From patchwork Tue Sep 3 21:34:11 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Richter X-Patchwork-Id: 1157345 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46NKxd01SRz9sBF for ; Wed, 4 Sep 2019 07:35:33 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 46NKxc63nZzDqnR for ; Wed, 4 Sep 2019 07:35:32 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=linux.ibm.com (client-ip=148.163.158.5; helo=mx0b-001b2d01.pphosted.com; envelope-from=erichte@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 46NKwV5QPJzDqm6 for ; Wed, 4 Sep 2019 07:34:33 +1000 (AEST) Received: from pps.filterd (m0127361.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x83LWUXN185462 for ; Tue, 3 Sep 2019 17:34:25 -0400 Received: from e06smtp07.uk.ibm.com (e06smtp07.uk.ibm.com [195.75.94.103]) by mx0a-001b2d01.pphosted.com with ESMTP id 2usmg3n4gb-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 03 Sep 2019 17:34:25 -0400 Received: from localhost by e06smtp07.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Tue, 3 Sep 2019 22:34:22 +0100 Received: from b06cxnps4074.portsmouth.uk.ibm.com (9.149.109.196) by e06smtp07.uk.ibm.com (192.168.101.137) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Tue, 3 Sep 2019 22:34:20 +0100 Received: from d06av26.portsmouth.uk.ibm.com (d06av26.portsmouth.uk.ibm.com [9.149.105.62]) by b06cxnps4074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x83LYI1u52428910 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 3 Sep 2019 21:34:18 GMT Received: from d06av26.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 87292AE053; Tue, 3 Sep 2019 21:34:18 +0000 (GMT) Received: from d06av26.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id DF49DAE057; Tue, 3 Sep 2019 21:34:17 +0000 (GMT) Received: from yorha.ibmuc.com (unknown [9.80.226.234]) by d06av26.portsmouth.uk.ibm.com (Postfix) with ESMTP; Tue, 3 Sep 2019 21:34:17 +0000 (GMT) From: Eric Richter To: skiboot@lists.ozlabs.org Date: Tue, 3 Sep 2019 16:34:11 -0500 X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19090321-0028-0000-0000-000003973E17 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19090321-0029-0000-0000-000024598D43 Message-Id: <20190903213416.16535-1-erichte@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-09-03_05:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1906280000 definitions=main-1909030214 Subject: [Skiboot] [PATCH v3 0/5] Add Secure Variable Support X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: nayna@linux.ibm.com Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" This version of the patch set contains numerous changes to the API and core secure variable functionality. However, the implementations for the backend and storage drivers have not changed significantly since last posting. In interest of getting feedback on the changes in core implementation, they have been temporarily removed from this set. The full context of this code (including test patches) can be found at this git repo: https://github.com/erichte-ibm/skiboot/tree/stb/dev and a op-build tree with a custom config to utilize these patches and the requisite kernel patches can be found here: (use witherspoon_sp_defconfig to test) https://github.com/erichte-ibm/op-build/tree/stb/dev Changes in V3: - Removed metadata field in secure variable struct, APIs, etc - Removed opal_secvar_get_size - Add probe_secvar() call to bump ibm,secureboot/compatible before secureboot/trustedboot initialization - Removed fixed-size data allocation in secvar struct to conserve space - Expanded documentation updates - Included initial implementation of secvar API unit testing - Minor other fixes as mentioned in individual patch descriptions ORIGINAL COVER LETTER: The previous implementation "Initial Skiboot Secure Variable Support" tied the OPAL runtime service API too tightly to the variable processing backend. Therefore, if the variable processing design had to be changed or updated, so did the API. This patch set redesigns the previous set to support a generic OPAL API, and pluggable drivers for persistent variable storage and variable processing. Platforms may support different storage hardware, therefore a platform must be able to select the proper storage driver for persisting variables. Platforms may also select the backend used to manipulate secure variables. The backend determines the format in which the variables are stored, and how the variables are authenticated and updated. This patch set includes the base implementation to support secure variables, and the updated OPAL runtime service API. This set also includes draft implementations for a pnor-based storage driver, and an edk2-derived backend driver. This backend driver depends on mbedtls-based crypto support, which will be in a separate forthcoming patch set. The draft implementation of the backend driver has the crypto-dependent code commented out for sake of compilation. Changes in V2: - ibm,secureboot compatible is set to -v3 - added secvar device tree node - removed opal_secvar_backend - added API and secvar DT node documentation - minor fixes/changes (see patch descriptions) Eric Richter (5): libstb/secvar: add secure variable internal abstraction libstb: add support for ibm,secureboot-v3 and initialize secure variables if supported by the platform libstb/secvar: add secvar api implementation doc: add opal secure variable documentation secvar/test: add rudimentary secvar API unit testing ccan/list/list.h | 38 +++++ core/init.c | 4 + doc/device-tree/ibm,secureboot.rst | 10 ++ doc/device-tree/secvar.rst | 84 ++++++++++ doc/opal-api/opal-secvar.rst | 188 +++++++++++++++++++++++ include/opal-api.h | 5 +- include/platform.h | 2 + include/secvar.h | 46 ++++++ libstb/Makefile.inc | 3 +- libstb/cvc.c | 2 +- libstb/secureboot.c | 7 +- libstb/secureboot.h | 1 + libstb/secvar/Makefile.inc | 14 ++ libstb/secvar/backend/Makefile.inc | 11 ++ libstb/secvar/secvar.h | 61 ++++++++ libstb/secvar/secvar_api.c | 158 +++++++++++++++++++ libstb/secvar/secvar_main.c | 160 +++++++++++++++++++ libstb/secvar/secvar_util.c | 70 +++++++++ libstb/secvar/storage/Makefile.inc | 11 ++ libstb/secvar/test/Makefile.check | 46 ++++++ libstb/secvar/test/secvar-test-enqueue.c | 158 +++++++++++++++++++ libstb/secvar/test/secvar-test-getvar.c | 110 +++++++++++++ libstb/secvar/test/secvar-test-nextvar.c | 132 ++++++++++++++++ libstb/secvar/test/secvar-test-void.c | 24 +++ libstb/secvar/test/secvar_api_test.c | 92 +++++++++++ libstb/secvar/test/secvar_common_test.c | 63 ++++++++ 26 files changed, 1496 insertions(+), 4 deletions(-) create mode 100644 doc/device-tree/secvar.rst create mode 100644 doc/opal-api/opal-secvar.rst create mode 100644 include/secvar.h create mode 100644 libstb/secvar/Makefile.inc create mode 100644 libstb/secvar/backend/Makefile.inc create mode 100644 libstb/secvar/secvar.h create mode 100644 libstb/secvar/secvar_api.c create mode 100644 libstb/secvar/secvar_main.c create mode 100644 libstb/secvar/secvar_util.c create mode 100644 libstb/secvar/storage/Makefile.inc create mode 100644 libstb/secvar/test/Makefile.check create mode 100644 libstb/secvar/test/secvar-test-enqueue.c create mode 100644 libstb/secvar/test/secvar-test-getvar.c create mode 100644 libstb/secvar/test/secvar-test-nextvar.c create mode 100644 libstb/secvar/test/secvar-test-void.c create mode 100644 libstb/secvar/test/secvar_api_test.c create mode 100644 libstb/secvar/test/secvar_common_test.c