[Skiboot] [PATCH 1/3] libstb: fix failure of calling cvc verify without STB initialization.
Stewart Smith
stewart at linux.vnet.ibm.com
Fri Feb 9 16:04:18 AEDT 2018
Pridhiviraj Paidipeddi <ppaidipe at linux.vnet.ibm.com> writes:
> Currently in OPAL init time at various stages we are loading various
> PNOR partition containers from the flash device. When we load a flash
> resource STB calls the CVC verify and trusted measure(sha512) functions.
> So when we have a flash resource gets loaded before STB initialization,
> then cvc verify function fails to start the verify and enforce the boot.
>
> Below is one of the example failure where our VERSION partition gets
> loading early in the boot stage without STB initialization done.
>
> This is with secure mode off.
> STB: VERSION NOT VERIFIED, invalid param. buf=0x305ed930, len=4096 key-hash=0x0 hash-size=0
>
> In the same code path when secure mode is on, the boot process will abort.
>
> So this patch fixes this issue by calling cvc verify only if we have
> STB init was done.
>
> And also we need a permanent fix in init path to ensure STB init gets
> done at first place and then start loading all other flash resources.
>
> Signed-off-by: Pridhiviraj Paidipeddi <ppaidipe at linux.vnet.ibm.com>
> ---
> libstb/secureboot.c | 9 +++++++++
> 1 file changed, 9 insertions(+)
series merged to master as of e15174aca0ab0d10d796c014b9c0ed124890645e
I made an additional change where that if we do error out because we're
called too early, we do secureboot_enforce() rather than just return an
error.
I can't think of a situation where we shouldn't enforce it if in secure mode.
--
Stewart Smith
OPAL Architect, IBM.
More information about the Skiboot
mailing list