Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Trace HwKeyHash and Add Errorlog Parser Infrastructure to Secureboot
This commit traces the HwKeyHash to Secureboot-specific error logs. It also adds the infrastucture necessary to parse secureboot-specific errorlog user data sections. It includes 2 new custom sections: one which is used in this commit, and another which will be used in a future commit. Change-Id: Id5fb115ad1214f956e5256d3641236021e4642ab RTC:165205 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/37901 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
- Loading branch information
1 parent
5c40d7f
commit afd8387
Showing
10 changed files
with
543 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,125 @@ | ||
/* IBM_PROLOG_BEGIN_TAG */ | ||
/* This is an automatically generated prolog. */ | ||
/* */ | ||
/* $Source: src/usr/secureboot/common/errlud_secure.C $ */ | ||
/* */ | ||
/* OpenPOWER HostBoot Project */ | ||
/* */ | ||
/* Contributors Listed Below - COPYRIGHT 2014,2017 */ | ||
/* [+] International Business Machines Corp. */ | ||
/* */ | ||
/* */ | ||
/* Licensed under the Apache License, Version 2.0 (the "License"); */ | ||
/* you may not use this file except in compliance with the License. */ | ||
/* You may obtain a copy of the License at */ | ||
/* */ | ||
/* http://www.apache.org/licenses/LICENSE-2.0 */ | ||
/* */ | ||
/* Unless required by applicable law or agreed to in writing, software */ | ||
/* distributed under the License is distributed on an "AS IS" BASIS, */ | ||
/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */ | ||
/* implied. See the License for the specific language governing */ | ||
/* permissions and limitations under the License. */ | ||
/* */ | ||
/* IBM_PROLOG_END_TAG */ | ||
/** | ||
* @file errlud_secure.C | ||
* | ||
* @brief Implementation of classes to log SECUREBOOT FFDC | ||
*/ | ||
#include <secureboot/service.H> | ||
#include <secureboot/secure_reasoncodes.H> | ||
#include "errlud_secure.H" | ||
|
||
namespace SECUREBOOT | ||
{ | ||
|
||
//------------------------------------------------------------------------------ | ||
// Enum defining MAGIC NUMBERS used for checks below | ||
//------------------------------------------------------------------------------ | ||
enum { | ||
PARSER_SIZEOF_SHA512_t = 64, | ||
PARSER_SIZEOF_UINT32_t = 4, | ||
PARSER_SIZEOF_UINT8_t = 1, | ||
PARSER_SIZEOF_TARGET_HKH_SECTION = 69, | ||
}; | ||
|
||
//------------------------------------------------------------------------------ | ||
// SECURE System HW Keys Hash User Details | ||
//------------------------------------------------------------------------------ | ||
UdSystemHwKeyHash::UdSystemHwKeyHash(const SHA512_t i_hash) | ||
{ | ||
// Set up Ud instance variables | ||
iv_CompId = SECURE_COMP_ID; | ||
iv_Version = SECURE_UDT_VERSION_1; | ||
iv_SubSection = SECURE_UDT_SYSTEM_HW_KEY_HASH; | ||
|
||
//***** Memory Layout ***** | ||
// 64 bytes : SHA512_t of Target HW Key Hash | ||
|
||
static_assert(sizeof(SHA512_t) == PARSER_SIZEOF_SHA512_t, "Expected SHA512_t size is 64 bytes"); | ||
|
||
char * l_pBuf = reinterpret_cast<char *>( | ||
reallocUsrBuf(sizeof(SHA512_t)) ); | ||
|
||
memcpy(l_pBuf, i_hash, sizeof(SHA512_t)); | ||
l_pBuf += sizeof(SHA512_t); | ||
} | ||
|
||
//------------------------------------------------------------------------------ | ||
UdSystemHwKeyHash::~UdSystemHwKeyHash() | ||
{ | ||
|
||
} | ||
|
||
//------------------------------------------------------------------------------ | ||
// SECURE Target HW Keys Hash User Details | ||
//------------------------------------------------------------------------------ | ||
UdTargetHwKeyHash::UdTargetHwKeyHash(const TARGETING::Target * i_target, | ||
const uint8_t i_side, | ||
const SHA512_t i_hash) | ||
{ | ||
// Set up Ud instance variables | ||
iv_CompId = SECURE_COMP_ID; | ||
iv_Version = SECURE_UDT_VERSION_1; | ||
iv_SubSection = SECURE_UDT_TARGET_HW_KEY_HASH; | ||
|
||
//***** Memory Layout ***** | ||
// 4 bytes : Target HUID | ||
// 1 byte : SBE EEPROM (Primary or Backup) | ||
// 64 bytes : SHA512_t of Target HW Key Hash | ||
|
||
static_assert(sizeof(uint32_t)==PARSER_SIZEOF_UINT32_t, "Expected sizeof(uint32_t) is 4"); | ||
static_assert(sizeof(uint8_t)==PARSER_SIZEOF_UINT8_t, "Expected sizeof(uint8_t) is 1"); | ||
static_assert(sizeof(SHA512_t) == PARSER_SIZEOF_SHA512_t, "Expected SHA512_t size is 64 bytes"); | ||
static_assert((sizeof(uint32_t) + sizeof(uint8_t) + sizeof(SHA512_t)) == PARSER_SIZEOF_TARGET_HKH_SECTION, | ||
"Expected Buffer length is 69 bytes"); | ||
|
||
char * l_pBuf = reinterpret_cast<char *>( | ||
reallocUsrBuf(sizeof(uint32_t) | ||
+sizeof(uint8_t) | ||
+sizeof(SHA512_t))); | ||
|
||
uint32_t tmp32 = 0; | ||
uint8_t tmp8 = 0; | ||
|
||
tmp32 = TARGETING::get_huid(i_target); | ||
memcpy(l_pBuf, &tmp32, sizeof(tmp32)); | ||
l_pBuf += sizeof(tmp32); | ||
|
||
tmp8 = static_cast<uint8_t>(i_side); | ||
memcpy(l_pBuf, &tmp8, sizeof(tmp8)); | ||
l_pBuf += sizeof(tmp8); | ||
|
||
memcpy(l_pBuf, i_hash, sizeof(SHA512_t)); | ||
l_pBuf += sizeof(SHA512_t); | ||
} | ||
|
||
//------------------------------------------------------------------------------ | ||
UdTargetHwKeyHash::~UdTargetHwKeyHash() | ||
{ | ||
|
||
} | ||
|
||
} // end SECUREBOOT namespace | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,131 @@ | ||
/* IBM_PROLOG_BEGIN_TAG */ | ||
/* This is an automatically generated prolog. */ | ||
/* */ | ||
/* $Source: src/usr/secureboot/common/errlud_secure.H $ */ | ||
/* */ | ||
/* OpenPOWER HostBoot Project */ | ||
/* */ | ||
/* Contributors Listed Below - COPYRIGHT 2017 */ | ||
/* [+] International Business Machines Corp. */ | ||
/* */ | ||
/* */ | ||
/* Licensed under the Apache License, Version 2.0 (the "License"); */ | ||
/* you may not use this file except in compliance with the License. */ | ||
/* You may obtain a copy of the License at */ | ||
/* */ | ||
/* http://www.apache.org/licenses/LICENSE-2.0 */ | ||
/* */ | ||
/* Unless required by applicable law or agreed to in writing, software */ | ||
/* distributed under the License is distributed on an "AS IS" BASIS, */ | ||
/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */ | ||
/* implied. See the License for the specific language governing */ | ||
/* permissions and limitations under the License. */ | ||
/* */ | ||
/* IBM_PROLOG_END_TAG */ | ||
#ifndef ERRL_UD_SECURE_H | ||
#define ERRL_UD_SECURE_H | ||
|
||
/** | ||
* @file errlud_secure.H | ||
* | ||
* Defines the classes that logs and parses various Secureboot data | ||
*/ | ||
|
||
#include <secureboot/service.H> | ||
#include <errl/errluserdetails.H> | ||
|
||
namespace SECUREBOOT | ||
{ | ||
|
||
/** | ||
* @class UdSystemHwKeyHash | ||
* | ||
* Adds System HW Keys Hash to an error log as user detail data | ||
*/ | ||
class UdSystemHwKeyHash : public ERRORLOG::ErrlUserDetails | ||
{ | ||
public: | ||
/** | ||
* @brief Constructor | ||
* | ||
* @param i_hash System HW Keys Hash represented by SHA512 | ||
*/ | ||
UdSystemHwKeyHash(const SHA512_t i_hash); | ||
|
||
/** | ||
* @brief Destructor | ||
*/ | ||
virtual ~UdSystemHwKeyHash(); | ||
|
||
/** | ||
* Delete Copy Constructor | ||
*/ | ||
UdSystemHwKeyHash(const UdSystemHwKeyHash&) = delete; | ||
|
||
/** | ||
* Delete Copy Assignment | ||
*/ | ||
UdSystemHwKeyHash& operator= (const UdSystemHwKeyHash&) = delete; | ||
|
||
/** | ||
* Delete Move Constructor | ||
*/ | ||
UdSystemHwKeyHash (UdSystemHwKeyHash&&) = delete; | ||
|
||
/** | ||
* Delete Move Assignment | ||
*/ | ||
UdSystemHwKeyHash& operator = (UdSystemHwKeyHash&&) = delete; | ||
|
||
}; | ||
|
||
/** | ||
* @class UdTargetHwKeyHash | ||
* | ||
* Adds Target HW Keys Hash to an error log as user detail data | ||
*/ | ||
class UdTargetHwKeyHash : public ERRORLOG::ErrlUserDetails | ||
{ | ||
public: | ||
/** | ||
* @brief Constructor | ||
* | ||
* @param i_target Processor Target containing HW Keys Hash | ||
* @param i_side SEEPROM side used on the target: | ||
* 0=SBE_PRIMARY, 1=SBE_BACKUP | ||
* @param i_hash Target HW Keys Hash represented by SHA512 | ||
*/ | ||
UdTargetHwKeyHash(const TARGETING::Target * i_target, | ||
const uint8_t i_buflen, | ||
const SHA512_t i_hash); | ||
|
||
/** | ||
* @brief Destructor | ||
*/ | ||
virtual ~UdTargetHwKeyHash(); | ||
|
||
/** | ||
* Delete Copy Constructor | ||
*/ | ||
UdTargetHwKeyHash(const UdTargetHwKeyHash&) = delete; | ||
|
||
/** | ||
* Delete Copy Assignment | ||
*/ | ||
UdTargetHwKeyHash& operator= (const UdTargetHwKeyHash&) = delete; | ||
|
||
/** | ||
* Delete Move Constructor | ||
*/ | ||
UdTargetHwKeyHash (UdTargetHwKeyHash&&) = delete; | ||
|
||
/** | ||
* Delete Move Assignment | ||
*/ | ||
UdTargetHwKeyHash& operator = (UdTargetHwKeyHash&&) = delete; | ||
}; | ||
|
||
|
||
} // end SECUREBOOT namespace | ||
|
||
#endif |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
/* IBM_PROLOG_BEGIN_TAG */ | ||
/* This is an automatically generated prolog. */ | ||
/* */ | ||
/* $Source: src/usr/secureboot/common/plugins/SECURE_COMP_ID_Parse.C $ */ | ||
/* */ | ||
/* OpenPOWER HostBoot Project */ | ||
/* */ | ||
/* Contributors Listed Below - COPYRIGHT 2017 */ | ||
/* [+] International Business Machines Corp. */ | ||
/* */ | ||
/* */ | ||
/* Licensed under the Apache License, Version 2.0 (the "License"); */ | ||
/* you may not use this file except in compliance with the License. */ | ||
/* You may obtain a copy of the License at */ | ||
/* */ | ||
/* http://www.apache.org/licenses/LICENSE-2.0 */ | ||
/* */ | ||
/* Unless required by applicable law or agreed to in writing, software */ | ||
/* distributed under the License is distributed on an "AS IS" BASIS, */ | ||
/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */ | ||
/* implied. See the License for the specific language governing */ | ||
/* permissions and limitations under the License. */ | ||
/* */ | ||
/* IBM_PROLOG_END_TAG */ | ||
#include "errludparser.H" | ||
#include "secureUdParserFactory.H" | ||
|
||
ERRL_MAKE_UD_PARSER(SECUREBOOT::UserDetailsParserFactory, hbfw::SECURE_COMP_ID) | ||
|
Oops, something went wrong.