From patchwork Wed Sep 16 16:21:20 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Richter X-Patchwork-Id: 1365453 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4Bs58P32WGz9sTs for ; Thu, 17 Sep 2020 02:26:45 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=G+p4RS6Q; dkim-atps=neutral Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 4Bs58N6C41zDqMM for ; Thu, 17 Sep 2020 02:26:44 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=linux.ibm.com (client-ip=148.163.158.5; helo=mx0a-001b2d01.pphosted.com; envelope-from=erichte@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=G+p4RS6Q; dkim-atps=neutral Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4Bs52l6JpnzDqM5 for ; Thu, 17 Sep 2020 02:21:51 +1000 (AEST) Received: from pps.filterd (m0098414.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 08GG2T3q057399 for ; Wed, 16 Sep 2020 12:21:49 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=GjUSNb/uA56JgVh3vIMhybchTHkJSQLwwhu9jDstjXI=; b=G+p4RS6QHYiJNO0AAmuxHgeE5R+S3xknijNb+SNgsYTK4OOzf6miXidOOJN9KT+jmyrF BWHefLWqJDxIKygcKrvge44cKB+6h85yD5m8NgE7v8gr08La83dyUd0Mel3/ienFIkOp mmG0HlTGHRZJIcmwBTfnMIr+wTaT8LGMaWNQZagv9F6F/hSPk99w5V/DOHQi1Z4wUzF/ Mrw11sfaEs+mUeuRNyQHAGiuYZlMVsgk/1NwNKQfLD4MaEibUPAaSylvRrbz5Ttkq5vf vMzOAUx1j7G+jjgVVz0p35+8rbRJVXrxG3M5RLgjVT6Kzv1rnG+5ZSx8CfGzzSGjuDee iQ== Received: from ppma03ams.nl.ibm.com (62.31.33a9.ip4.static.sl-reverse.com [169.51.49.98]) by mx0b-001b2d01.pphosted.com with ESMTP id 33km92v32d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 16 Sep 2020 12:21:49 -0400 Received: from pps.filterd (ppma03ams.nl.ibm.com [127.0.0.1]) by ppma03ams.nl.ibm.com (8.16.0.42/8.16.0.42) with SMTP id 08GGIM79029284 for ; Wed, 16 Sep 2020 16:21:47 GMT Received: from b06cxnps3074.portsmouth.uk.ibm.com (d06relay09.portsmouth.uk.ibm.com [9.149.109.194]) by ppma03ams.nl.ibm.com with ESMTP id 33k6esgtnk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 16 Sep 2020 16:21:47 +0000 Received: from d06av25.portsmouth.uk.ibm.com (d06av25.portsmouth.uk.ibm.com [9.149.105.61]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 08GGLiql10748164 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 16 Sep 2020 16:21:45 GMT Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D0C1E11C052; Wed, 16 Sep 2020 16:21:44 +0000 (GMT) Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2BB0111C050; Wed, 16 Sep 2020 16:21:44 +0000 (GMT) Received: from ceres.ibmuc.com (unknown [9.160.109.67]) by d06av25.portsmouth.uk.ibm.com (Postfix) with ESMTP; Wed, 16 Sep 2020 16:21:44 +0000 (GMT) From: Eric Richter To: skiboot@lists.ozlabs.org Date: Wed, 16 Sep 2020 11:21:20 -0500 Message-Id: <20200916162131.22478-10-erichte@linux.ibm.com> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200916162131.22478-1-erichte@linux.ibm.com> References: <20200916162131.22478-1-erichte@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-09-16_10:2020-09-16, 2020-09-16 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=1 phishscore=0 mlxscore=0 impostorscore=0 adultscore=0 lowpriorityscore=0 malwarescore=0 clxscore=1015 priorityscore=1501 spamscore=0 mlxlogscore=999 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2006250000 definitions=main-2009160114 Subject: [Skiboot] [PATCH v6 09/20] hdata/spira: add physical presence flags X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: nayna@linux.ibm.com Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" From: Nayna Jain This patch reads the hdata bits to check for physical presence assertion, and creates device tree entries to be consumed later in the boot. Signed-off-by: Nayna Jain Signed-off-by: Eric Richter --- V5: - added documentation for the device tree nodes created by this patch doc/device-tree/ibm,secureboot.rst | 17 +++++++++++++++++ hdata/spira.c | 11 +++++++++++ hdata/spira.h | 7 ++++++- 3 files changed, 34 insertions(+), 1 deletion(-) diff --git a/doc/device-tree/ibm,secureboot.rst b/doc/device-tree/ibm,secureboot.rst index 3113b3f2..42f69b21 100644 --- a/doc/device-tree/ibm,secureboot.rst +++ b/doc/device-tree/ibm,secureboot.rst @@ -39,6 +39,23 @@ Required properties images (e.g. kernels) to be signed by an appropriate key stored in secure variables. + physical-presence-asserted: + this property exists to indicate the physical presence + of user to request key clearance. + + clear-os-keys: this property exists when the firmware indicates that + physical presence is asserted to clear only Host OS + secure boot keys. + + clear-all-keys: this property exists when the firmware indicates that + physical presence is asserted to clear all sensistive + data controlled by platform firmware. + + clear-mfg-keys: this property exists only during manufacturing process + when the firmware indicates to clear all senstive data + during manufacturing. It is only valid on development + drivers. + Obsolete properties ------------------- diff --git a/hdata/spira.c b/hdata/spira.c index 35d6109d..deb2dea4 100644 --- a/hdata/spira.c +++ b/hdata/spira.c @@ -921,6 +921,7 @@ static void dt_init_secureboot_node(const struct iplparams_sysparams *sysparams) struct dt_node *node; u16 sys_sec_setting; u16 hw_key_hash_size; + u16 host_fw_key_clear; node = dt_new(dt_root, "ibm,secureboot"); assert(node); @@ -933,6 +934,16 @@ static void dt_init_secureboot_node(const struct iplparams_sysparams *sysparams) dt_add_property(node, "secure-enabled", NULL, 0); if (sys_sec_setting & SEC_HASHES_EXTENDED_TO_TPM) dt_add_property(node, "trusted-enabled", NULL, 0); + if (sys_sec_setting & PHYSICAL_PRESENCE_ASSERTED) + dt_add_property(node, "physical-presence-asserted", NULL, 0); + + host_fw_key_clear = be16_to_cpu(sysparams->host_fw_key_clear); + if (host_fw_key_clear & KEY_CLEAR_OS_KEYS) + dt_add_property(node, "clear-os-keys", NULL, 0); + if (host_fw_key_clear & KEY_CLEAR_MFG) + dt_add_property(node, "clear-mfg-keys", NULL, 0); + if (host_fw_key_clear & KEY_CLEAR_ALL) + dt_add_property(node, "clear-all-keys", NULL, 0); hw_key_hash_size = be16_to_cpu(sysparams->hw_key_hash_size); diff --git a/hdata/spira.h b/hdata/spira.h index ffe53942..f7a1b823 100644 --- a/hdata/spira.h +++ b/hdata/spira.h @@ -364,10 +364,15 @@ struct iplparams_sysparams { __be16 hv_disp_wheel; /* >= 0x58 */ __be32 nest_freq_mhz; /* >= 0x5b */ uint8_t split_core_mode; /* >= 0x5c */ - uint8_t reserved[3]; + uint8_t reserved[1]; +#define KEY_CLEAR_ALL PPC_BIT16(0) +#define KEY_CLEAR_OS_KEYS PPC_BIT16(1) +#define KEY_CLEAR_MFG PPC_BIT16(7) + __be16 host_fw_key_clear; uint8_t sys_vendor[64]; /* >= 0x5f */ #define SEC_CONTAINER_SIG_CHECKING PPC_BIT16(0) #define SEC_HASHES_EXTENDED_TO_TPM PPC_BIT16(1) +#define PHYSICAL_PRESENCE_ASSERTED PPC_BIT16(3) __be16 sys_sec_setting; /* >= 0x60 */ __be16 tpm_config_bit; /* >= 0x60 */ __be16 tpm_drawer; /* >= 0x60 */