[Skiboot] [PATCH v2 14/20] libstb: remove stb.c and obsolete companions
Claudio Carvalho
cclaudio at linux.vnet.ibm.com
Sat Dec 9 15:52:28 AEDT 2017
This removes all the files that were replaced by secureboot.c,
trustedboot.c and cvc.c.
Signed-off-by: Claudio Carvalho <cclaudio at linux.vnet.ibm.com>
---
libstb/Makefile.inc | 2 +-
libstb/drivers/Makefile.inc | 2 +-
libstb/drivers/romcode.c | 138 -------------------
libstb/drivers/romcode.h | 24 ----
libstb/drivers/sw_driver.c | 76 ----------
libstb/drivers/sw_driver.h | 24 ----
libstb/rom.c | 55 --------
libstb/rom.h | 43 ------
libstb/stb.c | 328 --------------------------------------------
libstb/stb.h | 72 ----------
10 files changed, 2 insertions(+), 762 deletions(-)
delete mode 100644 libstb/drivers/romcode.c
delete mode 100644 libstb/drivers/romcode.h
delete mode 100644 libstb/drivers/sw_driver.c
delete mode 100644 libstb/drivers/sw_driver.h
delete mode 100644 libstb/rom.c
delete mode 100644 libstb/rom.h
delete mode 100644 libstb/stb.c
delete mode 100644 libstb/stb.h
diff --git a/libstb/Makefile.inc b/libstb/Makefile.inc
index 7b90bd5..12b1509 100644
--- a/libstb/Makefile.inc
+++ b/libstb/Makefile.inc
@@ -4,7 +4,7 @@ LIBSTB_DIR = libstb
SUBDIRS += $(LIBSTB_DIR)
-LIBSTB_SRCS = container.c rom.c tpm_chip.c stb.c cvc.c secureboot.c trustedboot.c
+LIBSTB_SRCS = container.c tpm_chip.c cvc.c secureboot.c trustedboot.c
LIBSTB_OBJS = $(LIBSTB_SRCS:%.c=%.o)
LIBSTB = $(LIBSTB_DIR)/built-in.o
diff --git a/libstb/drivers/Makefile.inc b/libstb/drivers/Makefile.inc
index 9eaa257..3b8ed0f 100644
--- a/libstb/drivers/Makefile.inc
+++ b/libstb/drivers/Makefile.inc
@@ -4,7 +4,7 @@ DRIVERS_DIR = libstb/drivers
SUBDIRS += $(DRIVERS_DIR)
-DRIVERS_SRCS = romcode.c tpm_i2c_interface.c tpm_i2c_nuvoton.c sw_driver.c
+DRIVERS_SRCS = tpm_i2c_interface.c tpm_i2c_nuvoton.c
DRIVERS_OBJS = $(DRIVERS_SRCS:%.c=%.o)
DRIVERS = $(DRIVERS_DIR)/built-in.o
diff --git a/libstb/drivers/romcode.c b/libstb/drivers/romcode.c
deleted file mode 100644
index ab5f1aa..0000000
--- a/libstb/drivers/romcode.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/* Copyright 2013-2016 IBM Corp.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- * implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <chip.h>
-#include <xscom.h>
-#include <string.h>
-#include <skiboot.h>
-#include "../status_codes.h"
-#include "../rom.h"
-#include "romcode.h"
-
-#define DRIVER_NAME "romcode"
-
-#define ROMCODE_MEMORY_SIZE (16 * 1024)
-#define ROMCODE_XSCOM_ADDRESS 0x02020017
-
-/*
- * From the source code of the ROM code
- */
-#define ROMCODE_SHA512_OFFSET 0x20
-#define ROMCODE_VERIFY_OFFSET 0x30
-
-static const char *compat = "ibm,secureboot-v1";
-static void *romcode_base_addr = NULL;
-static sha2_hash_t *hw_key_hash = NULL;
-
-/*
- * Assembly interfaces to call into ROM code.
- * func_ptr is the ROM code function address, followed
- * by additional parameters as necessary
- */
-ROM_response __cvc_verify_v1(void *func_ptr, ROM_container_raw *container,
- ROM_hw_params *params);
-void __cvc_sha512_v1(void *func_ptr, const uint8_t *data, size_t len,
- uint8_t *digest);
-
-static int romcode_verify(void *container)
-{
- ROM_hw_params hw_params;
- ROM_response rc;
-
- memset(&hw_params, 0, sizeof(ROM_hw_params));
- memcpy(&hw_params.hw_key_hash, hw_key_hash, sizeof(sha2_hash_t));
- rc = __cvc_verify_v1(romcode_base_addr + ROMCODE_VERIFY_OFFSET,
- (ROM_container_raw*) container, &hw_params);
- if (rc != ROM_DONE) {
- /*
- * Verify failed. hw_params.log indicates what checking has
- * failed. This will abort the boot process.
- */
- prlog(PR_ERR, "ROM: %s failed (rc=%d, hw_params.log=0x%llx)\n",
- __func__, rc, be64_to_cpu(hw_params.log));
- return STB_VERIFY_FAILED;
- }
- return 0;
-}
-
-static void romcode_sha512(const uint8_t *data, size_t len, uint8_t *digest)
-{
- memset(digest, 0, sizeof(sha2_hash_t));
- __cvc_sha512_v1(romcode_base_addr + ROMCODE_SHA512_OFFSET,
- data, len, digest);
-}
-
-static void romcode_cleanup(void) {
- if (romcode_base_addr)
- free(romcode_base_addr);
- hw_key_hash = NULL;
-}
-
-static struct rom_driver_ops romcode_driver = {
- .name = DRIVER_NAME,
- .verify = romcode_verify,
- .sha512 = romcode_sha512,
- .cleanup = romcode_cleanup
-};
-
-void romcode_probe(const struct dt_node *node)
-{
- /* This xscom register has the ROM code base address */
- const uint32_t reg_addr = ROMCODE_XSCOM_ADDRESS;
- uint64_t reg_data;
- struct proc_chip *chip;
- const char* hash_algo;
-
- if (!dt_node_is_compatible(node, compat)) {
- prlog(PR_DEBUG, "ROM: %s node is not compatible\n",
- node->name);
- return;
- }
- /*
- * secureboot-v1 defines containers with sha512 hashes
- */
- hash_algo = dt_prop_get(node, "hash-algo");
- if (strcmp(hash_algo, "sha512")) {
- /**
- * @fwts-label ROMHashAlgorithmInvalid
- * @fwts-advice Hostboot creates the ibm,secureboot node and
- * the hash-algo property. Check that the ibm,secureboot node
- * layout has not changed.
- */
- prlog(PR_ERR, "ROM: hash-algo=%s not expected\n", hash_algo);
- return;
- }
- hw_key_hash = (sha2_hash_t*) dt_prop_get(node, "hw-key-hash");
- romcode_base_addr = malloc(ROMCODE_MEMORY_SIZE);
- assert(romcode_base_addr);
- /*
- * The logic that contains the ROM within the processor is implemented
- * in a way that it only responds to CI (cache inhibited) operations.
- * Due to performance issues we copy the verification code from the
- * secure ROM to RAM and we use memcpy_from_ci to do that.
- */
- chip = next_chip(NULL);
- xscom_read(chip->id, reg_addr, ®_data);
- memcpy_from_ci(romcode_base_addr, (void*) reg_data,
- ROMCODE_MEMORY_SIZE);
- /*
- * Skiboot runs with IR (Instruction Relocation) &
- * DR (Data Relocation) off, so there is no need to either MMIO
- * the ROM code or set the memory region as executable.
- * skiboot accesses the physical memory directly. Real mode.
- */
- rom_set_driver(&romcode_driver);
-}
diff --git a/libstb/drivers/romcode.h b/libstb/drivers/romcode.h
deleted file mode 100644
index 4152eae..0000000
--- a/libstb/drivers/romcode.h
+++ /dev/null
@@ -1,24 +0,0 @@
-/* Copyright 2013-2016 IBM Corp.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- * implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __ROMCODE_H
-#define __ROMCODE_H
-
-#include <device.h>
-
-extern void romcode_probe(const struct dt_node *node);
-
-#endif /* __ROMCODE_H */
diff --git a/libstb/drivers/sw_driver.c b/libstb/drivers/sw_driver.c
deleted file mode 100644
index 287dae9..0000000
--- a/libstb/drivers/sw_driver.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/* Copyright 2013-2016 IBM Corp.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- * implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <chip.h>
-#include <string.h>
-#include <skiboot.h>
-#include <libstb/mbedtls/sha512.h>
-#include "../rom.h"
-#include "sw_driver.h"
-
-static sha2_hash_t *hw_key_hash = NULL;
-
-static int stb_software_verify(void *container __unused)
-{
- return -100;
-}
-
-static void stb_software_sha512(const uint8_t *data, size_t len, uint8_t *digest)
-{
- mbedtls_sha512_context ctx;
- mbedtls_sha512_init(&ctx);
- memset(digest, 0, sizeof(sha2_hash_t));
- mbedtls_sha512_starts(&ctx, 0); // SHA512 = 0
- mbedtls_sha512_update(&ctx, data, len);
- mbedtls_sha512_finish(&ctx, digest);
- mbedtls_sha512_free(&ctx);
-}
-
-static void stb_software_cleanup(void)
-{
- return;
-}
-
-static struct rom_driver_ops sw_driver = {
- .name = "software",
- .verify = stb_software_verify,
- .sha512 = stb_software_sha512,
- .cleanup = stb_software_cleanup
-};
-
-void stb_software_probe(const struct dt_node *node)
-{
- const char* hash_algo;
-
- if (!dt_node_is_compatible(node, "ibm,secureboot-v1-softrom")) {
- return;
- }
-
- hash_algo = dt_prop_get(node, "hash-algo");
- if (strcmp(hash_algo, "sha512")) {
- /**
- * @fwts-label ROMHashAlgorithmInvalid
- * @fwts-advice Hostboot creates the ibm,secureboot node and
- * the hash-algo property. Check that the ibm,secureboot node
- * layout has not changed.
- */
- prlog(PR_ERR, "ROM: hash-algo=%s not expected\n", hash_algo);
- return;
- }
- hw_key_hash = (sha2_hash_t*) dt_prop_get(node, "hw-key-hash");
-
- rom_set_driver(&sw_driver);
-}
diff --git a/libstb/drivers/sw_driver.h b/libstb/drivers/sw_driver.h
deleted file mode 100644
index 73adabf..0000000
--- a/libstb/drivers/sw_driver.h
+++ /dev/null
@@ -1,24 +0,0 @@
-/* Copyright 2013-2016 IBM Corp.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- * implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __SW_DRIVER_H
-#define __SW_DRIVER_H
-
-#include <device.h>
-
-extern void stb_software_probe(const struct dt_node *node);
-
-#endif /* __ROMCODE_H */
diff --git a/libstb/rom.c b/libstb/rom.c
deleted file mode 100644
index 5f9abd2..0000000
--- a/libstb/rom.c
+++ /dev/null
@@ -1,55 +0,0 @@
-/* Copyright 2013-2016 IBM Corp.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- * implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <skiboot.h>
-#include "rom.h"
-#include "drivers/romcode.h"
-#include "drivers/sw_driver.h"
-
-static struct rom_driver_ops *rom_driver = NULL;
-
-struct rom_driver_ops* rom_init(const struct dt_node *node __unused)
-{
- if (rom_driver)
- goto end;
-
- /* ROM drivers supported */
- romcode_probe(node);
-
- if (!rom_driver)
- stb_software_probe(node);
-
- if (!rom_driver)
- prlog(PR_NOTICE, "ROM: no rom driver found\n");
-end:
- return rom_driver;
-}
-
-void rom_set_driver(struct rom_driver_ops *driver)
-{
- if (rom_driver) {
- /**
- * @fwts-label ROMAlreadyRegistered
- * @fwts-advice ibm,secureboot already registered. Check if
- * rom_init called twice or the same driver is probed twice
- */
- prlog(PR_WARNING, "ROM: %s driver already registered\n",
- driver->name);
- return;
- }
- rom_driver = driver;
- prlog(PR_NOTICE, "ROM: %s driver registered\n", driver->name);
-}
diff --git a/libstb/rom.h b/libstb/rom.h
deleted file mode 100644
index e1a7497..0000000
--- a/libstb/rom.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/* Copyright 2013-2016 IBM Corp.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- * implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __ROM_H
-#define __ROM_H
-
-#include <stdint.h>
-#include <stdbool.h>
-#include <stdlib.h>
-#include "container.h"
-
-struct rom_driver_ops {
- const char* name;
- int (*verify)(void *container);
- void (*sha512)(const uint8_t *data, size_t len, uint8_t *digest);
- void (*cleanup)(void);
-};
-
-/*
- * Load a compatible driver to access the functions of the
- * verification code flashed in the secure ROM
- */
-extern struct rom_driver_ops* rom_init(const struct dt_node *node);
-
-/*
- * Set the rom driver that will be used
- */
-extern void rom_set_driver(struct rom_driver_ops *driver);
-
-#endif /* __ROM_H */
diff --git a/libstb/stb.c b/libstb/stb.c
deleted file mode 100644
index f798bcb..0000000
--- a/libstb/stb.c
+++ /dev/null
@@ -1,328 +0,0 @@
-/* Copyright 2013-2016 IBM Corp.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- * implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <skiboot.h>
-#include <device.h>
-#include <platform.h>
-#include <string.h>
-#include <stdio.h>
-#include <nvram.h>
-#include "stb.h"
-#include "status_codes.h"
-#include "container.h"
-#include "rom.h"
-#include "tpm_chip.h"
-
-/* For debugging only */
-//#define STB_DEBUG
-//#define STB_FORCE_SECURE_MODE
-//#define STB_FORCE_TRUSTED_MODE
-
-static bool secure_mode = false;
-static bool trusted_mode = false;
-
-static struct rom_driver_ops *rom_driver = NULL;
-
-#define MAX_RESOURCE_NAME 15
-
-/*
- * This maps a PCR for each resource we can measure. The PCR number is
- * mapped according to the TCG PC Client Platform Firmware Profile
- * specification, Revision 00.21
- * Only resources included in this whitelist can be measured.
- */
-static struct {
-
- /* PNOR partition id */
- enum resource_id id;
-
- /* PCR mapping for the resource id */
- TPM_Pcr pcr;
-
- /* Resource name */
- const char name[MAX_RESOURCE_NAME+1];
-
-} resource_map[] = {
- { RESOURCE_ID_KERNEL, PCR_4, "BOOTKERNEL" },
- { RESOURCE_ID_CAPP, PCR_2, "CAPP"},
-};
-
-struct event_hash {
- const unsigned char *sha1;
- const unsigned char *sha256;
-};
-
-/*
- * Event Separator - digest of 0xFFFFFFFF
- */
-static struct event_hash evFF = {
- .sha1 = "\xd9\xbe\x65\x24\xa5\xf5\x04\x7d\xb5\x86"
- "\x68\x13\xac\xf3\x27\x78\x92\xa7\xa3\x0a",
-
- .sha256 = "\xad\x95\x13\x1b\xc0\xb7\x99\xc0\xb1\xaf"
- "\x47\x7f\xb1\x4f\xcf\x26\xa6\xa9\xf7\x60"
- "\x79\xe4\x8b\xf0\x90\xac\xb7\xe8\x36\x7b"
- "\xfd\x0e"
-};
-
-static int stb_resource_lookup(enum resource_id id)
-{
- int i;
- for (i = 0; i < ARRAY_SIZE(resource_map); i++)
- if (resource_map[i].id == id)
- return i;
- return -1;
-}
-
-static void sb_enforce(void)
-{
- /*
- * TODO: Ideally, the BMC should decide what security policy to apply
- * (power off, reboot, switch PNOR sides, etc). We may need
- * to provide extra info to BMC other than just abort.
- * Terminate Immediate Attention ? (TI)
- */
- prlog(PR_EMERG, "STB: Secure mode enforced, aborting.\n");
- abort();
-}
-
-void stb_init(void)
-{
- struct dt_node *ibm_secureboot;
- /*
- * The ibm,secureboot device tree properties are documented in
- * 'doc/device-tree/ibm,secureboot.rst'
- */
- ibm_secureboot = dt_find_by_path(dt_root, "/ibm,secureboot");
- if (ibm_secureboot == NULL) {
- prlog(PR_NOTICE,"STB: secure and trusted boot not supported\n");
- return;
- }
-
-#ifdef STB_FORCE_SECURE_MODE
- secure_mode = true;
- prlog(PR_NOTICE, "STB: secure mode on (forced!)\n");
-#else
- secure_mode = dt_has_node_property(ibm_secureboot, "secure-enabled",
- NULL);
-
- if (nvram_query_eq("force-secure-mode", "always")) {
- prlog(PR_NOTICE, "STB: secure mode on (FORCED by nvram)\n");
- secure_mode = true;
- } else if (secure_mode) {
- prlog(PR_NOTICE, "STB: secure mode on.\n");
- } else {
- prlog(PR_NOTICE, "STB: secure mode off\n");
- }
-#endif
-
-#ifdef STB_FORCE_TRUSTED_MODE
- trusted_mode = true;
- prlog(PR_NOTICE, "STB: trusted mode on (forced!)\n");
-#else
- trusted_mode = dt_has_node_property(ibm_secureboot, "trusted-enabled",
- NULL);
- if (nvram_query_eq("force-trusted-mode", "true")) {
- prlog(PR_NOTICE, "STB: trusted mode ON (from NVRAM)\n");
- trusted_mode = true;
- }
- prlog(PR_NOTICE, "STB: trusted mode %s\n",
- trusted_mode ? "on" : "off");
-#endif
-
- if (!secure_mode && !trusted_mode)
- return;
- rom_driver = rom_init(ibm_secureboot);
- if (secure_mode && !rom_driver) {
- prlog(PR_EMERG, "STB: compatible romcode driver not found\n");
- sb_enforce();
- }
- if (trusted_mode)
- tpm_init();
-}
-
-int stb_final(void)
-{
- uint32_t pcr;
- int rc;
- bool failed;
-
- rc = 0;
- failed = false;
-
- if (trusted_mode) {
-#ifdef STB_DEBUG
- prlog(PR_NOTICE, "STB: evFF.sha1:\n");
- stb_print_data((uint8_t*) evFF.sha1, TPM_ALG_SHA1_SIZE);
- prlog(PR_NOTICE, "STB: evFF.sha256:\n");
- stb_print_data((uint8_t*) evFF.sha256, TPM_ALG_SHA256_SIZE);
-#endif
- /*
- * We are done. Extending the digest of 0xFFFFFFFF
- * in PCR[0-7], and recording an EV_SEPARATOR event in
- * event log as defined in the TCG Platform Firmware Profile
- * specification, Revision 00.21
- */
- for (pcr = 0; pcr < 8; pcr++) {
- rc = tpm_extendl(pcr, TPM_ALG_SHA256,
- (uint8_t*) evFF.sha256,
- TPM_ALG_SHA256_SIZE, TPM_ALG_SHA1,
- (uint8_t*) evFF.sha1,
- TPM_ALG_SHA1_SIZE, EV_SEPARATOR,
- "Skiboot Boot");
- if (rc)
- failed = true;
- }
- tpm_add_status_property();
- }
- if (rom_driver) {
- rom_driver->cleanup();
- rom_driver = NULL;
- }
- tpm_cleanup();
- secure_mode = false;
- trusted_mode = false;
- return (failed) ? STB_MEASURE_FAILED : 0;
-}
-
-int tb_measure(enum resource_id id, void *buf, size_t len)
-{
- int r;
- uint8_t digest[SHA512_DIGEST_LENGTH];
- const uint8_t *digestp;
-
- digestp = NULL;
- if (!trusted_mode) {
- prlog(PR_INFO, "STB: %s skipped resource %d, "
- "trusted_mode=0\n", __func__, id);
- return STB_TRUSTED_MODE_DISABLED;
- }
- r = stb_resource_lookup(id);
- if (r == -1) {
- /**
- * @fwts-label STBMeasureResourceNotMapped
- * @fwts-advice The resource is not registered in the resource_map[]
- * array, but it should be otherwise the resource cannot be
- * measured if trusted mode is on.
- */
- prlog(PR_ERR, "STB: %s failed, resource %d not mapped\n",
- __func__, id);
- return STB_ARG_ERROR;
- }
- if (!buf) {
- /**
- * @fwts-label STBNullResourceReceived
- * @fwts-advice Null resource passed to tb_measure. This has
- * come from the resource load framework and likely indicates a
- * bug in the framework.
- */
- prlog(PR_ERR, "STB: %s failed: resource %s, buf null\n",
- __func__, resource_map[r].name);
- return STB_ARG_ERROR;
- }
- memset(digest, 0, SHA512_DIGEST_LENGTH);
- /*
- * In secure mode we can use the sw-payload-hash from the container
- * header to measure the container payload. Otherwise we must calculate
- * the hash of the container payload (if it's a container) or the image
- * (if it's not a container)
- */
- if (stb_is_container(buf, len)) {
- digestp = stb_sw_payload_hash(buf, len);
- if(!digestp) {
- prlog(PR_EMERG, "STB Container is corrupt, can't find hash\n");
- abort();
- }
-
- rom_driver->sha512(
- (void*)((uint8_t*)buf + SECURE_BOOT_HEADERS_SIZE),
- len - SECURE_BOOT_HEADERS_SIZE, digest);
-
- prlog(PR_INFO, "STB: %s sha512 hash re-calculated\n",
- resource_map[r].name);
- if (memcmp(digestp, digest, TPM_ALG_SHA256_SIZE) != 0) {
- prlog(PR_ALERT, "STB: HASH IN CONTAINER DOESN'T MATCH CONTENT!\n");
- prlog(PR_ALERT, "STB: Container hash:\n");
- stb_print_data(digestp, TPM_ALG_SHA256_SIZE);
- prlog(PR_ALERT, "STB: Computed hash (on %lx bytes):\n", len);
- stb_print_data(digest, TPM_ALG_SHA256_SIZE);
-
- if (secure_mode)
- abort();
- }
- } else {
- rom_driver->sha512(buf, len, digest);
- prlog(PR_INFO, "STB: %s sha512 hash calculated\n",
- resource_map[r].name);
- }
-
-#ifdef STB_DEBUG
- /* print the payload/image hash */
- prlog(PR_NOTICE, "STB: %s hash:\n", resource_map[r].name);
- stb_print_data(digest, TPM_ALG_SHA256_SIZE);
-#endif
- /*
- * Measure the resource. Since the ROM code doesn't provide a sha1 hash
- * algorithm, the sha512 hash is truncated to match the size required
- * by each PCR bank.
- */
- return tpm_extendl(resource_map[r].pcr,
- TPM_ALG_SHA256, digest, TPM_ALG_SHA256_SIZE,
- TPM_ALG_SHA1, digest, TPM_ALG_SHA1_SIZE,
- EV_ACTION, resource_map[r].name);
-}
-
-int sb_verify(enum resource_id id, void *buf, size_t len)
-{
- int r;
- const char *name = NULL;
-
- if (!secure_mode) {
- prlog(PR_INFO, "STB: %s skipped resource %d, "
- "secure_mode=0\n", __func__, id);
- return STB_SECURE_MODE_DISABLED;
- }
- r = stb_resource_lookup(id);
- if (r == -1)
- /**
- * @fwts-label STBVerifyResourceNotMapped
- * @fwts-advice Unregistered resources can be verified, but not
- * measured. The resource should be registered in the
- * resource_map[] array, otherwise the resource cannot be
- * measured if trusted mode is on.
- */
- prlog(PR_WARNING, "STB: verifying the non-expected "
- "resource %d\n", id);
- else
- name = resource_map[r].name;
- if (!rom_driver || !rom_driver->verify) {
- prlog(PR_EMERG, "STB: secure boot not initialized\n");
- sb_enforce();
- }
- if (!buf || len < SECURE_BOOT_HEADERS_SIZE) {
- prlog(PR_EMERG, "STB: %s arg error: id %d, buf %p, len %zd\n",
- __func__, id, buf, len);
- sb_enforce();
- }
- if (rom_driver->verify(buf)) {
- prlog(PR_EMERG, "STB: %s failed: resource %s, "
- "eyecatcher 0x%016llx\n", __func__, name,
- *((uint64_t*)buf));
- sb_enforce();
- }
- prlog(PR_NOTICE, "STB: %s verified\n", name);
- return 0;
-}
diff --git a/libstb/stb.h b/libstb/stb.h
deleted file mode 100644
index 6ca44ea..0000000
--- a/libstb/stb.h
+++ /dev/null
@@ -1,72 +0,0 @@
-/* Copyright 2013-2016 IBM Corp.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- * implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __STB_H
-#define __STB_H
-
-/**
- * This reads secure mode and trusted mode from device tree and
- * loads drivers accordingly.
- */
-extern void stb_init(void);
-
-/**
- * As defined in the TCG Platform Firmware Profile specification, the
- * digest of 0xFFFFFFFF or 0x00000000 must be extended in PCR[0-7] and
- * an EV_SEPARATOR event must be recorded in the event log for PCR[0-7]
- * prior to the first invocation of the first Ready to Boot call.
- *
- * This function should be called before the control is passed to petitboot
- * kernel in order to do the proper PCR extend and event log recording as
- * defined above. This function also deallocates the memory allocated for secure
- * and trusted boot.
- */
-extern int stb_final(void);
-
-/**
- * sb_verify - verify a resource
- * @id : resource id
- * @buf : data to be verified
- * @len : buf length
- *
- * This verifies the integrity and authenticity of a resource downloaded from
- * PNOR if secure mode is on. The verification is done by the
- * verification code flashed in the secure ROM.
- *
- * For more information refer to 'doc/stb.rst'
- *
- * returns: 0 otherwise the boot process is aborted
- */
-extern int sb_verify(enum resource_id id, void *buf, size_t len);
-
-
-/**
- * tb_measure - measure a resource
- * @id : resource id
- * @buf : data to be measured
- * @len : buf length
- *
- * This measures a resource downloaded from PNOR if trusted mode is on. That is,
- * an EV_ACTION event is recorded in the event log for the mapped PCR, and the
- * the sha1 and sha256 measurements are extended in the mapped PCR.
- *
- * For more information please refer to 'doc/stb.rst'
- *
- * returns: 0 or an error as defined in status_codes.h
- */
-extern int tb_measure(enum resource_id id, void *buf, size_t len);
-
-#endif /* __STB_H */
--
2.7.4
More information about the Skiboot
mailing list