Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Added mailbox scratch register 7 definition - Added DRTM functions - Added set/clear security switch register functions - Added additional security switch bit definitions - Added secureboot extended library to host DRTM functions - Inhibited TPM start command in DRTM flow - Added new config options for DRTM and DRTM RIT protection - Added new DRTM attribute to indicate if DRTM is active - Added new DRTM attribute to hold DRTM payload address - Added new DRTM attribute to initiate DRTM in lieu of loading payload - Updated target service init to determine DRTM settings - Updated host start payload step to initiate DRTM if conditions are met - Updated host MPIPL service to verify DRTM payload and clean up DRTM HW state - Updated host gard step to verify DRTM HW state - Rerouted PCR extensions to PCR 17 in DRTM boot - Use locality 2 for all PCR extensions in DRTM boot - Inhibit extension logging (for now) in DRTM boot - Only extend seperator to PCR 17 in DRTM boot Change-Id: Id52c36c3a64ca002571396d605caa308d9dc0199 RTC: 157140 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35633 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Timothy R. Block <block@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
- Loading branch information
1 parent
a0437b2
commit a9eefaa
Showing
22 changed files
with
1,478 additions
and
42 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,156 @@ | ||
/* IBM_PROLOG_BEGIN_TAG */ | ||
/* This is an automatically generated prolog. */ | ||
/* */ | ||
/* $Source: src/include/usr/secureboot/drtm.H $ */ | ||
/* */ | ||
/* OpenPOWER HostBoot Project */ | ||
/* */ | ||
/* Contributors Listed Below - COPYRIGHT 2013,2017 */ | ||
/* [+] International Business Machines Corp. */ | ||
/* */ | ||
/* */ | ||
/* Licensed under the Apache License, Version 2.0 (the "License"); */ | ||
/* you may not use this file except in compliance with the License. */ | ||
/* You may obtain a copy of the License at */ | ||
/* */ | ||
/* http://www.apache.org/licenses/LICENSE-2.0 */ | ||
/* */ | ||
/* Unless required by applicable law or agreed to in writing, software */ | ||
/* distributed under the License is distributed on an "AS IS" BASIS, */ | ||
/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */ | ||
/* implied. See the License for the specific language governing */ | ||
/* permissions and limitations under the License. */ | ||
/* */ | ||
/* IBM_PROLOG_END_TAG */ | ||
|
||
#ifndef __SECUREBOOT_DRTM_H | ||
#define __SECUREBOOT_DRTM_H | ||
|
||
#include <initservice/mboxRegs.H> | ||
#include <config.h> | ||
#include <errl/errlentry.H> | ||
#include <errl/errlmanager.H> | ||
#include <vector> | ||
#include <secureboot/settings.H> | ||
#include <targeting/common/targetservice.H> | ||
|
||
namespace SECUREBOOT | ||
{ | ||
|
||
namespace DRTM | ||
{ | ||
|
||
/** | ||
* @brief Determine HW DRTM state and cache for code to use | ||
* | ||
* @par Detailed Description: | ||
* Reads DRTM related scratch registers, attributes, and proc chip security | ||
* settings to determine the DRTM state, and caches DRTM settings in | ||
* attributes for use by the code. It will return an error log if a DRTM | ||
* consistency violation is detected. | ||
* | ||
* @param[in] i_scratchReg7 Value of scratch register 7 | ||
* @param[in] i_scratchReg8 Value of scratch register 8 | ||
* | ||
* @return errHndl_t Error log handle indicating success or failure | ||
* @retval nullptr Discovered/configured DRTM state successfully | ||
* @retval !nullptr Error log providing failure details | ||
*/ | ||
errlHndl_t discoverDrtmState( | ||
const INITSERVICE::SPLESS::MboxScratch7_t& i_scratchReg7, | ||
const INITSERVICE::SPLESS::MboxScratch8_t& i_scratchReg8); | ||
|
||
/** | ||
* @brief Returns whether this is a DRTM MPIPL or not | ||
* | ||
* @param[out] o_isDrtmMpipl Returns whether this is a DRTM MPIPL or not | ||
*/ | ||
void isDrtmMpipl(bool& o_isDrtmMpipl); | ||
|
||
/** | ||
* @brief Determines whether DRTM HW settings are consistent across all | ||
* processors in a node | ||
* | ||
* @par Detailed Description: | ||
* Ensures that, when coming up in a DRTM MPIPL, the L4A, LQA, and SUL bits | ||
* are set + LLP and LLS are clear in the processor security register for | ||
* all processors in a node. If this is not the case, it returns an error | ||
* log. Must only be called after FSI path is established and presence | ||
* detect has been confirmed. | ||
* | ||
* @return errHndl_t Error log handle indicating success or failure | ||
* @retval nullptr All processors in node have correct DRTM HW signature | ||
* @retval !nullptr Error log providing failure details | ||
*/ | ||
errlHndl_t validateDrtmHwSignature(); | ||
|
||
/** | ||
* @brief Validates and extends the DRTM payload | ||
* | ||
* @par Detailed Description: | ||
* When coming up in a DRTM MPIPL, locates the DRTM payload preserved in | ||
* memory, validates its secure signature, and extends its measurement to | ||
* TPM dynamic PCR range / dynamic log. | ||
* | ||
* @return errHndl_t Error log handle indicating success or failure | ||
* @retval nullptr Validated/extended the DRTM payload | ||
* @retval !nullptr Error log providing failure details | ||
*/ | ||
errlHndl_t validateDrtmPayload(); | ||
|
||
/** | ||
* @brief Completes the DRTM sequence | ||
* | ||
* @par Detailed Description: | ||
* Completes the DRTM sequence by clearing the LQA and L4A security switch | ||
* register bits on all the functional processors | ||
* | ||
* @return errHndl_t Error log handle indicating success or failure | ||
* @retval nullptr Completed DRTM HW sequencing | ||
* @retval !nullptr Error log providing failure details | ||
*/ | ||
errlHndl_t completeDrtm(); | ||
|
||
#ifdef CONFIG_DRTM_TRIGGERING | ||
/** | ||
* @brief Initiates a DRTM sequence | ||
* | ||
* @par Detailed Description: | ||
* Initiates a DRTM sequence. This pins the task running this code to the | ||
* master processor and sets the LLP bit (for master proc chip) and LLS bit | ||
* (for non-masters) on every processor, setting the LL bit for the | ||
* processor this task is running on last, so that it doesn't get clobbered | ||
* by the SBE core quiesce logic. It also sets up the master processor | ||
* scratch registers to indicate presence and address of the DRTM payload. | ||
* If successful, the function will never return becaue the core it's | ||
* running on will be quiesced by SBE. | ||
* | ||
* @note: Only valid for RIT protection | ||
* | ||
* @return errHndl_t Error log handle indicating success or failure | ||
* @retval nullptr Not possible; on success the function never returns. | ||
* @retval !nullptr Error log providing failure details | ||
*/ | ||
errlHndl_t initiateDrtm(); | ||
|
||
/** | ||
* @brief Updates DRTM related scratch registers with DRTM payload details | ||
* | ||
* @par Detailed Description: | ||
* Updates scratch register 7+8 to record details of the DRTM payload | ||
* preserved in memory. This should be called prior to initiating the | ||
* DRTM late launch sequence. | ||
* | ||
* @note: Only valid for RIT protection | ||
* | ||
* @param[in] i_drtmPayloadAddrMb DRTM payload physical address in MB | ||
*/ | ||
void setDrtmPayloadPhysAddrMb(uint32_t i_drtmPayloadPhysAddrMb); | ||
#endif | ||
|
||
} // End DRTM namespace | ||
|
||
} // End SECUREBOOT namespace | ||
|
||
#endif // End __SECUREBOOT_DRTM_H | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.