[Skiboot] [PATCH 06/13] libstb: rename drivers/sw_driver.* to cvc/c1vc_mbedtls.*

Claudio Carvalho cclaudio at linux.vnet.ibm.com
Thu Aug 31 16:45:54 AEST 2017


This gives a better name to the drivers/sw_driver.* files and also moves
them to a better place. The function names are also renamed accordingly.

sw_driver emulates the container version 1 verification code so that we
can run tests using mambo. In summary, the function to verify containers
is not emulated, but the sha512 function is emulated using the sha512
code provided by the mbedtls project.

Signed-off-by: Claudio Carvalho <cclaudio at linux.vnet.ibm.com>
---
 libstb/cvc/Makefile.inc     |  2 +-
 libstb/cvc/c1vc_mbedtls.c   | 76 +++++++++++++++++++++++++++++++++++++++++++++
 libstb/cvc/c1vc_mbedtls.h   | 24 ++++++++++++++
 libstb/drivers/Makefile.inc |  2 +-
 libstb/drivers/sw_driver.c  | 76 ---------------------------------------------
 libstb/drivers/sw_driver.h  | 24 --------------
 libstb/rom.c                |  4 +--
 7 files changed, 104 insertions(+), 104 deletions(-)
 create mode 100644 libstb/cvc/c1vc_mbedtls.c
 create mode 100644 libstb/cvc/c1vc_mbedtls.h
 delete mode 100644 libstb/drivers/sw_driver.c
 delete mode 100644 libstb/drivers/sw_driver.h

diff --git a/libstb/cvc/Makefile.inc b/libstb/cvc/Makefile.inc
index 8ce86d5..ab3419e 100644
--- a/libstb/cvc/Makefile.inc
+++ b/libstb/cvc/Makefile.inc
@@ -4,7 +4,7 @@ CVC_DIR = libstb/cvc
 
 SUBDIRS += $(CVC_DIR)
 
-CVC_SRCS = c1vc.c
+CVC_SRCS = c1vc.c c1vc_mbedtls.c
 CVC_OBJS = $(CVC_SRCS:%.c=%.o)
 CVC = $(CVC_DIR)/built-in.o
 
diff --git a/libstb/cvc/c1vc_mbedtls.c b/libstb/cvc/c1vc_mbedtls.c
new file mode 100644
index 0000000..8a7c404
--- /dev/null
+++ b/libstb/cvc/c1vc_mbedtls.c
@@ -0,0 +1,76 @@
+/* Copyright 2013-2016 IBM Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * 	http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <chip.h>
+#include <string.h>
+#include <skiboot.h>
+#include "../rom.h"
+#include "sha512.h"
+#include "c1vc_mbedtls.h"
+
+static sha2_hash_t *hw_key_hash = NULL;
+
+static int c1vc_mbedtls_verify(void *container __unused)
+{
+	return -100;
+}
+
+static void c1vc_mbedtls_sha512(const uint8_t *data, size_t len, uint8_t *digest)
+{
+	mbedtls_sha512_context ctx;
+	mbedtls_sha512_init(&ctx);
+	memset(digest, 0, sizeof(sha2_hash_t));
+	mbedtls_sha512_starts(&ctx, 0); // SHA512 = 0
+	mbedtls_sha512_update(&ctx, data, len);
+	mbedtls_sha512_finish(&ctx, digest);
+	mbedtls_sha512_free(&ctx);
+}
+
+static void c1vc_mbedtls_cleanup(void)
+{
+	return;
+}
+
+static struct container_verification_code c1vc = {
+	.name    = "software",
+	.verify  = c1vc_mbedtls_verify,
+	.sha512  = c1vc_mbedtls_sha512,
+	.cleanup = c1vc_mbedtls_cleanup
+};
+
+void c1vc_mbedtls_probe(const struct dt_node *node)
+{
+	const char* hash_algo;
+
+	if (!dt_node_is_compatible(node, "ibm,secureboot-v1-softrom")) {
+		return;
+	}
+
+	hash_algo = dt_prop_get(node, "hash-algo");
+	if (strcmp(hash_algo, "sha512")) {
+		/**
+		 * @fwts-label ROMHashAlgorithmInvalid
+		 * @fwts-advice Hostboot creates the ibm,secureboot node and
+		 * the hash-algo property. Check that the ibm,secureboot node
+		 * layout has not changed.
+		 */
+		prlog(PR_ERR, "ROM: hash-algo=%s not expected\n", hash_algo);
+		return;
+	}
+	hw_key_hash = (sha2_hash_t*) dt_prop_get(node, "hw-key-hash");
+
+	rom_set_driver(&c1vc);
+}
diff --git a/libstb/cvc/c1vc_mbedtls.h b/libstb/cvc/c1vc_mbedtls.h
new file mode 100644
index 0000000..9027138
--- /dev/null
+++ b/libstb/cvc/c1vc_mbedtls.h
@@ -0,0 +1,24 @@
+/* Copyright 2013-2016 IBM Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __C1VC_MBEDTLS_H
+#define __C1VC_MBEDTLS_H
+
+#include <device.h>
+
+extern void c1vc_mbedtls_probe(const struct dt_node *node);
+
+#endif /* __C1VC_MBEDTLS_H */
diff --git a/libstb/drivers/Makefile.inc b/libstb/drivers/Makefile.inc
index 6425208..4ea867f 100644
--- a/libstb/drivers/Makefile.inc
+++ b/libstb/drivers/Makefile.inc
@@ -4,7 +4,7 @@ DRIVERS_DIR = libstb/drivers
 
 SUBDIRS += $(DRIVERS_DIR)
 
-DRIVERS_SRCS = tpm_i2c_interface.c tpm_i2c_nuvoton.c sw_driver.c sha512.c
+DRIVERS_SRCS = tpm_i2c_interface.c tpm_i2c_nuvoton.c sha512.c
 DRIVERS_OBJS = $(DRIVERS_SRCS:%.c=%.o)
 DRIVERS = $(DRIVERS_DIR)/built-in.o
 
diff --git a/libstb/drivers/sw_driver.c b/libstb/drivers/sw_driver.c
deleted file mode 100644
index 55224a2..0000000
--- a/libstb/drivers/sw_driver.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/* Copyright 2013-2016 IBM Corp.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * 	http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- * implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <chip.h>
-#include <string.h>
-#include <skiboot.h>
-#include "../rom.h"
-#include "sha512.h"
-#include "sw_driver.h"
-
-static sha2_hash_t *hw_key_hash = NULL;
-
-static int stb_software_verify(void *container __unused)
-{
-	return -100;
-}
-
-static void stb_software_sha512(const uint8_t *data, size_t len, uint8_t *digest)
-{
-	mbedtls_sha512_context ctx;
-	mbedtls_sha512_init(&ctx);
-	memset(digest, 0, sizeof(sha2_hash_t));
-	mbedtls_sha512_starts(&ctx, 0); // SHA512 = 0
-	mbedtls_sha512_update(&ctx, data, len);
-	mbedtls_sha512_finish(&ctx, digest);
-	mbedtls_sha512_free(&ctx);
-}
-
-static void stb_software_cleanup(void)
-{
-	return;
-}
-
-static struct container_verification_code c1vc = {
-	.name    = "software",
-	.verify  = stb_software_verify,
-	.sha512  = stb_software_sha512,
-	.cleanup = stb_software_cleanup
-};
-
-void stb_software_probe(const struct dt_node *node)
-{
-	const char* hash_algo;
-
-	if (!dt_node_is_compatible(node, "ibm,secureboot-v1-softrom")) {
-		return;
-	}
-
-	hash_algo = dt_prop_get(node, "hash-algo");
-	if (strcmp(hash_algo, "sha512")) {
-		/**
-		 * @fwts-label ROMHashAlgorithmInvalid
-		 * @fwts-advice Hostboot creates the ibm,secureboot node and
-		 * the hash-algo property. Check that the ibm,secureboot node
-		 * layout has not changed.
-		 */
-		prlog(PR_ERR, "ROM: hash-algo=%s not expected\n", hash_algo);
-		return;
-	}
-	hw_key_hash = (sha2_hash_t*) dt_prop_get(node, "hw-key-hash");
-
-	rom_set_driver(&c1vc);
-}
diff --git a/libstb/drivers/sw_driver.h b/libstb/drivers/sw_driver.h
deleted file mode 100644
index 73adabf..0000000
--- a/libstb/drivers/sw_driver.h
+++ /dev/null
@@ -1,24 +0,0 @@
-/* Copyright 2013-2016 IBM Corp.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- * implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __SW_DRIVER_H
-#define __SW_DRIVER_H
-
-#include <device.h>
-
-extern void stb_software_probe(const struct dt_node *node);
-
-#endif /* __ROMCODE_H */
diff --git a/libstb/rom.c b/libstb/rom.c
index 9054420..04ab364 100644
--- a/libstb/rom.c
+++ b/libstb/rom.c
@@ -17,7 +17,7 @@
 #include <skiboot.h>
 #include "rom.h"
 #include "cvc/c1vc.h"
-#include "drivers/sw_driver.h"
+#include "cvc/c1vc_mbedtls.h"
 
 static struct container_verification_code *c1vc = NULL;
 
@@ -30,7 +30,7 @@ struct container_verification_code* rom_init(const struct dt_node *node __unused
 	c1vc_probe(node);
 
 	if (!c1vc)
-		stb_software_probe(node);
+		c1vc_mbedtls_probe(node);
 
 	if (!c1vc)
 		prlog(PR_NOTICE, "ROM: no rom driver found\n");
-- 
2.7.4



More information about the Skiboot mailing list