "Thu, 31 Aug 2017 04:42:50 -0300",
        "X-Mailer": "git-send-email 2.7.4",
        "In-Reply-To": "<1504165372-15971-1-git-send-email-cclaudio@linux.vnet.ibm.com>",
        "References": "<1504165372-15971-1-git-send-email-cclaudio@linux.vnet.ibm.com>",
        "X-TM-AS-GCONF": "00",
        "x-cbid": "17083107-8235-0000-0000-00000C331D94",
        "X-IBM-SpamModules-Scores": "",
        "X-IBM-SpamModules-Versions": "BY=3.00007640; HX=3.00000241; KW=3.00000007;\n\tPH=3.00000004; SC=3.00000226; SDB=6.00910104; UDB=6.00456514;\n\tIPR=6.00690384; \n\tBA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009;\n\tZB=6.00000000; \n\tZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938;\n\tXFM=3.00000015; UTC=2017-08-31 07:43:07",
        "X-IBM-AV-DETECTION": "SAVI=unused REMOTE=unused XFE=unused",
        "x-cbparentid": "17083107-8236-0000-0000-00003D746434",
        "Message-Id": "<1504165372-15971-4-git-send-email-cclaudio@linux.vnet.ibm.com>",
        "X-Proofpoint-Virus-Version": "vendor=fsecure engine=2.50.10432:, ,\n\tdefinitions=2017-08-31_02:, , signatures=0",
        "X-Proofpoint-Spam-Details": "rule=outbound_notspam policy=outbound score=0\n\tspamscore=0 suspectscore=1\n\tmalwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam\n\tadjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000\n\tdefinitions=main-1708310118",
        "Subject": "[Skiboot] [PATCH 3/5] hdata/spira: add ibm,secureboot node",
        "X-BeenThere": "skiboot@lists.ozlabs.org",
        "X-Mailman-Version": "2.1.23",
        "Precedence": "list",
        "List-Id": "Mailing list for skiboot development <skiboot.lists.ozlabs.org>",
        "List-Unsubscribe": "<https://lists.ozlabs.org/options/skiboot>,\n\t<mailto:skiboot-request@lists.ozlabs.org?subject=unsubscribe>",
        "List-Archive": "<http://lists.ozlabs.org/pipermail/skiboot/>",
        "List-Post": "<mailto:skiboot@lists.ozlabs.org>",
        "List-Help": "<mailto:skiboot-request@lists.ozlabs.org?subject=help>",
        "List-Subscribe": "<https://lists.ozlabs.org/listinfo/skiboot>,\n\t<mailto:skiboot-request@lists.ozlabs.org?subject=subscribe>",
        "MIME-Version": "1.0",
        "Content-Type": "text/plain; charset=\"utf-8\"",
        "Content-Transfer-Encoding": "base64",
        "Errors-To": "skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org",
        "Sender": "\"Skiboot\"\n\t<skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>"
    },
    "content": "This adds the ibm,secureboot node in P9 systems.\n\nThe information provided by the ibm,secureboot node is stored in the\niplparams_sysparams structure, however it is populated only when\nhdif->version >= 0x60.\n\nSigned-off-by: Claudio Carvalho <cclaudio@linux.vnet.ibm.com>\n---\n hdata/spira.c | 32 ++++++++++++++++++++++++++++++++\n hdata/spira.h | 15 +++++++++------\n 2 files changed, 41 insertions(+), 6 deletions(-)",
    "diff": "diff --git a/hdata/spira.c b/hdata/spira.c\nindex 220ae9e..92da94b 100644\n--- a/hdata/spira.c\n+++ b/hdata/spira.c\n@@ -24,6 +24,7 @@\n #include <fsp-mdst-table.h>\n #include <fsp-attn.h>\n #include <fsp-leds.h>\n+#include <libstb/container.h>\n \n #include \"hdata.h\"\n #include \"hostservices.h\"\n@@ -849,6 +850,34 @@ static void add_nmmu(void)\n \t}\n }\n \n+static void dt_init_secureboot_node(const struct iplparams_sysparams *sysparams)\n+{\n+\tstruct dt_node *node;\n+\tu16 sys_sec_setting;\n+\tu16 hw_key_hash_size;\n+\n+\tnode = dt_new(dt_root, \"ibm,secureboot\");\n+\tassert(node);\n+\n+\tdt_add_property_string(node, \"compatible\", \"ibm,secureboot-v2\");\n+\n+\tsys_sec_setting = be16_to_cpu(sysparams->sys_sec_setting);\n+\tif (sys_sec_setting & SEC_CONTAINER_SIG_CHECKING)\n+\t\tdt_add_property(node, \"secure-enabled\", NULL, 0);\n+\tif (sys_sec_setting & SEC_HASHES_EXTENDED_TO_TPM)\n+\t\tdt_add_property(node, \"trusted-enabled\", NULL, 0);\n+\n+\thw_key_hash_size = be16_to_cpu(sysparams->hw_key_hash_size);\n+\tdt_add_property_cells(node, \"hw-key-hash-size\", hw_key_hash_size);\n+\tif (hw_key_hash_size)\n+\t\tdt_add_property(node, \"hw-key-hash\", sysparams->hw_key_hash,\n+\t\t\t\thw_key_hash_size);\n+\n+\tif (be16_to_cpu(sysparams->sys_attributes) & SYS_ATTR_MULTIPLE_TPM)\n+\t\tprlog(PR_WARNING, \"Multiple TPM set, but not supported\\n\");\n+}\n+\n+\n static void add_iplparams_sys_params(const void *iplp, struct dt_node *node)\n {\n \tconst struct iplparams_sysparams *p;\n@@ -935,6 +964,9 @@ static void add_iplparams_sys_params(const void *iplp, struct dt_node *node)\n \tsys_attributes = be32_to_cpu(p->sys_attributes);\n \tif (sys_attributes & SYS_ATTR_RISK_LEVEL)\n \t\tdt_add_property(node, \"elevated-risk-level\", NULL, 0);\n+\n+\tif (version >= 0x60)\n+\t\tdt_init_secureboot_node(p);\n }\n \n static void add_iplparams_ipl_params(const void *iplp, struct dt_node *node)\ndiff --git a/hdata/spira.h b/hdata/spira.h\nindex 78ff33d..0056887 100644\n--- a/hdata/spira.h\n+++ b/hdata/spira.h\n@@ -355,6 +355,7 @@ struct iplparams_sysparams {\n \t__be32\t\tabc_bus_speed;\n \t__be32\t\twxyz_bus_speed;\n \t__be32\t\tsys_eco_mode;\n+#define SYS_ATTR_MULTIPLE_TPM PPC_BIT32(0)\n #define SYS_ATTR_RISK_LEVEL PPC_BIT32(3)\n \t__be32\t\tsys_attributes;\n \t__be32\t\tmem_scrubbing;\n@@ -369,12 +370,14 @@ struct iplparams_sysparams {\n \tuint8_t\t\tsplit_core_mode;\t/* >= 0x5c */\n \tuint8_t\t\treserved[3];\n \tuint8_t\t\tsys_vendor[64];\t\t/* >= 0x5f */\n-\t/* >= 0x60 */\n-\t__be16\t\tsys_sec_setting;\n-\t__be16\t\ttpm_config_bit;\n-\t__be16\t\ttpm_drawer;\n-\t__be16\t\treserved2;\n-\tuint8_t\t\thw_key_hash[64];\n+#define SEC_CONTAINER_SIG_CHECKING PPC_BIT16(0)\n+#define SEC_HASHES_EXTENDED_TO_TPM PPC_BIT16(1)\n+\t__be16\t\tsys_sec_setting;\t/* >= 0x60 */\n+#define TPM_CONFIG_TPM_REQUIRED PPC_BIT16(0)\n+\t__be16\t\ttpm_config_bit;\t\t/* >= 0x60 */\n+\t__be16\t\ttpm_drawer;\t\t/* >= 0x60 */\n+\t__be16\t\thw_key_hash_size;\t/* >= 0x60 */\n+\tuint8_t\t\thw_key_hash[64];\t/* >= 0x60 */\n \tuint8_t\t\tsys_family_str[64];\t/* vendor,name */\n \tuint8_t\t\tsys_type_str[64];\t/* vendor,type */\n } __packed;\n",
    "prefixes": [
        "3/5"
    ]
}