[Skiboot] [PATCH 01/15] doc/device-tree: Add ibm, secureboot.txt

Claudio Carvalho cclaudio at linux.vnet.ibm.com
Fri Sep 2 13:51:37 AEST 2016 


On 09/01/2016 05:46 AM, Stewart Smith wrote:
> Claudio Carvalho <cclaudio at linux.vnet.ibm.com> writes:
>> This adds a documentation for the ibm,secureboot device tree node.
>>
>> Signed-off-by: Claudio Carvalho <cclaudio at linux.vnet.ibm.com>
>> ---
>>  doc/device-tree/ibm,secureboot.txt | 42 ++++++++++++++++++++++++++++++++++++++
>>  1 file changed, 42 insertions(+)
>>  create mode 100644 doc/device-tree/ibm,secureboot.txt
>>
>> diff --git a/doc/device-tree/ibm,secureboot.txt b/doc/device-tree/ibm,secureboot.txt
>> new file mode 100644
>> index 0000000..387cb25
>> --- /dev/null
>> +++ b/doc/device-tree/ibm,secureboot.txt
> 
> (minor point, but we recently switched to rst formatted docs. I'm not
> too fussed if you move it over to .rst or not, I can do that with merge)
> 
>> @@ -0,0 +1,42 @@
>> +Device tree bindings for ibm,secureboot
>> +=======================================
>> +
>> +This node represents the presence of the ROM verification code in the
>> +platform. It has properties related to secure boot and trusted boot.
> 
> Could you expand a bit on what you mean by ROM? (or point to the
> explanation).
> 
> Maybe something like:
> "In a secure ROM flashed during manufacturing, there may exist some code
> for secure/trusted boot. On POWER8, the presence of this code is announced to
> skiboot (by HostBoot) by the ibm,secureboot node."

I can replace the first paragraph by this in the V2:

"Secure boot and trusted boot relies on a code burned in a secure ROM at
manufacture time to verify and measure other codes before they are
executed. This ROM code is also referred to as ROM verification code.

On POWER8, the presence of the ROM code is announced to skiboot (by
Hostboot) by the ibm,secureboot node.

If the system is booting up in secure mode, the ROM code is called for
secure boot to verify the integrity and authenticity of a code before it
is executed.

If the system is booting up in trusted mode, the ROM code is called for
trusted boot to calculate the sha512 hash of a code before it is executed.

For further information about secure boot and trusted boot please refer
to 'doc/stb.rst'."

What do you think?

> 
> Obviously, with HDAT on P9, this is going to be different. Any idea
> what?

I don't know yet.

> 
> Is this a node in the device tree an OS is going to care about at all?
> 

No. For P8, this node is consumed only by skiboot. For P9, petitboot
will probably need to consume it as well.

> Is the source code to this ROM available somewhere? Considering it's the
> core of verifying things, it would good for people to be able to verify it.
> 

Not yet, but we will make it available soon.

>> +Required properties
>> +-------------------
>> +
>> +- compatible :  ibm,secureboot version. It is related to the ROM verification
>> +		code version.
>> +
>> +- hash-algo : 	hash algorithm used for the hw-key-hash. Aspects such as the
>> +		size of the hw-key-hash can be infered from this
>> property.
> 
> Would it be possible to support multiple hash algorithms at any point in
> time?
> 

Difficult question. I would be surprised if it supports multiple
algorithms at the same time, currently the ROM code is strongly tied to
the supported hash algorithm.

> What about if instead we had a list of hash algorithms and the keys in
> hw-key-hash-$ALGORITHM (e.g. hw-key-hash-sha512)?
> 
>> +- secure-enabled : this property exists whether the system is booting on
>> +		   secure mode.
>> +
>> +- trusted-enabled : this property exists whether the system is booting on
>> +		    trusted mode.
> 
> s/wheather/if/; s/on/in/;

I will apply this in the V2.

> 
>> +- hw-key-hash : hash of three concatenated hardware public key. This is
>> +		required by the ROM verification code to verify images.
>> +
>> +Example
>> +-------
>> +
>> +For the first version "ibm,secureboot-v1", the ROM verification code expects the
>> +hw-key-hash to be a sha512 hash.
>> +
>> +ibm,secureboot {
>> +	compatible = "ibm,secureboot-v1";
>> +	hash-algo = "sha512";
>> +	secure-enabled;
>> +	trusted-enabled;
>> +	hw-key-hash = <0x40d487ff 0x7380ed6a 0xd54775d5 0x795fea0d 0xe2f541fe
>> +0xa9db06b8 0x466a42a3 0x20e65f75 0xb4866546 0x17d907 0x515dc2a5 0xf9fc5095
>> +0x4d6ee0c9 0xb67d219d 0xfb708535 0x1d01d6d1>;
>> +	phandle = <0x100000fd>;
>> +	linux,phandle = <0x100000fd>;
>> +};
>> +
>> -- 
>> 1.9.1
>>
>> _______________________________________________
>> Skiboot mailing list
>> Skiboot at lists.ozlabs.org
>> https://lists.ozlabs.org/listinfo/skiboot
>

More information about the Skiboot mailing list