From patchwork Thu Aug 31 07:24:32 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Claudio Carvalho X-Patchwork-Id: 808090 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xjYnc2mt8z9sNr for ; Thu, 31 Aug 2017 17:25:56 +1000 (AEST) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xjYnb5q39zDqTr for ; Thu, 31 Aug 2017 17:25:55 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xjYmf58SQzDqGX for ; Thu, 31 Aug 2017 17:25:06 +1000 (AEST) Received: from pps.filterd (m0098410.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7V7NgMO064296 for ; Thu, 31 Aug 2017 03:25:04 -0400 Received: from e16.ny.us.ibm.com (e16.ny.us.ibm.com [129.33.205.206]) by mx0a-001b2d01.pphosted.com with ESMTP id 2cpdby25wn-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 31 Aug 2017 03:25:04 -0400 Received: from localhost by e16.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Aug 2017 03:25:03 -0400 Received: from b01cxnp22034.gho.pok.ibm.com (9.57.198.24) by e16.ny.us.ibm.com (146.89.104.203) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 31 Aug 2017 03:25:00 -0400 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp22034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v7V7P0Po23134372 for ; Thu, 31 Aug 2017 07:25:00 GMT Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id CE88F112034 for ; Thu, 31 Aug 2017 03:24:45 -0400 (EDT) X-IMSS-HAND-OFF-DIRECTIVE: 127.0.0.1:10026 Received: from legolas.ibm.com (unknown [9.85.193.48]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id 43997112034; Thu, 31 Aug 2017 03:24:39 -0400 (EDT) From: Claudio Carvalho To: skiboot@lists.ozlabs.org Date: Thu, 31 Aug 2017 04:24:32 -0300 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> References: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17083107-0024-0000-0000-000002C83746 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007640; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000226; SDB=6.00910097; UDB=6.00456510; IPR=6.00690378; BA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938; XFM=3.00000015; UTC=2017-08-31 07:25:01 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17083107-0025-0000-0000-00004544BA70 Message-Id: <1504164285-15095-2-git-send-email-cclaudio@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-31_02:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708310114 Subject: [Skiboot] [PATCH v2 01/14] libstb/stb.c: remove macros used to force secure-mode and trusted-mode X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" This removes STB_FORCE_SECURE_MODE and STB_FORCE_TRUSTED_MODE, which are macros used to force secure mode and trusted mode, respectively. We don't need that anymore because the same functionality is provided by NVRAM config variables. Signed-off-by: Claudio Carvalho --- libstb/stb.c | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/libstb/stb.c b/libstb/stb.c index f798bcb..41e6505 100644 --- a/libstb/stb.c +++ b/libstb/stb.c @@ -28,8 +28,6 @@ /* For debugging only */ //#define STB_DEBUG -//#define STB_FORCE_SECURE_MODE -//#define STB_FORCE_TRUSTED_MODE static bool secure_mode = false; static bool trusted_mode = false; @@ -112,10 +110,6 @@ void stb_init(void) return; } -#ifdef STB_FORCE_SECURE_MODE - secure_mode = true; - prlog(PR_NOTICE, "STB: secure mode on (forced!)\n"); -#else secure_mode = dt_has_node_property(ibm_secureboot, "secure-enabled", NULL); @@ -127,12 +121,7 @@ void stb_init(void) } else { prlog(PR_NOTICE, "STB: secure mode off\n"); } -#endif -#ifdef STB_FORCE_TRUSTED_MODE - trusted_mode = true; - prlog(PR_NOTICE, "STB: trusted mode on (forced!)\n"); -#else trusted_mode = dt_has_node_property(ibm_secureboot, "trusted-enabled", NULL); if (nvram_query_eq("force-trusted-mode", "true")) { @@ -141,7 +130,6 @@ void stb_init(void) } prlog(PR_NOTICE, "STB: trusted mode %s\n", trusted_mode ? "on" : "off"); -#endif if (!secure_mode && !trusted_mode) return; From patchwork Thu Aug 31 07:24:33 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Claudio Carvalho X-Patchwork-Id: 808089 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [103.22.144.68]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xjYnQ23Fkz9sNc for ; Thu, 31 Aug 2017 17:25:46 +1000 (AEST) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xjYnP6nhhzDqGZ for ; Thu, 31 Aug 2017 17:25:45 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xjYmd6SdrzDqGX for ; Thu, 31 Aug 2017 17:25:05 +1000 (AEST) Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7V7Oeen041571 for ; Thu, 31 Aug 2017 03:25:03 -0400 Received: from e14.ny.us.ibm.com (e14.ny.us.ibm.com [129.33.205.204]) by mx0a-001b2d01.pphosted.com with ESMTP id 2cp58064s2-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 31 Aug 2017 03:25:03 -0400 Received: from localhost by e14.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Aug 2017 03:25:02 -0400 Received: from b01cxnp23032.gho.pok.ibm.com (9.57.198.27) by e14.ny.us.ibm.com (146.89.104.201) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 31 Aug 2017 03:25:00 -0400 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp23032.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v7V7P0k326214522 for ; Thu, 31 Aug 2017 07:25:00 GMT Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id CF39C112040 for ; Thu, 31 Aug 2017 03:24:45 -0400 (EDT) X-IMSS-HAND-OFF-DIRECTIVE: 127.0.0.1:10026 Received: from legolas.ibm.com (unknown [9.85.193.48]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id 3081D112040; Thu, 31 Aug 2017 03:24:41 -0400 (EDT) From: Claudio Carvalho To: skiboot@lists.ozlabs.org Date: Thu, 31 Aug 2017 04:24:33 -0300 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> References: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17083107-0052-0000-0000-000002589D6C X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007640; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000226; SDB=6.00910098; UDB=6.00456511; IPR=6.00690378; BA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938; XFM=3.00000015; UTC=2017-08-31 07:25:01 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17083107-0053-0000-0000-000051D83C29 Message-Id: <1504164285-15095-3-git-send-email-cclaudio@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-31_02:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708310114 Subject: [Skiboot] [PATCH v2 02/14] core/flash: extern function to get the name of a PNOR partition X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" This adds the flash_map_resource_name() to allow other skiboot subsystems to lookup the name of a PNOR partition. With this we don't need to duplicate the same information in other places (e.g. libstb). Signed-off-by: Claudio Carvalho --- core/flash.c | 10 ++++++++++ include/skiboot.h | 1 + 2 files changed, 11 insertions(+) diff --git a/core/flash.c b/core/flash.c index 53e6eba..90402ef 100644 --- a/core/flash.c +++ b/core/flash.c @@ -424,6 +424,16 @@ static struct { { RESOURCE_ID_IMA_CATALOG, RESOURCE_SUBID_SUPPORTED, "IMA_CATALOG" }, }; +char *flash_map_resource_name(enum resource_id id) +{ + int i; + + for (i = 0; i < ARRAY_SIZE(part_name_map); i++) { + if (part_name_map[i].id == id) + return part_name_map[i].name; + } + return NULL; +} static size_t sizeof_elf_from_hdr(void *buf) { diff --git a/include/skiboot.h b/include/skiboot.h index 4b7d519..06d681e 100644 --- a/include/skiboot.h +++ b/include/skiboot.h @@ -243,6 +243,7 @@ extern int flash_subpart_info(void *part_header, uint32_t header_len, uint32_t part_size, uint32_t *part_actual, uint32_t subid, uint32_t *offset, uint32_t *size); +extern char *flash_map_resource_name(enum resource_id id); /* NVRAM support */ extern void nvram_init(void); extern void nvram_read_complete(bool success); From patchwork Thu Aug 31 07:24:34 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Claudio Carvalho X-Patchwork-Id: 808091 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [103.22.144.68]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xjYnt5FZcz9sNc for ; Thu, 31 Aug 2017 17:26:10 +1000 (AEST) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xjYnt4Ng4zDqXc for ; Thu, 31 Aug 2017 17:26:10 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xjYmg09BfzDqGZ for ; Thu, 31 Aug 2017 17:25:06 +1000 (AEST) Received: from pps.filterd (m0098417.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7V7OiAO116221 for ; Thu, 31 Aug 2017 03:25:04 -0400 Received: from e19.ny.us.ibm.com (e19.ny.us.ibm.com [129.33.205.209]) by mx0a-001b2d01.pphosted.com with ESMTP id 2cpar7cq18-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 31 Aug 2017 03:25:03 -0400 Received: from localhost by e19.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Aug 2017 03:25:03 -0400 Received: from b01cxnp23032.gho.pok.ibm.com (9.57.198.27) by e19.ny.us.ibm.com (146.89.104.206) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 31 Aug 2017 03:25:00 -0400 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp23032.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v7V7P09925559246 for ; Thu, 31 Aug 2017 07:25:00 GMT Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id E4578112040 for ; Thu, 31 Aug 2017 03:24:45 -0400 (EDT) X-IMSS-HAND-OFF-DIRECTIVE: 127.0.0.1:10026 Received: from legolas.ibm.com (unknown [9.85.193.48]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id 1EA3E112056; Thu, 31 Aug 2017 03:24:42 -0400 (EDT) From: Claudio Carvalho To: skiboot@lists.ozlabs.org Date: Thu, 31 Aug 2017 04:24:34 -0300 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> References: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17083107-0056-0000-0000-000003BF4002 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007640; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000226; SDB=6.00910097; UDB=6.00456510; IPR=6.00690378; BA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938; XFM=3.00000015; UTC=2017-08-31 07:25:01 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17083107-0057-0000-0000-000007F5713B Message-Id: <1504164285-15095-4-git-send-email-cclaudio@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-31_02:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708310114 Subject: [Skiboot] [PATCH v2 03/14] libstb/stb.c: change sb_verify() to use flash_lookup_resource_name() X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" Secureboot verifies only containers stored in known partitions. With the flash_lookup_resource_name() function, the PNOR partition information don't need to be duplicated in libstb for secureboot. This replaces stb_resource_lookup() by flash_lookup_resource_name() in sb_verify(). Signed-off-by: Claudio Carvalho --- libstb/stb.c | 23 ++++++++--------------- 1 file changed, 8 insertions(+), 15 deletions(-) diff --git a/libstb/stb.c b/libstb/stb.c index 41e6505..949f81c 100644 --- a/libstb/stb.c +++ b/libstb/stb.c @@ -275,27 +275,20 @@ int tb_measure(enum resource_id id, void *buf, size_t len) int sb_verify(enum resource_id id, void *buf, size_t len) { - int r; - const char *name = NULL; + const char *name; if (!secure_mode) { prlog(PR_INFO, "STB: %s skipped resource %d, " "secure_mode=0\n", __func__, id); return STB_SECURE_MODE_DISABLED; } - r = stb_resource_lookup(id); - if (r == -1) - /** - * @fwts-label STBVerifyResourceNotMapped - * @fwts-advice Unregistered resources can be verified, but not - * measured. The resource should be registered in the - * resource_map[] array, otherwise the resource cannot be - * measured if trusted mode is on. - */ - prlog(PR_WARNING, "STB: verifying the non-expected " - "resource %d\n", id); - else - name = resource_map[r].name; + + name = flash_map_resource_name(id); + if (!name) { + prlog(PR_EMERG, "STB: container NOT VERIFIED, " + "resource_id=%d unknown\n", id); + sb_enforce(); + } if (!rom_driver || !rom_driver->verify) { prlog(PR_EMERG, "STB: secure boot not initialized\n"); sb_enforce(); From patchwork Thu Aug 31 07:24:35 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Claudio Carvalho X-Patchwork-Id: 808093 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [103.22.144.68]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xjYpW2qs7z9sNc for ; Thu, 31 Aug 2017 17:26:43 +1000 (AEST) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xjYpW1qtvzDqZ7 for ; Thu, 31 Aug 2017 17:26:43 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xjYmq0XwczDqXn for ; Thu, 31 Aug 2017 17:25:14 +1000 (AEST) Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7V7ONDY086390 for ; Thu, 31 Aug 2017 03:25:13 -0400 Received: from e19.ny.us.ibm.com (e19.ny.us.ibm.com [129.33.205.209]) by mx0a-001b2d01.pphosted.com with ESMTP id 2cpc4g7f3u-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 31 Aug 2017 03:25:13 -0400 Received: from localhost by e19.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Aug 2017 03:25:12 -0400 Received: from b01cxnp23032.gho.pok.ibm.com (9.57.198.27) by e19.ny.us.ibm.com (146.89.104.206) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 31 Aug 2017 03:25:11 -0400 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp23032.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v7V7PAwn25231364 for ; Thu, 31 Aug 2017 07:25:10 GMT Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id 32D24112056 for ; Thu, 31 Aug 2017 03:24:56 -0400 (EDT) X-IMSS-HAND-OFF-DIRECTIVE: 127.0.0.1:10026 Received: from legolas.ibm.com (unknown [9.85.193.48]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id 0D8DC112051; Thu, 31 Aug 2017 03:24:44 -0400 (EDT) From: Claudio Carvalho To: skiboot@lists.ozlabs.org Date: Thu, 31 Aug 2017 04:24:35 -0300 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> References: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17083107-0056-0000-0000-000003BF4006 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007640; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000226; SDB=6.00910097; UDB=6.00456510; IPR=6.00690378; BA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938; XFM=3.00000015; UTC=2017-08-31 07:25:11 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17083107-0057-0000-0000-000007F5713E Message-Id: <1504164285-15095-5-git-send-email-cclaudio@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-31_02:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708310114 Subject: [Skiboot] [PATCH v2 04/14] libstb/stb.c: change tb_measure() to use flash_lookup_resource_name() X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" Trustedboot measures only images stored in known PNOR partitions. With the flash_lookup_resource_name(), the PNOR partition information don't need to be duplicated in libstb for trustedboot. Additionally, an image can be measured to a PCR only if a PCR number has been mapped to the respective partition. This adds the pcr_map() function and replaces stb_resource_lookup() by both flash_lookup_resource_name() and pcr_map(). Signed-off-by: Claudio Carvalho --- libstb/stb.c | 76 +++++++++++++++++++++++++++++------------------------------- 1 file changed, 37 insertions(+), 39 deletions(-) diff --git a/libstb/stb.c b/libstb/stb.c index 949f81c..ed34c6a 100644 --- a/libstb/stb.c +++ b/libstb/stb.c @@ -34,8 +34,6 @@ static bool trusted_mode = false; static struct rom_driver_ops *rom_driver = NULL; -#define MAX_RESOURCE_NAME 15 - /* * This maps a PCR for each resource we can measure. The PCR number is * mapped according to the TCG PC Client Platform Firmware Profile @@ -43,21 +41,23 @@ static struct rom_driver_ops *rom_driver = NULL; * Only resources included in this whitelist can be measured. */ static struct { - - /* PNOR partition id */ enum resource_id id; - - /* PCR mapping for the resource id */ TPM_Pcr pcr; - - /* Resource name */ - const char name[MAX_RESOURCE_NAME+1]; - -} resource_map[] = { - { RESOURCE_ID_KERNEL, PCR_4, "BOOTKERNEL" }, - { RESOURCE_ID_CAPP, PCR_2, "CAPP"}, +} resources[] = { + { RESOURCE_ID_KERNEL, PCR_4 }, + { RESOURCE_ID_CAPP, PCR_2 }, }; +static TPM_Pcr map_pcr(enum resource_id id) +{ + int i; + for (i = 0; i < ARRAY_SIZE(resources); i++) { + if (resources[i].id == id) + return resources[i].pcr; + } + return -1; +} + struct event_hash { const unsigned char *sha1; const unsigned char *sha256; @@ -76,15 +76,6 @@ static struct event_hash evFF = { "\xfd\x0e" }; -static int stb_resource_lookup(enum resource_id id) -{ - int i; - for (i = 0; i < ARRAY_SIZE(resource_map); i++) - if (resource_map[i].id == id) - return i; - return -1; -} - static void sb_enforce(void) { /* @@ -188,9 +179,10 @@ int stb_final(void) int tb_measure(enum resource_id id, void *buf, size_t len) { - int r; uint8_t digest[SHA512_DIGEST_LENGTH]; const uint8_t *digestp; + const char *name; + TPM_Pcr pcr; digestp = NULL; if (!trusted_mode) { @@ -198,17 +190,25 @@ int tb_measure(enum resource_id id, void *buf, size_t len) "trusted_mode=0\n", __func__, id); return STB_TRUSTED_MODE_DISABLED; } - r = stb_resource_lookup(id); - if (r == -1) { + name = flash_map_resource_name(id); + if (!name) { /** - * @fwts-label STBMeasureResourceNotMapped - * @fwts-advice The resource is not registered in the resource_map[] - * array, but it should be otherwise the resource cannot be - * measured if trusted mode is on. + * @fwts-label ResourceNotMeasuredUnknown + * @fwts-advice This is a bug in the tb_measure() caller, which + * is passing an unknown resource_id. */ - prlog(PR_ERR, "STB: %s failed, resource %d not mapped\n", - __func__, id); - return STB_ARG_ERROR; + prerror("STB: resource NOT MEASURED, resource_id=%d unknown\n", id); + return -1; + } + pcr = map_pcr(id); + if (pcr == -1) { + /** + * @fwts-label ResourceNotMappedToPCR + * @fwts-advice This is a bug. The resource cannot be measured + * because it is not mapped to a PCR in the resources[] array. + */ + prerror("STB: %s NOT MEASURED, it's not mapped to a PCR\n", name); + return -1; } if (!buf) { /** @@ -218,7 +218,7 @@ int tb_measure(enum resource_id id, void *buf, size_t len) * bug in the framework. */ prlog(PR_ERR, "STB: %s failed: resource %s, buf null\n", - __func__, resource_map[r].name); + __func__, name); return STB_ARG_ERROR; } memset(digest, 0, SHA512_DIGEST_LENGTH); @@ -239,8 +239,7 @@ int tb_measure(enum resource_id id, void *buf, size_t len) (void*)((uint8_t*)buf + SECURE_BOOT_HEADERS_SIZE), len - SECURE_BOOT_HEADERS_SIZE, digest); - prlog(PR_INFO, "STB: %s sha512 hash re-calculated\n", - resource_map[r].name); + prlog(PR_INFO, "STB: %s sha512 hash re-calculated\n", name); if (memcmp(digestp, digest, TPM_ALG_SHA256_SIZE) != 0) { prlog(PR_ALERT, "STB: HASH IN CONTAINER DOESN'T MATCH CONTENT!\n"); prlog(PR_ALERT, "STB: Container hash:\n"); @@ -253,8 +252,7 @@ int tb_measure(enum resource_id id, void *buf, size_t len) } } else { rom_driver->sha512(buf, len, digest); - prlog(PR_INFO, "STB: %s sha512 hash calculated\n", - resource_map[r].name); + prlog(PR_INFO, "STB: %s sha512 hash calculated\n", name); } #ifdef STB_DEBUG @@ -267,10 +265,10 @@ int tb_measure(enum resource_id id, void *buf, size_t len) * algorithm, the sha512 hash is truncated to match the size required * by each PCR bank. */ - return tpm_extendl(resource_map[r].pcr, + return tpm_extendl(pcr, TPM_ALG_SHA256, digest, TPM_ALG_SHA256_SIZE, TPM_ALG_SHA1, digest, TPM_ALG_SHA1_SIZE, - EV_ACTION, resource_map[r].name); + EV_ACTION, name); } int sb_verify(enum resource_id id, void *buf, size_t len) From patchwork Thu Aug 31 07:24:36 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Claudio Carvalho X-Patchwork-Id: 808094 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xjYpb4SFPz9sNr for ; Thu, 31 Aug 2017 17:26:47 +1000 (AEST) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xjYpb3WQgzDqZf for ; Thu, 31 Aug 2017 17:26:47 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xjYmq3S1szDqXt for ; Thu, 31 Aug 2017 17:25:15 +1000 (AEST) Received: from pps.filterd (m0098404.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7V7OfI1076988 for ; Thu, 31 Aug 2017 03:25:14 -0400 Received: from e11.ny.us.ibm.com (e11.ny.us.ibm.com [129.33.205.201]) by mx0a-001b2d01.pphosted.com with ESMTP id 2cp98rt191-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 31 Aug 2017 03:25:13 -0400 Received: from localhost by e11.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Aug 2017 03:25:12 -0400 Received: from b01cxnp23032.gho.pok.ibm.com (9.57.198.27) by e11.ny.us.ibm.com (146.89.104.198) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 31 Aug 2017 03:25:10 -0400 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp23032.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v7V7PAwh25231364 for ; Thu, 31 Aug 2017 07:25:10 GMT Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id 06FDF11205E for ; Thu, 31 Aug 2017 03:24:56 -0400 (EDT) X-IMSS-HAND-OFF-DIRECTIVE: 127.0.0.1:10026 Received: from legolas.ibm.com (unknown [9.85.193.48]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id EF0F2112047; Thu, 31 Aug 2017 03:24:46 -0400 (EDT) From: Claudio Carvalho To: skiboot@lists.ozlabs.org Date: Thu, 31 Aug 2017 04:24:36 -0300 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> References: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17083107-2213-0000-0000-000002123A04 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007640; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000226; SDB=6.00910098; UDB=6.00456511; IPR=6.00690378; BA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938; XFM=3.00000015; UTC=2017-08-31 07:25:11 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17083107-2214-0000-0000-000057644C6D Message-Id: <1504164285-15095-6-git-send-email-cclaudio@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-31_02:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708310114 Subject: [Skiboot] [PATCH v2 05/14] libstb: rename rom_driver_ops struct to container_verification_code X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" This just gives a better name to the rom_driver_ops structure. Signed-off-by: Claudio Carvalho --- libstb/drivers/romcode.c | 4 ++-- libstb/drivers/sw_driver.c | 4 ++-- libstb/rom.c | 22 +++++++++++----------- libstb/rom.h | 6 +++--- libstb/stb.c | 22 ++++++++++------------ 5 files changed, 28 insertions(+), 30 deletions(-) diff --git a/libstb/drivers/romcode.c b/libstb/drivers/romcode.c index 94bd42c..68f1230 100644 --- a/libstb/drivers/romcode.c +++ b/libstb/drivers/romcode.c @@ -81,7 +81,7 @@ static void romcode_cleanup(void) { hw_key_hash = NULL; } -static struct rom_driver_ops romcode_driver = { +static struct container_verification_code c1vc = { .name = DRIVER_NAME, .verify = romcode_verify, .sha512 = romcode_sha512, @@ -134,5 +134,5 @@ void romcode_probe(const struct dt_node *node) * the ROM code or set the memory region as executable. * skiboot accesses the physical memory directly. Real mode. */ - rom_set_driver(&romcode_driver); + rom_set_driver(&c1vc); } diff --git a/libstb/drivers/sw_driver.c b/libstb/drivers/sw_driver.c index e7f3740..55224a2 100644 --- a/libstb/drivers/sw_driver.c +++ b/libstb/drivers/sw_driver.c @@ -44,7 +44,7 @@ static void stb_software_cleanup(void) return; } -static struct rom_driver_ops sw_driver = { +static struct container_verification_code c1vc = { .name = "software", .verify = stb_software_verify, .sha512 = stb_software_sha512, @@ -72,5 +72,5 @@ void stb_software_probe(const struct dt_node *node) } hw_key_hash = (sha2_hash_t*) dt_prop_get(node, "hw-key-hash"); - rom_set_driver(&sw_driver); + rom_set_driver(&c1vc); } diff --git a/libstb/rom.c b/libstb/rom.c index 5f9abd2..27b65c9 100644 --- a/libstb/rom.c +++ b/libstb/rom.c @@ -19,37 +19,37 @@ #include "drivers/romcode.h" #include "drivers/sw_driver.h" -static struct rom_driver_ops *rom_driver = NULL; +static struct container_verification_code *c1vc = NULL; -struct rom_driver_ops* rom_init(const struct dt_node *node __unused) +struct container_verification_code* rom_init(const struct dt_node *node __unused) { - if (rom_driver) + if (c1vc) goto end; /* ROM drivers supported */ romcode_probe(node); - if (!rom_driver) + if (!c1vc) stb_software_probe(node); - if (!rom_driver) + if (!c1vc) prlog(PR_NOTICE, "ROM: no rom driver found\n"); end: - return rom_driver; + return c1vc; } -void rom_set_driver(struct rom_driver_ops *driver) +void rom_set_driver(struct container_verification_code *driver) { - if (rom_driver) { + if (c1vc) { /** * @fwts-label ROMAlreadyRegistered * @fwts-advice ibm,secureboot already registered. Check if * rom_init called twice or the same driver is probed twice */ prlog(PR_WARNING, "ROM: %s driver already registered\n", - driver->name); + c1vc->name); return; } - rom_driver = driver; - prlog(PR_NOTICE, "ROM: %s driver registered\n", driver->name); + c1vc = driver; + prlog(PR_NOTICE, "ROM: %s driver registered\n", c1vc->name); } diff --git a/libstb/rom.h b/libstb/rom.h index e1a7497..972a19b 100644 --- a/libstb/rom.h +++ b/libstb/rom.h @@ -22,7 +22,7 @@ #include #include "container.h" -struct rom_driver_ops { +struct container_verification_code { const char* name; int (*verify)(void *container); void (*sha512)(const uint8_t *data, size_t len, uint8_t *digest); @@ -33,11 +33,11 @@ struct rom_driver_ops { * Load a compatible driver to access the functions of the * verification code flashed in the secure ROM */ -extern struct rom_driver_ops* rom_init(const struct dt_node *node); +extern struct container_verification_code* rom_init(const struct dt_node *node); /* * Set the rom driver that will be used */ -extern void rom_set_driver(struct rom_driver_ops *driver); +extern void rom_set_driver(struct container_verification_code *driver); #endif /* __ROM_H */ diff --git a/libstb/stb.c b/libstb/stb.c index ed34c6a..eb77038 100644 --- a/libstb/stb.c +++ b/libstb/stb.c @@ -32,7 +32,7 @@ static bool secure_mode = false; static bool trusted_mode = false; -static struct rom_driver_ops *rom_driver = NULL; +static struct container_verification_code *c1vc = NULL; /* * This maps a PCR for each resource we can measure. The PCR number is @@ -124,8 +124,8 @@ void stb_init(void) if (!secure_mode && !trusted_mode) return; - rom_driver = rom_init(ibm_secureboot); - if (secure_mode && !rom_driver) { + c1vc = rom_init(ibm_secureboot); + if (secure_mode && !c1vc) { prlog(PR_EMERG, "STB: compatible romcode driver not found\n"); sb_enforce(); } @@ -167,9 +167,8 @@ int stb_final(void) } tpm_add_status_property(); } - if (rom_driver) { - rom_driver->cleanup(); - rom_driver = NULL; + if (c1vc) { + c1vc = NULL; } tpm_cleanup(); secure_mode = false; @@ -235,9 +234,8 @@ int tb_measure(enum resource_id id, void *buf, size_t len) abort(); } - rom_driver->sha512( - (void*)((uint8_t*)buf + SECURE_BOOT_HEADERS_SIZE), - len - SECURE_BOOT_HEADERS_SIZE, digest); + c1vc->sha512((void*) buf + SECURE_BOOT_HEADERS_SIZE, + len - SECURE_BOOT_HEADERS_SIZE, digest); prlog(PR_INFO, "STB: %s sha512 hash re-calculated\n", name); if (memcmp(digestp, digest, TPM_ALG_SHA256_SIZE) != 0) { @@ -251,7 +249,7 @@ int tb_measure(enum resource_id id, void *buf, size_t len) abort(); } } else { - rom_driver->sha512(buf, len, digest); + c1vc->sha512(buf, len, digest); prlog(PR_INFO, "STB: %s sha512 hash calculated\n", name); } @@ -287,7 +285,7 @@ int sb_verify(enum resource_id id, void *buf, size_t len) "resource_id=%d unknown\n", id); sb_enforce(); } - if (!rom_driver || !rom_driver->verify) { + if (!c1vc || !c1vc->verify) { prlog(PR_EMERG, "STB: secure boot not initialized\n"); sb_enforce(); } @@ -296,7 +294,7 @@ int sb_verify(enum resource_id id, void *buf, size_t len) __func__, id, buf, len); sb_enforce(); } - if (rom_driver->verify(buf)) { + if (c1vc->verify(buf)) { prlog(PR_EMERG, "STB: %s failed: resource %s, " "eyecatcher 0x%016llx\n", __func__, name, *((uint64_t*)buf)); From patchwork Thu Aug 31 07:24:37 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Claudio Carvalho X-Patchwork-Id: 808092 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [103.22.144.68]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xjYp60MFsz9sNr for ; Thu, 31 Aug 2017 17:26:22 +1000 (AEST) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xjYp55Z8vzDqTy for ; Thu, 31 Aug 2017 17:26:21 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xjYmq07tzzDqXl for ; Thu, 31 Aug 2017 17:25:14 +1000 (AEST) Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7V7O1iv084960 for ; Thu, 31 Aug 2017 03:25:13 -0400 Received: from e16.ny.us.ibm.com (e16.ny.us.ibm.com [129.33.205.206]) by mx0a-001b2d01.pphosted.com with ESMTP id 2cpc4g7f3h-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 31 Aug 2017 03:25:12 -0400 Received: from localhost by e16.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Aug 2017 03:25:11 -0400 Received: from b01cxnp22033.gho.pok.ibm.com (9.57.198.23) by e16.ny.us.ibm.com (146.89.104.203) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 31 Aug 2017 03:25:10 -0400 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v7V7PAKM23986290 for ; Thu, 31 Aug 2017 07:25:10 GMT Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id 12EBB112061 for ; Thu, 31 Aug 2017 03:24:56 -0400 (EDT) X-IMSS-HAND-OFF-DIRECTIVE: 127.0.0.1:10026 Received: from legolas.ibm.com (unknown [9.85.193.48]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id DDF6A112051; Thu, 31 Aug 2017 03:24:48 -0400 (EDT) From: Claudio Carvalho To: skiboot@lists.ozlabs.org Date: Thu, 31 Aug 2017 04:24:37 -0300 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> References: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17083107-0024-0000-0000-000002C8374B X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007640; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000226; SDB=6.00910097; UDB=6.00456511; IPR=6.00690378; BA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938; XFM=3.00000015; UTC=2017-08-31 07:25:11 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17083107-0025-0000-0000-00004544BA88 Message-Id: <1504164285-15095-7-git-send-email-cclaudio@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-31_02:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=4 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708310114 Subject: [Skiboot] [PATCH v2 06/14] libstb: rename drivers/romcode.* to cvc/c1vc.* X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" This gives a better name to the driver/romcode.* files and also moves them to a better place. The function names are also renamed accordingly. Romcode provides an API to access the functions provided by the container version 1 verification code (c1vc). Signed-off-by: Claudio Carvalho --- asm/Makefile.inc | 2 +- asm/c1vc_entry.S | 51 ++++++++++++++++ asm/rom_entry.S | 52 ----------------- libstb/Makefile.inc | 3 +- libstb/cvc/Makefile.inc | 11 ++++ libstb/cvc/c1vc.c | 138 ++++++++++++++++++++++++++++++++++++++++++++ libstb/cvc/c1vc.h | 24 ++++++++ libstb/drivers/Makefile.inc | 2 +- libstb/drivers/romcode.c | 138 -------------------------------------------- libstb/drivers/romcode.h | 24 -------- libstb/rom.c | 6 +- 11 files changed, 231 insertions(+), 220 deletions(-) create mode 100644 asm/c1vc_entry.S delete mode 100644 asm/rom_entry.S create mode 100644 libstb/cvc/Makefile.inc create mode 100644 libstb/cvc/c1vc.c create mode 100644 libstb/cvc/c1vc.h delete mode 100644 libstb/drivers/romcode.c delete mode 100644 libstb/drivers/romcode.h diff --git a/asm/Makefile.inc b/asm/Makefile.inc index 2e678fd..6b61c9b 100644 --- a/asm/Makefile.inc +++ b/asm/Makefile.inc @@ -1,7 +1,7 @@ # -*-Makefile-*- SUBDIRS += asm -ASM_OBJS = head.o lock.o misc.o kernel-wrapper.o rom_entry.o +ASM_OBJS = head.o lock.o misc.o kernel-wrapper.o c1vc_entry.o ASM=asm/built-in.o # Add extra dependency to the kernel wrapper diff --git a/asm/c1vc_entry.S b/asm/c1vc_entry.S new file mode 100644 index 0000000..f215415 --- /dev/null +++ b/asm/c1vc_entry.S @@ -0,0 +1,51 @@ +# IBM_PROLOG_BEGIN_TAG +# This is an automatically generated prolog. +# +# $Source: src/usr/secureboot/base/rom_entry.S $ +# +# OpenPOWER HostBoot Project +# +# COPYRIGHT International Business Machines Corp. 2013,2016 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. See the License for the specific language governing +# permissions and limitations under the License. +# +# IBM_PROLOG_END_TAG + +#.include "kernel/ppcconsts.S" + +.section .text + +.global __c1vc_verify +.global __c1vc_sha512 + +__c1vc_verify: +__c1vc_sha512: + + std %r2, 40(%r1) + mflr %r0 + std %r0, 16(%r1) + stdu %r1, -128(%r1) + li %r2, 0 + mtctr %r3 + mr %r3, %r4 + mr %r4, %r5 + mr %r5, %r6 + mr %r6, %r7 + mr %r7, %r8 + bctrl + addi %r1, %r1, 128 + ld %r2, 40(%r1) + ld %r0, 16(%r1) + mtlr %r0 + blr + diff --git a/asm/rom_entry.S b/asm/rom_entry.S deleted file mode 100644 index 26d1b96..0000000 --- a/asm/rom_entry.S +++ /dev/null @@ -1,52 +0,0 @@ -# IBM_PROLOG_BEGIN_TAG -# This is an automatically generated prolog. -# -# $Source: src/usr/secureboot/base/rom_entry.S $ -# -# OpenPOWER HostBoot Project -# -# COPYRIGHT International Business Machines Corp. 2013,2016 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. See the License for the specific language governing -# permissions and limitations under the License. -# -# IBM_PROLOG_END_TAG - -#.include "kernel/ppcconsts.S" - -.section .text - -.global call_rom_verify -.global call_rom_SHA512 - -call_rom_verify: -call_rom_SHA512: - -call_rom_entry: - std %r2, 40(%r1) - mflr %r0 - std %r0, 16(%r1) - stdu %r1, -128(%r1) - li %r2, 0 - mtctr %r3 - mr %r3, %r4 - mr %r4, %r5 - mr %r5, %r6 - mr %r6, %r7 - mr %r7, %r8 - bctrl - addi %r1, %r1, 128 - ld %r2, 40(%r1) - ld %r0, 16(%r1) - mtlr %r0 - blr - diff --git a/libstb/Makefile.inc b/libstb/Makefile.inc index 64be4d6..5389fac 100644 --- a/libstb/Makefile.inc +++ b/libstb/Makefile.inc @@ -8,10 +8,11 @@ LIBSTB_SRCS = container.c rom.c tpm_chip.c stb.c LIBSTB_OBJS = $(LIBSTB_SRCS:%.c=%.o) LIBSTB = $(LIBSTB_DIR)/built-in.o +include $(SRC)/$(LIBSTB_DIR)/cvc/Makefile.inc include $(SRC)/$(LIBSTB_DIR)/drivers/Makefile.inc include $(SRC)/$(LIBSTB_DIR)/tss/Makefile.inc -$(LIBSTB): $(LIBSTB_OBJS:%=$(LIBSTB_DIR)/%) $(DRIVERS) $(TSS) +$(LIBSTB): $(LIBSTB_OBJS:%=$(LIBSTB_DIR)/%) $(DRIVERS) $(TSS) $(CVC) libstb/create-container: libstb/create-container.c $(call Q, HOSTCC ,$(HOSTCC) $(HOSTCFLAGS) \ diff --git a/libstb/cvc/Makefile.inc b/libstb/cvc/Makefile.inc new file mode 100644 index 0000000..8ce86d5 --- /dev/null +++ b/libstb/cvc/Makefile.inc @@ -0,0 +1,11 @@ +# -*-Makefile-*- + +CVC_DIR = libstb/cvc + +SUBDIRS += $(CVC_DIR) + +CVC_SRCS = c1vc.c +CVC_OBJS = $(CVC_SRCS:%.c=%.o) +CVC = $(CVC_DIR)/built-in.o + +$(CVC): $(CVC_OBJS:%=$(CVC_DIR)/%) diff --git a/libstb/cvc/c1vc.c b/libstb/cvc/c1vc.c new file mode 100644 index 0000000..0ac0d8a --- /dev/null +++ b/libstb/cvc/c1vc.c @@ -0,0 +1,138 @@ +/* Copyright 2013-2016 IBM Corp. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include +#include "../status_codes.h" +#include "../rom.h" +#include "c1vc.h" + +#define DRIVER_NAME "c1vc" + +#define SECURE_ROM_MEMORY_SIZE (16 * 1024) +#define SECURE_ROM_XSCOM_ADDRESS 0x02020017 + +/* + * From the source code of the ROM code + */ +#define SECURE_ROM_SHA512_OFFSET 0x20 +#define SECURE_ROM_VERIFY_OFFSET 0x30 + +static const char *compat = "ibm,secureboot-v1"; +static void *securerom_addr = NULL; +static sha2_hash_t *hw_key_hash = NULL; + +/* + * Assembly interfaces to call into ROM code. + * func_ptr is the ROM code function address, followed + * by additional parameters as necessary + */ +ROM_response __c1vc_verify(void *func_ptr, ROM_container_raw *container, + ROM_hw_params *params); +void __c1vc_sha512(void *func_ptr, const uint8_t *data, size_t len, + uint8_t *digest); + +static int c1vc_verify(void *container) +{ + ROM_hw_params hw_params; + ROM_response rc; + + memset(&hw_params, 0, sizeof(ROM_hw_params)); + memcpy(&hw_params.hw_key_hash, hw_key_hash, sizeof(sha2_hash_t)); + rc = __c1vc_verify(securerom_addr + SECURE_ROM_VERIFY_OFFSET, + (ROM_container_raw*) container, &hw_params); + if (rc != ROM_DONE) { + /* + * Verify failed. hw_params.log indicates what checking has + * failed. This will abort the boot process. + */ + prlog(PR_ERR, "ROM: %s failed (rc=%d, hw_params.log=0x%llx)\n", + __func__, rc, be64_to_cpu(hw_params.log)); + return STB_VERIFY_FAILED; + } + return 0; +} + +static void c1vc_sha512(const uint8_t *data, size_t len, uint8_t *digest) +{ + memset(digest, 0, sizeof(sha2_hash_t)); + __c1vc_sha512(securerom_addr + SECURE_ROM_SHA512_OFFSET, + data, len, digest); +} + +static void c1vc_cleanup(void) { + if (securerom_addr) + free(securerom_addr); + hw_key_hash = NULL; +} + +static struct container_verification_code c1vc = { + .name = DRIVER_NAME, + .verify = c1vc_verify, + .sha512 = c1vc_sha512, + .cleanup = c1vc_cleanup, +}; + +void c1vc_probe(const struct dt_node *node) +{ + /* This xscom register has the Secure ROM code base address */ + const uint32_t reg_addr = SECURE_ROM_XSCOM_ADDRESS; + uint64_t reg_data; + struct proc_chip *chip; + const char* hash_algo; + + if (!dt_node_is_compatible(node, compat)) { + prlog(PR_DEBUG, "ROM: %s node is not compatible\n", + node->name); + return; + } + /* + * secureboot-v1 defines containers with sha512 hashes + */ + hash_algo = dt_prop_get(node, "hash-algo"); + if (strcmp(hash_algo, "sha512")) { + /** + * @fwts-label ROMHashAlgorithmInvalid + * @fwts-advice Hostboot creates the ibm,secureboot node and + * the hash-algo property. Check that the ibm,secureboot node + * layout has not changed. + */ + prlog(PR_ERR, "ROM: hash-algo=%s not expected\n", hash_algo); + return; + } + hw_key_hash = (sha2_hash_t*) dt_prop_get(node, "hw-key-hash"); + securerom_addr = malloc(SECURE_ROM_MEMORY_SIZE); + assert(securerom_addr); + /* + * The logic that contains the ROM within the processor is implemented + * in a way that it only responds to CI (cache inhibited) operations. + * Due to performance issues we copy the verification code from the + * secure ROM to RAM and we use memcpy_from_ci to do that. + */ + chip = next_chip(NULL); + xscom_read(chip->id, reg_addr, ®_data); + memcpy_from_ci(securerom_addr, (void*) reg_data, + SECURE_ROM_MEMORY_SIZE); + /* + * Skiboot runs with IR (Instruction Relocation) & + * DR (Data Relocation) off, so there is no need to either MMIO + * the ROM code or set the memory region as executable. + * skiboot accesses the physical memory directly. Real mode. + */ + rom_set_driver(&c1vc); +} diff --git a/libstb/cvc/c1vc.h b/libstb/cvc/c1vc.h new file mode 100644 index 0000000..f0d2a3d --- /dev/null +++ b/libstb/cvc/c1vc.h @@ -0,0 +1,24 @@ +/* Copyright 2013-2016 IBM Corp. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __C1VC_H +#define __C1VC_H + +#include + +extern void c1vc_probe(const struct dt_node *node); + +#endif /* __C1VC_H */ diff --git a/libstb/drivers/Makefile.inc b/libstb/drivers/Makefile.inc index d0f88ea..6425208 100644 --- a/libstb/drivers/Makefile.inc +++ b/libstb/drivers/Makefile.inc @@ -4,7 +4,7 @@ DRIVERS_DIR = libstb/drivers SUBDIRS += $(DRIVERS_DIR) -DRIVERS_SRCS = romcode.c tpm_i2c_interface.c tpm_i2c_nuvoton.c sw_driver.c sha512.c +DRIVERS_SRCS = tpm_i2c_interface.c tpm_i2c_nuvoton.c sw_driver.c sha512.c DRIVERS_OBJS = $(DRIVERS_SRCS:%.c=%.o) DRIVERS = $(DRIVERS_DIR)/built-in.o diff --git a/libstb/drivers/romcode.c b/libstb/drivers/romcode.c deleted file mode 100644 index 68f1230..0000000 --- a/libstb/drivers/romcode.c +++ /dev/null @@ -1,138 +0,0 @@ -/* Copyright 2013-2016 IBM Corp. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - * implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include -#include -#include -#include -#include "../status_codes.h" -#include "../rom.h" -#include "romcode.h" - -#define DRIVER_NAME "romcode" - -#define ROMCODE_MEMORY_SIZE (16 * 1024) -#define ROMCODE_XSCOM_ADDRESS 0x02020017 - -/* - * From the source code of the ROM code - */ -#define ROMCODE_SHA512_OFFSET 0x20 -#define ROMCODE_VERIFY_OFFSET 0x30 - -static const char *compat = "ibm,secureboot-v1"; -static void *romcode_base_addr = NULL; -static sha2_hash_t *hw_key_hash = NULL; - -/* - * Assembly interfaces to call into ROM code. - * func_ptr is the ROM code function address, followed - * by additional parameters as necessary - */ -ROM_response call_rom_verify(void *func_ptr, ROM_container_raw *container, - ROM_hw_params *params); -void call_rom_SHA512(void *func_ptr, const uint8_t *data, size_t len, - uint8_t *digest); - -static int romcode_verify(void *container) -{ - ROM_hw_params hw_params; - ROM_response rc; - - memset(&hw_params, 0, sizeof(ROM_hw_params)); - memcpy(&hw_params.hw_key_hash, hw_key_hash, sizeof(sha2_hash_t)); - rc = call_rom_verify(romcode_base_addr + ROMCODE_VERIFY_OFFSET, - (ROM_container_raw*) container, &hw_params); - if (rc != ROM_DONE) { - /* - * Verify failed. hw_params.log indicates what checking has - * failed. This will abort the boot process. - */ - prlog(PR_ERR, "ROM: %s failed (rc=%d, hw_params.log=0x%llx)\n", - __func__, rc, be64_to_cpu(hw_params.log)); - return STB_VERIFY_FAILED; - } - return 0; -} - -static void romcode_sha512(const uint8_t *data, size_t len, uint8_t *digest) -{ - memset(digest, 0, sizeof(sha2_hash_t)); - call_rom_SHA512(romcode_base_addr + ROMCODE_SHA512_OFFSET, - data, len, digest); -} - -static void romcode_cleanup(void) { - if (romcode_base_addr) - free(romcode_base_addr); - hw_key_hash = NULL; -} - -static struct container_verification_code c1vc = { - .name = DRIVER_NAME, - .verify = romcode_verify, - .sha512 = romcode_sha512, - .cleanup = romcode_cleanup -}; - -void romcode_probe(const struct dt_node *node) -{ - /* This xscom register has the ROM code base address */ - const uint32_t reg_addr = ROMCODE_XSCOM_ADDRESS; - uint64_t reg_data; - struct proc_chip *chip; - const char* hash_algo; - - if (!dt_node_is_compatible(node, compat)) { - prlog(PR_DEBUG, "ROM: %s node is not compatible\n", - node->name); - return; - } - /* - * secureboot-v1 defines containers with sha512 hashes - */ - hash_algo = dt_prop_get(node, "hash-algo"); - if (strcmp(hash_algo, "sha512")) { - /** - * @fwts-label ROMHashAlgorithmInvalid - * @fwts-advice Hostboot creates the ibm,secureboot node and - * the hash-algo property. Check that the ibm,secureboot node - * layout has not changed. - */ - prlog(PR_ERR, "ROM: hash-algo=%s not expected\n", hash_algo); - return; - } - hw_key_hash = (sha2_hash_t*) dt_prop_get(node, "hw-key-hash"); - romcode_base_addr = malloc(ROMCODE_MEMORY_SIZE); - assert(romcode_base_addr); - /* - * The logic that contains the ROM within the processor is implemented - * in a way that it only responds to CI (cache inhibited) operations. - * Due to performance issues we copy the verification code from the - * secure ROM to RAM and we use memcpy_from_ci to do that. - */ - chip = next_chip(NULL); - xscom_read(chip->id, reg_addr, ®_data); - memcpy_from_ci(romcode_base_addr, (void*) reg_data, - ROMCODE_MEMORY_SIZE); - /* - * Skiboot runs with IR (Instruction Relocation) & - * DR (Data Relocation) off, so there is no need to either MMIO - * the ROM code or set the memory region as executable. - * skiboot accesses the physical memory directly. Real mode. - */ - rom_set_driver(&c1vc); -} diff --git a/libstb/drivers/romcode.h b/libstb/drivers/romcode.h deleted file mode 100644 index 4152eae..0000000 --- a/libstb/drivers/romcode.h +++ /dev/null @@ -1,24 +0,0 @@ -/* Copyright 2013-2016 IBM Corp. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - * implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __ROMCODE_H -#define __ROMCODE_H - -#include - -extern void romcode_probe(const struct dt_node *node); - -#endif /* __ROMCODE_H */ diff --git a/libstb/rom.c b/libstb/rom.c index 27b65c9..9054420 100644 --- a/libstb/rom.c +++ b/libstb/rom.c @@ -16,7 +16,7 @@ #include #include "rom.h" -#include "drivers/romcode.h" +#include "cvc/c1vc.h" #include "drivers/sw_driver.h" static struct container_verification_code *c1vc = NULL; @@ -26,8 +26,8 @@ struct container_verification_code* rom_init(const struct dt_node *node __unused if (c1vc) goto end; - /* ROM drivers supported */ - romcode_probe(node); + /* CVC drivers supported */ + c1vc_probe(node); if (!c1vc) stb_software_probe(node); From patchwork Thu Aug 31 07:24:38 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Claudio Carvalho X-Patchwork-Id: 808096 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xjYq10sryz9sNc for ; Thu, 31 Aug 2017 17:27:09 +1000 (AEST) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xjYq0738NzDqXw for ; Thu, 31 Aug 2017 17:27:08 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xjYms1rxMzDqTy for ; Thu, 31 Aug 2017 17:25:17 +1000 (AEST) Received: from pps.filterd (m0098420.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7V7NhEj086360 for ; Thu, 31 Aug 2017 03:25:13 -0400 Received: from e18.ny.us.ibm.com (e18.ny.us.ibm.com [129.33.205.208]) by mx0b-001b2d01.pphosted.com with ESMTP id 2cpdd69shy-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 31 Aug 2017 03:25:13 -0400 Received: from localhost by e18.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Aug 2017 03:25:13 -0400 Received: from b01cxnp22033.gho.pok.ibm.com (9.57.198.23) by e18.ny.us.ibm.com (146.89.104.205) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 31 Aug 2017 03:25:10 -0400 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v7V7PAKO23986290 for ; Thu, 31 Aug 2017 07:25:10 GMT Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id 286F6112051 for ; Thu, 31 Aug 2017 03:24:56 -0400 (EDT) X-IMSS-HAND-OFF-DIRECTIVE: 127.0.0.1:10026 Received: from legolas.ibm.com (unknown [9.85.193.48]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id 0A27D112054; Thu, 31 Aug 2017 03:24:50 -0400 (EDT) From: Claudio Carvalho To: skiboot@lists.ozlabs.org Date: Thu, 31 Aug 2017 04:24:38 -0300 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> References: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17083107-0044-0000-0000-00000385D468 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007640; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000226; SDB=6.00910098; UDB=6.00456511; IPR=6.00690378; BA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938; XFM=3.00000015; UTC=2017-08-31 07:25:12 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17083107-0045-0000-0000-000007B3ED74 Message-Id: <1504164285-15095-8-git-send-email-cclaudio@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-31_02:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=4 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708310114 Subject: [Skiboot] [PATCH v2 07/14] libstb: rename drivers/sw_driver.* to cvc/c1vc_mbedtls.* X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" This gives a better name to the drivers/sw_driver.* files and also moves them to a better place. The function names are also renamed accordingly. sw_driver emulates the container version 1 verification code so that we can run tests using mambo. In summary, the function to verify containers is not emulated, but the sha512 function is emulated using the sha512 code provided by the mbedtls project. Signed-off-by: Claudio Carvalho --- libstb/cvc/Makefile.inc | 2 +- libstb/cvc/c1vc_mbedtls.c | 76 +++++++++++++++++++++++++++++++++++++++++++++ libstb/cvc/c1vc_mbedtls.h | 24 ++++++++++++++ libstb/drivers/Makefile.inc | 2 +- libstb/drivers/sw_driver.c | 76 --------------------------------------------- libstb/drivers/sw_driver.h | 24 -------------- libstb/rom.c | 4 +-- 7 files changed, 104 insertions(+), 104 deletions(-) create mode 100644 libstb/cvc/c1vc_mbedtls.c create mode 100644 libstb/cvc/c1vc_mbedtls.h delete mode 100644 libstb/drivers/sw_driver.c delete mode 100644 libstb/drivers/sw_driver.h diff --git a/libstb/cvc/Makefile.inc b/libstb/cvc/Makefile.inc index 8ce86d5..ab3419e 100644 --- a/libstb/cvc/Makefile.inc +++ b/libstb/cvc/Makefile.inc @@ -4,7 +4,7 @@ CVC_DIR = libstb/cvc SUBDIRS += $(CVC_DIR) -CVC_SRCS = c1vc.c +CVC_SRCS = c1vc.c c1vc_mbedtls.c CVC_OBJS = $(CVC_SRCS:%.c=%.o) CVC = $(CVC_DIR)/built-in.o diff --git a/libstb/cvc/c1vc_mbedtls.c b/libstb/cvc/c1vc_mbedtls.c new file mode 100644 index 0000000..8a7c404 --- /dev/null +++ b/libstb/cvc/c1vc_mbedtls.c @@ -0,0 +1,76 @@ +/* Copyright 2013-2016 IBM Corp. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include "../rom.h" +#include "sha512.h" +#include "c1vc_mbedtls.h" + +static sha2_hash_t *hw_key_hash = NULL; + +static int c1vc_mbedtls_verify(void *container __unused) +{ + return -100; +} + +static void c1vc_mbedtls_sha512(const uint8_t *data, size_t len, uint8_t *digest) +{ + mbedtls_sha512_context ctx; + mbedtls_sha512_init(&ctx); + memset(digest, 0, sizeof(sha2_hash_t)); + mbedtls_sha512_starts(&ctx, 0); // SHA512 = 0 + mbedtls_sha512_update(&ctx, data, len); + mbedtls_sha512_finish(&ctx, digest); + mbedtls_sha512_free(&ctx); +} + +static void c1vc_mbedtls_cleanup(void) +{ + return; +} + +static struct container_verification_code c1vc = { + .name = "software", + .verify = c1vc_mbedtls_verify, + .sha512 = c1vc_mbedtls_sha512, + .cleanup = c1vc_mbedtls_cleanup +}; + +void c1vc_mbedtls_probe(const struct dt_node *node) +{ + const char* hash_algo; + + if (!dt_node_is_compatible(node, "ibm,secureboot-v1-softrom")) { + return; + } + + hash_algo = dt_prop_get(node, "hash-algo"); + if (strcmp(hash_algo, "sha512")) { + /** + * @fwts-label ROMHashAlgorithmInvalid + * @fwts-advice Hostboot creates the ibm,secureboot node and + * the hash-algo property. Check that the ibm,secureboot node + * layout has not changed. + */ + prlog(PR_ERR, "ROM: hash-algo=%s not expected\n", hash_algo); + return; + } + hw_key_hash = (sha2_hash_t*) dt_prop_get(node, "hw-key-hash"); + + rom_set_driver(&c1vc); +} diff --git a/libstb/cvc/c1vc_mbedtls.h b/libstb/cvc/c1vc_mbedtls.h new file mode 100644 index 0000000..9027138 --- /dev/null +++ b/libstb/cvc/c1vc_mbedtls.h @@ -0,0 +1,24 @@ +/* Copyright 2013-2016 IBM Corp. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __C1VC_MBEDTLS_H +#define __C1VC_MBEDTLS_H + +#include + +extern void c1vc_mbedtls_probe(const struct dt_node *node); + +#endif /* __C1VC_MBEDTLS_H */ diff --git a/libstb/drivers/Makefile.inc b/libstb/drivers/Makefile.inc index 6425208..4ea867f 100644 --- a/libstb/drivers/Makefile.inc +++ b/libstb/drivers/Makefile.inc @@ -4,7 +4,7 @@ DRIVERS_DIR = libstb/drivers SUBDIRS += $(DRIVERS_DIR) -DRIVERS_SRCS = tpm_i2c_interface.c tpm_i2c_nuvoton.c sw_driver.c sha512.c +DRIVERS_SRCS = tpm_i2c_interface.c tpm_i2c_nuvoton.c sha512.c DRIVERS_OBJS = $(DRIVERS_SRCS:%.c=%.o) DRIVERS = $(DRIVERS_DIR)/built-in.o diff --git a/libstb/drivers/sw_driver.c b/libstb/drivers/sw_driver.c deleted file mode 100644 index 55224a2..0000000 --- a/libstb/drivers/sw_driver.c +++ /dev/null @@ -1,76 +0,0 @@ -/* Copyright 2013-2016 IBM Corp. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - * implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include -#include -#include -#include "../rom.h" -#include "sha512.h" -#include "sw_driver.h" - -static sha2_hash_t *hw_key_hash = NULL; - -static int stb_software_verify(void *container __unused) -{ - return -100; -} - -static void stb_software_sha512(const uint8_t *data, size_t len, uint8_t *digest) -{ - mbedtls_sha512_context ctx; - mbedtls_sha512_init(&ctx); - memset(digest, 0, sizeof(sha2_hash_t)); - mbedtls_sha512_starts(&ctx, 0); // SHA512 = 0 - mbedtls_sha512_update(&ctx, data, len); - mbedtls_sha512_finish(&ctx, digest); - mbedtls_sha512_free(&ctx); -} - -static void stb_software_cleanup(void) -{ - return; -} - -static struct container_verification_code c1vc = { - .name = "software", - .verify = stb_software_verify, - .sha512 = stb_software_sha512, - .cleanup = stb_software_cleanup -}; - -void stb_software_probe(const struct dt_node *node) -{ - const char* hash_algo; - - if (!dt_node_is_compatible(node, "ibm,secureboot-v1-softrom")) { - return; - } - - hash_algo = dt_prop_get(node, "hash-algo"); - if (strcmp(hash_algo, "sha512")) { - /** - * @fwts-label ROMHashAlgorithmInvalid - * @fwts-advice Hostboot creates the ibm,secureboot node and - * the hash-algo property. Check that the ibm,secureboot node - * layout has not changed. - */ - prlog(PR_ERR, "ROM: hash-algo=%s not expected\n", hash_algo); - return; - } - hw_key_hash = (sha2_hash_t*) dt_prop_get(node, "hw-key-hash"); - - rom_set_driver(&c1vc); -} diff --git a/libstb/drivers/sw_driver.h b/libstb/drivers/sw_driver.h deleted file mode 100644 index 73adabf..0000000 --- a/libstb/drivers/sw_driver.h +++ /dev/null @@ -1,24 +0,0 @@ -/* Copyright 2013-2016 IBM Corp. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - * implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __SW_DRIVER_H -#define __SW_DRIVER_H - -#include - -extern void stb_software_probe(const struct dt_node *node); - -#endif /* __ROMCODE_H */ diff --git a/libstb/rom.c b/libstb/rom.c index 9054420..04ab364 100644 --- a/libstb/rom.c +++ b/libstb/rom.c @@ -17,7 +17,7 @@ #include #include "rom.h" #include "cvc/c1vc.h" -#include "drivers/sw_driver.h" +#include "cvc/c1vc_mbedtls.h" static struct container_verification_code *c1vc = NULL; @@ -30,7 +30,7 @@ struct container_verification_code* rom_init(const struct dt_node *node __unused c1vc_probe(node); if (!c1vc) - stb_software_probe(node); + c1vc_mbedtls_probe(node); if (!c1vc) prlog(PR_NOTICE, "ROM: no rom driver found\n"); From patchwork Thu Aug 31 07:24:39 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Claudio Carvalho X-Patchwork-Id: 808097 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xjYqN4KG8z9sNc for ; Thu, 31 Aug 2017 17:27:28 +1000 (AEST) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xjYqN2nNCzDqgB for ; Thu, 31 Aug 2017 17:27:28 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xjYmt1dwgzDqT0 for ; Thu, 31 Aug 2017 17:25:17 +1000 (AEST) Received: from pps.filterd (m0098420.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7V7Nh23086326 for ; Thu, 31 Aug 2017 03:25:12 -0400 Received: from e18.ny.us.ibm.com (e18.ny.us.ibm.com [129.33.205.208]) by mx0b-001b2d01.pphosted.com with ESMTP id 2cpdd69sh6-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 31 Aug 2017 03:25:12 -0400 Received: from localhost by e18.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Aug 2017 03:25:11 -0400 Received: from b01cxnp22036.gho.pok.ibm.com (9.57.198.26) by e18.ny.us.ibm.com (146.89.104.205) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 31 Aug 2017 03:25:10 -0400 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp22036.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v7V7PAlj30670898 for ; Thu, 31 Aug 2017 07:25:10 GMT Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id F057F112051 for ; Thu, 31 Aug 2017 03:24:55 -0400 (EDT) X-IMSS-HAND-OFF-DIRECTIVE: 127.0.0.1:10026 Received: from legolas.ibm.com (unknown [9.85.193.48]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id EAF6F112034; Thu, 31 Aug 2017 03:24:52 -0400 (EDT) From: Claudio Carvalho To: skiboot@lists.ozlabs.org Date: Thu, 31 Aug 2017 04:24:39 -0300 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> References: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17083107-0044-0000-0000-00000385D466 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007640; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000226; SDB=6.00910098; UDB=6.00456511; IPR=6.00690378; BA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938; XFM=3.00000015; UTC=2017-08-31 07:25:11 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17083107-0045-0000-0000-000007B3ED73 Message-Id: <1504164285-15095-9-git-send-email-cclaudio@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-31_02:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=3 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708310114 Subject: [Skiboot] [PATCH v2 08/14] libstb: move drivers/sha512.* to mbedtls/sha512.* X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" This gives a better name to the drivers/sha512.* files and moves them to a better place. The sha512.* files were imported from the mbedtls project. If we want to import any other file from mbedtls for a purpose that is not necessarily CVC emulation, it would be easy to add the new file to the mbedtls directory. Signed-off-by: Claudio Carvalho --- libstb/Makefile.inc | 3 +- libstb/cvc/c1vc_mbedtls.c | 2 +- libstb/drivers/Makefile.inc | 2 +- libstb/drivers/sha512.c | 480 -------------------------------------------- libstb/drivers/sha512.h | 141 ------------- libstb/mbedtls/Makefile.inc | 11 + libstb/mbedtls/sha512.c | 480 ++++++++++++++++++++++++++++++++++++++++++++ libstb/mbedtls/sha512.h | 141 +++++++++++++ 8 files changed, 636 insertions(+), 624 deletions(-) delete mode 100644 libstb/drivers/sha512.c delete mode 100644 libstb/drivers/sha512.h create mode 100644 libstb/mbedtls/Makefile.inc create mode 100644 libstb/mbedtls/sha512.c create mode 100644 libstb/mbedtls/sha512.h diff --git a/libstb/Makefile.inc b/libstb/Makefile.inc index 5389fac..8a78fb6 100644 --- a/libstb/Makefile.inc +++ b/libstb/Makefile.inc @@ -9,10 +9,11 @@ LIBSTB_OBJS = $(LIBSTB_SRCS:%.c=%.o) LIBSTB = $(LIBSTB_DIR)/built-in.o include $(SRC)/$(LIBSTB_DIR)/cvc/Makefile.inc +include $(SRC)/$(LIBSTB_DIR)/mbedtls/Makefile.inc include $(SRC)/$(LIBSTB_DIR)/drivers/Makefile.inc include $(SRC)/$(LIBSTB_DIR)/tss/Makefile.inc -$(LIBSTB): $(LIBSTB_OBJS:%=$(LIBSTB_DIR)/%) $(DRIVERS) $(TSS) $(CVC) +$(LIBSTB): $(LIBSTB_OBJS:%=$(LIBSTB_DIR)/%) $(DRIVERS) $(TSS) $(CVC) $(MBEDTLS) libstb/create-container: libstb/create-container.c $(call Q, HOSTCC ,$(HOSTCC) $(HOSTCFLAGS) \ diff --git a/libstb/cvc/c1vc_mbedtls.c b/libstb/cvc/c1vc_mbedtls.c index 8a7c404..4cf8e13 100644 --- a/libstb/cvc/c1vc_mbedtls.c +++ b/libstb/cvc/c1vc_mbedtls.c @@ -18,7 +18,7 @@ #include #include #include "../rom.h" -#include "sha512.h" +#include "../mbedtls/sha512.h" #include "c1vc_mbedtls.h" static sha2_hash_t *hw_key_hash = NULL; diff --git a/libstb/drivers/Makefile.inc b/libstb/drivers/Makefile.inc index 4ea867f..3b8ed0f 100644 --- a/libstb/drivers/Makefile.inc +++ b/libstb/drivers/Makefile.inc @@ -4,7 +4,7 @@ DRIVERS_DIR = libstb/drivers SUBDIRS += $(DRIVERS_DIR) -DRIVERS_SRCS = tpm_i2c_interface.c tpm_i2c_nuvoton.c sha512.c +DRIVERS_SRCS = tpm_i2c_interface.c tpm_i2c_nuvoton.c DRIVERS_OBJS = $(DRIVERS_SRCS:%.c=%.o) DRIVERS = $(DRIVERS_DIR)/built-in.o diff --git a/libstb/drivers/sha512.c b/libstb/drivers/sha512.c deleted file mode 100644 index a133795..0000000 --- a/libstb/drivers/sha512.c +++ /dev/null @@ -1,480 +0,0 @@ -/* - * FIPS-180-2 compliant SHA-384/512 implementation - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -/* - * The SHA-512 Secure Hash Standard was published by NIST in 2002. - * - * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf - */ - -#include "sha512.h" - -#define UL64(x) x - -#include -#include -#define mbedtls_printf printf - -#if !defined(MBEDTLS_SHA512_ALT) - -/* Implementation that should never be optimized out by the compiler */ -static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; -} - -/* - * 64-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT64_BE -#define GET_UINT64_BE(n,b,i) \ -{ \ - (n) = ( (uint64_t) (b)[(i) ] << 56 ) \ - | ( (uint64_t) (b)[(i) + 1] << 48 ) \ - | ( (uint64_t) (b)[(i) + 2] << 40 ) \ - | ( (uint64_t) (b)[(i) + 3] << 32 ) \ - | ( (uint64_t) (b)[(i) + 4] << 24 ) \ - | ( (uint64_t) (b)[(i) + 5] << 16 ) \ - | ( (uint64_t) (b)[(i) + 6] << 8 ) \ - | ( (uint64_t) (b)[(i) + 7] ); \ -} -#endif /* GET_UINT64_BE */ - -#ifndef PUT_UINT64_BE -#define PUT_UINT64_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 56 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 48 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 40 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) >> 32 ); \ - (b)[(i) + 4] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 5] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 6] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 7] = (unsigned char) ( (n) ); \ -} -#endif /* PUT_UINT64_BE */ - -void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) -{ - memset( ctx, 0, sizeof( mbedtls_sha512_context ) ); -} - -void mbedtls_sha512_free( mbedtls_sha512_context *ctx ) -{ - if( ctx == NULL ) - return; - - mbedtls_zeroize( ctx, sizeof( mbedtls_sha512_context ) ); -} - -void mbedtls_sha512_clone( mbedtls_sha512_context *dst, - const mbedtls_sha512_context *src ) -{ - *dst = *src; -} - -/* - * SHA-512 context setup - */ -void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ) -{ - ctx->total[0] = 0; - ctx->total[1] = 0; - - if( is384 == 0 ) - { - /* SHA-512 */ - ctx->state[0] = UL64(0x6A09E667F3BCC908); - ctx->state[1] = UL64(0xBB67AE8584CAA73B); - ctx->state[2] = UL64(0x3C6EF372FE94F82B); - ctx->state[3] = UL64(0xA54FF53A5F1D36F1); - ctx->state[4] = UL64(0x510E527FADE682D1); - ctx->state[5] = UL64(0x9B05688C2B3E6C1F); - ctx->state[6] = UL64(0x1F83D9ABFB41BD6B); - ctx->state[7] = UL64(0x5BE0CD19137E2179); - } - else - { - /* SHA-384 */ - ctx->state[0] = UL64(0xCBBB9D5DC1059ED8); - ctx->state[1] = UL64(0x629A292A367CD507); - ctx->state[2] = UL64(0x9159015A3070DD17); - ctx->state[3] = UL64(0x152FECD8F70E5939); - ctx->state[4] = UL64(0x67332667FFC00B31); - ctx->state[5] = UL64(0x8EB44A8768581511); - ctx->state[6] = UL64(0xDB0C2E0D64F98FA7); - ctx->state[7] = UL64(0x47B5481DBEFA4FA4); - } - - ctx->is384 = is384; -} - -#if !defined(MBEDTLS_SHA512_PROCESS_ALT) - -/* - * Round constants - */ -static const uint64_t K[80] = -{ - UL64(0x428A2F98D728AE22), UL64(0x7137449123EF65CD), - UL64(0xB5C0FBCFEC4D3B2F), UL64(0xE9B5DBA58189DBBC), - UL64(0x3956C25BF348B538), UL64(0x59F111F1B605D019), - UL64(0x923F82A4AF194F9B), UL64(0xAB1C5ED5DA6D8118), - UL64(0xD807AA98A3030242), UL64(0x12835B0145706FBE), - UL64(0x243185BE4EE4B28C), UL64(0x550C7DC3D5FFB4E2), - UL64(0x72BE5D74F27B896F), UL64(0x80DEB1FE3B1696B1), - UL64(0x9BDC06A725C71235), UL64(0xC19BF174CF692694), - UL64(0xE49B69C19EF14AD2), UL64(0xEFBE4786384F25E3), - UL64(0x0FC19DC68B8CD5B5), UL64(0x240CA1CC77AC9C65), - UL64(0x2DE92C6F592B0275), UL64(0x4A7484AA6EA6E483), - UL64(0x5CB0A9DCBD41FBD4), UL64(0x76F988DA831153B5), - UL64(0x983E5152EE66DFAB), UL64(0xA831C66D2DB43210), - UL64(0xB00327C898FB213F), UL64(0xBF597FC7BEEF0EE4), - UL64(0xC6E00BF33DA88FC2), UL64(0xD5A79147930AA725), - UL64(0x06CA6351E003826F), UL64(0x142929670A0E6E70), - UL64(0x27B70A8546D22FFC), UL64(0x2E1B21385C26C926), - UL64(0x4D2C6DFC5AC42AED), UL64(0x53380D139D95B3DF), - UL64(0x650A73548BAF63DE), UL64(0x766A0ABB3C77B2A8), - UL64(0x81C2C92E47EDAEE6), UL64(0x92722C851482353B), - UL64(0xA2BFE8A14CF10364), UL64(0xA81A664BBC423001), - UL64(0xC24B8B70D0F89791), UL64(0xC76C51A30654BE30), - UL64(0xD192E819D6EF5218), UL64(0xD69906245565A910), - UL64(0xF40E35855771202A), UL64(0x106AA07032BBD1B8), - UL64(0x19A4C116B8D2D0C8), UL64(0x1E376C085141AB53), - UL64(0x2748774CDF8EEB99), UL64(0x34B0BCB5E19B48A8), - UL64(0x391C0CB3C5C95A63), UL64(0x4ED8AA4AE3418ACB), - UL64(0x5B9CCA4F7763E373), UL64(0x682E6FF3D6B2B8A3), - UL64(0x748F82EE5DEFB2FC), UL64(0x78A5636F43172F60), - UL64(0x84C87814A1F0AB72), UL64(0x8CC702081A6439EC), - UL64(0x90BEFFFA23631E28), UL64(0xA4506CEBDE82BDE9), - UL64(0xBEF9A3F7B2C67915), UL64(0xC67178F2E372532B), - UL64(0xCA273ECEEA26619C), UL64(0xD186B8C721C0C207), - UL64(0xEADA7DD6CDE0EB1E), UL64(0xF57D4F7FEE6ED178), - UL64(0x06F067AA72176FBA), UL64(0x0A637DC5A2C898A6), - UL64(0x113F9804BEF90DAE), UL64(0x1B710B35131C471B), - UL64(0x28DB77F523047D84), UL64(0x32CAAB7B40C72493), - UL64(0x3C9EBE0A15C9BEBC), UL64(0x431D67C49C100D4C), - UL64(0x4CC5D4BECB3E42B6), UL64(0x597F299CFC657E2A), - UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817) -}; - -void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] ) -{ - int i; - uint64_t temp1, temp2, W[80]; - uint64_t A, B, C, D, E, F, G, H; - -#define SHR(x,n) (x >> n) -#define ROTR(x,n) (SHR(x,n) | (x << (64 - n))) - -#define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x, 7)) -#define S1(x) (ROTR(x,19) ^ ROTR(x,61) ^ SHR(x, 6)) - -#define S2(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39)) -#define S3(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41)) - -#define F0(x,y,z) ((x & y) | (z & (x | y))) -#define F1(x,y,z) (z ^ (x & (y ^ z))) - -#define P(a,b,c,d,e,f,g,h,x,K) \ -{ \ - temp1 = h + S3(e) + F1(e,f,g) + K + x; \ - temp2 = S2(a) + F0(a,b,c); \ - d += temp1; h = temp1 + temp2; \ -} - - for( i = 0; i < 16; i++ ) - { - GET_UINT64_BE( W[i], data, i << 3 ); - } - - for( ; i < 80; i++ ) - { - W[i] = S1(W[i - 2]) + W[i - 7] + - S0(W[i - 15]) + W[i - 16]; - } - - A = ctx->state[0]; - B = ctx->state[1]; - C = ctx->state[2]; - D = ctx->state[3]; - E = ctx->state[4]; - F = ctx->state[5]; - G = ctx->state[6]; - H = ctx->state[7]; - i = 0; - - do - { - P( A, B, C, D, E, F, G, H, W[i], K[i] ); i++; - P( H, A, B, C, D, E, F, G, W[i], K[i] ); i++; - P( G, H, A, B, C, D, E, F, W[i], K[i] ); i++; - P( F, G, H, A, B, C, D, E, W[i], K[i] ); i++; - P( E, F, G, H, A, B, C, D, W[i], K[i] ); i++; - P( D, E, F, G, H, A, B, C, W[i], K[i] ); i++; - P( C, D, E, F, G, H, A, B, W[i], K[i] ); i++; - P( B, C, D, E, F, G, H, A, W[i], K[i] ); i++; - } - while( i < 80 ); - - ctx->state[0] += A; - ctx->state[1] += B; - ctx->state[2] += C; - ctx->state[3] += D; - ctx->state[4] += E; - ctx->state[5] += F; - ctx->state[6] += G; - ctx->state[7] += H; -} -#endif /* !MBEDTLS_SHA512_PROCESS_ALT */ - -/* - * SHA-512 process buffer - */ -void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input, - size_t ilen ) -{ - size_t fill; - unsigned int left; - - if( ilen == 0 ) - return; - - left = (unsigned int) (ctx->total[0] & 0x7F); - fill = 128 - left; - - ctx->total[0] += (uint64_t) ilen; - - if( ctx->total[0] < (uint64_t) ilen ) - ctx->total[1]++; - - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), input, fill ); - mbedtls_sha512_process( ctx, ctx->buffer ); - input += fill; - ilen -= fill; - left = 0; - } - - while( ilen >= 128 ) - { - mbedtls_sha512_process( ctx, input ); - input += 128; - ilen -= 128; - } - - if( ilen > 0 ) - memcpy( (void *) (ctx->buffer + left), input, ilen ); -} - -static const unsigned char sha512_padding[128] = -{ - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 -}; - -/* - * SHA-512 final digest - */ -void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64] ) -{ - size_t last, padn; - uint64_t high, low; - unsigned char msglen[16]; - - high = ( ctx->total[0] >> 61 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); - - PUT_UINT64_BE( high, msglen, 0 ); - PUT_UINT64_BE( low, msglen, 8 ); - - last = (size_t)( ctx->total[0] & 0x7F ); - padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last ); - - mbedtls_sha512_update( ctx, sha512_padding, padn ); - mbedtls_sha512_update( ctx, msglen, 16 ); - - PUT_UINT64_BE( ctx->state[0], output, 0 ); - PUT_UINT64_BE( ctx->state[1], output, 8 ); - PUT_UINT64_BE( ctx->state[2], output, 16 ); - PUT_UINT64_BE( ctx->state[3], output, 24 ); - PUT_UINT64_BE( ctx->state[4], output, 32 ); - PUT_UINT64_BE( ctx->state[5], output, 40 ); - - if( ctx->is384 == 0 ) - { - PUT_UINT64_BE( ctx->state[6], output, 48 ); - PUT_UINT64_BE( ctx->state[7], output, 56 ); - } -} - -#endif /* !MBEDTLS_SHA512_ALT */ - -/* - * output = SHA-512( input buffer ) - */ -void mbedtls_sha512( const unsigned char *input, size_t ilen, - unsigned char output[64], int is384 ) -{ - mbedtls_sha512_context ctx; - - mbedtls_sha512_init( &ctx ); - mbedtls_sha512_starts( &ctx, is384 ); - mbedtls_sha512_update( &ctx, input, ilen ); - mbedtls_sha512_finish( &ctx, output ); - mbedtls_sha512_free( &ctx ); -} - -#if defined(MBEDTLS_SELF_TEST) - -/* - * FIPS-180-2 test vectors - */ -static const unsigned char sha512_test_buf[3][113] = -{ - { "abc" }, - { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn" - "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" }, - { "" } -}; - -static const int sha512_test_buflen[3] = -{ - 3, 112, 1000 -}; - -static const unsigned char sha512_test_sum[6][64] = -{ - /* - * SHA-384 test vectors - */ - { 0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B, - 0xB5, 0xA0, 0x3D, 0x69, 0x9A, 0xC6, 0x50, 0x07, - 0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63, - 0x1A, 0x8B, 0x60, 0x5A, 0x43, 0xFF, 0x5B, 0xED, - 0x80, 0x86, 0x07, 0x2B, 0xA1, 0xE7, 0xCC, 0x23, - 0x58, 0xBA, 0xEC, 0xA1, 0x34, 0xC8, 0x25, 0xA7 }, - { 0x09, 0x33, 0x0C, 0x33, 0xF7, 0x11, 0x47, 0xE8, - 0x3D, 0x19, 0x2F, 0xC7, 0x82, 0xCD, 0x1B, 0x47, - 0x53, 0x11, 0x1B, 0x17, 0x3B, 0x3B, 0x05, 0xD2, - 0x2F, 0xA0, 0x80, 0x86, 0xE3, 0xB0, 0xF7, 0x12, - 0xFC, 0xC7, 0xC7, 0x1A, 0x55, 0x7E, 0x2D, 0xB9, - 0x66, 0xC3, 0xE9, 0xFA, 0x91, 0x74, 0x60, 0x39 }, - { 0x9D, 0x0E, 0x18, 0x09, 0x71, 0x64, 0x74, 0xCB, - 0x08, 0x6E, 0x83, 0x4E, 0x31, 0x0A, 0x4A, 0x1C, - 0xED, 0x14, 0x9E, 0x9C, 0x00, 0xF2, 0x48, 0x52, - 0x79, 0x72, 0xCE, 0xC5, 0x70, 0x4C, 0x2A, 0x5B, - 0x07, 0xB8, 0xB3, 0xDC, 0x38, 0xEC, 0xC4, 0xEB, - 0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 }, - - /* - * SHA-512 test vectors - */ - { 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, - 0xCC, 0x41, 0x73, 0x49, 0xAE, 0x20, 0x41, 0x31, - 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2, - 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, - 0x21, 0x92, 0x99, 0x2A, 0x27, 0x4F, 0xC1, 0xA8, - 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD, - 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, - 0x2A, 0x9A, 0xC9, 0x4F, 0xA5, 0x4C, 0xA4, 0x9F }, - { 0x8E, 0x95, 0x9B, 0x75, 0xDA, 0xE3, 0x13, 0xDA, - 0x8C, 0xF4, 0xF7, 0x28, 0x14, 0xFC, 0x14, 0x3F, - 0x8F, 0x77, 0x79, 0xC6, 0xEB, 0x9F, 0x7F, 0xA1, - 0x72, 0x99, 0xAE, 0xAD, 0xB6, 0x88, 0x90, 0x18, - 0x50, 0x1D, 0x28, 0x9E, 0x49, 0x00, 0xF7, 0xE4, - 0x33, 0x1B, 0x99, 0xDE, 0xC4, 0xB5, 0x43, 0x3A, - 0xC7, 0xD3, 0x29, 0xEE, 0xB6, 0xDD, 0x26, 0x54, - 0x5E, 0x96, 0xE5, 0x5B, 0x87, 0x4B, 0xE9, 0x09 }, - { 0xE7, 0x18, 0x48, 0x3D, 0x0C, 0xE7, 0x69, 0x64, - 0x4E, 0x2E, 0x42, 0xC7, 0xBC, 0x15, 0xB4, 0x63, - 0x8E, 0x1F, 0x98, 0xB1, 0x3B, 0x20, 0x44, 0x28, - 0x56, 0x32, 0xA8, 0x03, 0xAF, 0xA9, 0x73, 0xEB, - 0xDE, 0x0F, 0xF2, 0x44, 0x87, 0x7E, 0xA6, 0x0A, - 0x4C, 0xB0, 0x43, 0x2C, 0xE5, 0x77, 0xC3, 0x1B, - 0xEB, 0x00, 0x9C, 0x5C, 0x2C, 0x49, 0xAA, 0x2E, - 0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B } -}; - -/* - * Checkup routine - */ -int mbedtls_sha512_self_test( int verbose ) -{ - int i, j, k, buflen, ret = 0; - unsigned char buf[1024]; - unsigned char sha512sum[64]; - mbedtls_sha512_context ctx; - - mbedtls_sha512_init( &ctx ); - - for( i = 0; i < 6; i++ ) - { - j = i % 3; - k = i < 3; - - if( verbose != 0 ) - mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 ); - - mbedtls_sha512_starts( &ctx, k ); - - if( j == 2 ) - { - memset( buf, 'a', buflen = 1000 ); - - for( j = 0; j < 1000; j++ ) - mbedtls_sha512_update( &ctx, buf, buflen ); - } - else - mbedtls_sha512_update( &ctx, sha512_test_buf[j], - sha512_test_buflen[j] ); - - mbedtls_sha512_finish( &ctx, sha512sum ); - - if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - - ret = 1; - goto exit; - } - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - } - - if( verbose != 0 ) - mbedtls_printf( "\n" ); - -exit: - mbedtls_sha512_free( &ctx ); - - return( ret ); -} - -#endif /* MBEDTLS_SELF_TEST */ diff --git a/libstb/drivers/sha512.h b/libstb/drivers/sha512.h deleted file mode 100644 index 627694f..0000000 --- a/libstb/drivers/sha512.h +++ /dev/null @@ -1,141 +0,0 @@ -/** - * \file sha512.h - * - * \brief SHA-384 and SHA-512 cryptographic hash function - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ -#ifndef MBEDTLS_SHA512_H -#define MBEDTLS_SHA512_H - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include -#include - -#if !defined(MBEDTLS_SHA512_ALT) -// Regular implementation -// - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief SHA-512 context structure - */ -typedef struct -{ - uint64_t total[2]; /*!< number of bytes processed */ - uint64_t state[8]; /*!< intermediate digest state */ - unsigned char buffer[128]; /*!< data block being processed */ - int is384; /*!< 0 => SHA-512, else SHA-384 */ -} -mbedtls_sha512_context; - -/** - * \brief Initialize SHA-512 context - * - * \param ctx SHA-512 context to be initialized - */ -void mbedtls_sha512_init( mbedtls_sha512_context *ctx ); - -/** - * \brief Clear SHA-512 context - * - * \param ctx SHA-512 context to be cleared - */ -void mbedtls_sha512_free( mbedtls_sha512_context *ctx ); - -/** - * \brief Clone (the state of) a SHA-512 context - * - * \param dst The destination context - * \param src The context to be cloned - */ -void mbedtls_sha512_clone( mbedtls_sha512_context *dst, - const mbedtls_sha512_context *src ); - -/** - * \brief SHA-512 context setup - * - * \param ctx context to be initialized - * \param is384 0 = use SHA512, 1 = use SHA384 - */ -void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ); - -/** - * \brief SHA-512 process buffer - * - * \param ctx SHA-512 context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input, - size_t ilen ); - -/** - * \brief SHA-512 final digest - * - * \param ctx SHA-512 context - * \param output SHA-384/512 checksum result - */ -void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64] ); - -#ifdef __cplusplus -} -#endif - -#else /* MBEDTLS_SHA512_ALT */ -#include "sha512_alt.h" -#endif /* MBEDTLS_SHA512_ALT */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Output = SHA-512( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output SHA-384/512 checksum result - * \param is384 0 = use SHA512, 1 = use SHA384 - */ -void mbedtls_sha512( const unsigned char *input, size_t ilen, - unsigned char output[64], int is384 ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int mbedtls_sha512_self_test( int verbose ); - -/* Internal use */ -void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] ); - -#ifdef __cplusplus -} -#endif - -#endif /* mbedtls_sha512.h */ diff --git a/libstb/mbedtls/Makefile.inc b/libstb/mbedtls/Makefile.inc new file mode 100644 index 0000000..07aa26a --- /dev/null +++ b/libstb/mbedtls/Makefile.inc @@ -0,0 +1,11 @@ +# -*-Makefile-*- + +MBEDTLS_DIR = libstb/mbedtls + +SUBDIRS += $(MBEDTLS_DIR) + +MBEDTLS_SRCS = sha512.c +MBEDTLS_OBJS = $(MBEDTLS_SRCS:%.c=%.o) +MBEDTLS = $(MBEDTLS_DIR)/built-in.o + +$(MBEDTLS): $(MBEDTLS_OBJS:%=$(MBEDTLS_DIR)/%) diff --git a/libstb/mbedtls/sha512.c b/libstb/mbedtls/sha512.c new file mode 100644 index 0000000..a133795 --- /dev/null +++ b/libstb/mbedtls/sha512.c @@ -0,0 +1,480 @@ +/* + * FIPS-180-2 compliant SHA-384/512 implementation + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +/* + * The SHA-512 Secure Hash Standard was published by NIST in 2002. + * + * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf + */ + +#include "sha512.h" + +#define UL64(x) x + +#include +#include +#define mbedtls_printf printf + +#if !defined(MBEDTLS_SHA512_ALT) + +/* Implementation that should never be optimized out by the compiler */ +static void mbedtls_zeroize( void *v, size_t n ) { + volatile unsigned char *p = v; while( n-- ) *p++ = 0; +} + +/* + * 64-bit integer manipulation macros (big endian) + */ +#ifndef GET_UINT64_BE +#define GET_UINT64_BE(n,b,i) \ +{ \ + (n) = ( (uint64_t) (b)[(i) ] << 56 ) \ + | ( (uint64_t) (b)[(i) + 1] << 48 ) \ + | ( (uint64_t) (b)[(i) + 2] << 40 ) \ + | ( (uint64_t) (b)[(i) + 3] << 32 ) \ + | ( (uint64_t) (b)[(i) + 4] << 24 ) \ + | ( (uint64_t) (b)[(i) + 5] << 16 ) \ + | ( (uint64_t) (b)[(i) + 6] << 8 ) \ + | ( (uint64_t) (b)[(i) + 7] ); \ +} +#endif /* GET_UINT64_BE */ + +#ifndef PUT_UINT64_BE +#define PUT_UINT64_BE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( (n) >> 56 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 48 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 40 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) >> 32 ); \ + (b)[(i) + 4] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 5] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 6] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 7] = (unsigned char) ( (n) ); \ +} +#endif /* PUT_UINT64_BE */ + +void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) +{ + memset( ctx, 0, sizeof( mbedtls_sha512_context ) ); +} + +void mbedtls_sha512_free( mbedtls_sha512_context *ctx ) +{ + if( ctx == NULL ) + return; + + mbedtls_zeroize( ctx, sizeof( mbedtls_sha512_context ) ); +} + +void mbedtls_sha512_clone( mbedtls_sha512_context *dst, + const mbedtls_sha512_context *src ) +{ + *dst = *src; +} + +/* + * SHA-512 context setup + */ +void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ) +{ + ctx->total[0] = 0; + ctx->total[1] = 0; + + if( is384 == 0 ) + { + /* SHA-512 */ + ctx->state[0] = UL64(0x6A09E667F3BCC908); + ctx->state[1] = UL64(0xBB67AE8584CAA73B); + ctx->state[2] = UL64(0x3C6EF372FE94F82B); + ctx->state[3] = UL64(0xA54FF53A5F1D36F1); + ctx->state[4] = UL64(0x510E527FADE682D1); + ctx->state[5] = UL64(0x9B05688C2B3E6C1F); + ctx->state[6] = UL64(0x1F83D9ABFB41BD6B); + ctx->state[7] = UL64(0x5BE0CD19137E2179); + } + else + { + /* SHA-384 */ + ctx->state[0] = UL64(0xCBBB9D5DC1059ED8); + ctx->state[1] = UL64(0x629A292A367CD507); + ctx->state[2] = UL64(0x9159015A3070DD17); + ctx->state[3] = UL64(0x152FECD8F70E5939); + ctx->state[4] = UL64(0x67332667FFC00B31); + ctx->state[5] = UL64(0x8EB44A8768581511); + ctx->state[6] = UL64(0xDB0C2E0D64F98FA7); + ctx->state[7] = UL64(0x47B5481DBEFA4FA4); + } + + ctx->is384 = is384; +} + +#if !defined(MBEDTLS_SHA512_PROCESS_ALT) + +/* + * Round constants + */ +static const uint64_t K[80] = +{ + UL64(0x428A2F98D728AE22), UL64(0x7137449123EF65CD), + UL64(0xB5C0FBCFEC4D3B2F), UL64(0xE9B5DBA58189DBBC), + UL64(0x3956C25BF348B538), UL64(0x59F111F1B605D019), + UL64(0x923F82A4AF194F9B), UL64(0xAB1C5ED5DA6D8118), + UL64(0xD807AA98A3030242), UL64(0x12835B0145706FBE), + UL64(0x243185BE4EE4B28C), UL64(0x550C7DC3D5FFB4E2), + UL64(0x72BE5D74F27B896F), UL64(0x80DEB1FE3B1696B1), + UL64(0x9BDC06A725C71235), UL64(0xC19BF174CF692694), + UL64(0xE49B69C19EF14AD2), UL64(0xEFBE4786384F25E3), + UL64(0x0FC19DC68B8CD5B5), UL64(0x240CA1CC77AC9C65), + UL64(0x2DE92C6F592B0275), UL64(0x4A7484AA6EA6E483), + UL64(0x5CB0A9DCBD41FBD4), UL64(0x76F988DA831153B5), + UL64(0x983E5152EE66DFAB), UL64(0xA831C66D2DB43210), + UL64(0xB00327C898FB213F), UL64(0xBF597FC7BEEF0EE4), + UL64(0xC6E00BF33DA88FC2), UL64(0xD5A79147930AA725), + UL64(0x06CA6351E003826F), UL64(0x142929670A0E6E70), + UL64(0x27B70A8546D22FFC), UL64(0x2E1B21385C26C926), + UL64(0x4D2C6DFC5AC42AED), UL64(0x53380D139D95B3DF), + UL64(0x650A73548BAF63DE), UL64(0x766A0ABB3C77B2A8), + UL64(0x81C2C92E47EDAEE6), UL64(0x92722C851482353B), + UL64(0xA2BFE8A14CF10364), UL64(0xA81A664BBC423001), + UL64(0xC24B8B70D0F89791), UL64(0xC76C51A30654BE30), + UL64(0xD192E819D6EF5218), UL64(0xD69906245565A910), + UL64(0xF40E35855771202A), UL64(0x106AA07032BBD1B8), + UL64(0x19A4C116B8D2D0C8), UL64(0x1E376C085141AB53), + UL64(0x2748774CDF8EEB99), UL64(0x34B0BCB5E19B48A8), + UL64(0x391C0CB3C5C95A63), UL64(0x4ED8AA4AE3418ACB), + UL64(0x5B9CCA4F7763E373), UL64(0x682E6FF3D6B2B8A3), + UL64(0x748F82EE5DEFB2FC), UL64(0x78A5636F43172F60), + UL64(0x84C87814A1F0AB72), UL64(0x8CC702081A6439EC), + UL64(0x90BEFFFA23631E28), UL64(0xA4506CEBDE82BDE9), + UL64(0xBEF9A3F7B2C67915), UL64(0xC67178F2E372532B), + UL64(0xCA273ECEEA26619C), UL64(0xD186B8C721C0C207), + UL64(0xEADA7DD6CDE0EB1E), UL64(0xF57D4F7FEE6ED178), + UL64(0x06F067AA72176FBA), UL64(0x0A637DC5A2C898A6), + UL64(0x113F9804BEF90DAE), UL64(0x1B710B35131C471B), + UL64(0x28DB77F523047D84), UL64(0x32CAAB7B40C72493), + UL64(0x3C9EBE0A15C9BEBC), UL64(0x431D67C49C100D4C), + UL64(0x4CC5D4BECB3E42B6), UL64(0x597F299CFC657E2A), + UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817) +}; + +void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] ) +{ + int i; + uint64_t temp1, temp2, W[80]; + uint64_t A, B, C, D, E, F, G, H; + +#define SHR(x,n) (x >> n) +#define ROTR(x,n) (SHR(x,n) | (x << (64 - n))) + +#define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x, 7)) +#define S1(x) (ROTR(x,19) ^ ROTR(x,61) ^ SHR(x, 6)) + +#define S2(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39)) +#define S3(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41)) + +#define F0(x,y,z) ((x & y) | (z & (x | y))) +#define F1(x,y,z) (z ^ (x & (y ^ z))) + +#define P(a,b,c,d,e,f,g,h,x,K) \ +{ \ + temp1 = h + S3(e) + F1(e,f,g) + K + x; \ + temp2 = S2(a) + F0(a,b,c); \ + d += temp1; h = temp1 + temp2; \ +} + + for( i = 0; i < 16; i++ ) + { + GET_UINT64_BE( W[i], data, i << 3 ); + } + + for( ; i < 80; i++ ) + { + W[i] = S1(W[i - 2]) + W[i - 7] + + S0(W[i - 15]) + W[i - 16]; + } + + A = ctx->state[0]; + B = ctx->state[1]; + C = ctx->state[2]; + D = ctx->state[3]; + E = ctx->state[4]; + F = ctx->state[5]; + G = ctx->state[6]; + H = ctx->state[7]; + i = 0; + + do + { + P( A, B, C, D, E, F, G, H, W[i], K[i] ); i++; + P( H, A, B, C, D, E, F, G, W[i], K[i] ); i++; + P( G, H, A, B, C, D, E, F, W[i], K[i] ); i++; + P( F, G, H, A, B, C, D, E, W[i], K[i] ); i++; + P( E, F, G, H, A, B, C, D, W[i], K[i] ); i++; + P( D, E, F, G, H, A, B, C, W[i], K[i] ); i++; + P( C, D, E, F, G, H, A, B, W[i], K[i] ); i++; + P( B, C, D, E, F, G, H, A, W[i], K[i] ); i++; + } + while( i < 80 ); + + ctx->state[0] += A; + ctx->state[1] += B; + ctx->state[2] += C; + ctx->state[3] += D; + ctx->state[4] += E; + ctx->state[5] += F; + ctx->state[6] += G; + ctx->state[7] += H; +} +#endif /* !MBEDTLS_SHA512_PROCESS_ALT */ + +/* + * SHA-512 process buffer + */ +void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input, + size_t ilen ) +{ + size_t fill; + unsigned int left; + + if( ilen == 0 ) + return; + + left = (unsigned int) (ctx->total[0] & 0x7F); + fill = 128 - left; + + ctx->total[0] += (uint64_t) ilen; + + if( ctx->total[0] < (uint64_t) ilen ) + ctx->total[1]++; + + if( left && ilen >= fill ) + { + memcpy( (void *) (ctx->buffer + left), input, fill ); + mbedtls_sha512_process( ctx, ctx->buffer ); + input += fill; + ilen -= fill; + left = 0; + } + + while( ilen >= 128 ) + { + mbedtls_sha512_process( ctx, input ); + input += 128; + ilen -= 128; + } + + if( ilen > 0 ) + memcpy( (void *) (ctx->buffer + left), input, ilen ); +} + +static const unsigned char sha512_padding[128] = +{ + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 +}; + +/* + * SHA-512 final digest + */ +void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64] ) +{ + size_t last, padn; + uint64_t high, low; + unsigned char msglen[16]; + + high = ( ctx->total[0] >> 61 ) + | ( ctx->total[1] << 3 ); + low = ( ctx->total[0] << 3 ); + + PUT_UINT64_BE( high, msglen, 0 ); + PUT_UINT64_BE( low, msglen, 8 ); + + last = (size_t)( ctx->total[0] & 0x7F ); + padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last ); + + mbedtls_sha512_update( ctx, sha512_padding, padn ); + mbedtls_sha512_update( ctx, msglen, 16 ); + + PUT_UINT64_BE( ctx->state[0], output, 0 ); + PUT_UINT64_BE( ctx->state[1], output, 8 ); + PUT_UINT64_BE( ctx->state[2], output, 16 ); + PUT_UINT64_BE( ctx->state[3], output, 24 ); + PUT_UINT64_BE( ctx->state[4], output, 32 ); + PUT_UINT64_BE( ctx->state[5], output, 40 ); + + if( ctx->is384 == 0 ) + { + PUT_UINT64_BE( ctx->state[6], output, 48 ); + PUT_UINT64_BE( ctx->state[7], output, 56 ); + } +} + +#endif /* !MBEDTLS_SHA512_ALT */ + +/* + * output = SHA-512( input buffer ) + */ +void mbedtls_sha512( const unsigned char *input, size_t ilen, + unsigned char output[64], int is384 ) +{ + mbedtls_sha512_context ctx; + + mbedtls_sha512_init( &ctx ); + mbedtls_sha512_starts( &ctx, is384 ); + mbedtls_sha512_update( &ctx, input, ilen ); + mbedtls_sha512_finish( &ctx, output ); + mbedtls_sha512_free( &ctx ); +} + +#if defined(MBEDTLS_SELF_TEST) + +/* + * FIPS-180-2 test vectors + */ +static const unsigned char sha512_test_buf[3][113] = +{ + { "abc" }, + { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn" + "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" }, + { "" } +}; + +static const int sha512_test_buflen[3] = +{ + 3, 112, 1000 +}; + +static const unsigned char sha512_test_sum[6][64] = +{ + /* + * SHA-384 test vectors + */ + { 0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B, + 0xB5, 0xA0, 0x3D, 0x69, 0x9A, 0xC6, 0x50, 0x07, + 0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63, + 0x1A, 0x8B, 0x60, 0x5A, 0x43, 0xFF, 0x5B, 0xED, + 0x80, 0x86, 0x07, 0x2B, 0xA1, 0xE7, 0xCC, 0x23, + 0x58, 0xBA, 0xEC, 0xA1, 0x34, 0xC8, 0x25, 0xA7 }, + { 0x09, 0x33, 0x0C, 0x33, 0xF7, 0x11, 0x47, 0xE8, + 0x3D, 0x19, 0x2F, 0xC7, 0x82, 0xCD, 0x1B, 0x47, + 0x53, 0x11, 0x1B, 0x17, 0x3B, 0x3B, 0x05, 0xD2, + 0x2F, 0xA0, 0x80, 0x86, 0xE3, 0xB0, 0xF7, 0x12, + 0xFC, 0xC7, 0xC7, 0x1A, 0x55, 0x7E, 0x2D, 0xB9, + 0x66, 0xC3, 0xE9, 0xFA, 0x91, 0x74, 0x60, 0x39 }, + { 0x9D, 0x0E, 0x18, 0x09, 0x71, 0x64, 0x74, 0xCB, + 0x08, 0x6E, 0x83, 0x4E, 0x31, 0x0A, 0x4A, 0x1C, + 0xED, 0x14, 0x9E, 0x9C, 0x00, 0xF2, 0x48, 0x52, + 0x79, 0x72, 0xCE, 0xC5, 0x70, 0x4C, 0x2A, 0x5B, + 0x07, 0xB8, 0xB3, 0xDC, 0x38, 0xEC, 0xC4, 0xEB, + 0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 }, + + /* + * SHA-512 test vectors + */ + { 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, + 0xCC, 0x41, 0x73, 0x49, 0xAE, 0x20, 0x41, 0x31, + 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2, + 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, + 0x21, 0x92, 0x99, 0x2A, 0x27, 0x4F, 0xC1, 0xA8, + 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD, + 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, + 0x2A, 0x9A, 0xC9, 0x4F, 0xA5, 0x4C, 0xA4, 0x9F }, + { 0x8E, 0x95, 0x9B, 0x75, 0xDA, 0xE3, 0x13, 0xDA, + 0x8C, 0xF4, 0xF7, 0x28, 0x14, 0xFC, 0x14, 0x3F, + 0x8F, 0x77, 0x79, 0xC6, 0xEB, 0x9F, 0x7F, 0xA1, + 0x72, 0x99, 0xAE, 0xAD, 0xB6, 0x88, 0x90, 0x18, + 0x50, 0x1D, 0x28, 0x9E, 0x49, 0x00, 0xF7, 0xE4, + 0x33, 0x1B, 0x99, 0xDE, 0xC4, 0xB5, 0x43, 0x3A, + 0xC7, 0xD3, 0x29, 0xEE, 0xB6, 0xDD, 0x26, 0x54, + 0x5E, 0x96, 0xE5, 0x5B, 0x87, 0x4B, 0xE9, 0x09 }, + { 0xE7, 0x18, 0x48, 0x3D, 0x0C, 0xE7, 0x69, 0x64, + 0x4E, 0x2E, 0x42, 0xC7, 0xBC, 0x15, 0xB4, 0x63, + 0x8E, 0x1F, 0x98, 0xB1, 0x3B, 0x20, 0x44, 0x28, + 0x56, 0x32, 0xA8, 0x03, 0xAF, 0xA9, 0x73, 0xEB, + 0xDE, 0x0F, 0xF2, 0x44, 0x87, 0x7E, 0xA6, 0x0A, + 0x4C, 0xB0, 0x43, 0x2C, 0xE5, 0x77, 0xC3, 0x1B, + 0xEB, 0x00, 0x9C, 0x5C, 0x2C, 0x49, 0xAA, 0x2E, + 0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B } +}; + +/* + * Checkup routine + */ +int mbedtls_sha512_self_test( int verbose ) +{ + int i, j, k, buflen, ret = 0; + unsigned char buf[1024]; + unsigned char sha512sum[64]; + mbedtls_sha512_context ctx; + + mbedtls_sha512_init( &ctx ); + + for( i = 0; i < 6; i++ ) + { + j = i % 3; + k = i < 3; + + if( verbose != 0 ) + mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 ); + + mbedtls_sha512_starts( &ctx, k ); + + if( j == 2 ) + { + memset( buf, 'a', buflen = 1000 ); + + for( j = 0; j < 1000; j++ ) + mbedtls_sha512_update( &ctx, buf, buflen ); + } + else + mbedtls_sha512_update( &ctx, sha512_test_buf[j], + sha512_test_buflen[j] ); + + mbedtls_sha512_finish( &ctx, sha512sum ); + + if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 ) + { + if( verbose != 0 ) + mbedtls_printf( "failed\n" ); + + ret = 1; + goto exit; + } + + if( verbose != 0 ) + mbedtls_printf( "passed\n" ); + } + + if( verbose != 0 ) + mbedtls_printf( "\n" ); + +exit: + mbedtls_sha512_free( &ctx ); + + return( ret ); +} + +#endif /* MBEDTLS_SELF_TEST */ diff --git a/libstb/mbedtls/sha512.h b/libstb/mbedtls/sha512.h new file mode 100644 index 0000000..627694f --- /dev/null +++ b/libstb/mbedtls/sha512.h @@ -0,0 +1,141 @@ +/** + * \file sha512.h + * + * \brief SHA-384 and SHA-512 cryptographic hash function + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_SHA512_H +#define MBEDTLS_SHA512_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include +#include + +#if !defined(MBEDTLS_SHA512_ALT) +// Regular implementation +// + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief SHA-512 context structure + */ +typedef struct +{ + uint64_t total[2]; /*!< number of bytes processed */ + uint64_t state[8]; /*!< intermediate digest state */ + unsigned char buffer[128]; /*!< data block being processed */ + int is384; /*!< 0 => SHA-512, else SHA-384 */ +} +mbedtls_sha512_context; + +/** + * \brief Initialize SHA-512 context + * + * \param ctx SHA-512 context to be initialized + */ +void mbedtls_sha512_init( mbedtls_sha512_context *ctx ); + +/** + * \brief Clear SHA-512 context + * + * \param ctx SHA-512 context to be cleared + */ +void mbedtls_sha512_free( mbedtls_sha512_context *ctx ); + +/** + * \brief Clone (the state of) a SHA-512 context + * + * \param dst The destination context + * \param src The context to be cloned + */ +void mbedtls_sha512_clone( mbedtls_sha512_context *dst, + const mbedtls_sha512_context *src ); + +/** + * \brief SHA-512 context setup + * + * \param ctx context to be initialized + * \param is384 0 = use SHA512, 1 = use SHA384 + */ +void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ); + +/** + * \brief SHA-512 process buffer + * + * \param ctx SHA-512 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input, + size_t ilen ); + +/** + * \brief SHA-512 final digest + * + * \param ctx SHA-512 context + * \param output SHA-384/512 checksum result + */ +void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64] ); + +#ifdef __cplusplus +} +#endif + +#else /* MBEDTLS_SHA512_ALT */ +#include "sha512_alt.h" +#endif /* MBEDTLS_SHA512_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Output = SHA-512( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output SHA-384/512 checksum result + * \param is384 0 = use SHA512, 1 = use SHA384 + */ +void mbedtls_sha512( const unsigned char *input, size_t ilen, + unsigned char output[64], int is384 ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int mbedtls_sha512_self_test( int verbose ); + +/* Internal use */ +void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] ); + +#ifdef __cplusplus +} +#endif + +#endif /* mbedtls_sha512.h */ From patchwork Thu Aug 31 07:24:40 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Claudio Carvalho X-Patchwork-Id: 808095 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xjYpp2R5Fz9sNc for ; Thu, 31 Aug 2017 17:26:58 +1000 (AEST) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xjYpp1bFxzDqXj for ; Thu, 31 Aug 2017 17:26:58 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xjYmr6JgKzDqXh for ; Thu, 31 Aug 2017 17:25:16 +1000 (AEST) Received: from pps.filterd (m0098404.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7V7NikG073789 for ; Thu, 31 Aug 2017 03:25:15 -0400 Received: from e18.ny.us.ibm.com (e18.ny.us.ibm.com [129.33.205.208]) by mx0a-001b2d01.pphosted.com with ESMTP id 2cp98rt19p-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 31 Aug 2017 03:25:15 -0400 Received: from localhost by e18.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Aug 2017 03:25:13 -0400 Received: from b01cxnp23032.gho.pok.ibm.com (9.57.198.27) by e18.ny.us.ibm.com (146.89.104.205) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 31 Aug 2017 03:25:10 -0400 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp23032.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v7V7PAwl25231364 for ; Thu, 31 Aug 2017 07:25:10 GMT Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id 1DE81112040 for ; Thu, 31 Aug 2017 03:24:56 -0400 (EDT) X-IMSS-HAND-OFF-DIRECTIVE: 127.0.0.1:10026 Received: from legolas.ibm.com (unknown [9.85.193.48]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id 30475112047; Thu, 31 Aug 2017 03:24:55 -0400 (EDT) From: Claudio Carvalho To: skiboot@lists.ozlabs.org Date: Thu, 31 Aug 2017 04:24:40 -0300 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> References: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17083107-0044-0000-0000-00000385D467 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007640; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000226; SDB=6.00910098; UDB=6.00456511; IPR=6.00690378; BA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938; XFM=3.00000015; UTC=2017-08-31 07:25:12 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17083107-0045-0000-0000-000007B3ED75 Message-Id: <1504164285-15095-10-git-send-email-cclaudio@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-31_02:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708310114 Subject: [Skiboot] [PATCH v2 09/14] libstb: clean up the force-secure-mode and force-trusted-mode from nvram X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" This just renames the ibm_secureboot variable to node and organize the code that checks the force-secure-mode and force-trusted-mode from nvram. Signed-off-by: Claudio Carvalho --- libstb/stb.c | 34 ++++++++++++++-------------------- 1 file changed, 14 insertions(+), 20 deletions(-) diff --git a/libstb/stb.c b/libstb/stb.c index eb77038..a238378 100644 --- a/libstb/stb.c +++ b/libstb/stb.c @@ -90,41 +90,35 @@ static void sb_enforce(void) void stb_init(void) { - struct dt_node *ibm_secureboot; - /* - * The ibm,secureboot device tree properties are documented in - * 'doc/device-tree/ibm,secureboot.rst' - */ - ibm_secureboot = dt_find_by_path(dt_root, "/ibm,secureboot"); - if (ibm_secureboot == NULL) { + struct dt_node *node; + + node = dt_find_by_path(dt_root, "/ibm,secureboot"); + if (!node) { prlog(PR_NOTICE,"STB: secure and trusted boot not supported\n"); return; } - secure_mode = dt_has_node_property(ibm_secureboot, "secure-enabled", - NULL); - if (nvram_query_eq("force-secure-mode", "always")) { - prlog(PR_NOTICE, "STB: secure mode on (FORCED by nvram)\n"); secure_mode = true; - } else if (secure_mode) { - prlog(PR_NOTICE, "STB: secure mode on.\n"); + prlog(PR_NOTICE, "STB: secure mode on (FORCED by nvram)\n"); } else { - prlog(PR_NOTICE, "STB: secure mode off\n"); + secure_mode = dt_has_node_property(node, "secure-enabled", NULL); + prlog(PR_NOTICE, "STB: secure mode %s\n", + secure_mode ? "on" : "off"); } - trusted_mode = dt_has_node_property(ibm_secureboot, "trusted-enabled", - NULL); if (nvram_query_eq("force-trusted-mode", "true")) { - prlog(PR_NOTICE, "STB: trusted mode ON (from NVRAM)\n"); trusted_mode = true; + prlog(PR_NOTICE, "STB: trusted mode on (FORCED by nvram)\n"); + } else { + trusted_mode = dt_has_node_property(node, "trusted-enabled", NULL); + prlog(PR_NOTICE, "STB: trusted mode %s\n", + trusted_mode ? "on" : "off"); } - prlog(PR_NOTICE, "STB: trusted mode %s\n", - trusted_mode ? "on" : "off"); if (!secure_mode && !trusted_mode) return; - c1vc = rom_init(ibm_secureboot); + c1vc = rom_init(node); if (secure_mode && !c1vc) { prlog(PR_EMERG, "STB: compatible romcode driver not found\n"); sb_enforce(); From patchwork Thu Aug 31 07:24:41 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Claudio Carvalho X-Patchwork-Id: 808100 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [103.22.144.68]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xjYqr2NMVz9sNc for ; Thu, 31 Aug 2017 17:27:52 +1000 (AEST) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xjYqr1RDDzDqms for ; Thu, 31 Aug 2017 17:27:52 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xjYn13y2mzDqXc for ; Thu, 31 Aug 2017 17:25:25 +1000 (AEST) Received: from pps.filterd (m0098416.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7V7O0x1179817 for ; Thu, 31 Aug 2017 03:25:23 -0400 Received: from e15.ny.us.ibm.com (e15.ny.us.ibm.com [129.33.205.205]) by mx0b-001b2d01.pphosted.com with ESMTP id 2cpca8eht1-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 31 Aug 2017 03:25:22 -0400 Received: from localhost by e15.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Aug 2017 03:25:22 -0400 Received: from b01cxnp23033.gho.pok.ibm.com (9.57.198.28) by e15.ny.us.ibm.com (146.89.104.202) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 31 Aug 2017 03:25:21 -0400 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp23033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v7V7PKkK1835286 for ; Thu, 31 Aug 2017 07:25:20 GMT Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id 490E6112034 for ; Thu, 31 Aug 2017 03:25:06 -0400 (EDT) X-IMSS-HAND-OFF-DIRECTIVE: 127.0.0.1:10026 Received: from legolas.ibm.com (unknown [9.85.193.48]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id 1ED58112034; Thu, 31 Aug 2017 03:24:56 -0400 (EDT) From: Claudio Carvalho To: skiboot@lists.ozlabs.org Date: Thu, 31 Aug 2017 04:24:41 -0300 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> References: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17083107-0036-0000-0000-00000261AE05 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007640; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000226; SDB=6.00910097; UDB=6.00456510; IPR=6.00690378; BA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938; XFM=3.00000015; UTC=2017-08-31 07:25:21 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17083107-0037-0000-0000-0000419CB182 Message-Id: <1504164285-15095-11-git-send-email-cclaudio@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-31_02:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=4 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708310114 Subject: [Skiboot] [PATCH v2 10/14] libstb: move cvc initialization to stb.c X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" cvc stands for container verification code. By moving the probe function of each cvc driver to stb.c, this simplifies the current cvc initialization and also the addition of new cvc drivers in the future. In order to move all the cvc initialization to stb.c, this also adds the func_addr parameter to both verify and sha512 cvc hooks. func_addr = cvc base address + function offset. rom.c and rom.h are no longer required. Signed-off-by: Claudio Carvalho --- libstb/Makefile.inc | 2 +- libstb/container.h | 2 + libstb/cvc/c1vc.c | 109 ++++++-------------------------- libstb/cvc/c1vc.h | 11 +++- libstb/cvc/c1vc_mbedtls.c | 48 +++----------- libstb/cvc/c1vc_mbedtls.h | 14 ++++- libstb/rom.c | 55 ---------------- libstb/rom.h | 43 ------------- libstb/stb.c | 156 ++++++++++++++++++++++++++++++++++++++++++---- 9 files changed, 198 insertions(+), 242 deletions(-) delete mode 100644 libstb/rom.c delete mode 100644 libstb/rom.h diff --git a/libstb/Makefile.inc b/libstb/Makefile.inc index 8a78fb6..217f3fc 100644 --- a/libstb/Makefile.inc +++ b/libstb/Makefile.inc @@ -4,7 +4,7 @@ LIBSTB_DIR = libstb SUBDIRS += $(LIBSTB_DIR) -LIBSTB_SRCS = container.c rom.c tpm_chip.c stb.c +LIBSTB_SRCS = container.c tpm_chip.c stb.c LIBSTB_OBJS = $(LIBSTB_SRCS:%.c=%.o) LIBSTB = $(LIBSTB_DIR)/built-in.o diff --git a/libstb/container.h b/libstb/container.h index c125bc1..1233e7e 100644 --- a/libstb/container.h +++ b/libstb/container.h @@ -19,7 +19,9 @@ #include #include +#include #include +#include #define SECURE_BOOT_HEADERS_SIZE 4096 #define SHA256_DIGEST_LENGTH 32 diff --git a/libstb/cvc/c1vc.c b/libstb/cvc/c1vc.c index 0ac0d8a..04ebc89 100644 --- a/libstb/cvc/c1vc.c +++ b/libstb/cvc/c1vc.c @@ -19,120 +19,51 @@ #include #include #include "../status_codes.h" -#include "../rom.h" +#include "../container.h" #include "c1vc.h" -#define DRIVER_NAME "c1vc" - -#define SECURE_ROM_MEMORY_SIZE (16 * 1024) -#define SECURE_ROM_XSCOM_ADDRESS 0x02020017 - /* - * From the source code of the ROM code - */ -#define SECURE_ROM_SHA512_OFFSET 0x20 -#define SECURE_ROM_VERIFY_OFFSET 0x30 - -static const char *compat = "ibm,secureboot-v1"; -static void *securerom_addr = NULL; -static sha2_hash_t *hw_key_hash = NULL; - -/* - * Assembly interfaces to call into ROM code. - * func_ptr is the ROM code function address, followed - * by additional parameters as necessary + * Assembly interfaces to call into the Container v1 Verification Code. + * func_ptr: C1VC base address + offset */ ROM_response __c1vc_verify(void *func_ptr, ROM_container_raw *container, ROM_hw_params *params); void __c1vc_sha512(void *func_ptr, const uint8_t *data, size_t len, uint8_t *digest); -static int c1vc_verify(void *container) +int c1vc_verify(void *func_addr, const char *name, void *container, + const void *hw_key_hash, size_t hw_key_hash_size) { ROM_hw_params hw_params; ROM_response rc; memset(&hw_params, 0, sizeof(ROM_hw_params)); - memcpy(&hw_params.hw_key_hash, hw_key_hash, sizeof(sha2_hash_t)); - rc = __c1vc_verify(securerom_addr + SECURE_ROM_VERIFY_OFFSET, - (ROM_container_raw*) container, &hw_params); + memcpy(&hw_params.hw_key_hash, hw_key_hash, hw_key_hash_size); + rc = __c1vc_verify(func_addr, (ROM_container_raw*) container, &hw_params); if (rc != ROM_DONE) { /* - * Verify failed. hw_params.log indicates what checking has - * failed. This will abort the boot process. + * Container verification failed, the boot process will probably + * be halted by the caller. + * + * The value returned in params.log indicates what checking has + * failed and it is one of the return codes defined in + * /hostboot/src/include/securerom/status_codes.H */ - prlog(PR_ERR, "ROM: %s failed (rc=%d, hw_params.log=0x%llx)\n", - __func__, rc, be64_to_cpu(hw_params.log)); + prerror("STB: %s verification FAILED (rc=%d, hw_params.log=0x%llx)\n", + name, rc, be64_to_cpu(hw_params.log)); return STB_VERIFY_FAILED; } return 0; } -static void c1vc_sha512(const uint8_t *data, size_t len, uint8_t *digest) +void c1vc_sha512(void *func_addr, const uint8_t *data, size_t len, + uint8_t *digest) { memset(digest, 0, sizeof(sha2_hash_t)); - __c1vc_sha512(securerom_addr + SECURE_ROM_SHA512_OFFSET, - data, len, digest); + __c1vc_sha512(func_addr, data, len, digest); } -static void c1vc_cleanup(void) { - if (securerom_addr) - free(securerom_addr); - hw_key_hash = NULL; -} - -static struct container_verification_code c1vc = { - .name = DRIVER_NAME, - .verify = c1vc_verify, - .sha512 = c1vc_sha512, - .cleanup = c1vc_cleanup, -}; - -void c1vc_probe(const struct dt_node *node) +void __attrconst c1vc_cleanup(void) { - /* This xscom register has the Secure ROM code base address */ - const uint32_t reg_addr = SECURE_ROM_XSCOM_ADDRESS; - uint64_t reg_data; - struct proc_chip *chip; - const char* hash_algo; - - if (!dt_node_is_compatible(node, compat)) { - prlog(PR_DEBUG, "ROM: %s node is not compatible\n", - node->name); - return; - } - /* - * secureboot-v1 defines containers with sha512 hashes - */ - hash_algo = dt_prop_get(node, "hash-algo"); - if (strcmp(hash_algo, "sha512")) { - /** - * @fwts-label ROMHashAlgorithmInvalid - * @fwts-advice Hostboot creates the ibm,secureboot node and - * the hash-algo property. Check that the ibm,secureboot node - * layout has not changed. - */ - prlog(PR_ERR, "ROM: hash-algo=%s not expected\n", hash_algo); - return; - } - hw_key_hash = (sha2_hash_t*) dt_prop_get(node, "hw-key-hash"); - securerom_addr = malloc(SECURE_ROM_MEMORY_SIZE); - assert(securerom_addr); - /* - * The logic that contains the ROM within the processor is implemented - * in a way that it only responds to CI (cache inhibited) operations. - * Due to performance issues we copy the verification code from the - * secure ROM to RAM and we use memcpy_from_ci to do that. - */ - chip = next_chip(NULL); - xscom_read(chip->id, reg_addr, ®_data); - memcpy_from_ci(securerom_addr, (void*) reg_data, - SECURE_ROM_MEMORY_SIZE); - /* - * Skiboot runs with IR (Instruction Relocation) & - * DR (Data Relocation) off, so there is no need to either MMIO - * the ROM code or set the memory region as executable. - * skiboot accesses the physical memory directly. Real mode. - */ - rom_set_driver(&c1vc); + return; } diff --git a/libstb/cvc/c1vc.h b/libstb/cvc/c1vc.h index f0d2a3d..fd5588b 100644 --- a/libstb/cvc/c1vc.h +++ b/libstb/cvc/c1vc.h @@ -17,8 +17,15 @@ #ifndef __C1VC_H #define __C1VC_H -#include +#include +#include -extern void c1vc_probe(const struct dt_node *node); +int c1vc_verify(void *func_addr, const char *name, void *container, + const void *hw_key_hash, size_t hw_key_hash_size); + +void c1vc_sha512(void *func_addr, const uint8_t *data, size_t len, + uint8_t *digest); + +void __attrconst c1vc_cleanup(void); #endif /* __C1VC_H */ diff --git a/libstb/cvc/c1vc_mbedtls.c b/libstb/cvc/c1vc_mbedtls.c index 4cf8e13..f677a68 100644 --- a/libstb/cvc/c1vc_mbedtls.c +++ b/libstb/cvc/c1vc_mbedtls.c @@ -14,21 +14,22 @@ * limitations under the License. */ -#include #include -#include -#include "../rom.h" #include "../mbedtls/sha512.h" +#include "../container.h" #include "c1vc_mbedtls.h" -static sha2_hash_t *hw_key_hash = NULL; - -static int c1vc_mbedtls_verify(void *container __unused) +int __attrconst c1vc_mbedtls_verify(void *func_addr __unused, + const char* name __unused, + void *container __unused, + const void *hw_key_hash __unused, + size_t hw_key_hash_size __unused) { return -100; } -static void c1vc_mbedtls_sha512(const uint8_t *data, size_t len, uint8_t *digest) +void c1vc_mbedtls_sha512(void *func_addr __unused, + const uint8_t *data, size_t len, uint8_t *digest) { mbedtls_sha512_context ctx; mbedtls_sha512_init(&ctx); @@ -39,38 +40,7 @@ static void c1vc_mbedtls_sha512(const uint8_t *data, size_t len, uint8_t *digest mbedtls_sha512_free(&ctx); } -static void c1vc_mbedtls_cleanup(void) +void __attrconst c1vc_mbedtls_cleanup(void) { return; } - -static struct container_verification_code c1vc = { - .name = "software", - .verify = c1vc_mbedtls_verify, - .sha512 = c1vc_mbedtls_sha512, - .cleanup = c1vc_mbedtls_cleanup -}; - -void c1vc_mbedtls_probe(const struct dt_node *node) -{ - const char* hash_algo; - - if (!dt_node_is_compatible(node, "ibm,secureboot-v1-softrom")) { - return; - } - - hash_algo = dt_prop_get(node, "hash-algo"); - if (strcmp(hash_algo, "sha512")) { - /** - * @fwts-label ROMHashAlgorithmInvalid - * @fwts-advice Hostboot creates the ibm,secureboot node and - * the hash-algo property. Check that the ibm,secureboot node - * layout has not changed. - */ - prlog(PR_ERR, "ROM: hash-algo=%s not expected\n", hash_algo); - return; - } - hw_key_hash = (sha2_hash_t*) dt_prop_get(node, "hw-key-hash"); - - rom_set_driver(&c1vc); -} diff --git a/libstb/cvc/c1vc_mbedtls.h b/libstb/cvc/c1vc_mbedtls.h index 9027138..f24e940 100644 --- a/libstb/cvc/c1vc_mbedtls.h +++ b/libstb/cvc/c1vc_mbedtls.h @@ -17,8 +17,18 @@ #ifndef __C1VC_MBEDTLS_H #define __C1VC_MBEDTLS_H -#include +#include +#include -extern void c1vc_mbedtls_probe(const struct dt_node *node); +int __attrconst c1vc_mbedtls_verify(void *func_addr __unused, + const char* name __unused, + void *container __unused, + const void *hw_key_hash __unused, + size_t hw_key_hash_size __unused); + +void c1vc_mbedtls_sha512(void *func_addr __unused, + const uint8_t *data, size_t len, uint8_t *digest); + +void __attrconst c1vc_mbedtls_cleanup(void); #endif /* __C1VC_MBEDTLS_H */ diff --git a/libstb/rom.c b/libstb/rom.c deleted file mode 100644 index 04ab364..0000000 --- a/libstb/rom.c +++ /dev/null @@ -1,55 +0,0 @@ -/* Copyright 2013-2016 IBM Corp. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - * implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include -#include "rom.h" -#include "cvc/c1vc.h" -#include "cvc/c1vc_mbedtls.h" - -static struct container_verification_code *c1vc = NULL; - -struct container_verification_code* rom_init(const struct dt_node *node __unused) -{ - if (c1vc) - goto end; - - /* CVC drivers supported */ - c1vc_probe(node); - - if (!c1vc) - c1vc_mbedtls_probe(node); - - if (!c1vc) - prlog(PR_NOTICE, "ROM: no rom driver found\n"); -end: - return c1vc; -} - -void rom_set_driver(struct container_verification_code *driver) -{ - if (c1vc) { - /** - * @fwts-label ROMAlreadyRegistered - * @fwts-advice ibm,secureboot already registered. Check if - * rom_init called twice or the same driver is probed twice - */ - prlog(PR_WARNING, "ROM: %s driver already registered\n", - c1vc->name); - return; - } - c1vc = driver; - prlog(PR_NOTICE, "ROM: %s driver registered\n", c1vc->name); -} diff --git a/libstb/rom.h b/libstb/rom.h deleted file mode 100644 index 972a19b..0000000 --- a/libstb/rom.h +++ /dev/null @@ -1,43 +0,0 @@ -/* Copyright 2013-2016 IBM Corp. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - * implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __ROM_H -#define __ROM_H - -#include -#include -#include -#include "container.h" - -struct container_verification_code { - const char* name; - int (*verify)(void *container); - void (*sha512)(const uint8_t *data, size_t len, uint8_t *digest); - void (*cleanup)(void); -}; - -/* - * Load a compatible driver to access the functions of the - * verification code flashed in the secure ROM - */ -extern struct container_verification_code* rom_init(const struct dt_node *node); - -/* - * Set the rom driver that will be used - */ -extern void rom_set_driver(struct container_verification_code *driver); - -#endif /* __ROM_H */ diff --git a/libstb/stb.c b/libstb/stb.c index a238378..ee5771a 100644 --- a/libstb/stb.c +++ b/libstb/stb.c @@ -20,19 +20,35 @@ #include #include #include +#include +#include #include "stb.h" #include "status_codes.h" #include "container.h" -#include "rom.h" #include "tpm_chip.h" +#include "cvc/c1vc.h" +#include "cvc/c1vc_mbedtls.h" /* For debugging only */ //#define STB_DEBUG -static bool secure_mode = false; -static bool trusted_mode = false; +struct container_verification_code { + const char *name; + uint64_t verify_addr; + uint64_t sha512_addr; + void (*sha512)(void *func_addr, const uint8_t *data, size_t len, + uint8_t *digest); + int (*verify)(void *func_addr, const char *name, void *container, + const void *hw_key_hash, size_t hw_key_hash_size); + void (*cleanup)(void); +}; static struct container_verification_code *c1vc = NULL; +static void *secure_rom_mem = NULL; +static const void* hw_key_hash = NULL; +static size_t hw_key_hash_size; +static bool secure_mode = false; +static bool trusted_mode = false; /* * This maps a PCR for each resource we can measure. The PCR number is @@ -88,9 +104,102 @@ static void sb_enforce(void) abort(); } +static int c1vc_mbedtls_init(struct dt_node *node) +{ + const char* hash_algo; + + hash_algo = dt_prop_get(node, "hash-algo"); + if (strcmp(hash_algo, "sha512")) { + /** + * @fwts-label HashAlgoInvalidSoftrom + * @fwts-advice Hash algorithm invalid, secureboot containers + * version 1 requires sha512. If you're running the latest POWER + * firmware, so probably there is a bug in mambo tcl script that + * creates the hash-algo property. + */ + prerror("STB: %s FAILED, hash-algo=%s not supported\n", + __func__, hash_algo); + return -1; + } + hw_key_hash_size = SHA512_DIGEST_LENGTH; + hw_key_hash = dt_prop_get_def_size(node, "hw-key-hash", NULL, + &hw_key_hash_size); + + c1vc = malloc(sizeof(struct container_verification_code)); + assert(c1vc); + c1vc->sha512_addr = 0; + c1vc->sha512 = c1vc_mbedtls_sha512; + c1vc->verify_addr = 0; + c1vc->verify = c1vc_mbedtls_verify; + c1vc->cleanup = c1vc_mbedtls_cleanup; + c1vc->name = "c1vc_mbedtls"; + + prlog(PR_INFO, "STB: 'ibm,secureboot-v1-softrom' initialized\n"); + return 0; +} + +#define SECURE_ROM_MEMORY_SIZE (16 * 1024) +#define SECURE_ROM_XSCOM_ADDRESS 0x02020017 + +#define SECURE_ROM_SHA512_OFFSET 0x20 +#define SECURE_ROM_VERIFY_OFFSET 0x30 + +static int c1vc_rom_init(struct dt_node *parent) +{ + const uint32_t reg_addr = SECURE_ROM_XSCOM_ADDRESS; + uint64_t reg_data; + struct proc_chip *chip; + const char* hash_algo; + + hash_algo = dt_prop_get(parent, "hash-algo"); + if (strcmp(hash_algo, "sha512")) { + /** + * @fwts-label HashAlgoInvalid + * @fwts-advice Hash algorithm invalid, secureboot containers + * version 1 requires sha512. If you're running the latest POWER + * firmware, so probably there is a bug in the device tree + * received from hostboot. + */ + prerror("STB: %s FAILED, hash-algo=%s not supported\n", __func__, + hash_algo); + return -1; + } + hw_key_hash_size = SHA512_DIGEST_LENGTH; + hw_key_hash = dt_prop_get_def_size(parent, "hw-key-hash", NULL, + &hw_key_hash_size); + + c1vc = malloc(sizeof(struct container_verification_code)); + assert(c1vc); + secure_rom_mem = malloc(SECURE_ROM_MEMORY_SIZE); + assert(secure_rom_mem); + /* + * The logic that contains the ROM within the processor is implemented + * in a way that it only responds to CI (cache inhibited) operations. + * Due to performance issues we copy the verification code from the + * secure ROM to RAM. We use memcpy_from_ci() to do that. + */ + chip = next_chip(NULL); + xscom_read(chip->id, reg_addr, ®_data); + memcpy_from_ci(secure_rom_mem, (void*) reg_data, + SECURE_ROM_MEMORY_SIZE); + + c1vc->sha512_addr = (uint64_t) secure_rom_mem + SECURE_ROM_SHA512_OFFSET; + c1vc->sha512 = c1vc_sha512; + + c1vc->verify_addr = (uint64_t) secure_rom_mem + SECURE_ROM_VERIFY_OFFSET; + c1vc->verify = c1vc_verify; + + c1vc->cleanup = c1vc_cleanup; + c1vc->name = "c1vc"; + + prlog(PR_INFO, "STB: 'ibm,secureboot-v1' initialized\n"); + return 0; +} + void stb_init(void) { struct dt_node *node; + int rc = -1; node = dt_find_by_path(dt_root, "/ibm,secureboot"); if (!node) { @@ -118,13 +227,36 @@ void stb_init(void) if (!secure_mode && !trusted_mode) return; - c1vc = rom_init(node); - if (secure_mode && !c1vc) { - prlog(PR_EMERG, "STB: compatible romcode driver not found\n"); - sb_enforce(); + + if (dt_node_is_compatible(node, "ibm,secureboot-v1")) { + rc = c1vc_rom_init(node); + } else if (dt_node_is_compatible(node, "ibm,secureboot-v1-softrom")) { + rc = c1vc_mbedtls_init(node); + } else { + /** + * @fwts-label SecureBootNotCompatible + * @fwts-advice Compatible secureboot driver not found. If you + * are running the latest skiboot version, probably there is a + * problem when the /ibm,secureboot/compatible property is + * created. + */ + prerror("STB: secureboot init FAILED, '%s' node not compatible (BUG).\n", + node->name); + goto enforce; } + + /* cvc init failed? */ + if (rc) + goto enforce; + if (trusted_mode) tpm_init(); + return; + +enforce: + if (secure_mode) + sb_enforce(); + return; } int stb_final(void) @@ -228,8 +360,9 @@ int tb_measure(enum resource_id id, void *buf, size_t len) abort(); } - c1vc->sha512((void*) buf + SECURE_BOOT_HEADERS_SIZE, - len - SECURE_BOOT_HEADERS_SIZE, digest); + c1vc->sha512((void*) c1vc->sha512_addr, + buf + SECURE_BOOT_HEADERS_SIZE, + len - SECURE_BOOT_HEADERS_SIZE, digest); prlog(PR_INFO, "STB: %s sha512 hash re-calculated\n", name); if (memcmp(digestp, digest, TPM_ALG_SHA256_SIZE) != 0) { @@ -243,7 +376,7 @@ int tb_measure(enum resource_id id, void *buf, size_t len) abort(); } } else { - c1vc->sha512(buf, len, digest); + c1vc->sha512((void*) c1vc->sha512_addr, buf, len, digest); prlog(PR_INFO, "STB: %s sha512 hash calculated\n", name); } @@ -288,7 +421,8 @@ int sb_verify(enum resource_id id, void *buf, size_t len) __func__, id, buf, len); sb_enforce(); } - if (c1vc->verify(buf)) { + if (c1vc->verify((void*) c1vc->verify_addr, name, buf, + hw_key_hash, hw_key_hash_size)) { prlog(PR_EMERG, "STB: %s failed: resource %s, " "eyecatcher 0x%016llx\n", __func__, name, *((uint64_t*)buf)); From patchwork Thu Aug 31 07:24:42 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Claudio Carvalho X-Patchwork-Id: 808101 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xjYrB1zWRz9sNc for ; Thu, 31 Aug 2017 17:28:10 +1000 (AEST) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xjYrB11KZzDqkc for ; Thu, 31 Aug 2017 17:28:10 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xjYn210M2zDqTr for ; Thu, 31 Aug 2017 17:25:25 +1000 (AEST) Received: from pps.filterd (m0098417.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7V7OjA0116323 for ; Thu, 31 Aug 2017 03:25:24 -0400 Received: from e14.ny.us.ibm.com (e14.ny.us.ibm.com [129.33.205.204]) by mx0a-001b2d01.pphosted.com with ESMTP id 2cpar7cqdu-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 31 Aug 2017 03:25:23 -0400 Received: from localhost by e14.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Aug 2017 03:25:22 -0400 Received: from b01cxnp22036.gho.pok.ibm.com (9.57.198.26) by e14.ny.us.ibm.com (146.89.104.201) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 31 Aug 2017 03:25:21 -0400 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp22036.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v7V7PKcS30933046 for ; Thu, 31 Aug 2017 07:25:20 GMT Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id 3DDED112034 for ; Thu, 31 Aug 2017 03:25:06 -0400 (EDT) X-IMSS-HAND-OFF-DIRECTIVE: 127.0.0.1:10026 Received: from legolas.ibm.com (unknown [9.85.193.48]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id 104EA112040; Thu, 31 Aug 2017 03:24:58 -0400 (EDT) From: Claudio Carvalho To: skiboot@lists.ozlabs.org Date: Thu, 31 Aug 2017 04:24:42 -0300 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> References: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17083107-0052-0000-0000-000002589D7A X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007640; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000226; SDB=6.00910098; UDB=6.00456511; IPR=6.00690378; BA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938; XFM=3.00000015; UTC=2017-08-31 07:25:22 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17083107-0053-0000-0000-000051D83C56 Message-Id: <1504164285-15095-12-git-send-email-cclaudio@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-31_02:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=3 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708310114 Subject: [Skiboot] [PATCH v2 11/14] libstb/stb.c: free cvc allocated memory X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" We no longer need to hold the cleanup cvc hook because the cvc driver initialization is now done in a single place. This adds cvc_free() and also calls it to free the cvc allocated memory before the skiroot kernel is executed. Additionally, this also removes the cvc .name attribute. Signed-off-by: Claudio Carvalho --- libstb/stb.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/libstb/stb.c b/libstb/stb.c index ee5771a..3bc41c6 100644 --- a/libstb/stb.c +++ b/libstb/stb.c @@ -33,14 +33,12 @@ //#define STB_DEBUG struct container_verification_code { - const char *name; uint64_t verify_addr; uint64_t sha512_addr; void (*sha512)(void *func_addr, const uint8_t *data, size_t len, uint8_t *digest); int (*verify)(void *func_addr, const char *name, void *container, const void *hw_key_hash, size_t hw_key_hash_size); - void (*cleanup)(void); }; static struct container_verification_code *c1vc = NULL; @@ -104,6 +102,18 @@ static void sb_enforce(void) abort(); } +static void cvc_free(void) +{ + if (c1vc) { + free(c1vc); + c1vc = NULL; + } + if (secure_rom_mem) { + free(secure_rom_mem); + secure_rom_mem = NULL; + } +} + static int c1vc_mbedtls_init(struct dt_node *node) { const char* hash_algo; @@ -131,8 +141,6 @@ static int c1vc_mbedtls_init(struct dt_node *node) c1vc->sha512 = c1vc_mbedtls_sha512; c1vc->verify_addr = 0; c1vc->verify = c1vc_mbedtls_verify; - c1vc->cleanup = c1vc_mbedtls_cleanup; - c1vc->name = "c1vc_mbedtls"; prlog(PR_INFO, "STB: 'ibm,secureboot-v1-softrom' initialized\n"); return 0; @@ -189,9 +197,6 @@ static int c1vc_rom_init(struct dt_node *parent) c1vc->verify_addr = (uint64_t) secure_rom_mem + SECURE_ROM_VERIFY_OFFSET; c1vc->verify = c1vc_verify; - c1vc->cleanup = c1vc_cleanup; - c1vc->name = "c1vc"; - prlog(PR_INFO, "STB: 'ibm,secureboot-v1' initialized\n"); return 0; } @@ -299,6 +304,7 @@ int stb_final(void) tpm_cleanup(); secure_mode = false; trusted_mode = false; + cvc_free(); return (failed) ? STB_MEASURE_FAILED : 0; } From patchwork Thu Aug 31 07:24:43 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Claudio Carvalho X-Patchwork-Id: 808098 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xjYqT3dG9z9sNc for ; Thu, 31 Aug 2017 17:27:33 +1000 (AEST) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xjYqT2g1VzDqXn for ; Thu, 31 Aug 2017 17:27:33 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xjYn11KQFzDqTy for ; Thu, 31 Aug 2017 17:25:25 +1000 (AEST) Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7V7ONDe086390 for ; Thu, 31 Aug 2017 03:25:23 -0400 Received: from e15.ny.us.ibm.com (e15.ny.us.ibm.com [129.33.205.205]) by mx0a-001b2d01.pphosted.com with ESMTP id 2cpc4g7fbj-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 31 Aug 2017 03:25:23 -0400 Received: from localhost by e15.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Aug 2017 03:25:21 -0400 Received: from b01cxnp22036.gho.pok.ibm.com (9.57.198.26) by e15.ny.us.ibm.com (146.89.104.202) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 31 Aug 2017 03:25:21 -0400 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp22036.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v7V7PKKq30933048 for ; Thu, 31 Aug 2017 07:25:20 GMT Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id 53A5F112040 for ; Thu, 31 Aug 2017 03:25:06 -0400 (EDT) X-IMSS-HAND-OFF-DIRECTIVE: 127.0.0.1:10026 Received: from legolas.ibm.com (unknown [9.85.193.48]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id F3EA1112040; Thu, 31 Aug 2017 03:25:00 -0400 (EDT) From: Claudio Carvalho To: skiboot@lists.ozlabs.org Date: Thu, 31 Aug 2017 04:24:43 -0300 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> References: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17083107-0036-0000-0000-00000261AE06 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007640; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000226; SDB=6.00910097; UDB=6.00456510; IPR=6.00690378; BA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938; XFM=3.00000015; UTC=2017-08-31 07:25:21 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17083107-0037-0000-0000-0000419CB183 Message-Id: <1504164285-15095-13-git-send-email-cclaudio@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-31_02:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708310114 Subject: [Skiboot] [PATCH v2 12/14] libstb: check container version before using it X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" Secureboot containers can be built for any cvc version, including one that is not supported by skiboot. The version is stored in the container. This checks the container version before using it. Signed-off-by: Claudio Carvalho --- libstb/container.c | 47 +++++++++++++++++++++++++++++++++++++---------- libstb/container.h | 9 +++++++-- libstb/stb.c | 32 +++++++++++++++++++++++--------- 3 files changed, 67 insertions(+), 21 deletions(-) diff --git a/libstb/container.c b/libstb/container.c index a720fbb..d421bd7 100644 --- a/libstb/container.c +++ b/libstb/container.c @@ -17,6 +17,17 @@ #include #include "container.h" +uint16_t stb_container_version(const void *buf, size_t size) +{ + ROM_container_raw *c; + + if (!stb_is_container(buf, size)) + return 0; + c = (ROM_container_raw*) buf; + + return be16_to_cpu(c->version); +} + bool stb_is_container(const void *buf, size_t size) { ROM_container_raw *c; @@ -29,6 +40,15 @@ bool stb_is_container(const void *buf, size_t size) return true; } +uint32_t stb_container_magic(const void *buf, size_t size) +{ + ROM_container_raw *c; + if (!stb_is_container(buf, size)) + return 0; + c = (ROM_container_raw*) buf; + return be32_to_cpu(c->magic_number); +} + uint32_t stb_payload_magic(const void *buf, size_t size) { uint8_t *p; @@ -40,15 +60,19 @@ uint32_t stb_payload_magic(const void *buf, size_t size) uint64_t stb_sw_payload_size(const void *buf, size_t size) { - struct parsed_stb_container c; + struct parsed_stb_container_v1 c; if (!stb_is_container(buf, size)) return 0; - if (parse_stb_container(buf, size, &c) != 0) - return 0; - return be64_to_cpu(c.sh->payload_size); + /* Container v1 */ + if (stb_container_version(buf, size) == 1) { + if (parse_stb_container_v1(buf, size, &c) != 0) + return 0; + return be64_to_cpu(c.sh->payload_size); + } + return 0; } -int parse_stb_container(const void* data, size_t len, struct parsed_stb_container *c) +int parse_stb_container_v1(const void* data, size_t len, struct parsed_stb_container_v1 *c) { const size_t prefix_data_min_size = 3 * (EC_COORDBYTES * 2); c->buf = data; @@ -65,14 +89,17 @@ int parse_stb_container(const void* data, size_t len, struct parsed_stb_containe const uint8_t* stb_sw_payload_hash(const void *buf, size_t size) { - struct parsed_stb_container c; + struct parsed_stb_container_v1 c; if (!stb_is_container(buf, size)) return NULL; - if (parse_stb_container(buf, size, &c) != 0) - return NULL; - - return c.sh->payload_hash; + /* Container v1 */ + if (stb_container_version(buf, size) == 1) { + if (parse_stb_container_v1(buf, size, &c) != 0) + return NULL; + return c.sh->payload_hash; + } + return NULL; } diff --git a/libstb/container.h b/libstb/container.h index 1233e7e..b55508e 100644 --- a/libstb/container.h +++ b/libstb/container.h @@ -123,7 +123,7 @@ typedef struct { be64 log; }__attribute__((packed)) ROM_hw_params; -struct parsed_stb_container { +struct parsed_stb_container_v1 { const void *buf; size_t bufsz; const ROM_container_raw *c; @@ -147,7 +147,12 @@ bool stb_is_container(const void* buf, size_t size); const uint8_t* stb_sw_payload_hash(const void* buf, size_t size); uint64_t stb_sw_payload_size(const void *buf, size_t size); -int parse_stb_container(const void* data, size_t len, struct parsed_stb_container *c); +int parse_stb_container_v1(const void* data, size_t len, + struct parsed_stb_container_v1 *c); + +uint16_t stb_container_version(const void* buf, size_t size); + +uint32_t stb_container_magic(const void* buf, size_t size); void stb_print_data(const void *data, size_t len); diff --git a/libstb/stb.c b/libstb/stb.c index 3bc41c6..f0eb108 100644 --- a/libstb/stb.c +++ b/libstb/stb.c @@ -405,6 +405,7 @@ int tb_measure(enum resource_id id, void *buf, size_t len) int sb_verify(enum resource_id id, void *buf, size_t len) { const char *name; + int rc = -1; if (!secure_mode) { prlog(PR_INFO, "STB: %s skipped resource %d, " @@ -418,22 +419,35 @@ int sb_verify(enum resource_id id, void *buf, size_t len) "resource_id=%d unknown\n", id); sb_enforce(); } - if (!c1vc || !c1vc->verify) { - prlog(PR_EMERG, "STB: secure boot not initialized\n"); - sb_enforce(); - } if (!buf || len < SECURE_BOOT_HEADERS_SIZE) { prlog(PR_EMERG, "STB: %s arg error: id %d, buf %p, len %zd\n", __func__, id, buf, len); sb_enforce(); } - if (c1vc->verify((void*) c1vc->verify_addr, name, buf, - hw_key_hash, hw_key_hash_size)) { - prlog(PR_EMERG, "STB: %s failed: resource %s, " - "eyecatcher 0x%016llx\n", __func__, name, - *((uint64_t*)buf)); + if (!stb_is_container(buf, len)) { + prlog(PR_EMERG, "STB: %s NOT VERIFIED, magic_number=%x " + "not supported\n", name, stb_container_magic(buf, len)); sb_enforce(); } + + /* Handle container version 1 */ + if (stb_container_version(buf, len) == 1) { + + if (c1vc && c1vc->verify) + rc = c1vc->verify((void*) c1vc->verify_addr, name, buf, + hw_key_hash, hw_key_hash_size); + else + prlog(PR_EMERG, "STB: %s NOT VERIFIED, secureboot not " + "initialized\n", name); + + } else { + prlog(PR_EMERG, "STB: %s NOT VERIFIED, version=%d not supported\n", + name, stb_container_version(buf, len)); + } + + if (rc) + sb_enforce(); + prlog(PR_NOTICE, "STB: %s verified\n", name); return 0; } From patchwork Thu Aug 31 07:24:44 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Claudio Carvalho X-Patchwork-Id: 808099 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xjYqj1n9dz9sNc for ; Thu, 31 Aug 2017 17:27:45 +1000 (AEST) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xjYqh4bWFzDqlN for ; Thu, 31 Aug 2017 17:27:44 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xjYn16dd4zDqSb for ; Thu, 31 Aug 2017 17:25:25 +1000 (AEST) Received: from pps.filterd (m0098410.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7V7NhUG064352 for ; Thu, 31 Aug 2017 03:25:24 -0400 Received: from e12.ny.us.ibm.com (e12.ny.us.ibm.com [129.33.205.202]) by mx0a-001b2d01.pphosted.com with ESMTP id 2cpdby26ap-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 31 Aug 2017 03:25:24 -0400 Received: from localhost by e12.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Aug 2017 03:25:23 -0400 Received: from b01cxnp22035.gho.pok.ibm.com (9.57.198.25) by e12.ny.us.ibm.com (146.89.104.199) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 31 Aug 2017 03:25:21 -0400 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp22035.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v7V7PKej31916266 for ; Thu, 31 Aug 2017 07:25:20 GMT Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id 3EA38112040 for ; Thu, 31 Aug 2017 03:25:06 -0400 (EDT) X-IMSS-HAND-OFF-DIRECTIVE: 127.0.0.1:10026 Received: from legolas.ibm.com (unknown [9.85.193.48]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id E16C5112040; Thu, 31 Aug 2017 03:25:02 -0400 (EDT) From: Claudio Carvalho To: skiboot@lists.ozlabs.org Date: Thu, 31 Aug 2017 04:24:44 -0300 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> References: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17083107-0048-0000-0000-000001DC4D51 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007640; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000226; SDB=6.00910097; UDB=6.00456510; IPR=6.00690378; BA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938; XFM=3.00000015; UTC=2017-08-31 07:25:22 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17083107-0049-0000-0000-00004267EF83 Message-Id: <1504164285-15095-14-git-send-email-cclaudio@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-31_02:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708310114 Subject: [Skiboot] [PATCH v2 13/14] libstb/stb.c: fix trustedboot abort X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" Trustedboot doesn't halt the boot, secureboot does. This replaces the abort calls in the trustedboot code by simple return calls. Signed-off-by: Claudio Carvalho --- libstb/stb.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/libstb/stb.c b/libstb/stb.c index f0eb108..cf40b2c 100644 --- a/libstb/stb.c +++ b/libstb/stb.c @@ -363,7 +363,7 @@ int tb_measure(enum resource_id id, void *buf, size_t len) digestp = stb_sw_payload_hash(buf, len); if(!digestp) { prlog(PR_EMERG, "STB Container is corrupt, can't find hash\n"); - abort(); + return -1; } c1vc->sha512((void*) c1vc->sha512_addr, @@ -377,9 +377,7 @@ int tb_measure(enum resource_id id, void *buf, size_t len) stb_print_data(digestp, TPM_ALG_SHA256_SIZE); prlog(PR_ALERT, "STB: Computed hash (on %lx bytes):\n", len); stb_print_data(digest, TPM_ALG_SHA256_SIZE); - - if (secure_mode) - abort(); + return -1; } } else { c1vc->sha512((void*) c1vc->sha512_addr, buf, len, digest); From patchwork Thu Aug 31 07:24:45 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Claudio Carvalho X-Patchwork-Id: 808102 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xjYrF4rsRz9sNc for ; Thu, 31 Aug 2017 17:28:13 +1000 (AEST) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xjYrF3xzZzDr2S for ; Thu, 31 Aug 2017 17:28:13 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xjYn25QtNzDqTt for ; Thu, 31 Aug 2017 17:25:26 +1000 (AEST) Received: from pps.filterd (m0098409.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7V7O5Is048741 for ; Thu, 31 Aug 2017 03:25:24 -0400 Received: from e12.ny.us.ibm.com (e12.ny.us.ibm.com [129.33.205.202]) by mx0a-001b2d01.pphosted.com with ESMTP id 2cp9ds1d79-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 31 Aug 2017 03:25:24 -0400 Received: from localhost by e12.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Aug 2017 03:25:23 -0400 Received: from b01cxnp22035.gho.pok.ibm.com (9.57.198.25) by e12.ny.us.ibm.com (146.89.104.199) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 31 Aug 2017 03:25:21 -0400 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp22035.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v7V7PKor33030212 for ; Thu, 31 Aug 2017 07:25:20 GMT Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id 5E127112034 for ; Thu, 31 Aug 2017 03:25:06 -0400 (EDT) X-IMSS-HAND-OFF-DIRECTIVE: 127.0.0.1:10026 Received: from legolas.ibm.com (unknown [9.85.193.48]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP id D840B11204B; Thu, 31 Aug 2017 03:25:04 -0400 (EDT) From: Claudio Carvalho To: skiboot@lists.ozlabs.org Date: Thu, 31 Aug 2017 04:24:45 -0300 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> References: <1504164285-15095-1-git-send-email-cclaudio@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17083107-0048-0000-0000-000001DC4D52 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007640; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000226; SDB=6.00910097; UDB=6.00456510; IPR=6.00690378; BA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938; XFM=3.00000015; UTC=2017-08-31 07:25:22 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17083107-0049-0000-0000-00004267EF84 Message-Id: <1504164285-15095-15-git-send-email-cclaudio@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-31_02:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708310114 Subject: [Skiboot] [PATCH v2 14/14] libstb/stb.c: fix log messages X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" This just makes sure that the stb log messages are following the same logic. Signed-off-by: Claudio Carvalho --- libstb/stb.c | 78 ++++++++++++++++++++++++++---------------------------------- 1 file changed, 34 insertions(+), 44 deletions(-) diff --git a/libstb/stb.c b/libstb/stb.c index cf40b2c..da0c534 100644 --- a/libstb/stb.c +++ b/libstb/stb.c @@ -311,16 +311,13 @@ int stb_final(void) int tb_measure(enum resource_id id, void *buf, size_t len) { uint8_t digest[SHA512_DIGEST_LENGTH]; - const uint8_t *digestp; + const uint8_t *payload_hash = NULL; const char *name; TPM_Pcr pcr; - digestp = NULL; - if (!trusted_mode) { - prlog(PR_INFO, "STB: %s skipped resource %d, " - "trusted_mode=0\n", __func__, id); - return STB_TRUSTED_MODE_DISABLED; - } + if (!trusted_mode) + return 1; + name = flash_map_resource_name(id); if (!name) { /** @@ -343,56 +340,49 @@ int tb_measure(enum resource_id id, void *buf, size_t len) } if (!buf) { /** - * @fwts-label STBNullResourceReceived - * @fwts-advice Null resource passed to tb_measure. This has - * come from the resource load framework and likely indicates a - * bug in the framework. + * @fwts-label ResourceNotMeasuredNull + * @fwts-advice This is a bug. The tb_measure() caller provided + * a NULL container. */ - prlog(PR_ERR, "STB: %s failed: resource %s, buf null\n", - __func__, name); - return STB_ARG_ERROR; + prlog(PR_ERR, "STB: %s NOT MEASURED, it's null\n", name); + return -1; } memset(digest, 0, SHA512_DIGEST_LENGTH); - /* - * In secure mode we can use the sw-payload-hash from the container - * header to measure the container payload. Otherwise we must calculate - * the hash of the container payload (if it's a container) or the image - * (if it's not a container) - */ + if (stb_is_container(buf, len)) { - digestp = stb_sw_payload_hash(buf, len); - if(!digestp) { - prlog(PR_EMERG, "STB Container is corrupt, can't find hash\n"); + payload_hash = stb_sw_payload_hash(buf, len); + if(!payload_hash) { + prlog(PR_EMERG, "STB: %s container NOT MEASURED, " + "sw-payload-hash not found\n", name); return -1; } c1vc->sha512((void*) c1vc->sha512_addr, buf + SECURE_BOOT_HEADERS_SIZE, len - SECURE_BOOT_HEADERS_SIZE, digest); - - prlog(PR_INFO, "STB: %s sha512 hash re-calculated\n", name); - if (memcmp(digestp, digest, TPM_ALG_SHA256_SIZE) != 0) { - prlog(PR_ALERT, "STB: HASH IN CONTAINER DOESN'T MATCH CONTENT!\n"); - prlog(PR_ALERT, "STB: Container hash:\n"); - stb_print_data(digestp, TPM_ALG_SHA256_SIZE); - prlog(PR_ALERT, "STB: Computed hash (on %lx bytes):\n", len); + prlog(PR_INFO, "STB: %s sw-payload-hash calculated\n", name); + + if (memcmp(payload_hash, digest, TPM_ALG_SHA256_SIZE) != 0) { + prlog(PR_ALERT, "STB: %s NOT MEASURED, " + "sw-payload-hash doesn't match content\n", name); + prlog(PR_ALERT, "STB: %s sw-payload-hash:\n", name); + stb_print_data(payload_hash, TPM_ALG_SHA256_SIZE); + prlog(PR_ALERT, "STB: %s computed hash (on %lx bytes):\n", + name, len); stb_print_data(digest, TPM_ALG_SHA256_SIZE); return -1; } } else { c1vc->sha512((void*) c1vc->sha512_addr, buf, len, digest); - prlog(PR_INFO, "STB: %s sha512 hash calculated\n", name); + prlog(PR_INFO, "STB: %s hash calculated\n", name); } #ifdef STB_DEBUG - /* print the payload/image hash */ - prlog(PR_NOTICE, "STB: %s hash:\n", resource_map[r].name); stb_print_data(digest, TPM_ALG_SHA256_SIZE); #endif /* - * Measure the resource. Since the ROM code doesn't provide a sha1 hash - * algorithm, the sha512 hash is truncated to match the size required - * by each PCR bank. + * Measure the resource to the same PCR number in both sha256 and sha1 + * PCR banks. The sha512 hash provided is truncated accordingly. */ return tpm_extendl(pcr, TPM_ALG_SHA256, digest, TPM_ALG_SHA256_SIZE, @@ -405,11 +395,8 @@ int sb_verify(enum resource_id id, void *buf, size_t len) const char *name; int rc = -1; - if (!secure_mode) { - prlog(PR_INFO, "STB: %s skipped resource %d, " - "secure_mode=0\n", __func__, id); - return STB_SECURE_MODE_DISABLED; - } + if (!secure_mode) + return 1; name = flash_map_resource_name(id); if (!name) { @@ -417,9 +404,12 @@ int sb_verify(enum resource_id id, void *buf, size_t len) "resource_id=%d unknown\n", id); sb_enforce(); } - if (!buf || len < SECURE_BOOT_HEADERS_SIZE) { - prlog(PR_EMERG, "STB: %s arg error: id %d, buf %p, len %zd\n", - __func__, id, buf, len); + if (!buf) { + prlog(PR_EMERG, "STB: %s NOT VERIFIED, it's null\n", name); + sb_enforce(); + } + if (len < SECURE_BOOT_HEADERS_SIZE) { + prlog(PR_EMERG, "STB: %s NOT VERIFIED, it's too small\n", name); sb_enforce(); } if (!stb_is_container(buf, len)) {