[PATCH u-boot v2019.04-aspeed-openbmc v2] aspeed: add CONFIG_ASPEED_ENABLE_BACKDOORS
Ryan Chen
ryan_chen at aspeedtech.com
Fri Apr 15 13:21:00 AEST 2022
Hello Zev,
I don't think it is good to send a patch to enable security backdoor.
It should not be enabled, even it user aware it.
That will cause big issues in BMC.
Ryan
> -----Original Message-----
> From: Zev Weiss <zev at bewilderbeest.net>
> Sent: Friday, April 15, 2022 6:40 AM
> To: Joel Stanley <joel at jms.id.au>; openbmc at lists.ozlabs.org
> Cc: Zev Weiss <zev at bewilderbeest.net>; Andrew Jeffery <andrew at aj.id.au>;
> Ryan Chen <ryan_chen at aspeedtech.com>
> Subject: [PATCH u-boot v2019.04-aspeed-openbmc v2] aspeed: add
> CONFIG_ASPEED_ENABLE_BACKDOORS
>
> On ast2400 and ast2500 we now default to disabling the various hardware
> backdoor interfaces as is done on ast2600, though the Kconfig option can be
> set to y to re-enable them if desired for debugging.
>
> This patch is based on a patch by Andrew Jeffery for an older u-boot branch in
> the OpenBMC tree for the df-isolate-bmc distro feature flag.
>
> Signed-off-by: Zev Weiss <zev at bewilderbeest.net>
> ---
>
> I've tested this on both ast2500 and ast2400, with the slight caveat that the
> only ast2400 hardware I have is a hostless (BMC-only) system.
>
> Changes since v1 [0]:
> - extended to cover ast2400
> - inverted sense of Kconfig option, default (n) is now secure mode
> - renamed some register/bit macros more appropriately
>
> [0]
> https://lore.kernel.org/openbmc/20220414040448.27100-1-zev@bewilderbees
> t.net/
>
> arch/arm/include/asm/arch-aspeed/platform.h | 7 ++
> .../arm/include/asm/arch-aspeed/scu_ast2400.h | 7
> ++ .../arm/include/asm/arch-aspeed/scu_ast2500.h | 8 ++
> arch/arm/mach-aspeed/Kconfig | 13 ++++
> arch/arm/mach-aspeed/ast2400/board_common.c | 68
> +++++++++++++++++
> arch/arm/mach-aspeed/ast2500/board_common.c | 73
> +++++++++++++++++++
> 6 files changed, 176 insertions(+)
>
> diff --git a/arch/arm/include/asm/arch-aspeed/platform.h
> b/arch/arm/include/asm/arch-aspeed/platform.h
> index f016bdaba3e7..f05747642f38 100644
> --- a/arch/arm/include/asm/arch-aspeed/platform.h
> +++ b/arch/arm/include/asm/arch-aspeed/platform.h
> @@ -15,24 +15,31 @@
>
> /***************************************************************
> ******************/
> #if defined(CONFIG_ASPEED_AST2400)
> #define ASPEED_MAC_COUNT 2
> +#define ASPEED_SDRAM_CTRL 0x1e6e0000
> #define ASPEED_HW_STRAP1 0x1e6e2070
> #define ASPEED_REVISION_ID 0x1e6e207C
> #define ASPEED_SYS_RESET_CTRL 0x1e6e203C
> #define ASPEED_VGA_HANDSHAKE0 0x1e6e2040 /* VGA fuction
> handshake register */
> +#define ASPEED_PCIE_CONFIG_SET 0x1e6e2180
> #define ASPEED_DRAM_BASE 0x40000000
> #define ASPEED_SRAM_BASE 0x1E720000
> +#define ASPEED_LPC_CTRL 0x1e789000
> #define ASPEED_SRAM_SIZE 0x8000
> #define ASPEED_FMC_CS0_BASE 0x20000000
> #elif defined(CONFIG_ASPEED_AST2500)
> #define ASPEED_MAC_COUNT 2
> +#define ASPEED_SDRAM_CTRL 0x1e6e0000
> +#define ASPEED_MISC1_CTRL 0x1e6e202C
> #define ASPEED_HW_STRAP1 0x1e6e2070
> #define ASPEED_HW_STRAP2 0x1e6e20D0
> #define ASPEED_REVISION_ID 0x1e6e207C
> #define ASPEED_SYS_RESET_CTRL 0x1e6e203C
> #define ASPEED_VGA_HANDSHAKE0 0x1e6e2040 /* VGA fuction
> handshake register */
> +#define ASPEED_PCIE_CONFIG_SET 0x1e6e2180
> #define ASPEED_MAC_COUNT 2
> #define ASPEED_DRAM_BASE 0x80000000
> #define ASPEED_SRAM_BASE 0x1E720000
> +#define ASPEED_LPC_CTRL 0x1e789000
> #define ASPEED_SRAM_SIZE 0x9000
> #define ASPEED_FMC_CS0_BASE 0x20000000
> #elif defined(CONFIG_ASPEED_AST2600)
> diff --git a/arch/arm/include/asm/arch-aspeed/scu_ast2400.h
> b/arch/arm/include/asm/arch-aspeed/scu_ast2400.h
> index 9c5d96ae84b9..55875fd8312f 100644
> --- a/arch/arm/include/asm/arch-aspeed/scu_ast2400.h
> +++ b/arch/arm/include/asm/arch-aspeed/scu_ast2400.h
> @@ -8,6 +8,7 @@
> #define SCU_HWSTRAP_VGAMEM_MASK (3 <<
> SCU_HWSTRAP_VGAMEM_SHIFT)
> #define SCU_HWSTRAP_MAC1_RGMII (1 << 6)
> #define SCU_HWSTRAP_MAC2_RGMII (1 << 7)
> +#define SCU_HWSTRAP_LPC_SIO_DEC_DIS (1 << 20)
> #define SCU_HWSTRAP_DDR4 (1 << 24)
> #define SCU_HWSTRAP_CLKIN_25MHZ (1 << 23)
>
> @@ -104,6 +105,12 @@
> #define SCU_CLKDUTY_RGMII2TXCK_SHIFT 16
> #define SCU_CLKDUTY_RGMII2TXCK_MASK (0x7f <<
> SCU_CLKDUTY_RGMII2TXCK_SHIFT)
>
> +#define SCU_PCIE_CONFIG_SET_VGA_MMIO (1 << 1)
> +#define SCU_PCIE_CONFIG_SET_BMC_EN (1 << 8)
> +#define SCU_PCIE_CONFIG_SET_BMC_MMIO (1 << 9)
> +#define SCU_PCIE_CONFIG_SET_BMC_DMA (1 << 14)
> +
> +
> struct ast2400_clk_priv {
> struct ast2400_scu *scu;
> };
> diff --git a/arch/arm/include/asm/arch-aspeed/scu_ast2500.h
> b/arch/arm/include/asm/arch-aspeed/scu_ast2500.h
> index 8fe4028e4ff0..06dc998afaa8 100644
> --- a/arch/arm/include/asm/arch-aspeed/scu_ast2500.h
> +++ b/arch/arm/include/asm/arch-aspeed/scu_ast2500.h
> @@ -11,6 +11,7 @@
> #define SCU_HWSTRAP_VGAMEM_MASK (3 <<
> SCU_HWSTRAP_VGAMEM_SHIFT)
> #define SCU_HWSTRAP_MAC1_RGMII (1 << 6)
> #define SCU_HWSTRAP_MAC2_RGMII (1 << 7)
> +#define SCU_HWSTRAP_LPC_SIO_DEC_DIS (1 << 20)
> #define SCU_HWSTRAP_DDR4 (1 << 24)
> #define SCU_HWSTRAP_CLKIN_25MHZ (1 << 23)
>
> @@ -107,6 +108,13 @@
> #define SCU_CLKDUTY_RGMII2TXCK_SHIFT 16
> #define SCU_CLKDUTY_RGMII2TXCK_MASK (0x7f <<
> SCU_CLKDUTY_RGMII2TXCK_SHIFT)
>
> +#define SCU_PCIE_CONFIG_SET_VGA_MMIO (1 << 1)
> +#define SCU_PCIE_CONFIG_SET_BMC_EN (1 << 8)
> +#define SCU_PCIE_CONFIG_SET_BMC_MMIO (1 << 9)
> +#define SCU_PCIE_CONFIG_SET_BMC_DMA (1 << 14)
> +
> +#define SCU_MISC_DEBUG_UART_DISABLE (1 << 10)
> +
> struct ast2500_clk_priv {
> struct ast2500_scu *scu;
> };
> diff --git a/arch/arm/mach-aspeed/Kconfig b/arch/arm/mach-aspeed/Kconfig
> index 579a547df61e..4bbf6fff326d 100644
> --- a/arch/arm/mach-aspeed/Kconfig
> +++ b/arch/arm/mach-aspeed/Kconfig
> @@ -45,6 +45,19 @@ config ASPEED_AST2600
> which is enabled by support of LPC and eSPI peripherals.
> endchoice
>
> +config ASPEED_ENABLE_BACKDOORS
> + bool "Enable hardware features that provide back-door access to the
> BMC"
> + depends on ASPEED_AST2400 || ASPEED_AST2500
> + help
> + Aspeed BMCs include a number of hardware features that
> + provide access to BMC internals that is undesirable in
> + production systems for security reasons (iLPC2AHB, P2A,
> + PCIe, debug UART, X-DMA, LPC2AHB), but may be useful for
> + debugging. Say Y here to enable these features for a debug
> + (insecure) build. (This option is not available for the
> + ast2600, on which the backdoors are disabled
> + unconditionally.)
> +
> config ASPEED_PALLADIUM
> bool "Aspeed palladium for simulation"
> default n
> diff --git a/arch/arm/mach-aspeed/ast2400/board_common.c
> b/arch/arm/mach-aspeed/ast2400/board_common.c
> index 3829b069342e..10ce7af8c108 100644
> --- a/arch/arm/mach-aspeed/ast2400/board_common.c
> +++ b/arch/arm/mach-aspeed/ast2400/board_common.c
> @@ -4,14 +4,82 @@
> #include <ram.h>
> #include <timer.h>
> #include <asm/io.h>
> +#include <asm/arch/platform.h>
> +#include <asm/arch/scu_ast2400.h>
> #include <asm/arch/timer.h>
> #include <linux/err.h>
> #include <dm/uclass.h>
>
> DECLARE_GLOBAL_DATA_PTR;
>
> +#if !defined(CONFIG_ASPEED_ENABLE_BACKDOORS)
> +#define AST_LPC_HICR5 0x080
> +# define LPC_HICR5_ENFWH BIT(10)
> +#define AST_LPC_HICRB 0x100
> +# define LPC_HICRB_SIO_ILPC2AHB_DIS BIT(6)
> +
> +#define AST_SDMC_PROTECT 0x00
> +# define SDRAM_UNLOCK_KEY 0xfc600309
> +#define AST_SDMC_GFX_PROT 0x08
> +# define SDMC_GFX_PROT_VGA_CURSOR BIT(0) # define
> +SDMC_GFX_PROT_VGA_CG_READ BIT(1) # define
> SDMC_GFX_PROT_VGA_ASCII_READ
> +BIT(2) # define SDMC_GFX_PROT_VGA_CRT BIT(3) # define
> +SDMC_GFX_PROT_PCIE BIT(16) # define SDMC_GFX_PROT_XDMA BIT(17)
> +
> +static void isolate_bmc(void)
> +{
> + bool sdmc_unlocked;
> + u32 val;
> +
> + /* iLPC2AHB */
> + val = readl(ASPEED_HW_STRAP1);
> + val |= SCU_HWSTRAP_LPC_SIO_DEC_DIS;
> + writel(val, ASPEED_HW_STRAP1);
> +
> + val = readl(ASPEED_LPC_CTRL + AST_LPC_HICRB);
> + val |= LPC_HICRB_SIO_ILPC2AHB_DIS;
> + writel(val, ASPEED_LPC_CTRL + AST_LPC_HICRB);
> +
> + /* P2A, PCIe BMC */
> + val = readl(ASPEED_PCIE_CONFIG_SET);
> + val &= ~(SCU_PCIE_CONFIG_SET_BMC_DMA
> + | SCU_PCIE_CONFIG_SET_BMC_MMIO
> + | SCU_PCIE_CONFIG_SET_BMC_EN
> + | SCU_PCIE_CONFIG_SET_VGA_MMIO);
> + writel(val, ASPEED_PCIE_CONFIG_SET);
> +
> + /* X-DMA */
> + sdmc_unlocked = readl(ASPEED_SDRAM_CTRL + AST_SDMC_PROTECT);
> + if (!sdmc_unlocked)
> + writel(SDRAM_UNLOCK_KEY, ASPEED_SDRAM_CTRL +
> AST_SDMC_PROTECT);
> +
> + val = readl(ASPEED_SDRAM_CTRL + AST_SDMC_GFX_PROT);
> + val |= (SDMC_GFX_PROT_VGA_CURSOR
> + | SDMC_GFX_PROT_VGA_CG_READ
> + | SDMC_GFX_PROT_VGA_ASCII_READ
> + | SDMC_GFX_PROT_VGA_CRT
> + | SDMC_GFX_PROT_PCIE
> + | SDMC_GFX_PROT_XDMA);
> + writel(val, ASPEED_SDRAM_CTRL + AST_SDMC_GFX_PROT);
> +
> + if (!sdmc_unlocked)
> + writel(~SDRAM_UNLOCK_KEY, ASPEED_SDRAM_CTRL +
> AST_SDMC_PROTECT);
> +
> + /* LPC2AHB */
> + val = readl(ASPEED_LPC_CTRL + AST_LPC_HICR5);
> + val &= ~LPC_HICR5_ENFWH;
> + writel(val, ASPEED_LPC_CTRL + AST_LPC_HICR5); } #endif
> +
> __weak int board_init(void)
> {
> +#if !defined(CONFIG_ASPEED_ENABLE_BACKDOORS)
> + isolate_bmc();
> +#endif
> +
> gd->bd->bi_boot_params = CONFIG_SYS_SDRAM_BASE + 0x100;
>
> return 0;
> diff --git a/arch/arm/mach-aspeed/ast2500/board_common.c
> b/arch/arm/mach-aspeed/ast2500/board_common.c
> index ce541e88fb8e..29554011eb38 100644
> --- a/arch/arm/mach-aspeed/ast2500/board_common.c
> +++ b/arch/arm/mach-aspeed/ast2500/board_common.c
> @@ -7,18 +7,91 @@
> #include <ram.h>
> #include <timer.h>
> #include <asm/io.h>
> +#include <asm/arch/platform.h>
> +#include <asm/arch/scu_ast2500.h>
> +#include <asm/arch/sdram_ast2500.h>
> #include <asm/arch/timer.h>
> #include <linux/err.h>
> #include <dm/uclass.h>
>
> DECLARE_GLOBAL_DATA_PTR;
>
> +#if !defined(CONFIG_ASPEED_ENABLE_BACKDOORS)
> +#define AST_LPC_HICR5 0x080
> +# define LPC_HICR5_ENFWH BIT(10)
> +#define AST_LPC_HICRB 0x100
> +# define LPC_HICRB_SIO_ILPC2AHB_DIS BIT(6)
> +
> +# define AST_SDMC_PROTECT 0x00
> +# define AST_SDMC_GFX_PROT 0x08
> +# define SDMC_GFX_PROT_VGA_CURSOR BIT(0) # define
> +SDMC_GFX_PROT_VGA_CG_READ BIT(1) # define
> SDMC_GFX_PROT_VGA_ASCII_READ
> +BIT(2) # define SDMC_GFX_PROT_VGA_CRT BIT(3) # define
> +SDMC_GFX_PROT_PCIE BIT(16) # define SDMC_GFX_PROT_XDMA BIT(17)
> +
> +static void isolate_bmc(void)
> +{
> + bool sdmc_unlocked;
> + u32 val;
> +
> + /* iLPC2AHB */
> + val = readl(ASPEED_HW_STRAP1);
> + val |= SCU_HWSTRAP_LPC_SIO_DEC_DIS;
> + writel(val, ASPEED_HW_STRAP1);
> +
> + val = readl(ASPEED_LPC_CTRL + AST_LPC_HICRB);
> + val |= LPC_HICRB_SIO_ILPC2AHB_DIS;
> + writel(val, ASPEED_LPC_CTRL + AST_LPC_HICRB);
> +
> + /* P2A, PCIe BMC */
> + val = readl(ASPEED_PCIE_CONFIG_SET);
> + val &= ~(SCU_PCIE_CONFIG_SET_BMC_DMA
> + | SCU_PCIE_CONFIG_SET_BMC_MMIO
> + | SCU_PCIE_CONFIG_SET_BMC_EN
> + | SCU_PCIE_CONFIG_SET_VGA_MMIO);
> + writel(val, ASPEED_PCIE_CONFIG_SET);
> +
> + /* Debug UART */
> + val = readl(ASPEED_MISC1_CTRL);
> + val |= SCU_MISC_DEBUG_UART_DISABLE;
> + writel(val, ASPEED_MISC1_CTRL);
> +
> + /* X-DMA */
> + sdmc_unlocked = readl(ASPEED_SDRAM_CTRL + AST_SDMC_PROTECT);
> + if (!sdmc_unlocked)
> + writel(SDRAM_UNLOCK_KEY, ASPEED_SDRAM_CTRL +
> AST_SDMC_PROTECT);
> +
> + val = readl(ASPEED_SDRAM_CTRL + AST_SDMC_GFX_PROT);
> + val |= (SDMC_GFX_PROT_VGA_CURSOR
> + | SDMC_GFX_PROT_VGA_CG_READ
> + | SDMC_GFX_PROT_VGA_ASCII_READ
> + | SDMC_GFX_PROT_VGA_CRT
> + | SDMC_GFX_PROT_PCIE
> + | SDMC_GFX_PROT_XDMA);
> + writel(val, ASPEED_SDRAM_CTRL + AST_SDMC_GFX_PROT);
> +
> + if (!sdmc_unlocked)
> + writel(~SDRAM_UNLOCK_KEY, ASPEED_SDRAM_CTRL +
> AST_SDMC_PROTECT);
> +
> + /* LPC2AHB */
> + val = readl(ASPEED_LPC_CTRL + AST_LPC_HICR5);
> + val &= ~LPC_HICR5_ENFWH;
> + writel(val, ASPEED_LPC_CTRL + AST_LPC_HICR5); } #endif
> +
> __weak int board_init(void)
> {
> struct udevice *dev;
> int i;
> int ret;
>
> +#if !defined(CONFIG_ASPEED_ENABLE_BACKDOORS)
> + isolate_bmc();
> +#endif
> +
> gd->bd->bi_boot_params = CONFIG_SYS_SDRAM_BASE + 0x100;
>
> /*
> --
> 2.35.1
More information about the openbmc
mailing list