coreboot-gerrit August 2019

coreboot-gerrit@coreboot.org

1 participants
1942 discussions

Change in coreboot[master]: soc/skl/vr_config: add missed Icc max levels
by Maxim Polyakov (Code Review) 04 Oct '19

04 Oct '19

Maxim Polyakov has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/35166 ) Change subject: soc/skl/vr_config: add missed Icc max levels ...................................................................... soc/skl/vr_config: add missed Icc max levels Icc_max for VR domains in Kaby Lake S processors is installed based on the processor TDP [1]. But, according to the DC Current Specifications for graphics processor [2], Icc_max GT should take several values: +---------------------+-----+------------+ | Segment | TDP | Icc_max GT | +---------------------+-----+------------+ | Dual Core GT2/GT1 | 35W | | | Dual Core GT2 | 51W | 48 A | | Dual Core GT1 | 54W | | +---------------------+-----+------------+ | Quad Core GT2 | 35W | 35 A | +---------------------+-----+------------+ | Quad Core GT2 | 65W | 45 A | | Quad Core GT2 K-SKU | 91W | | +---------------------+-----+------------+ This patch fixes Icc_max current limits for a corresponding graphical VR domain [1] Change-Id: I303c5dc8ed03e9a98a834a2acfb400022dfc2fde [2] 7th Generation Intel(R) Processor Families for S Platforms and Intel(R) Core(TM) X-Series Processor Family Datasheet, Volume 1, December 2018, Document Number: 335195-003 Change-Id: I19766e4f8fab6b48565b65ed4cf13efbc213e654 Signed-off-by: Maxim Polyakov <max.senia.poliak(a)gmail.com> --- M src/soc/intel/skylake/vr_config.c 1 file changed, 13 insertions(+), 9 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/66/35166/1 diff --git a/src/soc/intel/skylake/vr_config.c b/src/soc/intel/skylake/vr_config.c index 089dd5d..fc48558 100644 --- a/src/soc/intel/skylake/vr_config.c +++ b/src/soc/intel/skylake/vr_config.c @@ -117,12 +117,12 @@ * +----------------+-------------+---------------+------+-----+ * | Domain/Setting | SA | IA | GTUS | GTS | * +----------------+-------------+---------------+------+-----+ - * | IccMax(KBL-S) | 11.1A | 100A | 45A | 45A | - * | | | ... | | | - * | | | 40A | | | + * | IccMax(KBL-S) | 11.1A | 100A | 48A | 48A | + * | | | ... | 45A | 45A | + * | | | 40A | 35A | 35A | * +----------------+-------------+---------------+------+-----+ - * | IccMax(KBL-H) | 11.1A(45W) | 68A | 55A | 55A | - * | | 6.6A(Others)| 60A | | | + * | IccMax(KBL-H) | 11.1A (45W) | 68A | 55A | 55A | + * | | 6.6A (18W) | 60A | | | * +----------------+-------------+---------------+------+-----+ * | IccMax(KBL-U/R)| 6A(U42) | 64A(U42) | 31A | 31A | * | | 4.5A(Others)| 29A(P/C) | | | @@ -139,8 +139,8 @@ uint16_t icc_max[NUM_VR_DOMAINS] = { VR_CFG_AMP(11.1), VR_CFG_AMP(40), - VR_CFG_AMP(45), - VR_CFG_AMP(45), + VR_CFG_AMP(48), + VR_CFG_AMP(48), }; if (tdp >= 54) icc_max[VR_IA_CORE] = VR_CFG_AMP(58); @@ -155,13 +155,17 @@ uint16_t icc_max[NUM_VR_DOMAINS] = { VR_CFG_AMP(11.1), VR_CFG_AMP(66), - VR_CFG_AMP(55), - VR_CFG_AMP(55), + VR_CFG_AMP(45), + VR_CFG_AMP(45), }; if (tdp >= 91) icc_max[VR_IA_CORE] = VR_CFG_AMP(100); else if (tdp >= 65) icc_max[VR_IA_CORE] = VR_CFG_AMP(79); + else if (tdp >= 35) { + icc_max[VR_GT_UNSLICED] = VR_CFG_AMP(35); + icc_max[VR_GT_SLICED] = VR_CFG_AMP(35); + } return icc_max[domain]; } -- To view, visit https://review.coreboot.org/c/coreboot/+/35166 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I19766e4f8fab6b48565b65ed4cf13efbc213e654 Gerrit-Change-Number: 35166 Gerrit-PatchSet: 1 Gerrit-Owner: Maxim Polyakov <max.senia.poliak(a)gmail.com> Gerrit-MessageType: newchange

5 7

Change in ...coreboot[master]: mainboard/facebook/fbg1701: Add measured boot support
by Frans Hendriks (Code Review) 04 Oct '19

04 Oct '19

Frans Hendriks has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/33464 Change subject: mainboard/facebook/fbg1701: Add measured boot support ...................................................................... mainboard/facebook/fbg1701: Add measured boot support The vendorcode for measured boot is uploaded, but not used. Add support to the mainboard for measured boot. BUG=N/A TEST=Boot Embedded Linux 4.20 and verify logging on Facebook FBG-1701 rev 0-2 Change-Id: I5120ffb6af0b41520056e1773f63b7b2f34a2460 Signed-off-by: Frans Hendriks <fhendriks(a)eltan.com> --- M src/mainboard/facebook/fbg1701/Makefile.inc M src/mainboard/facebook/fbg1701/romstage.c 2 files changed, 52 insertions(+), 0 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/64/33464/1 diff --git a/src/mainboard/facebook/fbg1701/Makefile.inc b/src/mainboard/facebook/fbg1701/Makefile.inc index 07309c5..82cde0f 100644 --- a/src/mainboard/facebook/fbg1701/Makefile.inc +++ b/src/mainboard/facebook/fbg1701/Makefile.inc @@ -24,6 +24,8 @@ ramstage-y += ramstage.c ramstage-y += w25q64.c +romstage-$(CONFIG_VENDORCODE_ELTAN_MBOOT) += board_mboot.c + cbfs-files-$(CONFIG_FSP1_1_DISPLAY_LOGO) += logo.bmp logo.bmp-file := $(call strip_quotes,$(CONFIG_FSP1_1_LOGO_FILE_NAME)) logo.bmp-type := raw diff --git a/src/mainboard/facebook/fbg1701/romstage.c b/src/mainboard/facebook/fbg1701/romstage.c index e2e37d6..6764b3c 100644 --- a/src/mainboard/facebook/fbg1701/romstage.c +++ b/src/mainboard/facebook/fbg1701/romstage.c @@ -15,10 +15,14 @@ * GNU General Public License for more details. */ +#include <build.h> #include <cbfs.h> #include <console/console.h> #include <chip.h> #include <device/pci_ops.h> +#if CONFIG(VENDORCODE_ELTAN_MBOOT) +#include <mboot.h> +#endif #include <soc/lpc.h> #include <soc/pci_devs.h> #include <soc/romstage.h> @@ -49,3 +53,49 @@ /* Disable the Braswell UART hardware for COM1. */ pci_write_config32(PCI_DEV(0, LPC_DEV, 0), UART_CONT, 0); } + +#if CONFIG(VENDORCODE_ELTAN_MBOOT) +/** + * mb_crtm + * + * Measures the crtm version. This consists of a string than can be defined + * using make menuconfig and automatically generated version information. + * + * @param[in] activePcr bitmap of the support + * + * @retval TPM_SUCCESS Operation completed successfully. + * @retval TPM_E_IOERROR Unexpected device behavior. + */ + +static const uint8_t crtm_version[] = + CONFIG_VENDORCODE_ELTAN_CRTM_VERSION_STRING + COREBOOT_VERSION COREBOOT_EXTRA_VERSION " " COREBOOT_BUILD; + +int mb_crtm(EFI_TCG2_EVENT_ALGORITHM_BITMAP activePcr) +{ + int status = TPM_E_IOERROR; + TCG_PCR_EVENT2_HDR tcgEventHdr; + + if (CONFIG(VENDORCODE_ELTAN_MBOOT)) { + /* Use FirmwareVersion string to represent CRTM version. */ + printk(BIOS_DEBUG, "%s: Measure CRTM Version\n", __func__); + memset(&tcgEventHdr, 0, sizeof(tcgEventHdr)); + tcgEventHdr.pcrIndex = MBOOT_PCR_INDEX_0; + tcgEventHdr.eventType = EV_S_CRTM_VERSION; + tcgEventHdr.eventSize = sizeof(crtm_version); + printk(BIOS_DEBUG, "%s: EventSize - %u\n", __func__, + tcgEventHdr.eventSize); + + status = mboot_hash_extend_log(activePcr, 0, + (uint8_t *)crtm_version, + tcgEventHdr.eventSize, &tcgEventHdr, + (uint8_t *)crtm_version, 0); + + if (status) + printk(BIOS_DEBUG, "Measure CRTM Version returned 0x%x\n", + status); + } + + return status; +} +#endif -- To view, visit https://review.coreboot.org/c/coreboot/+/33464 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I5120ffb6af0b41520056e1773f63b7b2f34a2460 Gerrit-Change-Number: 33464 Gerrit-PatchSet: 1 Gerrit-Owner: Frans Hendriks <fhendriks(a)eltan.com> Gerrit-MessageType: newchange

4 17

Change in ...coreboot[master]: mainboard/facebook/fbg1701: Add verified boot tables
by Frans Hendriks (Code Review) 04 Oct '19

04 Oct '19

Frans Hendriks has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/33463 Change subject: mainboard/facebook/fbg1701: Add verified boot tables ...................................................................... mainboard/facebook/fbg1701: Add verified boot tables The vendorcode for verified boot is uploaded, but not used by a mainboard. Add support to the mainboard for verified boot. The items to be verifed are placed in board_verified_boot.c BUG=N/A TEST=Boot Embedded Linux 4.20 and verify logging on Facebook FBG-1701 rev 0-2 Change-Id: I3ea0a95287977df0dea13e05acedd5406538a6ee Signed-off-by: Frans Hendriks <fhendriks(a)eltan.com> --- M src/mainboard/facebook/fbg1701/Kconfig M src/mainboard/facebook/fbg1701/Makefile.inc A src/mainboard/facebook/fbg1701/board_verified_boot.c A src/mainboard/facebook/fbg1701/board_verified_boot.h A src/mainboard/facebook/fbg1701/manifest.h M src/mainboard/facebook/fbg1701/onboard.h 6 files changed, 194 insertions(+), 0 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/63/33463/1 diff --git a/src/mainboard/facebook/fbg1701/Kconfig b/src/mainboard/facebook/fbg1701/Kconfig index 3f45194..9acfb42 100644 --- a/src/mainboard/facebook/fbg1701/Kconfig +++ b/src/mainboard/facebook/fbg1701/Kconfig @@ -78,6 +78,9 @@ bool default n +config VENDORCODE_ELTAN_OEM_MANIFEST_LOC + hex "OEM Manifest working dflt 0xFFFE9000" + config BOOTBLOCK_LOC hex default 0xFFFF0000 @@ -102,4 +105,16 @@ hex "C Bootblock Size" default 0x4000 + +config VENDORCODE_ELTAN_VBOOT_SIGNED_MANIFEST + bool + default y + +config VENDORCODE_ELTAN_VBOOT_MANIFEST + string + default "mainboard/facebook/fbg1701/manifest.h" + +config VENDORCODE_ELTAN_VBOOT_KEY_LOCATION + hex "Key Location working dflt 0xFFFF9C00" + endif # BOARD_FACEBOOK_FBG1701 diff --git a/src/mainboard/facebook/fbg1701/Makefile.inc b/src/mainboard/facebook/fbg1701/Makefile.inc index 07309c5..c414470 100644 --- a/src/mainboard/facebook/fbg1701/Makefile.inc +++ b/src/mainboard/facebook/fbg1701/Makefile.inc @@ -15,6 +15,13 @@ ## GNU General Public License for more details. ## +ifneq ($(filter y,$(CONFIG_VENDORCODE_ELTAN_VBOOT) $(CONFIG_VENDORCODE_ELTAN_MBOOT)),) +bootblock-$(CONFIG_C_ENVIRONMENT_BOOTBLOCK) += board_verified_boot.c +postcar-y += board_verified_boot.c +ramstage-y += board_verified_boot.c +romstage-y += board_verified_boot.c +endif + bootblock-$(CONFIG_C_ENVIRONMENT_BOOTBLOCK) += com_init.c ramstage-y += gpio.c diff --git a/src/mainboard/facebook/fbg1701/board_verified_boot.c b/src/mainboard/facebook/fbg1701/board_verified_boot.c new file mode 100644 index 0000000..cea6558 --- /dev/null +++ b/src/mainboard/facebook/fbg1701/board_verified_boot.c @@ -0,0 +1,104 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2018-2019 Eltan B.V. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include "board_verified_boot.h" + +#ifdef __BOOTBLOCK__ +/* The items verified by the bootblock, the bootblock will not measure the + * items to the TPM + */ +const verify_item_t bootblock_verify_list[] = { + { VERIFY_FILE, ROMSTAGE, { { NULL, CBFS_TYPE_STAGE } }, + HASH_IDX_ROM_STAGE, MBOOT_PCR_INDEX_0 }, + { VERIFY_BLOCK, "BootBlock", { { (void *)CONFIG_BOOTBLOCK_LOC, + CONFIG_BOOTBLOCK_SIZE } }, HASH_IDX_BOOTBLOCK, + MBOOT_PCR_INDEX_0 }, + { VERIFY_TERMINATOR, NULL, { { NULL, 0 } }, 0, 0 } +}; +#endif + +#if defined(__ROMSTAGE__) || defined(__POSTCAR__) +/* The FSP is already checked in romstage */ +static const verify_item_t ram_stage_additional_list[] = { + { VERIFY_FILE, OP_ROM_VBT, { { NULL, CBFS_TYPE_RAW } }, + HASH_IDX_OPROM, MBOOT_PCR_INDEX_2 }, + { VERIFY_FILE, "logo.bmp", { { NULL, CBFS_TYPE_RAW } }, + HASH_IDX_LOGO, MBOOT_PCR_INDEX_2 }, + { VERIFY_FILE, "fallback/dsdt.aml", { { NULL, CBFS_TYPE_RAW } }, + HASH_IDX_DSDT, MBOOT_PCR_INDEX_2 }, + { VERIFY_TERMINATOR, NULL, { { NULL, 0 } }, 0, 0 } + }; +#endif + +#ifdef __ROMSTAGE__ +/* The items used by the romstage */ +const verify_item_t romstage_verify_list[] = { + { VERIFY_FILE, ROMSTAGE, { { NULL, CBFS_TYPE_STAGE } }, + HASH_IDX_ROM_STAGE, MBOOT_PCR_INDEX_0 }, + { VERIFY_FILE, MICROCODE, { { NULL, CBFS_TYPE_MICROCODE } }, + HASH_IDX_MICROCODE, MBOOT_PCR_INDEX_1 }, + { VERIFY_FILE, FSP, { { NULL, CBFS_TYPE_FSP } }, HASH_IDX_FSP, + MBOOT_PCR_INDEX_1 }, + { VERIFY_FILE, "spd.bin", { { NULL, CBFS_TYPE_SPD } }, + HASH_IDX_SPD0, MBOOT_PCR_INDEX_1 }, +#if CONFIG(POSTCAR_STAGE) + { VERIFY_FILE, POSTCAR, { { NULL, CBFS_TYPE_STAGE } }, + HASH_IDX_POSTCAR_STAGE, MBOOT_PCR_INDEX_0 }, +#endif + { VERIFY_BLOCK, "BootBlock", { { (void *) CONFIG_BOOTBLOCK_LOC, + CONFIG_BOOTBLOCK_SIZE } }, HASH_IDX_BOOTBLOCK, + MBOOT_PCR_INDEX_0 }, + { VERIFY_TERMINATOR, NULL, { { NULL, 0 } }, 0, 0 } +}; + +/* The items used by the ramstage */ +const verify_item_t ramstage_verify_list[] = { + { VERIFY_FILE, RAMSTAGE, { { ram_stage_additional_list, + CBFS_TYPE_STAGE } }, HASH_IDX_RAM_STAGE, + MBOOT_PCR_INDEX_0 }, + { VERIFY_TERMINATOR, NULL, { { NULL, 0 } }, 0, 0 } +}; +#endif + +#ifdef __POSTCAR__ +/* POSTSTAGE */ +/* The items used by the postcar stage */ +const verify_item_t postcar_verify_list[] = { + { VERIFY_FILE, RAMSTAGE, { { ram_stage_additional_list, + CBFS_TYPE_STAGE } }, HASH_IDX_RAM_STAGE, + MBOOT_PCR_INDEX_0 }, + { VERIFY_FILE, MICROCODE, { { NULL, CBFS_TYPE_MICROCODE } }, + HASH_IDX_MICROCODE, MBOOT_PCR_INDEX_1 }, + { VERIFY_FILE, FSP, { { NULL, CBFS_TYPE_FSP } }, HASH_IDX_FSP, + MBOOT_PCR_INDEX_1 }, + { VERIFY_FILE, "spd.bin", { { NULL, CBFS_TYPE_SPD } }, + HASH_IDX_SPD0, MBOOT_PCR_INDEX_1 }, + { VERIFY_TERMINATOR, NULL, { { NULL, 0 } }, 0, 0 } +}; +#endif + +#ifdef __RAMSTAGE__ +/* RAMSTAGE */ +const verify_item_t payload_verify_list[] = { + { VERIFY_FILE, PAYLOAD, { { NULL, CBFS_TYPE_SELF | + VERIFIED_BOOT_COPY_BLOCK } }, HASH_IDX_PAYLOAD, + MBOOT_PCR_INDEX_3 }, + { VERIFY_TERMINATOR, NULL, { { NULL, 0 } }, 0, 0 } +}; + +const verify_item_t oprom_verify_list[] = { + { VERIFY_TERMINATOR, NULL, { { NULL, 0 } }, 0, 0 } +}; +#endif diff --git a/src/mainboard/facebook/fbg1701/board_verified_boot.h b/src/mainboard/facebook/fbg1701/board_verified_boot.h new file mode 100644 index 0000000..30fcd8b --- /dev/null +++ b/src/mainboard/facebook/fbg1701/board_verified_boot.h @@ -0,0 +1,23 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2018 Eltan B.V. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#ifndef BOARD_VERIFIED_BOOT_H +#define BOARD_VERIFIED_BOOT_H + +#include <soc/romstage.h> +#include <vboot_check.h> +#include "onboard.h" + +#endif diff --git a/src/mainboard/facebook/fbg1701/manifest.h b/src/mainboard/facebook/fbg1701/manifest.h new file mode 100644 index 0000000..5a583f4 --- /dev/null +++ b/src/mainboard/facebook/fbg1701/manifest.h @@ -0,0 +1,35 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2018 Eltan B.V. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#ifndef __MANIFEST_H__ +#define __MANIFEST_H__ + +/** + * Make sure the index matches the actual order in the manifest generated + * using the HashCb.cmd file + */ +#define HASH_IDX_ROM_STAGE 0 +#define HASH_IDX_RAM_STAGE 1 +#define HASH_IDX_PAYLOAD 2 +#define HASH_IDX_OPROM 3 +#define HASH_IDX_FSP 4 +#define HASH_IDX_MICROCODE 5 +#define HASH_IDX_SPD0 6 +#define HASH_IDX_LOGO 7 +#define HASH_IDX_DSDT 8 +#define HASH_IDX_POSTCAR_STAGE 9 +#define HASH_IDX_BOOTBLOCK 10 /* Should always be the last one */ + +#endif diff --git a/src/mainboard/facebook/fbg1701/onboard.h b/src/mainboard/facebook/fbg1701/onboard.h index d1fd050..330fe0f 100644 --- a/src/mainboard/facebook/fbg1701/onboard.h +++ b/src/mainboard/facebook/fbg1701/onboard.h @@ -33,4 +33,14 @@ #define CPLD_CMD_RESET_DSI_BRIDGE_ACTIVE 0x20 #define CPLD_CMD_RESET_DSI_BRIDGE_INACTIVE 0x00 +/* Define the items to be measured or verified */ +#define FSP (const char *)"fsp.bin" +#define CMOS_LAYOUT (const char *)"cmos_layout.bin" +#define RAMSTAGE (const char *)"fallback/ramstage" +#define ROMSTAGE (const char *)"fallback/romstage" +#define PAYLOAD (const char *)"fallback/payload" +#define POSTCAR (const char *)"fallback/postcar" +#define OP_ROM_VBT (const char *)"vbt.bin" +#define MICROCODE (const char *)"cpu_microcode_blob.bin" + #endif -- To view, visit https://review.coreboot.org/c/coreboot/+/33463 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I3ea0a95287977df0dea13e05acedd5406538a6ee Gerrit-Change-Number: 33463 Gerrit-PatchSet: 1 Gerrit-Owner: Frans Hendriks <fhendriks(a)eltan.com> Gerrit-MessageType: newchange

3 8

Change in ...coreboot[master]: vendorcode/eltan/security/verified_boot: Add verified boot support.
by Frans Hendriks (Code Review) 04 Oct '19

04 Oct '19

Frans Hendriks has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/30835 Change subject: vendorcode/eltan/security/verified_boot: Add verified boot support. ...................................................................... vendorcode/eltan/security/verified_boot: Add verified boot support. Create verified boot support, which includes verifiication of bootblock. This feature use the vendorcode/eltan/security/lib. Function verified_boot_bootblock_check(), verified_boot_should_run_oprom() and prog_locate_hook() must be called from coreboot (or mainboard). The next lists will be used for verification: bootblock_verify_list[], romstage_verify_list[] ram_stage_additional_list[], ramstage_verify_list[] BUG=N/A TEST=Created binary and verify logging on Facebook FBG-1701 Change-Id: If6c1423b0b4a309cefb7fe7a29d5100ba289e0b4 Signed-off-by: Frans Hendriks <fhendriks(a)eltan.com> --- A src/vendorcode/eltan/security/verified_boot/Kconfig A src/vendorcode/eltan/security/verified_boot/Makefile.inc A src/vendorcode/eltan/security/verified_boot/vboot_check.c A src/vendorcode/eltan/security/verified_boot/vboot_check.h 4 files changed, 605 insertions(+), 0 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/35/30835/1 diff --git a/src/vendorcode/eltan/security/verified_boot/Kconfig b/src/vendorcode/eltan/security/verified_boot/Kconfig new file mode 100644 index 0000000..0670732 --- /dev/null +++ b/src/vendorcode/eltan/security/verified_boot/Kconfig @@ -0,0 +1,61 @@ +## This file is part of the coreboot project. +## +## Copyright (C) 2018 Eltan B.V. +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; version 2 of the License. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## + +menu "Verified Boot (verified_boot)" + +config VERIFIED_BOOT + bool "Enable Verified Boot" + default n + +config VERIFIED_BOOT_SIGNED_MANIFEST + bool "Enable Signed Manifest" + depends on VERIFIED_BOOT + default n + +config VERIFIED_BOOT_USE_SHA512 + bool "SHA512 hashes" + depends on VERIFIED_BOOT + default n + help + Use SHA512 for the vboot operations, this applies to the digest in + the manifest and the manifest digest. + +config OEM_MANIFEST_LOC + hex "Manifest Location" + default 0xFFFFF840 + +config VERIFIED_BOOT_MANIFEST + string "Verified boot manifest file" + default "mainboard/$(MAINBOARD_DIR)/manifest.h" + +config OEM_MANIFEST_ITEMS + int "Manifest Items" + default 10 + +config OEM_MANIFEST_ITEM_SIZE + int + default 64 if VERIFIED_BOOT_USE_SHA512 + default 32 + +config VERIFIED_BOOT_KEY_LOCATION + hex "Verified boot Key Location" + depends on VERIFIED_BOOT_SIGNED_MANIFEST + default 0xFFFFF500 + +config VERIFIED_BOOT_KEY_SIZE + int + default 554 if VERIFIED_BOOT_USE_SHA512 + default 520 + +endmenu # Verified Boot (verified_boot) diff --git a/src/vendorcode/eltan/security/verified_boot/Makefile.inc b/src/vendorcode/eltan/security/verified_boot/Makefile.inc new file mode 100644 index 0000000..23044b4 --- /dev/null +++ b/src/vendorcode/eltan/security/verified_boot/Makefile.inc @@ -0,0 +1,47 @@ +## +## This file is part of the coreboot project. +## +## Copyright (C) 2018 Eltan B.V. +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; version 2 of the License. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## + +ifeq ($(CONFIG_VERIFIED_BOOT),y) + +CPPFLAGS_common += -I$(src)/security/verified_boot + +bootblock-$(CONFIG_C_ENVIRONMENT_BOOTBLOCK) += vboot_check.c +romstage-y += vboot_check.c +ramstage-y += vboot_check.c + +cbfs-files-y += oemmanifest.bin +oemmanifest.bin-file := $(obj)/oemmanifest.bin +oemmanifest.bin-position := $(CONFIG_OEM_MANIFEST_LOC) +oemmanifest.bin-type := 0x50 + +$(obj)/oemmanifest.bin: +ifeq ($(CONFIG_VERIFIED_BOOT_SIGNED_MANIFEST),y) + dd if=/dev/zero of=$@ seek=8 bs=$(CONFIG_OEM_MANIFEST_ITEM_SIZE) count=$(CONFIG_OEM_MANIFEST_ITEMS) +else # ($(CONFIG_VERIFIED_BOOT_SIGNED_MANIFEST),y) + dd if=/dev/zero of=$@ bs=$(CONFIG_OEM_MANIFEST_ITEM_SIZE) count=$(CONFIG_OEM_MANIFEST_ITEMS) +endif # ($(CONFIG_VERIFIED_BOOT_SIGNED_MANIFEST),y) + +ifeq ($(CONFIG_VERIFIED_BOOT_SIGNED_MANIFEST),y) +cbfs-files-y += vboot_public_key.bin +vboot_public_key.bin-file := $(obj)/vboot_public_key.bin +vboot_public_key.bin-position := $(CONFIG_VERIFIED_BOOT_KEY_LOCATION) +vboot_public_key.bin-type := 0x50 + +$(obj)/vboot_public_key.bin: + dd if=/dev/zero of=$@ bs=$(CONFIG_VERIFIED_BOOT_KEY_SIZE) count=1 + +endif # ($(CONFIG_VERIFIED_BOOT_SIGNED_MANIFEST),y) + +endif # CONFIG_VERIFIED_BOOT diff --git a/src/vendorcode/eltan/security/verified_boot/vboot_check.c b/src/vendorcode/eltan/security/verified_boot/vboot_check.c new file mode 100644 index 0000000..fb7d1d7 --- /dev/null +++ b/src/vendorcode/eltan/security/verified_boot/vboot_check.c @@ -0,0 +1,414 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2016 Intel Corp. + * Copyright (C) 2017-2018 Eltan B.V. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ +#include <vboot_check.h> + +#define RSA_PUBLICKEY_FILE_NAME "vboot_public_key.bin" + +#if IS_ENABLED(CONFIG_VERIFIED_BOOT_USE_SHA512) +#define DIGEST_SIZE SHA512_DIGEST_SIZE +#else +#define DIGEST_SIZE SHA256_DIGEST_SIZE +#endif + +int verified_boot_check_manifest(void) +{ + struct vb2_public_key key; + uint8_t digest[DIGEST_SIZE]; + size_t size = 0; + uint8_t *signature = NULL; + uint8_t *buffer; + const struct vb2_workbuf wb; + + cbfs_boot_map_with_leak("oemmanifest.bin", CBFS_TYPE_RAW, &size); + + if (size != (CONFIG_OEM_MANIFEST_ITEMS * DIGEST_SIZE) + 256) { + printk(BIOS_ERR, "ERROR: Incorrect manifest size!\n"); + goto fail; + } + + buffer = cbfs_boot_map_with_leak(RSA_PUBLICKEY_FILE_NAME, + CBFS_TYPE_RAW, &size); + + size = DIGEST_SIZE; + if (!vb2_unpack_key_data(&key, buffer, size)) { + printk(BIOS_ERR, "ERROR: Unable to create RSA Public Key !\n"); + goto fail; + } + + if (IS_ENABLED(CONFIG_VERIFIED_BOOT_USE_SHA512)) + key.hash_alg = VB2_HASH_SHA512; + else + key.sig_alg = VB2_HASH_SHA256; + + + // + // Create a big endian digest + // + if (IS_ENABLED(CONFIG_VERIFIED_BOOT_USE_SHA512)) + cb_sha512_ex((const uint8_t *)CONFIG_OEM_MANIFEST_LOC, + CONFIG_OEM_MANIFEST_ITEMS * DIGEST_SIZE, digest, 1); + else + cb_sha256_ex((const uint8_t *)CONFIG_OEM_MANIFEST_LOC, + CONFIG_OEM_MANIFEST_ITEMS * DIGEST_SIZE, digest, 1); + + signature = (uint8_t *)CONFIG_OEM_MANIFEST_LOC + + CONFIG_OEM_MANIFEST_ITEMS * DIGEST_SIZE; + + if (!vb2_rsa_verify_digest(&key, signature, digest, &wb)) { + printk(BIOS_ERR, "ERROR: Signature verification failed for" + "hash table !!\n"); + goto fail; + } + + printk(BIOS_DEBUG, "%s: Successfully verified hash_table signature.\n", + __func__); + return 0; + +fail: + die("HASH table verification failed!\n"); + return -1; +} + +#ifndef __BOOTBLOCK__ + +/* + * + * measure_item + * + * extends the defined pcr using the hash calculated by the verified boot + * routines. + * + * @param[in] pcr PCR to extend + * @param[in] *hashData Pointer to the hash data + * @param[in] hashDataLen Length of the hash data + * @param[in] *event_msg Message to log or display + * @param[in] eventType Event type to use when logging + + * @retval TPM_SUCCESS Operation completed successfully. + * @retval TPM_E_IOERROR Unexpected device behavior. + */ +static int measure_item(uint32_t pcr, uint8_t *hashData, uint32_t hashDataLen, + int8_t *event_msg, TCG_EVENTTYPE eventType) +{ + int status = TPM_SUCCESS; + EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrs; + TCG_PCR_EVENT2_HDR tcgEventHdr; + + ActivePcrs = tpm2_get_active_pcrs(); + + memset(&tcgEventHdr, 0, sizeof(tcgEventHdr)); + tcgEventHdr.pcrIndex = pcr; + tcgEventHdr.eventType = eventType; + if (event_msg) { + status = mboot_hash_extend_log(ActivePcrs, MBOOT_HASH_PROVIDED, + hashData, hashDataLen, &tcgEventHdr, + (uint8_t *)event_msg, 0); + if (status == TPM_SUCCESS) { + printk(BIOS_DEBUG, "%s: Success! %s measured to pcr" + "%d.\n", __func__, event_msg, pcr); + } else { + printk(BIOS_DEBUG, "%s: Fail! %s can't be measured. " + "ABORTING!!!\n", __func__, event_msg); + return status; + } + } + return status; +} +#endif + +static void verified_boot_check_buffer(const char *name, void *start, + size_t size, uint32_t hash_index, int32_t pcr) +{ + uint8_t digest[DIGEST_SIZE]; +#ifndef __BOOTBLOCK__ + int status; +#endif + printk(BIOS_INFO, "%s: %s HASH verification buffer %p size %d\n", + __func__, name, start, (int) size); + + if (start && size) { + if (IS_ENABLED(CONFIG_VERIFIED_BOOT_USE_SHA512)) + cb_sha512((const uint8_t *)start, size, digest); + else + cb_sha256((const uint8_t*)start, size, digest); + + if (memcmp((void *)((uint8_t *)CONFIG_OEM_MANIFEST_LOC + + sizeof(digest) * hash_index), digest, sizeof(digest))) { + printk(BIOS_INFO, "%s: buffer hash\n", __func__); + hexdump(digest, sizeof(digest)); + printk(BIOS_INFO, "%s: manifest hash\n", __func__); + hexdump((void *)((uint8_t *)CONFIG_OEM_MANIFEST_LOC + + sizeof(digest) * hash_index), sizeof(digest)); + printk(BIOS_EMERG, "%s ", name); + die("HASH verification failed!\n"); + } else { +#ifndef __BOOTBLOCK__ + if (IS_ENABLED(CONFIG_MBOOT)) { + if (pcr != -1) { + printk(BIOS_INFO, "%s: measuring %s\n", + __func__, name); + status = measure_item(pcr, digest, + sizeof(digest), + (int8_t *)name, 0); + } + } +#endif + printk(BIOS_INFO, "%s HASH verification success\n", + name); + } + } else { + printk(BIOS_EMERG, "Invalid buffer "); + die("HASH verification failed!\n"); + } +} + +void verified_boot_check_cbfsfile(const char *name, uint32_t type, + uint32_t hash_index, void **buffer, uint32_t *filesize, + int32_t pcr) +{ + void *start; + size_t size; + + start = cbfs_boot_map_with_leak(name, type & ~VERIFIED_BOOT_COPY_BLOCK, + &size); + if (start && size) { + /* + * Speed up processing by copying the file content to memory + * first + */ +#ifndef __PRE_RAM__ + if ((type & VERIFIED_BOOT_COPY_BLOCK) && (buffer) && + (*buffer) && + ((uint32_t) start > (uint32_t)(~(CONFIG_CBFS_SIZE-1)))) { + printk(BIOS_INFO, "%s: move buffer to " + "memory\n", __func__); + /* Move the file to a memory bufferof which we know it + * doesn't harm + */ + memcpy(*buffer, start, size); + start = *buffer; + printk(BIOS_INFO, "%s: done\n", __func__); + } +#endif // __PRE_RAM__ + verified_boot_check_buffer(name, start, size, hash_index, pcr); + } else { + printk(BIOS_EMERG, "CBFS Failed to get file content for %s\n", + name); + die("HASH verification failed!\n"); + } + if (buffer) + *buffer = start; + if (filesize) + *filesize = size; +} + +void process_verify_list(const verify_item_t list[]) +{ + int i = 0; + + while (list[i].type != VERIFY_TERMINATOR) { + switch (list[i].type) { + case VERIFY_FILE: + verified_boot_check_cbfsfile(list[i].name, + list[i].data.file.cbfs_type, + list[i].hash_index, NULL, NULL, + list[i].pcr); + if (list[i].data.file.related_items) { + printk(BIOS_SPEW, "process related items\n"); + process_verify_list((verify_item_t *) + list[i].data.file.related_items); + } + break; + case VERIFY_BLOCK: + verified_boot_check_buffer(list[i].name, + (void *) list[i].data.block.start, + list[i].data.block.size, + list[i].hash_index, list[i].pcr); + break; + default: + printk(BIOS_EMERG, "INVALID TYPE IN VERIFY" + "LIST 0x%x\n", list[i].type); + die("HASH verification failed!\n"); + } + i++; + } +} +#ifndef __BOOTBLOCK__ + +static void process_named_list(const verify_item_t list[], const char *name, + void **buffer, uint32_t *size) +{ + int i = 0; + + while (list[i].type != VERIFY_TERMINATOR) { + switch (list[i].type) { + case VERIFY_FILE: + if (!strcmp(name, list[i].name)) { + if (list[i].data.file.related_items) { + printk(BIOS_SPEW, "process related" + "items\n"); + process_verify_list((verify_item_t *)list[i].data.file.related_items); + printk(BIOS_SPEW, "process related items done\n"); + } + verified_boot_check_cbfsfile(list[i].name, + list[i].data.file.cbfs_type, + list[i].hash_index, buffer, size, + list[i].pcr); + return; + } + break; + default: + printk(BIOS_EMERG, "INVALID TYPE IN NAMED LIST" + "0x%x\n", list[i].type); + die("HASH verification failed!\n"); + } + i++; + } + printk(BIOS_EMERG, "%s NOT IN LIST\n", name); + die("HASH verification failed!\n"); +} +#endif + +#ifdef __BOOTBLOCK__ +/* + * BOOTBLOCK + */ + +extern verify_item_t bootblock_verify_list[]; + +void verified_boot_bootblock_check(void) +{ + printk(BIOS_SPEW, "%s: processing bootblock items\n", __func__); + + if (IS_ENABLED(CONFIG_VERIFIED_BOOT_SIGNED_MANIFEST)) { + printk(BIOS_SPEW, "%s: check the manifest\n", __func__); + if (verified_boot_check_manifest() != 0) + die("invalid manifest"); + } + printk(BIOS_SPEW, "%s: process bootblock verify list\n", __func__); + process_verify_list(bootblock_verify_list); +} + +#endif //__BOOTBLOCK__ + + +#ifdef __ROMSTAGE__ +/* + * ROMSTAGE + */ + +extern verify_item_t ramstage_verify_list[]; + +int prog_locate_hook(struct prog *prog) +{ + if (prog->type == PROG_RAMSTAGE) { + process_named_list(ramstage_verify_list, prog->name, NULL, + NULL); + } + return 0; +} + +extern verify_item_t romstage_verify_list[]; + +void verified_boot_early_check(void) +{ + printk(BIOS_SPEW, "%s: processing early items\n", __func__); + + if (!IS_ENABLED(CONFIG_C_ENVIRONMENT_BOOTBLOCK) && + IS_ENABLED(CONFIG_VERIFIED_BOOT_SIGNED_MANIFEST)) { + printk(BIOS_SPEW, "%s: check the manifest\n", __func__); + if (verified_boot_check_manifest() != 0) + die("invalid manifest"); + } + printk(BIOS_SPEW, "%s: process early verify list\n", __func__); + process_verify_list(romstage_verify_list); +} +#endif //__ROMSTAGE__ + +#ifdef __RAMSTAGE__ +/* + * RAM STAGE + */ + +static int process_oprom_list(const verify_item_t list[], + struct rom_header *rom_header) +{ + int i = 0; + struct pci_data *rom_data; + uint32_t viddevid = 0; + + if (le32_to_cpu(rom_header->signature) != PCI_ROM_HDR) { + printk(BIOS_ERR, "Incorrect expansion ROM header " + "signature %04x DONT START\n", + le32_to_cpu(rom_header->signature)); + return 0; + } + + rom_data = (((void *)rom_header) + le32_to_cpu(rom_header->data)); + + viddevid |= (rom_data->vendor << 16); + viddevid |= rom_data->device; + + while (list[i].type != VERIFY_TERMINATOR) { + switch (list[i].type) { + case VERIFY_OPROM: + if (viddevid == list[i].data.oprom.viddev) { + verified_boot_check_buffer(list[i].name, + (void *) rom_header, + rom_header->size * 512, + list[i].hash_index, list[i].pcr); + if (list[i].data.oprom.related_items) { + printk(BIOS_SPEW, "%s: process" + " related items\n", __func__); + process_verify_list((verify_item_t *)list[i].data.oprom.related_items); + } + printk(BIOS_SPEW, "%s: option rom can be" + " started\n", __func__); + return 1; + } + break; + default: + printk(BIOS_EMERG, "%s: INVALID TYPE IN OPTION ROM LIST" + "0x%x\n", __func__, list[i].type); + die("HASH verification failed!\n"); + } + i++; + } + printk(BIOS_ERR, "%s: option rom not in list DONT START\n", __func__); + return 0; +} + +extern verify_item_t payload_verify_list[]; + +int prog_locate_hook(struct prog *prog) +{ + if (prog->type == PROG_PAYLOAD) { + void *buffer = (void*) 0x01000000; + printk(BIOS_SPEW, "%s: requesting %s\n", __func__, prog->name); + process_named_list(payload_verify_list, prog->name, &buffer, + NULL); + printk(BIOS_SPEW, "%s: running allowed\n", __func__); + } + return 0; +} + +extern verify_item_t oprom_verify_list[]; + +int verified_boot_should_run_oprom(struct rom_header *rom_header) +{ + return process_oprom_list(oprom_verify_list, rom_header); +} +#endif //__PRE_RAM__ diff --git a/src/vendorcode/eltan/security/verified_boot/vboot_check.h b/src/vendorcode/eltan/security/verified_boot/vboot_check.h new file mode 100644 index 0000000..34186f3 --- /dev/null +++ b/src/vendorcode/eltan/security/verified_boot/vboot_check.h @@ -0,0 +1,83 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2016 Intel Corp. + * Copyright (C) 2017-2018 Eltan B.V. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#ifndef VBOOT_CHECK_H +#define VBOOT_CHECK_H + +#include <cbfs.h> +#include <device/device.h> +#include <device/pci.h> +#include <lib.h> +#include CONFIG_VERIFIED_BOOT_MANIFEST +#include <console/console.h> +#include <cryptolib.h> +#include <string.h> +#include <program_loading.h> +#if IS_ENABLED(CONFIG_MBOOT) +#include <mboot.h> +#endif + +#define VERIFIED_BOOT_COPY_BLOCK 0x80000000 +/* These method verifies the SHA256 hash over the 'named' CBFS component. + * 'type' denotes the type of CBFS component i.e. stage, payload or fsp. + */ +#ifdef __BOOTBLOCK__ +void verified_boot_bootblock_check(void); +#endif +#ifdef __ROMSTAGE__ +void verified_boot_early_check(void); +#endif + +int verified_boot_check_manifest(void); + +void verified_boot_check_cbfsfile(const char *name, uint32_t type, + uint32_t hash_index, void **buffer, uint32_t *filesize, int32_t pcr); + +typedef enum { + + VERIFY_TERMINATOR = 0, + VERIFY_FILE, + VERIFY_BLOCK, + VERIFY_OPROM + +} verify_type; + +typedef struct { + verify_type type; + const char *name; + union { + struct { + const void *related_items; + uint32_t cbfs_type; + } file; + struct { + const void *start; + uint32_t size; + } block; + struct { + const void *related_items; + uint32_t viddev; + } oprom; + } data; + uint32_t hash_index; +#if IS_ENABLED(CONFIG_MBOOT) + int32_t pcr; +#endif //IS_ENABLED(CONFIG_MBOOT) +} verify_item_t; + +void process_verify_list(const verify_item_t list[]); + +#endif //VBOOT_CHECK_H -- To view, visit https://review.coreboot.org/c/coreboot/+/30835 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: If6c1423b0b4a309cefb7fe7a29d5100ba289e0b4 Gerrit-Change-Number: 30835 Gerrit-PatchSet: 1 Gerrit-Owner: Frans Hendriks <fhendriks(a)eltan.com> Gerrit-MessageType: newchange

3 17

Change in ...coreboot[master]: vendorcode/eltan/security/mboot: Add measured boot support.
by Frans Hendriks (Code Review) 04 Oct '19

04 Oct '19

Frans Hendriks has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/30833 Change subject: vendorcode/eltan/security/mboot: Add measured boot support. ...................................................................... vendorcode/eltan/security/mboot: Add measured boot support. Create measured boot. This feature uses the vendorcode/eltan/security/lib. The function mb_measure() is starting point for the support. BUG=N/A TEST=Created binary and verify logging on Facebook FBG-1701 Change-Id: I7f880a17e240515dd42d57383b5ddddf576985b0 Signed-off-by: Frans Hendriks <fhendriks(a)eltan.com> --- A src/vendorcode/eltan/security/mboot/Kconfig A src/vendorcode/eltan/security/mboot/Makefile.inc A src/vendorcode/eltan/security/mboot/mboot.c A src/vendorcode/eltan/security/mboot/mboot.h A src/vendorcode/eltan/security/mboot/mboot_func.c 5 files changed, 813 insertions(+), 0 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/33/30833/1 diff --git a/src/vendorcode/eltan/security/mboot/Kconfig b/src/vendorcode/eltan/security/mboot/Kconfig new file mode 100644 index 0000000..b262f6d --- /dev/null +++ b/src/vendorcode/eltan/security/mboot/Kconfig @@ -0,0 +1,43 @@ +## This file is part of the coreboot project. +## +## Copyright (C) 2018 Eltan B.V. +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; version 2 of the License. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## + +menu "Measured Boot (mboot)" + +config MBOOT + bool "Measure firmware with mboot." + default n + help + Enabling MBOOT will use mboot to measure the components of the firmware + (stages, payload, etc). + +config CRTM_VERSION_STRING + string "default CRTM version" + default "default CRTM version" + +config MBOOT_UEFI_SUPPORT + bool "Enable mboot UEFI support" + default n + depends on MBOOT + help + Add some specific items for UEFI support (not implemented yet) + +config MBOOT_EVENTLOG + bool "Enable mboot eventlog" + default n + default y if MBOOT_UEFI_SUPPORT + depends on MBOOT + help + Not only extend the PCRS but also log the events (not implemented yet) + +endmenu # Measured Boot (mboot) diff --git a/src/vendorcode/eltan/security/mboot/Makefile.inc b/src/vendorcode/eltan/security/mboot/Makefile.inc new file mode 100644 index 0000000..b586052 --- /dev/null +++ b/src/vendorcode/eltan/security/mboot/Makefile.inc @@ -0,0 +1,25 @@ +## +## This file is part of the coreboot project. +## +## Copyright (C) 2018 Eltan B.V. +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; version 2 of the License. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## + +ifeq ($(CONFIG_MBOOT),y) + +CPPFLAGS_common += -I$(src)/security/mboot + +ramstage-y += mboot.c +ramstage-y += mboot_func.c + +romstage-y += mboot.c + +endif # CONFIG_MBOOT diff --git a/src/vendorcode/eltan/security/mboot/mboot.c b/src/vendorcode/eltan/security/mboot/mboot.c new file mode 100644 index 0000000..4e7e314 --- /dev/null +++ b/src/vendorcode/eltan/security/mboot/mboot.c @@ -0,0 +1,581 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2015 Intel Corporation + * Copyright (C) 2018 Eltan B.V. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include <mboot.h> +#include <assert.h> +#include <build.h> +#include <vb2_api.h> + +/* + * Get the list of currently active PCR banks in TPM. + * + * @retval A map of active PCR banks. + */ +EFI_TCG2_EVENT_ALGORITHM_BITMAP tpm2_get_active_pcrs(void) +{ + int status; + TPML_PCR_SELECTION Pcrs; + EFI_TCG2_EVENT_ALGORITHM_BITMAP tpmHashAlgorithmBitmap = 0; + uint32_t activePcrBanks = 0; + uint32_t index; + + status = tpm2_get_capability_pcrs(&Pcrs); + if (status != TPM_SUCCESS) { + tpmHashAlgorithmBitmap = EFI_TCG2_BOOT_HASH_ALG_SHA1; + activePcrBanks = EFI_TCG2_BOOT_HASH_ALG_SHA1; + } else { + for (index = 0; index < Pcrs.count; index++) { + switch (Pcrs.pcrSelections[index].hash) { + case TPM_ALG_SHA1: + tpmHashAlgorithmBitmap |= + EFI_TCG2_BOOT_HASH_ALG_SHA1; + if (!is_zero_buffer(Pcrs.pcrSelections[index].pcrSelect, + Pcrs.pcrSelections[index].sizeofSelect)) + activePcrBanks |= + EFI_TCG2_BOOT_HASH_ALG_SHA1; + break; + case TPM_ALG_SHA256: + tpmHashAlgorithmBitmap |= + EFI_TCG2_BOOT_HASH_ALG_SHA256; + if (!is_zero_buffer(Pcrs.pcrSelections[index].pcrSelect, + Pcrs.pcrSelections[index].sizeofSelect)) + activePcrBanks |= + EFI_TCG2_BOOT_HASH_ALG_SHA256; + break; + case TPM_ALG_SHA384: + case TPM_ALG_SHA512: + case TPM_ALG_SM3_256: + default: + printk(BIOS_DEBUG, "%s: unsupported algorithm " + "reported - 0x%x\n", __func__, + Pcrs.pcrSelections[index].hash); + break; + } + } + } + printk(BIOS_DEBUG, "Tcg2 Capability values from TPM\n"); + printk(BIOS_DEBUG, "tpmHashAlgorithmBitmap - 0x%08x\n", + tpmHashAlgorithmBitmap); + printk(BIOS_DEBUG, "activePcrBanks - 0x%08x\n", + activePcrBanks); + + return activePcrBanks; +} + +/* + * tpm2_get_capability_pcrs + * + * Return the TPM PCR information. + * + * This function parses the data got from tlcl_getcapability and returns the + * PcrSelection. + * + * @param[out] Pcrs The Pcr Selection + * + * @retval TPM_SUCCESS Operation completed successfully. + * @retval TPM_E_IOERROR The command was unsuccessful. + */ +int tpm2_get_capability_pcrs(TPML_PCR_SELECTION *Pcrs) +{ + TPMS_CAPABILITY_DATA TpmCap; + TPMI_YES_NO MoreData; + int status; + int index; + + status = tlcl_getcapability(TPM_CAP_PCRS, 0, 1, &MoreData, &TpmCap); + if (status == TPM_SUCCESS) { + Pcrs->count = TpmCap.data.assignedPCR.count; + printk(BIOS_DEBUG, "Pcrs->count = %d\n", Pcrs->count); + for (index = 0; index < Pcrs->count; index++) { + Pcrs->pcrSelections[index].hash = + swab16(TpmCap.data.assignedPCR.pcrSelections[index].hash); + printk(BIOS_DEBUG, "Pcrs->pcrSelections[index].hash =" + "0x%x\n", Pcrs->pcrSelections[index].hash); + Pcrs->pcrSelections[index].sizeofSelect = + TpmCap.data.assignedPCR.pcrSelections[index].sizeofSelect; + memcpy(Pcrs->pcrSelections[index].pcrSelect, + TpmCap.data.assignedPCR.pcrSelections[index].pcrSelect, + Pcrs->pcrSelections[index].sizeofSelect); + } + } + return status; +} + +/* + * mboot_hash_extend_log + * + * Calculates the hash over the data and extends it in active PCR banks and + * then logs them in the event log. + * + * @param[in] activePcr bitmap of active PCR banks in TPM. + * @param[in] flags flags associated with hash data. Currently + * unused. + * @param[in] hashData data to be hashed. + * @param[in] hashDataLen length of the data to be hashed. + * @param[in] newEventHdr event header in TCG_PCR_EVENT2 format. + * @param[in] eventLog description of the event. + * @param[in] invalid invalidate the pcr + * + * @retval TPM_SUCCESS Operation completed successfully. + * @retval TPM_E_IOERROR Unexpected device behavior. + */ +int mboot_hash_extend_log(EFI_TCG2_EVENT_ALGORITHM_BITMAP activePcr, + uint64_t flags, uint8_t *hashData, uint32_t hashDataLen, + TCG_PCR_EVENT2_HDR *newEventHdr, uint8_t *eventLog, uint8_t invalid) +{ + int status; + TPMT_HA *digest = NULL; + int digest_num = 0; + + printk(BIOS_DEBUG, "%s: Hash Data Length: %zu bytes\n", __func__, + (size_t)hashDataLen); + + if (invalid) { + digest = &(newEventHdr->digest.digests[digest_num]); + digest->digest.invalidate_pcrs = 1; + digest->hashAlg = TPM_ALG_ERROR; + digest_num++; + } else { + /* + * Generate SHA1 hash if SHA1 PCR bank is active in TPM + * currently + */ + if (activePcr & EFI_TCG2_BOOT_HASH_ALG_SHA1) { + digest = &(newEventHdr->digest.digests[digest_num]); + if (flags & MBOOT_HASH_PROVIDED) { + /* The hash is provided as data */ + memcpy(digest->digest.sha1, (void *)hashData, + SHA1_DIGEST_SIZE); + } else { + cb_sha1((const uint8_t *)hashData, hashDataLen, + digest->digest.sha1); + } + + digest->hashAlg = TPM_ALG_SHA1; + digest_num++; + + printk(BIOS_DEBUG, "%s: SHA1 Hash Digest:\n", __func__); + mboot_print_buffer(digest->digest.sha1, + SHA1_DIGEST_SIZE); + } + + /* + * Generate SHA256 hash if SHA256 PCR bank is active in TPM + * currently + */ + if (activePcr & EFI_TCG2_BOOT_HASH_ALG_SHA256) { + digest = &(newEventHdr->digest.digests[digest_num]); + if (flags & MBOOT_HASH_PROVIDED) { + /* The hash is provided as data */ + memcpy(digest->digest.sha256, + (void *)hashData, hashDataLen); + } else { + cb_sha256(hashData, hashDataLen, + digest->digest.sha256); + } + digest->hashAlg = TPM_ALG_SHA256; + digest_num++; + + printk(BIOS_DEBUG, "%s: SHA256 Hash Digest:\n", + __func__); + mboot_print_buffer(digest->digest.sha256, + SHA256_DIGEST_SIZE); + } + } + + newEventHdr->digest.count = digest_num; + + status = tlcl_extend_ex( + newEventHdr->pcrIndex, + &(newEventHdr->digest) + ); + + if (IS_ENABLED(CONFIG_MBOOT_EVENTLOG)) { + /* Perform the logging of the measurement */ + if (status == TPM_SUCCESS) { + status = log_event_tcg_20_format(newEventHdr, eventLog); + /* + * If SHA1 PCR bank is active, log the event in TCG 1.2 format + * tool + */ + if (activePcr & EFI_TCG2_BOOT_HASH_ALG_SHA1) + status = log_event_tcg_12_format(newEventHdr, + eventLog); + } + } + if (status != TPM_SUCCESS) + printk(BIOS_DEBUG, "%s: returned 0x%x\n", __func__, status); + + return status; +} + +/* + * invalidate_pcrs + * + * Invalidate PCRs 0-7 with extending 1 after tpm failure. + */ +void invalidate_pcrs(void) +{ + int status, pcr; + TCG_PCR_EVENT2_HDR tcgEventHdr; + EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrs; + uint8_t invalidate; + + ActivePcrs = tpm2_get_active_pcrs(); + invalidate = 1; + + for (pcr = 0; pcr < 8; pcr++) { + printk(BIOS_DEBUG, "%s: Invalidating PCR %d\n", __func__, pcr); + memset(&tcgEventHdr, 0, sizeof(tcgEventHdr)); + tcgEventHdr.pcrIndex = pcr; + tcgEventHdr.eventType = EV_NO_ACTION; + tcgEventHdr.eventSize = (uint32_t) sizeof(invalidate); + + status = mboot_hash_extend_log(ActivePcrs, 0, + (uint8_t *)&invalidate, tcgEventHdr.eventSize, + &tcgEventHdr, (uint8_t *)"Invalidate PCR", invalidate); + + if (status != TPM_SUCCESS) + printk(BIOS_DEBUG, "%s: invalidating pcr %d returned" + " 0x%x\n", __func__, pcr, status); + } +} + +/* + * is_zero_buffer + * + * Check if buffer is all zero. + * + * @param[in] buffer Buffer to be checked. + * @param[in] size Size of buffer to be checked. + * + * @retval TRUE buffer is all zero. + * @retval FALSE buffer is not all zero. + */ +int is_zero_buffer(void *buffer, unsigned int size) +{ + uint8_t *ptr; + + ptr = buffer; + while (size--) { + if (*(ptr++) != 0) + return false; + } + return true; +} + +/* + * Prints command or response buffer for debugging purposes. + * + * @param[in] Buffer Buffer to print. + * @param[in] BufferSize Buffer data length. + * + * @retval None + */ +void mboot_print_buffer(uint8_t *buffer, uint32_t bufferSize) +{ + uint32_t index; + + printk(BIOS_DEBUG, "Buffer Address: 0x%08x, Size: 0x%08x, Value:\n", + (unsigned int)*buffer, bufferSize); + for (index = 0; index < bufferSize; index++) { + printk(BIOS_DEBUG, "%02x ", *(buffer + index)); + if ((index+1) % 16 == 0) + printk(BIOS_DEBUG, "\n"); + } + printk(BIOS_DEBUG, "\n"); +} + +/* + * measures and logs the specified cbfs file. + * + * @param[in] activePcr bitmap of active PCR banks in TPM. + * @param[in] name name of the cbfs file to measure + * @param[in] type data type of the cbfs file. + * @param[in] pcr pcr to extend. + * @param[in] evenType tcg event type. + * @param[in] event_msg description of the event. + * + * @retval TPM_SUCCESS Operation completed successfully. + * @retval TPM_E_IOERROR Unexpected device behavior. + */ +int mb_measure_log_worker(EFI_TCG2_EVENT_ALGORITHM_BITMAP activePcr, + const char *name, uint32_t type, uint32_t pcr, + TCG_EVENTTYPE eventType, const char *event_msg) +{ + int status; + TCG_PCR_EVENT2_HDR tcgEventHdr; + uint8_t *base; + size_t size; + + printk(BIOS_DEBUG, "%s: Measure %s\n", __func__, name); + base = cbfs_boot_map_with_leak(name, type, &size); + + if (base == NULL) { + printk(BIOS_DEBUG, "%s: CBFS locate fail: %s\n", __func__, + name); + return VB2_ERROR_READ_FILE_OPEN; + } + + printk(BIOS_DEBUG, "%s: CBFS locate success: %s\n", + __func__, name); + memset(&tcgEventHdr, 0, sizeof(tcgEventHdr)); + tcgEventHdr.pcrIndex = pcr; + tcgEventHdr.eventType = eventType; + if (event_msg) + tcgEventHdr.eventSize = (uint32_t) strlen(event_msg); + + status = mboot_hash_extend_log(activePcr, 0, base, size, &tcgEventHdr, + (uint8_t *)event_msg, 0); + return status; +} + +#ifdef __PRE_RAM__ +/* + * Called from early romstage + * + *mb_entry + * + * initializes measured boot mechanism, initializes the + * tpm library and starts the tpm called by mb_measure + * + * The function can be overridden at the mainboard level my simply creating a + * function with the same name there. + * + * @param[in] wake_from_s3 1 if we are waking from S3, 0 standard boot + * + * @retval TPM_SUCCESS Operation completed successfully. + * @retval TPM_E_IOERROR Unexpected device behavior. +**/ + +int __attribute__((weak)) mb_entry(int wake_from_s3) +{ + int status; + + /* Initialize TPM driver. */ + printk(BIOS_DEBUG, "%s: tlcl_lib_init\n", __func__); + if (tlcl_lib_init() != VB2_SUCCESS) { + printk(BIOS_ERR, "%s: TPM driver initialization failed.\n", + __func__); + return TPM_E_IOERROR; + } + + if (wake_from_s3) { + printk(BIOS_DEBUG, "%s: tlcl_resume\n", __func__); + status = tlcl_resume(); + } else { + printk(BIOS_DEBUG, "%s: tlcl_startup\n", __func__); + status = tlcl_startup(); + } + + if (status) + printk(BIOS_ERR, "%s: StartUp failed 0x%x!\n", __func__, + status); + + return status; +} + +/* + * + * mb_measure + * + * initial call to the measured boot mechanism, initializes the + * tpm library, starts the tpm and performs the measurements defined by + * the coreboot platform. + * + * The pcrs will be invalidated if the measurement fails + * + * The function can be overridden at the mainboard level my simply creating a + * function with the same name there. + * + * @param[in] wake_from_s3 1 if we are waking from S3, 0 standard boot + * + * @retval TPM_SUCCESS Operation completed successfully. + * @retval TPM_E_IOERROR Unexpected device behavior. + */ + +int __attribute__((weak))mb_measure(int wake_from_s3) +{ + uint32_t status; + + status = mb_entry(wake_from_s3); + if (status == TPM_SUCCESS) { + printk(BIOS_DEBUG, "%s: StartUp, successful!\n", __func__); + status = mb_measure_log_start(); + if (status == TPM_SUCCESS) { + printk(BIOS_DEBUG, "%s: Measuring, successful!\n", + __func__); + } else { + invalidate_pcrs(); + printk(BIOS_ERR, "%s: Measuring returned 0x%x " + "unsuccessful! PCRs invalidated.\n", + __func__, status); + } + } else { + invalidate_pcrs(); + printk(BIOS_ERR, "%s: StartUp returned 0x%x, unsuccessful!" + "PCRs invalidated.\n", __func__, status); + } + return status; +} + +/* + * + * mb_measure_log_start + * + * performs the measurements defined by the the board routines. + * + * The logging is defined by the mb_log_list structure and mb_log_list_count. + * + * These items need to be defined in the mainboard part of the mboot + * implementation + * + * The function can be overridden at the mainboard level my simply creating a + * function with the same name there. + * + * @param[in] none + * + * @retval TPM_SUCCESS Operation completed successfully. + * @retval TPM_E_IOERROR Unexpected device behavior. + */ +int __attribute__((weak))mb_measure_log_start(void) +{ + int status; + EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrs; + uint32_t i; + + ActivePcrs = tpm2_get_active_pcrs(); + + if (ActivePcrs == 0x0) { + printk(BIOS_DEBUG, "%s: No Active PCR Bank in TPM.\n", + __func__); + return TPM_E_IOERROR; + } + + if (IS_ENABLED(CONFIG_MBOOT_UEFI_SUPPORT)) { + status = log_efi_specid_event(ActivePcrs); + + if (status != TPM_SUCCESS) { + printk(BIOS_DEBUG, "%s: Fail! Specification ID version" + "event can't be logged. ABORTING!!!\n", __func__); + return status; + } + } + status = mb_crtm(ActivePcrs); + if (status != TPM_SUCCESS) { + printk(BIOS_DEBUG, "%s: Fail! CRTM Version can't be measured." + " ABORTING!!!\n", __func__); + return status; + } + printk(BIOS_DEBUG, "%s: Success! CRTM Version measured.\n", __func__); + + /* Log the items defined by the mainboard */ + for (i = 0; i < mb_log_list_count; i++) { + status = mb_measure_log_worker( + ActivePcrs, mb_log_list[i].cbfs_name, + mb_log_list[i].cbfs_type, mb_log_list[i].pcr, + mb_log_list[i].eventType, + mb_log_list[i].event_msg); + if (status != TPM_SUCCESS) { + printk(BIOS_DEBUG, "%s: Fail! %s can't be measured." + "ABORTING!!!\n", __func__, + mb_log_list[i].cbfs_name); + return status; + } + printk(BIOS_DEBUG, "%s: Success! %s measured to pcr" + "%d.\n", __func__, mb_log_list[i].cbfs_name, + mb_log_list[i].pcr); + } + return status; +} + +static const uint8_t crtm_version[] = CONFIG_CRTM_VERSION_STRING\ + COREBOOT_VERSION COREBOOT_EXTRA_VERSION " " COREBOOT_BUILD; + +/* + * + * mb_crtm + * + * measures the crtm version. this consists of a string than can be + * defined using make menuconfig and automatically generated version + * information. + * + * The function can be overridden at the mainboard level my simply creating a + * function with the same name there. + * + * @param[in] activePcr bitmap of the support + * + * @retval TPM_SUCCESS Operation completed successfully. + * @retval TPM_E_IOERROR Unexpected device behavior. +**/ +int __attribute__((weak))mb_crtm(EFI_TCG2_EVENT_ALGORITHM_BITMAP activePcr) +{ + int status; + TCG_PCR_EVENT2_HDR tcgEventHdr; + uint8_t hash[SHA256_DIGEST_SIZE]; + uint8_t *msgPtr; + + /* Use FirmwareVersion string to represent CRTM version. */ + printk(BIOS_DEBUG, "%s: Measure CRTM Version\n", __func__); + memset(&tcgEventHdr, 0, sizeof(tcgEventHdr)); + tcgEventHdr.pcrIndex = MBOOT_PCR_INDEX_0; + tcgEventHdr.eventType = EV_S_CRTM_VERSION; + tcgEventHdr.eventSize = sizeof(crtm_version); + printk(BIOS_DEBUG, "%s: EventSize - %u\n", __func__, + tcgEventHdr.eventSize); + + status = mboot_hash_extend_log(activePcr, 0, (uint8_t *)crtm_version, + tcgEventHdr.eventSize, &tcgEventHdr, (uint8_t *)crtm_version, + 0); + if (status) { + printk(BIOS_DEBUG, "Measure CRTM Version returned 0x%x\n", + status); + return status; + } + + status = get_intel_me_hash(hash); + if (status) { + printk(BIOS_DEBUG, "get_intel_me_hash returned 0x%x\n", status); + status = TPM_E_IOERROR; + return status; + } + + /* Add the me hash */ + printk(BIOS_DEBUG, "%s: Add the hash returned by the ME\n", + __func__); + memset(&tcgEventHdr, 0, sizeof(tcgEventHdr)); + tcgEventHdr.pcrIndex = MBOOT_PCR_INDEX_0; + tcgEventHdr.eventType = EV_S_CRTM_CONTENTS; + + if (IS_ENABLED(CONFIG_MBOOT_EVENTLOG)) { + const uint8_t me_message[] = "HASH RETURNED BY ME"; + msgPtr = (uint8_t *)msgPtr; + tcgEventHdr.eventSize = sizeof(me_message); + printk(BIOS_DEBUG, "%s: EventSize - %u\n", __func__, + tcgEventHdr.eventSize); + } else { + msgPtr = NULL; + tcgEventHdr.eventSize = 0; + } + + status = mboot_hash_extend_log(activePcr, MBOOT_HASH_PROVIDED, hash, + sizeof(hash), &tcgEventHdr, msgPtr, 0); + if (status) + printk(BIOS_DEBUG, "Add ME hash returned 0x%x\n", status); + + return status; +} +#endif // __PRE_RAM__ diff --git a/src/vendorcode/eltan/security/mboot/mboot.h b/src/vendorcode/eltan/security/mboot/mboot.h new file mode 100644 index 0000000..45a4732 --- /dev/null +++ b/src/vendorcode/eltan/security/mboot/mboot.h @@ -0,0 +1,136 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2015 Intel Corporation + * Copyright (C) 2018 Eltan B.V. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#ifndef MBOOT_H +#define MBOOT_H + +#include <arch/io.h> +#include <arch/acpi.h> +#include <string.h> +#include <console/console.h> +#include <cryptolib.h> +#include <cbfs.h> +#include <lib.h> +#include <boot/coreboot_tables.h> +#include <security/tpm/tss/tcg-2.0/tss_structures.h> +#include <security/tpm/tss.h> + +/* TPM2 interface */ +#define EFI_TPM2_ACPI_TABLE_START_METHOD_TIS 6 +#define TPM_SHA1_160_HASH_LEN 0x14 + +/* Part 2, section 5.4: TPM_DIGEST */ +typedef struct tdTPM_DIGEST { + int8_t digest[TPM_SHA1_160_HASH_LEN]; +} TPM_DIGEST; + +/* Index to a PCR register */ +typedef uint32_t TPM_PCRINDEX; +typedef uint32_t TCG_EVENTTYPE; +typedef TPM_PCRINDEX TCG_PCRINDEX; +typedef TPM_DIGEST TCG_DIGEST; + +/* TCG_PCR_EVENT_HDR */ +typedef struct tdTCG_PCR_EVENT_HDR { + TCG_PCRINDEX pcrIndex; + TCG_EVENTTYPE eventType; + TCG_DIGEST digest; + uint32_t eventSize; +} __packed TCG_PCR_EVENT_HDR; + +/* TCG_PCR_EVENT2_HDR */ +typedef struct tdTCG_PCR_EVENT2_HDR { + TCG_PCRINDEX pcrIndex; + TCG_EVENTTYPE eventType; + TPML_DIGEST_VALUES digest; + uint32_t eventSize; +} __packed TCG_PCR_EVENT2_HDR; + +typedef uint32_t EFI_TCG2_EVENT_ALGORITHM_BITMAP; + +#define EFI_TCG2_BOOT_HASH_ALG_SHA1 0x00000001 +#define EFI_TCG2_BOOT_HASH_ALG_SHA256 0x00000002 +#define EFI_TCG2_BOOT_HASH_ALG_SHA384 0x00000004 +#define EFI_TCG2_BOOT_HASH_ALG_SHA512 0x00000008 +#define EFI_TCG2_BOOT_HASH_ALG_SM3_256 0x00000010 + +/* Standard event types */ +#define EV_POST_CODE ((TCG_EVENTTYPE) 0x00000001) +#define EV_NO_ACTION ((TCG_EVENTTYPE) 0x00000003) +#define EV_SEPARATOR ((TCG_EVENTTYPE) 0x00000004) +#define EV_S_CRTM_CONTENTS ((TCG_EVENTTYPE) 0x00000007) +#define EV_S_CRTM_VERSION ((TCG_EVENTTYPE) 0x00000008) +#define EV_CPU_MICROCODE ((TCG_EVENTTYPE) 0x00000009) +#define EV_TABLE_OF_DEVICES ((TCG_EVENTTYPE) 0x0000000B) + +#define MBOOT_PCR_INDEX_0 0x0 +#define MBOOT_PCR_INDEX_1 0x1 +#define MBOOT_PCR_INDEX_2 0x2 +#define MBOOT_PCR_INDEX_3 0x3 +#define MBOOT_PCR_INDEX_4 0x4 +#define MBOOT_PCR_INDEX_5 0x5 +#define MBOOT_PCR_INDEX_6 0x6 +#define MBOOT_PCR_INDEX_7 0x7 + +/* + * used to indicate a hash is provide so there is no need to perform the + * measurement + */ +#define MBOOT_HASH_PROVIDED (0x00000001) + + +int is_zero_buffer(void *buffer, unsigned int size); + +int mboot_hash_extend_log(EFI_TCG2_EVENT_ALGORITHM_BITMAP activePcr, + uint64_t flags, uint8_t *hashData, uint32_t hashDataLen, + TCG_PCR_EVENT2_HDR *newEventHdr, uint8_t *eventLog, uint8_t invalid); + +void mboot_print_buffer(uint8_t *buffer, uint32_t bufferSize); + +int mb_crtm(EFI_TCG2_EVENT_ALGORITHM_BITMAP activePcr); + +typedef struct { + const char *cbfs_name; + uint32_t cbfs_type; + uint32_t pcr; + TCG_EVENTTYPE eventType; + const char *event_msg; +} mboot_measure_item_t; + +int mb_measure_log_worker(EFI_TCG2_EVENT_ALGORITHM_BITMAP activePcr, + const char *name, uint32_t type, uint32_t pcr, + TCG_EVENTTYPE eventType, const char *event_msg); + +int mb_measure_log_start(void); +void invalidate_pcrs(void); + +EFI_TCG2_EVENT_ALGORITHM_BITMAP tpm2_get_active_pcrs(void); + +int tpm2_get_capability_pcrs(TPML_PCR_SELECTION *Pcrs); + +extern const mboot_measure_item_t mb_log_list[]; +extern const uint32_t mb_log_list_count; + +int mb_measure(int wake_from_s3); +int mb_entry(int wake_from_s3); + +int log_efi_specid_event(EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrs); +int log_event_tcg_20_format(TCG_PCR_EVENT2_HDR *EventHdr, uint8_t *EventLog); +int log_event_tcg_12_format(TCG_PCR_EVENT2_HDR *EventHdr, uint8_t *EventLog); + +int get_intel_me_hash(uint8_t *hash); + +#endif /* MBOOT_H */ diff --git a/src/vendorcode/eltan/security/mboot/mboot_func.c b/src/vendorcode/eltan/security/mboot/mboot_func.c new file mode 100644 index 0000000..ec66d34 --- /dev/null +++ b/src/vendorcode/eltan/security/mboot/mboot_func.c @@ -0,0 +1,28 @@ +/* + * This file is part of the coreboot project. + * + * Copyright (C) 2018 Eltan B.V. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; version 2 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include <mboot.h> + +int log_efi_specid_event(EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrs) { + return TPM_SUCCESS; +} + +int log_event_tcg_12_format(TCG_PCR_EVENT2_HDR *EventHdr, uint8_t *EventLog) { + return TPM_SUCCESS; +} + +int log_event_tcg_20_format(TCG_PCR_EVENT2_HDR *EventHdr, uint8_t *EventLog) { + return TPM_SUCCESS; +} -- To view, visit https://review.coreboot.org/c/coreboot/+/30833 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I7f880a17e240515dd42d57383b5ddddf576985b0 Gerrit-Change-Number: 30833 Gerrit-PatchSet: 1 Gerrit-Owner: Frans Hendriks <fhendriks(a)eltan.com> Gerrit-MessageType: newchange

5 18

Change in coreboot[master]: site-local: Allow to read Makefile.inc w/o .config
by Balaji Manigandan (Code Review) 04 Oct '19

04 Oct '19

Balaji Manigandan has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/34024 ) Change subject: site-local: Allow to read Makefile.inc w/o .config ...................................................................... site-local: Allow to read Makefile.inc w/o .config Makefile.inc allows to extend site specific configurations list the make options irrespective of a .config Change-Id: I7c968c773c368ea74689b9741c4c978c35110187 Signed-off-by: Balaji Manigandan B <balaji.manigandan(a)intel.com> --- M Makefile 1 file changed, 2 insertions(+), 1 deletion(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/24/34024/1 diff --git a/Makefile b/Makefile index 45b0bc5..dfc70e0 100644 --- a/Makefile +++ b/Makefile @@ -129,11 +129,12 @@ endif endif +-include $(TOPLEVEL)/site-local/Makefile.inc + ifeq ($(NOCOMPILE),1) include $(TOPLEVEL)/Makefile.inc include $(TOPLEVEL)/payloads/Makefile.inc include $(TOPLEVEL)/util/testing/Makefile.inc --include $(TOPLEVEL)/site-local/Makefile.inc real-all: @echo "Error: Expected config file ($(DOTCONFIG)) not present." >&2 @echo "Please specify a config file or run 'make menuconfig' to" >&2 -- To view, visit https://review.coreboot.org/c/coreboot/+/34024 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I7c968c773c368ea74689b9741c4c978c35110187 Gerrit-Change-Number: 34024 Gerrit-PatchSet: 1 Gerrit-Owner: Balaji Manigandan <balaji.manigandan(a)intel.com> Gerrit-MessageType: newchange

5 9

Change in ...libgfxinit[master]: gma i2c: Rework GMBUS reset procedure
by Nico Huber (Code Review) 03 Oct '19

03 Oct '19

Nico Huber has uploaded this change for review. ( https://review.coreboot.org/c/libgfxinit/+/32730 Change subject: gma i2c: Rework GMBUS reset procedure ...................................................................... gma i2c: Rework GMBUS reset procedure Once we tried to use the GMBUS controller with an unconnected pair of I2C pins, it got stuck and a reset via the SOFTWARE_CLEAR_INTERRUPT bit didn't suffice to recover. Further tests have shown that we are able to recover, if we switch to a valid pin pair first and issue an I2C stop cycle before the reset. Change-Id: If737ffb35afa309de7746f0c16025b9598f69460 Signed-off-by: Nico Huber <nico.h(a)gmx.de> --- M common/hw-gfx-gma-i2c.adb 1 file changed, 39 insertions(+), 31 deletions(-) git pull ssh://review.coreboot.org:29418/libgfxinit refs/changes/30/32730/1 diff --git a/common/hw-gfx-gma-i2c.adb b/common/hw-gfx-gma-i2c.adb index bc81734..3d41174 100644 --- a/common/hw-gfx-gma-i2c.adb +++ b/common/hw-gfx-gma-i2c.adb @@ -122,27 +122,39 @@ ---------------------------------------------------------------------------- - procedure GMBUS_Ready (Result : out Boolean) + function GMBUS_Ready (GMBUS2 : Word32) return Boolean is + ((GMBUS2 and (GMBUS2_HARDWARE_WAIT_PHASE or + GMBUS2_SLAVE_STALL_TIMEOUT_ERROR or + GMBUS2_GMBUS_INTERRUPT_STATUS or + GMBUS2_NAK_INDICATOR or + GMBUS2_GMBUS_ACTIVE)) = 0); + + procedure Check_And_Reset (Success : out Boolean) is GMBUS2 : Word32; begin - Registers.Read (GMBUS_Regs (2), GMBUS2); - Result := (GMBUS2 and (GMBUS2_HARDWARE_WAIT_PHASE or - GMBUS2_SLAVE_STALL_TIMEOUT_ERROR or - GMBUS2_GMBUS_INTERRUPT_STATUS or - GMBUS2_NAK_INDICATOR)) = 0; - end GMBUS_Ready; - - procedure Reset_GMBUS (Success : out Boolean) is - begin pragma Debug (Debug.Put_Line (GNAT.Source_Info.Enclosing_Entity)); - Registers.Write (GMBUS_Regs (1), GMBUS1_SOFTWARE_CLEAR_INTERRUPT); - Registers.Write (GMBUS_Regs (1), 0); - Registers.Write (GMBUS_Regs (0), GMBUS0_PIN_PAIR_SELECT_NONE); + Registers.Read (GMBUS_Regs (2), GMBUS2); + if (GMBUS2 and GMBUS2_GMBUS_ACTIVE) /= 0 then + Registers.Write + (Register => GMBUS_Regs (1), + Value => GMBUS1_SOFTWARE_READY or GMBUS1_BUS_CYCLE_STOP); + Registers.Wait_Unset_Mask + (Register => GMBUS_Regs (2), + Mask => GMBUS2_GMBUS_ACTIVE, + TOut_MS => 1); + Registers.Read (GMBUS_Regs (2), GMBUS2); + end if; + Success := GMBUS_Ready (GMBUS2); - GMBUS_Ready (Success); - end Reset_GMBUS; + if not Success then + Registers.Write (GMBUS_Regs (1), GMBUS1_SOFTWARE_CLEAR_INTERRUPT); + Registers.Write (GMBUS_Regs (1), 0); + Registers.Read (GMBUS_Regs (2), GMBUS2); + Success := GMBUS_Ready (GMBUS2); + end if; + end Check_And_Reset; procedure Init_GMBUS (Port : PCH_Port; Success : out Boolean) is begin @@ -157,23 +169,19 @@ -- TODO: Refactor + check for timeout. Registers.Wait_Unset_Mask (GMBUS_Regs (2), GMBUS2_INUSE); - GMBUS_Ready (Success); - if not Success then - Reset_GMBUS (Success); - end if; + Registers.Write (GMBUS_Regs (4), 0); + Registers.Write (GMBUS_Regs (5), 0); - if Success then - Registers.Write - (Register => GMBUS_Regs (0), - Value => GMBUS0_GMBUS_RATE_SELECT_100KHZ or - GMBUS0_PIN_PAIR_SELECT (Port)); - Registers.Write - (Register => GMBUS_Regs (4), - Value => 0); - Registers.Write - (Register => GMBUS_Regs (5), - Value => 0); - end if; + -- Resetting the state machine only works if a valid port + -- is selected and we don't always know which ports are + -- valid. So do the cleanup before we use the GMBUS with + -- the current port. If the port is valid, the reset should + -- work, if not, it shouldn't matter. + Registers.Write + (Register => GMBUS_Regs (0), + Value => GMBUS0_GMBUS_RATE_SELECT_100KHZ or + GMBUS0_PIN_PAIR_SELECT (Port)); + Check_And_Reset (Success); end Init_GMBUS; procedure Release_GMBUS -- To view, visit https://review.coreboot.org/c/libgfxinit/+/32730 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: libgfxinit Gerrit-Branch: master Gerrit-Change-Id: If737ffb35afa309de7746f0c16025b9598f69460 Gerrit-Change-Number: 32730 Gerrit-PatchSet: 1 Gerrit-Owner: Nico Huber <nico.h(a)gmx.de> Gerrit-MessageType: newchange

4 9

Change in coreboot[master]: ec/google/chromec: Default EC_GOOGLE_CHROMEEC_LPC to disabled
by Martin Roth (Code Review) 03 Oct '19

03 Oct '19

Martin Roth has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/35154 ) Change subject: ec/google/chromec: Default EC_GOOGLE_CHROMEEC_LPC to disabled ...................................................................... ec/google/chromec: Default EC_GOOGLE_CHROMEEC_LPC to disabled Don't set a default bus type for the Chrome EC on x86. The platform must select the bus, typically LPC or ESPI. BUG=b:140055300 TEST=Build tested only Change-Id: I736cb9e43292a1b228cd083ca81a8e5db383e878 Signed-off-by: Martin Roth <martinroth(a)google.com> --- M src/ec/google/chromeec/Kconfig 1 file changed, 1 insertion(+), 1 deletion(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/54/35154/1 diff --git a/src/ec/google/chromeec/Kconfig b/src/ec/google/chromeec/Kconfig index 2242653..2eb3b95 100644 --- a/src/ec/google/chromeec/Kconfig +++ b/src/ec/google/chromeec/Kconfig @@ -60,7 +60,7 @@ config EC_GOOGLE_CHROMEEC_LPC depends on EC_GOOGLE_CHROMEEC && ARCH_X86 # Needs Plug-and-play. - def_bool y + def_bool n help Google Chrome EC via LPC bus. -- To view, visit https://review.coreboot.org/c/coreboot/+/35154 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I736cb9e43292a1b228cd083ca81a8e5db383e878 Gerrit-Change-Number: 35154 Gerrit-PatchSet: 1 Gerrit-Owner: Martin Roth <martinroth(a)google.com> Gerrit-MessageType: newchange

4 3

Change in coreboot[master]: mb/[google/intel]/*: Specify Chrome EC bus - LPC or ESPI
by Martin Roth (Code Review) 03 Oct '19

03 Oct '19

Martin Roth has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/35153 ) Change subject: mb/[google/intel]/*: Specify Chrome EC bus - LPC or ESPI ...................................................................... mb/[google/intel]/*: Specify Chrome EC bus - LPC or ESPI Previously all boards using eSPI for the Chrome EC just called it LPC as the code for the chrome EC is the same between the two busses. I'm adding a new Kconfig symbol to specify eSPI, so switch the boards that actually use eSPI to that symbol and add the LPC symbol to all the others. The EC_GOOGLE_CHROMEEC_LPC symbol will no longer default to enabled for x86 platforms, so one symbol or the other needs to be specified for each platform. BUG=b:140055300 TEST=Build tested only. Change-Id: Icf242ca2b7d8b1470feda4e44b47a2cdc20680f2 Signed-off-by: Martin Roth <martinroth(a)google.com> --- M src/mainboard/google/auron/Kconfig M src/mainboard/google/cyan/Kconfig M src/mainboard/google/dragonegg/Kconfig M src/mainboard/google/eve/Kconfig M src/mainboard/google/glados/Kconfig M src/mainboard/google/hatch/Kconfig M src/mainboard/google/link/Kconfig M src/mainboard/google/octopus/Kconfig M src/mainboard/google/poppy/Kconfig M src/mainboard/google/rambi/Kconfig M src/mainboard/google/slippy/Kconfig M src/mainboard/intel/glkrvp/Kconfig M src/mainboard/intel/strago/Kconfig 13 files changed, 13 insertions(+), 7 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/53/35153/1 diff --git a/src/mainboard/google/auron/Kconfig b/src/mainboard/google/auron/Kconfig index 69b086f..91abc6f 100644 --- a/src/mainboard/google/auron/Kconfig +++ b/src/mainboard/google/auron/Kconfig @@ -4,6 +4,7 @@ select SOC_INTEL_BROADWELL select BOARD_ROMSIZE_KB_8192 select EC_GOOGLE_CHROMEEC + select EC_GOOGLE_CHROMEEC_LPC select HAVE_ACPI_TABLES select HAVE_OPTION_TABLE select HAVE_ACPI_RESUME diff --git a/src/mainboard/google/cyan/Kconfig b/src/mainboard/google/cyan/Kconfig index bf0cd09..1929723 100644 --- a/src/mainboard/google/cyan/Kconfig +++ b/src/mainboard/google/cyan/Kconfig @@ -3,6 +3,7 @@ select BOARD_ROMSIZE_KB_8192 select EC_GOOGLE_CHROMEEC select EC_GOOGLE_CHROMEEC_BOARDID + select EC_GOOGLE_CHROMEEC_LPC select EC_GOOGLE_CHROMEEC_MEC select EC_GOOGLE_CHROMEEC_ACPI_MEMMAP select ENABLE_BUILTIN_COM1 diff --git a/src/mainboard/google/dragonegg/Kconfig b/src/mainboard/google/dragonegg/Kconfig index 39228f4..854330c 100644 --- a/src/mainboard/google/dragonegg/Kconfig +++ b/src/mainboard/google/dragonegg/Kconfig @@ -5,7 +5,7 @@ select DRIVERS_I2C_HID select DRIVERS_SPI_ACPI select EC_GOOGLE_CHROMEEC - select EC_GOOGLE_CHROMEEC_LPC + select EC_GOOGLE_CHROMEEC_ESPI select HAVE_ACPI_RESUME select HAVE_ACPI_TABLES select INTEL_LPSS_UART_FOR_CONSOLE diff --git a/src/mainboard/google/eve/Kconfig b/src/mainboard/google/eve/Kconfig index 022493c..6f38436 100644 --- a/src/mainboard/google/eve/Kconfig +++ b/src/mainboard/google/eve/Kconfig @@ -11,7 +11,7 @@ select DRIVERS_USB_ACPI select EC_GOOGLE_CHROMEEC select EC_GOOGLE_CHROMEEC_BOARDID - select EC_GOOGLE_CHROMEEC_LPC + select EC_GOOGLE_CHROMEEC_ESPI select HAVE_ACPI_RESUME select HAVE_ACPI_TABLES select INTEL_GMA_HAVE_VBT diff --git a/src/mainboard/google/glados/Kconfig b/src/mainboard/google/glados/Kconfig index b75b726..f571dba 100644 --- a/src/mainboard/google/glados/Kconfig +++ b/src/mainboard/google/glados/Kconfig @@ -6,7 +6,7 @@ select EC_GOOGLE_CHROMEEC select EC_GOOGLE_CHROMEEC_ACPI_MEMMAP select EC_GOOGLE_CHROMEEC_BOARDID - select EC_GOOGLE_CHROMEEC_LPC + select EC_GOOGLE_CHROMEEC_ESPI select EC_GOOGLE_CHROMEEC_MEC select EC_GOOGLE_CHROMEEC_PD select HAVE_ACPI_RESUME diff --git a/src/mainboard/google/hatch/Kconfig b/src/mainboard/google/hatch/Kconfig index 5c7c267..72590c4 100644 --- a/src/mainboard/google/hatch/Kconfig +++ b/src/mainboard/google/hatch/Kconfig @@ -11,7 +11,7 @@ select DRIVERS_USB_ACPI select EC_GOOGLE_CHROMEEC select EC_GOOGLE_CHROMEEC_BOARDID - select EC_GOOGLE_CHROMEEC_LPC + select EC_GOOGLE_CHROMEEC_ESPI select GOOGLE_SMBIOS_MAINBOARD_VERSION select HAVE_ACPI_RESUME select HAVE_ACPI_TABLES diff --git a/src/mainboard/google/link/Kconfig b/src/mainboard/google/link/Kconfig index 6d62f64..a785eee 100644 --- a/src/mainboard/google/link/Kconfig +++ b/src/mainboard/google/link/Kconfig @@ -7,6 +7,7 @@ select SOUTHBRIDGE_INTEL_C216 select BOARD_ROMSIZE_KB_8192 select EC_GOOGLE_CHROMEEC + select EC_GOOGLE_CHROMEEC_LPC select HAVE_ACPI_TABLES select HAVE_OPTION_TABLE select HAVE_ACPI_RESUME diff --git a/src/mainboard/google/octopus/Kconfig b/src/mainboard/google/octopus/Kconfig index 8ca9251..6abf68d 100644 --- a/src/mainboard/google/octopus/Kconfig +++ b/src/mainboard/google/octopus/Kconfig @@ -12,7 +12,7 @@ select DRIVERS_USB_ACPI select EC_GOOGLE_CHROMEEC select EC_GOOGLE_CHROMEEC_BOARDID - select EC_GOOGLE_CHROMEEC_LPC + select EC_GOOGLE_CHROMEEC_ESPI select HAVE_ACPI_RESUME select HAVE_ACPI_TABLES select INTEL_LPSS_UART_FOR_CONSOLE diff --git a/src/mainboard/google/poppy/Kconfig b/src/mainboard/google/poppy/Kconfig index fda8c9e..6970221 100644 --- a/src/mainboard/google/poppy/Kconfig +++ b/src/mainboard/google/poppy/Kconfig @@ -7,7 +7,7 @@ select DRIVERS_I2C_HID select EC_GOOGLE_CHROMEEC select EC_GOOGLE_CHROMEEC_BOARDID - select EC_GOOGLE_CHROMEEC_LPC + select EC_GOOGLE_CHROMEEC_ESPI select HAVE_ACPI_RESUME select HAVE_ACPI_TABLES select INTEL_GMA_HAVE_VBT if BOARD_GOOGLE_NAMI diff --git a/src/mainboard/google/rambi/Kconfig b/src/mainboard/google/rambi/Kconfig index 56d44bc..e5eb509 100644 --- a/src/mainboard/google/rambi/Kconfig +++ b/src/mainboard/google/rambi/Kconfig @@ -3,6 +3,7 @@ def_bool n select SOC_INTEL_BAYTRAIL select EC_GOOGLE_CHROMEEC + select EC_GOOGLE_CHROMEEC_LPC select ENABLE_BUILTIN_COM1 select BOARD_ROMSIZE_KB_8192 select HAVE_ACPI_TABLES diff --git a/src/mainboard/google/slippy/Kconfig b/src/mainboard/google/slippy/Kconfig index 35fced0..0bd6ff5 100644 --- a/src/mainboard/google/slippy/Kconfig +++ b/src/mainboard/google/slippy/Kconfig @@ -7,6 +7,7 @@ select INTEL_LYNXPOINT_LP select BOARD_ROMSIZE_KB_8192 select EC_GOOGLE_CHROMEEC + select EC_GOOGLE_CHROMEEC_LPC select HAVE_ACPI_TABLES select HAVE_OPTION_TABLE select HAVE_ACPI_RESUME diff --git a/src/mainboard/intel/glkrvp/Kconfig b/src/mainboard/intel/glkrvp/Kconfig index 920b446..74679a4b 100644 --- a/src/mainboard/intel/glkrvp/Kconfig +++ b/src/mainboard/intel/glkrvp/Kconfig @@ -30,7 +30,7 @@ config GLK_CHROME_EC bool "Chrome EC" select EC_GOOGLE_CHROMEEC - select EC_GOOGLE_CHROMEEC_LPC + select EC_GOOGLE_CHROMEEC_ESPI config GLK_INTEL_EC bool "Intel EC" diff --git a/src/mainboard/intel/strago/Kconfig b/src/mainboard/intel/strago/Kconfig index da04d78..6f610a4 100644 --- a/src/mainboard/intel/strago/Kconfig +++ b/src/mainboard/intel/strago/Kconfig @@ -5,6 +5,7 @@ select BOARD_ROMSIZE_KB_8192 select EC_GOOGLE_CHROMEEC select EC_GOOGLE_CHROMEEC_BOARDID + select EC_GOOGLE_CHROMEEC_LPC select EC_GOOGLE_CHROMEEC_MEC select EC_GOOGLE_CHROMEEC_ACPI_MEMMAP select ENABLE_BUILTIN_COM1 -- To view, visit https://review.coreboot.org/c/coreboot/+/35153 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Icf242ca2b7d8b1470feda4e44b47a2cdc20680f2 Gerrit-Change-Number: 35153 Gerrit-PatchSet: 1 Gerrit-Owner: Martin Roth <martinroth(a)google.com> Gerrit-MessageType: newchange

4 6

Change in coreboot[master]: southbridge/intel: Add config option to validate firmware descriptor
by Mathew King (Code Review) 03 Oct '19

03 Oct '19

Mathew King has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/34816 ) Change subject: southbridge/intel: Add config option to validate firmware descriptor ...................................................................... southbridge/intel: Add config option to validate firmware descriptor Add new config option to validate the Intel firmware descriptor against the fmap layout. This will prevent a firmware descriptor from being used that could corrupt regions of the bootimage in certian circumstances. BUG=chromium:992215 TEST=Coming Change-Id: I9e8bb20485e96026cd594cf4e9d6b11b2bf20e1f Signed-off-by: Mathew King <mathewk(a)chromium.org> --- M src/southbridge/intel/common/Kconfig M src/southbridge/intel/common/firmware/Makefile.inc 2 files changed, 12 insertions(+), 0 deletions(-) git pull ssh://review.coreboot.org:29418/coreboot refs/changes/16/34816/1 diff --git a/src/southbridge/intel/common/Kconfig b/src/southbridge/intel/common/Kconfig index c3bd90d..6b7b5e6 100644 --- a/src/southbridge/intel/common/Kconfig +++ b/src/southbridge/intel/common/Kconfig @@ -54,6 +54,13 @@ This config states descriptor mode is *required* for the platform to function properly, or to function at all. +config VALIDATE_INTEL_DESCRIPTOR + def_bool n if INTEL_DESCRIPTOR_MODE_CAPABLE + help + This config enables validating the Intel firmware descriptor against the + fmap layout. If the firmware descriptor layout does not match the fmap + then the bootimage cannot be built. + config INTEL_CHIPSET_LOCKDOWN depends on HAVE_INTEL_CHIPSET_LOCKDOWN && HAVE_SMI_HANDLER && !CHROMEOS #ChromeOS's payload seems to handle finalization on its on. diff --git a/src/southbridge/intel/common/firmware/Makefile.inc b/src/southbridge/intel/common/firmware/Makefile.inc index 898ab60..3b14f75 100644 --- a/src/southbridge/intel/common/firmware/Makefile.inc +++ b/src/southbridge/intel/common/firmware/Makefile.inc @@ -35,6 +35,11 @@ printf " DD Adding Intel Firmware Descriptor\n" dd if=$(IFD_BIN_PATH) \ of=$(obj)/coreboot.pre conv=notrunc >/dev/null 2>&1 +ifeq ($(CONFIG_VALIDATE_INTEL_DESCRIPTOR),y) + $(objutil)/ifdtool/ifdtool \ + $(IFDTOOL_USE_CHIPSET) \ + -t $(obj)/coreboot.pre +endif ifeq ($(CONFIG_HAVE_ME_BIN),y) printf " IFDTOOL me.bin -> coreboot.pre\n" $(objutil)/ifdtool/ifdtool \ -- To view, visit https://review.coreboot.org/c/coreboot/+/34816 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: I9e8bb20485e96026cd594cf4e9d6b11b2bf20e1f Gerrit-Change-Number: 34816 Gerrit-PatchSet: 1 Gerrit-Owner: Mathew King <mathewk(a)chromium.org> Gerrit-MessageType: newchange

3 3

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

coreboot-gerrit August 2019