GET

Patch Detail

get:
Show a patch.

patch:
Update a patch.

put:
Update a patch.

GET /api/patches/808109/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 808109,
    "url": "http://patchwork.ozlabs.org/api/patches/808109/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/skiboot/patch/1504165372-15971-5-git-send-email-cclaudio@linux.vnet.ibm.com/",
    "project": {
        "id": 44,
        "url": "http://patchwork.ozlabs.org/api/projects/44/?format=api",
        "name": "skiboot firmware development",
        "link_name": "skiboot",
        "list_id": "skiboot.lists.ozlabs.org",
        "list_email": "skiboot@lists.ozlabs.org",
        "web_url": "http://github.com/open-power/skiboot",
        "scm_url": "http://github.com/open-power/skiboot",
        "webscm_url": "",
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<1504165372-15971-5-git-send-email-cclaudio@linux.vnet.ibm.com>",
    "list_archive_url": null,
    "date": "2017-08-31T07:42:51",
    "name": "[4/5] hdata/tpmrel.c: add the ibm, container-verification-code node",
    "commit_ref": null,
    "pull_url": null,
    "state": "superseded",
    "archived": false,
    "hash": "562c15e681859d45eaaea62805e297dfa2255b6f",
    "submitter": {
        "id": 69305,
        "url": "http://patchwork.ozlabs.org/api/people/69305/?format=api",
        "name": "Claudio Carvalho",
        "email": "cclaudio@linux.vnet.ibm.com"
    },
    "delegate": null,
    "mbox": "http://patchwork.ozlabs.org/project/skiboot/patch/1504165372-15971-5-git-send-email-cclaudio@linux.vnet.ibm.com/mbox/",
    "series": [
        {
            "id": 762,
            "url": "http://patchwork.ozlabs.org/api/series/762/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/skiboot/list/?series=762",
            "date": "2017-08-31T07:42:47",
            "name": "hdata: add and parse the tpmrel structure",
            "version": 1,
            "mbox": "http://patchwork.ozlabs.org/series/762/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/808109/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/808109/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>",
        "X-Original-To": [
            "incoming@patchwork.ozlabs.org",
            "skiboot@lists.ozlabs.org"
        ],
        "Delivered-To": [
            "patchwork-incoming@bilbo.ozlabs.org",
            "skiboot@lists.ozlabs.org"
        ],
        "Received": [
            "from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3])\n\t(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xjZBN3qr0z9sRW\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu, 31 Aug 2017 17:43:56 +1000 (AEST)",
            "from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3])\n\tby lists.ozlabs.org (Postfix) with ESMTP id 3xjZBN30NRzDqh5\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu, 31 Aug 2017 17:43:56 +1000 (AEST)",
            "from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com\n\t[148.163.156.1])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256\n\tbits)) (No client certificate requested)\n\tby lists.ozlabs.org (Postfix) with ESMTPS id 3xjZ9b1QFPzDqXc\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 17:43:15 +1000 (AEST)",
            "from pps.filterd (m0098394.ppops.net [127.0.0.1])\n\tby mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id\n\tv7V7gHIM084488\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:43:12 -0400",
            "from e33.co.us.ibm.com (e33.co.us.ibm.com [32.97.110.151])\n\tby mx0a-001b2d01.pphosted.com with ESMTP id 2cpea5g1gj-1\n\t(version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT)\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 03:43:11 -0400",
            "from localhost\n\tby e33.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use\n\tOnly! Violators will be prosecuted\n\tfor <skiboot@lists.ozlabs.org> from <cclaudio@linux.vnet.ibm.com>;\n\tThu, 31 Aug 2017 01:43:10 -0600",
            "from b03cxnp07029.gho.boulder.ibm.com (9.17.130.16)\n\tby e33.co.us.ibm.com (192.168.1.133) with IBM ESMTP SMTP Gateway:\n\tAuthorized Use Only! Violators will be prosecuted; \n\tThu, 31 Aug 2017 01:43:08 -0600",
            "from b03ledav005.gho.boulder.ibm.com\n\t(b03ledav005.gho.boulder.ibm.com [9.17.130.236])\n\tby b03cxnp07029.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with\n\tESMTP id v7V7h7VB7733614\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 00:43:07 -0700",
            "from b03ledav005.gho.boulder.ibm.com (unknown [127.0.0.1])\n\tby IMSVA (Postfix) with ESMTP id D0D2ABE03E\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 01:43:07 -0600 (MDT)",
            "from legolas.ibm.com (unknown [9.85.193.48])\n\tby b03ledav005.gho.boulder.ibm.com (Postfix) with ESMTP id 3A191BE03A\n\tfor <skiboot@lists.ozlabs.org>; Thu, 31 Aug 2017 01:43:07 -0600 (MDT)"
        ],
        "From": "Claudio Carvalho <cclaudio@linux.vnet.ibm.com>",
        "To": "skiboot@lists.ozlabs.org",
        "Date": "Thu, 31 Aug 2017 04:42:51 -0300",
        "X-Mailer": "git-send-email 2.7.4",
        "In-Reply-To": "<1504165372-15971-1-git-send-email-cclaudio@linux.vnet.ibm.com>",
        "References": "<1504165372-15971-1-git-send-email-cclaudio@linux.vnet.ibm.com>",
        "X-TM-AS-GCONF": "00",
        "x-cbid": "17083107-0008-0000-0000-000008806CC6",
        "X-IBM-SpamModules-Scores": "",
        "X-IBM-SpamModules-Versions": "BY=3.00007640; HX=3.00000241; KW=3.00000007;\n\tPH=3.00000004; SC=3.00000226; SDB=6.00910104; UDB=6.00456514;\n\tIPR=6.00690384; \n\tBA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009;\n\tZB=6.00000000; \n\tZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938;\n\tXFM=3.00000015; UTC=2017-08-31 07:43:09",
        "X-IBM-AV-DETECTION": "SAVI=unused REMOTE=unused XFE=unused",
        "x-cbparentid": "17083107-0009-0000-0000-000043C889B4",
        "Message-Id": "<1504165372-15971-5-git-send-email-cclaudio@linux.vnet.ibm.com>",
        "X-Proofpoint-Virus-Version": "vendor=fsecure engine=2.50.10432:, ,\n\tdefinitions=2017-08-31_02:, , signatures=0",
        "X-Proofpoint-Spam-Details": "rule=outbound_notspam policy=outbound score=0\n\tspamscore=0 suspectscore=3\n\tmalwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam\n\tadjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000\n\tdefinitions=main-1708310118",
        "Subject": "[Skiboot] [PATCH 4/5] hdata/tpmrel.c: add the ibm,\n\tcontainer-verification-code node",
        "X-BeenThere": "skiboot@lists.ozlabs.org",
        "X-Mailman-Version": "2.1.23",
        "Precedence": "list",
        "List-Id": "Mailing list for skiboot development <skiboot.lists.ozlabs.org>",
        "List-Unsubscribe": "<https://lists.ozlabs.org/options/skiboot>,\n\t<mailto:skiboot-request@lists.ozlabs.org?subject=unsubscribe>",
        "List-Archive": "<http://lists.ozlabs.org/pipermail/skiboot/>",
        "List-Post": "<mailto:skiboot@lists.ozlabs.org>",
        "List-Help": "<mailto:skiboot-request@lists.ozlabs.org?subject=help>",
        "List-Subscribe": "<https://lists.ozlabs.org/listinfo/skiboot>,\n\t<mailto:skiboot-request@lists.ozlabs.org?subject=subscribe>",
        "MIME-Version": "1.0",
        "Content-Type": "text/plain; charset=\"utf-8\"",
        "Content-Transfer-Encoding": "base64",
        "Errors-To": "skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org",
        "Sender": "\"Skiboot\"\n\t<skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>"
    },
    "content": "In the secureboot-v2, the container verification code is stored in a\nhostboot reserved memory.\n\nThis walks through the ms_vpd hdat structure to identify what hostboot\nreserved memory the container verification code is stored in and then\ncreates the 'ibm,container-verification-code' node, which has a cross\nreference (memory-region property) to that hostboot reserved memory.\n\nSigned-off-by: Claudio Carvalho <cclaudio@linux.vnet.ibm.com>\n---\n hdata/spira.h  |   3 ++\n hdata/tpmrel.c | 122 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++-\n 2 files changed, 123 insertions(+), 2 deletions(-)",
    "diff": "diff --git a/hdata/spira.h b/hdata/spira.h\nindex 0056887..d4c3023 100644\n--- a/hdata/spira.h\n+++ b/hdata/spira.h\n@@ -529,6 +529,9 @@ struct msvpd_trace {\n /* Idata index 5: Hostboot reserved memory address range */\n #define MSVPD_IDATA_HB_RESERVED_MEM\t5\n struct msvpd_hb_reserved_mem {\n+#define MSVPD_HBRMEM_RANGE_TYPE\tPPC_BITMASK32(0,7)\n+#define HBRMEM_CVC_CONTAINER_V1 \t0x3\n+#define MSVPD_HBRMEM_INSTANCE_NUMBER\tPPC_BITMASK32(8,31)\n \t__be32\t\ttype_instance;\n \t__be64\t\tstart_addr;\n \t__be64\t\tend_addr;\ndiff --git a/hdata/tpmrel.c b/hdata/tpmrel.c\nindex f2e2ec8..81e6443 100644\n--- a/hdata/tpmrel.c\n+++ b/hdata/tpmrel.c\n@@ -20,6 +20,7 @@\n \n #include <skiboot.h>\n #include <device.h>\n+#include <ccan/str/str.h>\n \n #include \"spira.h\"\n #include \"hdata.h\"\n@@ -75,9 +76,121 @@ static void add_tpmrel_tpm_eventlog(const struct HDIF_common_hdr *hdif_hdr)\n \t}\n }\n \n+struct hdat_container_verification_code {\n+\tuint32_t container_version;\n+\tuint32_t hb_reserved_mem_type;\n+\tuint32_t num_offsets;\n+\tconst char *compat;\n+};\n+\n+static struct hdat_container_verification_code cvc[] = {\n+\t/* ibm,secure-crypt-algo-code */\n+\t{ 0x1, HBRMEM_CVC_CONTAINER_V1, 2, \"ibm,container-v1-verification-code\"}\n+};\n+\n+static struct hdat_container_verification_code *map_cvc(uint32_t type)\n+{\n+\tint i;\n+\n+\tfor (i = 0; i < ARRAY_SIZE(cvc); i++) {\n+\t\tif (cvc[i].hb_reserved_mem_type == type)\n+\t\t\treturn &cvc[i];\n+\t}\n+\treturn NULL;\n+}\n+\n+#define HRMOR_BIT (1ul << 63)\n+\n+static struct dt_node *get_reserved_memory(const struct msvpd_hb_reserved_mem *hb_resv_mem)\n+{\n+\tstruct dt_node *node;\n+\tuint64_t start_addr, end_addr;\n+\tconst char *reserved = \"/ibm,hostboot/reserved-memory/\";\n+\tchar *path;\n+\tsize_t len;\n+\n+\tstart_addr = be64_to_cpu(hb_resv_mem->start_addr);\n+\tend_addr = be64_to_cpu(hb_resv_mem->end_addr);\n+\n+\tstart_addr &= ~HRMOR_BIT;\n+\tend_addr &= ~HRMOR_BIT;\n+\n+\tlen = strlen(reserved) + strlen(hb_resv_mem->label) +\n+\t\tSTR_MAX_CHARS(start_addr) + 2;\n+\tpath = malloc(len);\n+\tassert(path);\n+\tsnprintf(path, len, \"%s%s@%llx\", reserved,\n+\t\t hb_resv_mem->label, (long long) start_addr);\n+\tnode = dt_find_by_path(dt_root, path);\n+\tfree(path);\n+\n+\treturn node;\n+}\n+\n+static void cvc_init(struct dt_node *parent)\n+{\n+\tconst struct msvpd_hb_reserved_mem *hb_resv_mem;\n+\tconst struct HDIF_common_hdr *ms_vpd;\n+\tstruct hdat_container_verification_code *cvc;\n+\tuint32_t type;\n+\tint count, i;\n+\n+\tms_vpd = get_hdif(&spira.ntuples.ms_vpd, MSVPD_HDIF_SIG);\n+\n+\tif (!ms_vpd) {\n+\t\tprerror(\"TPMREL: MS VPD invalid\\n\");\n+\t\treturn;\n+\t}\n+\n+\tcount = HDIF_get_iarray_size(ms_vpd, MSVPD_IDATA_HB_RESERVED_MEM);\n+\tif (count <= 0) {\n+\t\tprerror(\"TPMREL: No hostboot reserved memory found\\n\");\n+\t\treturn;\n+\t}\n+\t/*\n+\t * The secureboot container verification code is stored in a hosboot\n+\t * reserved memory. We walk through the hostboot reserved memory nodes\n+\t * to find it.\n+\t *\n+\t * Once we find the container verification code we create a new node\n+\t * with a cross reference to its reserved memory.\n+\t */\n+\tfor (i = 0; i < count; i++) {\n+\t\thb_resv_mem = HDIF_get_iarray_item(ms_vpd,\n+\t\t\t\t\t\t   MSVPD_IDATA_HB_RESERVED_MEM,\n+\t\t\t\t\t\t   i, NULL);\n+\t\tif (!CHECK_SPPTR(hb_resv_mem))\n+\t\t\tcontinue;\n+\n+\t\ttype = be32_to_cpu(hb_resv_mem->type_instance);\n+\t\ttype = GETFIELD(MSVPD_HBRMEM_RANGE_TYPE, type);\n+\t\tcvc = map_cvc(type);\n+\t\tif (cvc) {\n+\t\t\tstruct dt_node *reserved_mem, *node;\n+\n+\t\t\treserved_mem= get_reserved_memory(hb_resv_mem);\n+\t\t\tif (!reserved_mem) {\n+\t\t\t\tprlog(PR_INFO, \"reserved memory for %s not found\\n\",\n+\t\t\t\t      cvc->compat);\n+\t\t\t\treturn;\n+\t\t\t}\n+\n+\t\t\tnode = dt_new(parent, \"ibm,container-verification-code\");\n+\t\t\tassert(node);\n+\n+\t\t\tdt_add_property_cells(node, \"#address-cells\", 1);\n+\t\t\tdt_add_property_cells(node, \"#size-cells\", 0);\n+\t\t\tdt_add_property_strings(node, \"compatible\", cvc->compat);\n+\t\t\tdt_add_property_cells(node, \"memory-region\", reserved_mem->phandle);\n+\t\t}\n+\t}\n+\treturn;\n+}\n+\n void node_stb_parse(void)\n {\n \tstruct HDIF_common_hdr *hdif_hdr;\n+\tstruct dt_node *node;\n \n \thdif_hdr = get_hdif(&spira.ntuples.node_stb_data, \"TPMREL\");\n \tif (!hdif_hdr) {\n@@ -87,6 +200,11 @@ void node_stb_parse(void)\n \n \tadd_tpmrel_tpm_eventlog(hdif_hdr);\n \n-\t/* TODO: Idata 1: User Physical Interaction Mechanism Info */\n-\t/* TODO: Idata 2: Hash and Verification Function Offset Array */\n+\tnode = dt_find_by_path(dt_root, \"/ibm,secureboot\");\n+\tif (!node) {\n+\t\tprlog(PR_INFO, \"'ibm,secureboot' node not found\\n\");\n+\t\treturn;\n+\t}\n+\n+\tcvc_init(node);\n }\n",
    "prefixes": [
        "4/5"
    ]
}