| Message ID | 1523604043-9390-1-git-send-email-ppaidipe@linux.vnet.ibm.com |
|---|---|
| State | Superseded |
| Headers | show |
| Series | opal/init: Fix VERSION hash calculation by Re-ordering inits | expand |
This looks good to me. Reviewed-by: Claudio Carvalho <cclaudio@linux.vnet.ibm.com> Claudio On 13/04/2018 04:20, Pridhiviraj Paidipeddi wrote: > We have currently VERSION parition loads early in the boot stage > for BMC platforms, which is not verified/measured by STB. Currnetly > STB init depends on nvram settings, which need nvram init, nvram init > depends on pnor init. So we cannot move stb init before platform init. > > So this patch fixes this issue by following below init order for BMC > platforms to have a proper hash calculation for all the flash resources. > > pnor_init --> nvram_init --> stb_init --> preload_flash_resources > > In FSP platforms init remains unchanged. > > And currently VERSION partition isn't signed, hence enabled only > trusted_measure for it. And also PCR_3 used for measurements as > VERSION is a data partition. > > [ 68.444384848,5] STB: VERSION hash calculated > [ 68.489532547,5] STB: VERSION measured on pcr3 (tpm0, evType 0x5, evLogLen 2253) > > Signed-off-by: Pridhiviraj Paidipeddi <ppaidipe@linux.vnet.ibm.com> > --- > core/init.c | 4 ++-- > libstb/trustedboot.c | 4 ++++ > platforms/astbmc/common.c | 15 +++++++++++++++ > 3 files changed, 21 insertions(+), 2 deletions(-) > > diff --git a/core/init.c b/core/init.c > index b91e34b..0b294c8 100644 > --- a/core/init.c > +++ b/core/init.c > @@ -1048,8 +1048,8 @@ void __noreturn __nomcount main_cpu_entry(const void *fdt) > if (platform.init) > platform.init(); > > - /* Read in NVRAM and set it up */ > - nvram_init(); > + /* Read in NVRAM and set it up, if not already done */ > + nvram_reinit(); > > /* Set the console level */ > console_log_level(); > diff --git a/libstb/trustedboot.c b/libstb/trustedboot.c > index 151e4e1..071a592 100644 > --- a/libstb/trustedboot.c > +++ b/libstb/trustedboot.c > @@ -46,6 +46,7 @@ static struct { > { RESOURCE_ID_IMA_CATALOG, PCR_2 }, > { RESOURCE_ID_KERNEL, PCR_4 }, > { RESOURCE_ID_CAPP, PCR_2 }, > + { RESOURCE_ID_VERSION, PCR_3 }, > }; > > /* > @@ -82,6 +83,9 @@ void trustedboot_init(void) > { > struct dt_node *node; > > + if (trusted_init) > + return; > + > node = dt_find_by_path(dt_root, "/ibm,secureboot"); > if (!node) { > prlog(PR_NOTICE, "trusted boot not supported\n"); > diff --git a/platforms/astbmc/common.c b/platforms/astbmc/common.c > index 243ad94..22f62d0 100644 > --- a/platforms/astbmc/common.c > +++ b/platforms/astbmc/common.c > @@ -26,6 +26,7 @@ > #include <bt.h> > #include <errorlog.h> > #include <lpc.h> > +#include <libstb/trustedboot.h> > > #include "astbmc.h" > > @@ -134,6 +135,20 @@ void astbmc_init(void) > astbmc_fru_init(); > ipmi_sensor_init(); > > + /* PNOR is initialized, we can init NVRAM */ > + nvram_init(); > + > + /* > + * As PNOR flash drivers are ready we can init STB now, > + * so that it can call verify and measure functions > + */ > + > + /* TODO: currently VERSION partition isn't signed, enable > + * secureboot_init only once it is signed. > + */ > + /* secureboot_init(); */ > + trustedboot_init(); > + > /* Preload PNOR VERSION section */ > flash_fw_version_preload(); >
diff --git a/core/init.c b/core/init.c index b91e34b..0b294c8 100644 --- a/core/init.c +++ b/core/init.c @@ -1048,8 +1048,8 @@ void __noreturn __nomcount main_cpu_entry(const void *fdt) if (platform.init) platform.init(); - /* Read in NVRAM and set it up */ - nvram_init(); + /* Read in NVRAM and set it up, if not already done */ + nvram_reinit(); /* Set the console level */ console_log_level(); diff --git a/libstb/trustedboot.c b/libstb/trustedboot.c index 151e4e1..071a592 100644 --- a/libstb/trustedboot.c +++ b/libstb/trustedboot.c @@ -46,6 +46,7 @@ static struct { { RESOURCE_ID_IMA_CATALOG, PCR_2 }, { RESOURCE_ID_KERNEL, PCR_4 }, { RESOURCE_ID_CAPP, PCR_2 }, + { RESOURCE_ID_VERSION, PCR_3 }, }; /* @@ -82,6 +83,9 @@ void trustedboot_init(void) { struct dt_node *node; + if (trusted_init) + return; + node = dt_find_by_path(dt_root, "/ibm,secureboot"); if (!node) { prlog(PR_NOTICE, "trusted boot not supported\n"); diff --git a/platforms/astbmc/common.c b/platforms/astbmc/common.c index 243ad94..22f62d0 100644 --- a/platforms/astbmc/common.c +++ b/platforms/astbmc/common.c @@ -26,6 +26,7 @@ #include <bt.h> #include <errorlog.h> #include <lpc.h> +#include <libstb/trustedboot.h> #include "astbmc.h" @@ -134,6 +135,20 @@ void astbmc_init(void) astbmc_fru_init(); ipmi_sensor_init(); + /* PNOR is initialized, we can init NVRAM */ + nvram_init(); + + /* + * As PNOR flash drivers are ready we can init STB now, + * so that it can call verify and measure functions + */ + + /* TODO: currently VERSION partition isn't signed, enable + * secureboot_init only once it is signed. + */ + /* secureboot_init(); */ + trustedboot_init(); + /* Preload PNOR VERSION section */ flash_fw_version_preload();
We have currently VERSION parition loads early in the boot stage for BMC platforms, which is not verified/measured by STB. Currnetly STB init depends on nvram settings, which need nvram init, nvram init depends on pnor init. So we cannot move stb init before platform init. So this patch fixes this issue by following below init order for BMC platforms to have a proper hash calculation for all the flash resources. pnor_init --> nvram_init --> stb_init --> preload_flash_resources In FSP platforms init remains unchanged. And currently VERSION partition isn't signed, hence enabled only trusted_measure for it. And also PCR_3 used for measurements as VERSION is a data partition. [ 68.444384848,5] STB: VERSION hash calculated [ 68.489532547,5] STB: VERSION measured on pcr3 (tpm0, evType 0x5, evLogLen 2253) Signed-off-by: Pridhiviraj Paidipeddi <ppaidipe@linux.vnet.ibm.com> --- core/init.c | 4 ++-- libstb/trustedboot.c | 4 ++++ platforms/astbmc/common.c | 15 +++++++++++++++ 3 files changed, 21 insertions(+), 2 deletions(-)