[Skiboot] [PATCH v2 00/31] Add libstb and its dependencies
Claudio Carvalho
cclaudio at linux.vnet.ibm.com
Wed Sep 28 18:00:59 AEST 2016
Libstb provides an API for secure and trusted boot. This API can be used to add
secure and trusted boot support for the platforms. Habanero is our first
target.
This patch series adds the libstb and all its dependencies.
The first three patches add an initial libstb documentation
The following patches add the libstb dependencies:
* ROM code driver
* I2C Nuvoton TPM 2.0 device driver
* TCG Software Stack implementation
* Event log manager implementation
The last patch adds the libstb interface, which is defined in libstb/stb.h
Changelog v2:
- reordered patches - reported by Balbir Singh
- fixed documentation typos - reported by George Wilson
- overall documentation update
- converted the documentation to ReStructured Text format - reported by Stewart
Smith
- fixed braces to be compliant with kernel's brace style - reported by Oliver
O'Halloran and George Wilson
- renamed memcpy_ci() to memcpy_from_ci() and refactored its code - reported by
Oliver O'Halloran
- removed strnlen() patch. It's a good function to have, but no longer needed
by secure and trusted boot code
- added size_t parameter to the container header helpers for sanity check -
reported by Stewart Smith
- made container header code endian safe by using be16/be32/b364 types and
be*_to_cpu() - reported by Stewart Smith
- renamed tpm.{c,h} to tpm_chip.{c,h}
- refactored tpm_register_chip() in tpm_chip.c. TPM chip id is no longer based
on the label property. If tpm_register_chip() fails, it just disables the tpm
devtree node as opposed to abort the boot. Removed label property from device
tree documentation.
- Inverted the digest order for events added by skiboot in the event log.
SHA512 comes first, same as Hostboot events.
- removed STB_SUCCESS macro - reported by Stewart Smith
- splitted out the base Hostboot rom_entry.S code - reported by George Wilson
- splitted out the base Hostboot TSS and tpmLogMgr code - reported by George
Wilson
- splitted the Nuvoton TPM device driver patch into smaller patches - reported
by George Wilson
- splitted out the I2C functions from the Nuvoton TPM device driver by creating
the tpm_i2c_interface.{c.h}.
Claudio Carvalho (31):
doc: add initial secure and trusted boot documentation
doc/device-tree: add ibm,secureboot.rst
doc/device-tree: add tpm.rst
libc/string: add memcpy_from_ci()
asm: add Hostboot rom_entry.S
asm/rom_entry.S: fix parameters syntax
asm: add rom_entry.S to Makefile.inc
libstb: add required container header structures
libstb: add rom interface
libstb: add tpm_chip interface
libstb/drivers: add romcode driver
libstb/drivers: add tpm_i2c interface
libstb/drivers/tpm_i2c_nuvoton.c: check command ready
libstb/drivers/tpm_i2c_nuvoton.c: write FIFO
libstb/drivers/tpm_i2c_nuvoton.c: write tpmgo
libstb/drivers/tpm_i2c_nuvoton.c: read FIFO
libstb/drivers/tpm_i2c_nuvoton.c: write command ready
libstb/drivers/tpm_i2c_nuvoton.c: add probe function
libstb/tss: add hostboot TSS code for TPM 2.0
libstb/tss: maps hostboot routines to equivalent skiboot rotines
libstb/tpm_chip.h: declare the TpmTarget type for TSS
libstb/tss: include tpm_chip.h in trustedbootCmds.H
libstb/tss: implement TSS required functions
libstb/tss: add hostboot tpmLogMgr code for TPM 2.0
libstb/tss/tpmLogMgr: disable TpmLogMgr_dumpLog()
libstb/tss/tpmLogMgr: add support for EV_SEPARATOR events
libstb/tss/tpmLogMgr.C: remove the trustedTypes.H include
libstb/tss: add TSS and tpmLogMgr files to Makefile.inc
libstb/tpm_chip: register firwmare event log
libstb/tpm_chip: add tpm_extendl()
libstb: add secure and trusted boot interface
Makefile.main | 3 +-
asm/Makefile.inc | 2 +-
asm/rom_entry.S | 52 ++
doc/device-tree/ibm,secureboot.rst | 58 ++
doc/device-tree/tpm.rst | 45 ++
doc/stb.rst | 159 ++++++
libc/include/string.h | 3 +-
libc/string/Makefile.inc | 9 +-
libc/string/memcpy_from_ci.c | 47 ++
libstb/Makefile.inc | 14 +
libstb/container.c | 74 +++
libstb/container.h | 140 +++++
libstb/drivers/Makefile.inc | 11 +
libstb/drivers/romcode.c | 138 +++++
libstb/drivers/romcode.h | 24 +
libstb/drivers/tpm_i2c_interface.c | 130 +++++
libstb/drivers/tpm_i2c_interface.h | 27 +
libstb/drivers/tpm_i2c_nuvoton.c | 504 +++++++++++++++++
libstb/drivers/tpm_i2c_nuvoton.h | 22 +
libstb/rom.c | 51 ++
libstb/rom.h | 43 ++
libstb/status_codes.h | 38 ++
libstb/stb.c | 305 ++++++++++
libstb/stb.h | 74 +++
libstb/tpm_chip.c | 296 ++++++++++
libstb/tpm_chip.h | 108 ++++
libstb/tss/Makefile.inc | 13 +
libstb/tss/tpmLogMgr.C | 571 +++++++++++++++++++
libstb/tss/tpmLogMgr.H | 247 +++++++++
libstb/tss/trustedTypes.C | 927 +++++++++++++++++++++++++++++++
libstb/tss/trustedTypes.H | 467 ++++++++++++++++
libstb/tss/trustedboot.H | 72 +++
libstb/tss/trustedbootCmds.C | 1009 ++++++++++++++++++++++++++++++++++
libstb/tss/trustedbootCmds.H | 177 ++++++
libstb/tss/trustedbootUtils.C | 44 ++
libstb/tss/trustedbootUtils.H | 86 +++
libstb/tss/trustedboot_reasoncodes.H | 95 ++++
37 files changed, 6078 insertions(+), 7 deletions(-)
create mode 100644 asm/rom_entry.S
create mode 100644 doc/device-tree/ibm,secureboot.rst
create mode 100644 doc/device-tree/tpm.rst
create mode 100644 doc/stb.rst
create mode 100644 libc/string/memcpy_from_ci.c
create mode 100644 libstb/Makefile.inc
create mode 100644 libstb/container.c
create mode 100644 libstb/container.h
create mode 100644 libstb/drivers/Makefile.inc
create mode 100644 libstb/drivers/romcode.c
create mode 100644 libstb/drivers/romcode.h
create mode 100644 libstb/drivers/tpm_i2c_interface.c
create mode 100644 libstb/drivers/tpm_i2c_interface.h
create mode 100644 libstb/drivers/tpm_i2c_nuvoton.c
create mode 100644 libstb/drivers/tpm_i2c_nuvoton.h
create mode 100644 libstb/rom.c
create mode 100644 libstb/rom.h
create mode 100644 libstb/status_codes.h
create mode 100644 libstb/stb.c
create mode 100644 libstb/stb.h
create mode 100644 libstb/tpm_chip.c
create mode 100644 libstb/tpm_chip.h
create mode 100644 libstb/tss/Makefile.inc
create mode 100644 libstb/tss/tpmLogMgr.C
create mode 100644 libstb/tss/tpmLogMgr.H
create mode 100644 libstb/tss/trustedTypes.C
create mode 100644 libstb/tss/trustedTypes.H
create mode 100644 libstb/tss/trustedboot.H
create mode 100644 libstb/tss/trustedbootCmds.C
create mode 100644 libstb/tss/trustedbootCmds.H
create mode 100644 libstb/tss/trustedbootUtils.C
create mode 100644 libstb/tss/trustedbootUtils.H
create mode 100644 libstb/tss/trustedboot_reasoncodes.H
--
1.9.1
More information about the Skiboot
mailing list