[Skiboot] [PATCH 08/15] libstb: Add secure boot header structures
Claudio Carvalho
cclaudio at linux.vnet.ibm.com
Thu Sep 22 23:11:12 AEST 2016
On 09/15/2016 07:14 AM, Stewart Smith wrote:
> Claudio Carvalho <cclaudio at linux.vnet.ibm.com> writes:
>> --- /dev/null
>> +++ b/libstb/container.h
>> @@ -0,0 +1,139 @@
>> +/* Copyright 2013-2016 IBM Corp.
>> + *
>> + * Licensed under the Apache License, Version 2.0 (the "License");
>> + * you may not use this file except in compliance with the License.
>> + * You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing, software
>> + * distributed under the License is distributed on an "AS IS" BASIS,
>> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
>> + * implied.
>> + * See the License for the specific language governing permissions and
>> + * limitations under the License.
>> + */
>> +
>> +#ifndef __STB_CONTAINER_H
>> +#define __STB_CONTAINER_H
>> +
>> +#include <stdint.h>
>> +
>> +#define SECURE_BOOT_HEADERS_SIZE 4096
>> +
>> +#define SHA256_DIGEST_LENGTH 32
>> +
>> +/**
>> + * The defines and structures below come from the secure ROM source code
>> + * (trusted_boot_rom). Here you will find only the ones required by the
>> + * secure and trusted boot implementation in skiboot.
>> + */
>> +
>> +/* From trusted_boot_rom/src/sha512.h */
>> +#define SHA512_DIGEST_LENGTH 64
>> +typedef uint8_t __attribute__((aligned(8))) sha2_hash_t[ SHA512_DIGEST_LENGTH / sizeof(uint8_t) ];
>> +typedef uint8_t sha2_byte; // Exactly 1 byte
>> +
>> +/* From trusted_boot_rom/src/hw_utils.h */
>> +#define ECID_SIZE 16
>> +
>> +/* From trusted_boot_rom/src/ecverify.h */
>> +#define EC_COORDBYTES 66 /* P-521 */
>> +typedef uint8_t ecc_key_t[2*EC_COORDBYTES];
>> +typedef uint8_t ecc_signature_t[2*EC_COORDBYTES];
>> +
>> +/* From trusted_boot_rom/src/ROM.h */
>> +#define ROM_MAGIC_NUMBER 0x17082011
>> +
>> +typedef struct {
>> + uint16_t version; /* (1: see versions above) */
>> + uint8_t hash_alg; /* (1: SHA-512) */
>> + uint8_t sig_alg; /* (1: SHA-512/ECDSA-521) */
>> +}__attribute__((packed)) ROM_version_raw;
>
> IIRC it was sig_alg here that conflicted wiht "unused" in the
> https://github.com/open-power/sb-signing-utils/pull/1/files proposed
> signing utils (although considering the problems there, I'm more
> convinced your code is correct).
>
> But.. since this is dealing with something that's baked into
> hardware.. where did this exactly come from?
>
> The other thing that came to me while running this morning... since this
> is a representation of a serialized data structure, it'd be good to use
> the be32/be16/be64 types and be32_to_cpu() "converters" so that if we
> were ever crazy enough to do a LE skiboot, everything would "just
> work". It also means that you can more easily write unit tests that'll
> work on LE platforms.
>
Yes, good point.
Replaced the uint16_t, uint32_t and uint64_t types in the serialized
structures by its corresponding be* type and changed the consumers to
access the data using the corresponding be*_to_cpu() function.
More information about the Skiboot
mailing list