[Skiboot] [PATCH v6 09/20] hdata/spira: add physical presence flags

Eric Richter erichte at linux.ibm.com
Thu Sep 17 02:21:20 AEST 2020


From: Nayna Jain <nayna at linux.ibm.com>

This patch reads the hdata bits to check for physical presence
assertion, and creates device tree entries to be consumed later in the
boot.

Signed-off-by: Nayna Jain <nayna at linux.ibm.com>
Signed-off-by: Eric Richter <erichte at linux.ibm.com>
---
V5:
 - added documentation for the device tree nodes created by this patch

 doc/device-tree/ibm,secureboot.rst | 17 +++++++++++++++++
 hdata/spira.c                      | 11 +++++++++++
 hdata/spira.h                      |  7 ++++++-
 3 files changed, 34 insertions(+), 1 deletion(-)

diff --git a/doc/device-tree/ibm,secureboot.rst b/doc/device-tree/ibm,secureboot.rst
index 3113b3f2..42f69b21 100644
--- a/doc/device-tree/ibm,secureboot.rst
+++ b/doc/device-tree/ibm,secureboot.rst
@@ -39,6 +39,23 @@ Required properties
                         images (e.g. kernels) to be signed by an appropriate
                         key stored in secure variables.
 
+    physical-presence-asserted:
+                        this property exists to indicate the physical presence
+                        of user to request key clearance.
+
+    clear-os-keys:      this property exists when the firmware indicates that
+                        physical presence is asserted to clear only Host OS
+                        secure boot keys.
+
+    clear-all-keys:     this property exists when the firmware indicates that
+                        physical presence is asserted to clear all sensistive
+                        data controlled by platform firmware.
+
+    clear-mfg-keys:     this property exists only during manufacturing process
+                        when the firmware indicates to clear all senstive data
+                        during manufacturing. It is only valid on development
+                        drivers.
+
 Obsolete properties
 -------------------
 
diff --git a/hdata/spira.c b/hdata/spira.c
index 35d6109d..deb2dea4 100644
--- a/hdata/spira.c
+++ b/hdata/spira.c
@@ -921,6 +921,7 @@ static void dt_init_secureboot_node(const struct iplparams_sysparams *sysparams)
 	struct dt_node *node;
 	u16 sys_sec_setting;
 	u16 hw_key_hash_size;
+	u16 host_fw_key_clear;
 
 	node = dt_new(dt_root, "ibm,secureboot");
 	assert(node);
@@ -933,6 +934,16 @@ static void dt_init_secureboot_node(const struct iplparams_sysparams *sysparams)
 		dt_add_property(node, "secure-enabled", NULL, 0);
 	if (sys_sec_setting & SEC_HASHES_EXTENDED_TO_TPM)
 		dt_add_property(node, "trusted-enabled", NULL, 0);
+	if (sys_sec_setting & PHYSICAL_PRESENCE_ASSERTED)
+		dt_add_property(node, "physical-presence-asserted", NULL, 0);
+
+	host_fw_key_clear = be16_to_cpu(sysparams->host_fw_key_clear);
+	if (host_fw_key_clear & KEY_CLEAR_OS_KEYS)
+		dt_add_property(node, "clear-os-keys", NULL, 0);
+	if (host_fw_key_clear & KEY_CLEAR_MFG)
+		dt_add_property(node, "clear-mfg-keys", NULL, 0);
+	if (host_fw_key_clear & KEY_CLEAR_ALL)
+		dt_add_property(node, "clear-all-keys", NULL, 0);
 
 	hw_key_hash_size = be16_to_cpu(sysparams->hw_key_hash_size);
 
diff --git a/hdata/spira.h b/hdata/spira.h
index ffe53942..f7a1b823 100644
--- a/hdata/spira.h
+++ b/hdata/spira.h
@@ -364,10 +364,15 @@ struct iplparams_sysparams {
 	__be16		hv_disp_wheel;		/* >= 0x58 */
 	__be32		nest_freq_mhz;		/* >= 0x5b */
 	uint8_t		split_core_mode;	/* >= 0x5c */
-	uint8_t		reserved[3];
+	uint8_t		reserved[1];
+#define KEY_CLEAR_ALL     PPC_BIT16(0)
+#define KEY_CLEAR_OS_KEYS PPC_BIT16(1)
+#define KEY_CLEAR_MFG     PPC_BIT16(7)
+	__be16          host_fw_key_clear;
 	uint8_t		sys_vendor[64];		/* >= 0x5f */
 #define SEC_CONTAINER_SIG_CHECKING PPC_BIT16(0)
 #define SEC_HASHES_EXTENDED_TO_TPM PPC_BIT16(1)
+#define PHYSICAL_PRESENCE_ASSERTED PPC_BIT16(3)
 	__be16		sys_sec_setting;	/* >= 0x60 */
 	__be16		tpm_config_bit;		/* >= 0x60 */
 	__be16		tpm_drawer;		/* >= 0x60 */
-- 
2.21.1



More information about the Skiboot mailing list