| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Implement the firmware API call pass-through-to-tpm that allows a caller
to pass a TPM command to the TPM. Since the buffer provided by the user
will be used for returning the TPM's response it must be sufficiently
large. To be safe, it should be of the size returned by the firmware API
call tpm-get-maximum-cmd-size.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
[aik: replaced memcpy(hdr->totlen) with direct access]
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Implement the firmware API call get-maximum-cmd-size that returns a TPM's
maximum command size. The caller should use the size returned by this
function to allocate a buffer large enough for TPM commands and also
responses.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
in order to make builds reproducible.
See https://reproducible-builds.org/ for why this is good
and https://reproducible-builds.org/specs/source-date-epoch/
for the definition of this variable.
Without this patch, openSUSE's qemu package
always varied between builds.
This patch was done while working on reproducible builds for openSUSE.
This is an alternative to
https://lists.ozlabs.org/pipermail/slof/2023-October/002895.html
Signed-off-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Commit 76fee95 ("slof: Only close stdout for virtio-serial devices")
says that commit cf28264 ("virtio-serial: Rework shutdown sequence")
fixed a hang. The problem was believed to be that it was necessary to
close stdout to shutdown the underlying virtio device.
Commit cf28264 ("virtio-serial: Rework shutdown sequence") closed stdout
on quiesce. This meant when prom_init() called write on stdout after
quiesce, there is a use after free so this is unreliable, and can also
hang (especially after reboots).
Quiescing is intended to put hardware into a safe state for the client
to take over. It is incorrect for SLOF to close ihandles that the client
could still be using, even after a quiesce.
Rather than closing the stdout device, all that needs to happen is to
ensure virtio-serial-shutdown gets called. On quiesce, close the virtio
device, but leave the stdout device itself open.
Commit 8174acd ("virtio-serial: Close device completely") handles reads
and writes as no-ops if the underlying virtio device is closed so there
is no problem with the client calling "write" on stdout after this, but
no output will be displayed.
Fixes: cf28264 ("virtio-serial: Rework shutdown sequence")
Debugged-by: Kautuk Consul <kconsul@linux.vnet.ibm.com>
Co-developed-by: Kautuk Consul <kconsul@linux.vnet.ibm.com>
Signed-off-by: Kautuk Consul <kconsul@linux.vnet.ibm.com>
Signed-off-by: Jordan Niethe <jniethe5@gmail.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
The read and write methods return successfully even if the virtio device
is closed (virtiodev is 0) and it is not able to send or receive any
characters.
Make the read and write methods return 0 to indicate they did not
succeed in this case.
This also fixes an invalid stack access in the read method.
Fixes: 8174acd ("virtio-serial: Close device completely")
Signed-off-by: Kautuk Consul <kconsul@linux.vnet.ibm.com>
Signed-off-by: Jordan Niethe <jniethe5@gmail.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Found with the "codespell" utility
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Found with the "codespell" utility
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Found with the "codespell" utility. I kept "busses" which codespell
also complains about since it seems to be an old but still valid
plural of the word "bus".
Signed-off-by: Thomas Huth <thuth@redhat.com>
[removed trailing spaces too]
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Found with the "codespell" utility. I kept "busses" which codespell
also complains about since it seems to be an old but still valid
plural of the word "bus".
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
The word is not used and the name does not reflect well what it does.
Suggested-by: Segher Boessenkool <segher@kernel.crashing.org>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Found with the "codespell" utility. I kept "busses" which codespell
also complains about since it seems to be an old but still valid
plural of the word "bus".
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Segher Boessenkool <segher@kernel.crashing.org>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Found with the "codespell" utility.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Found with the "codespell" utility.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Found with the "codespell" utility.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
When compiling the libnet code with Clang (e.g. for the s390-ccw bios),
it complains with the following warning:
ipv6.c:447:18: warning: variable length array folded to constant array
as an extension [-Wgnu-folding-constant]
unsigned short raw[ip6size];
^
The warning is completely harmless, of course. Anyway let's rewrite the
code a little bit to make the compiler silent again.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Currently, go-64 is used for booting a kernel from qemu (i.e. -kernel).
However, there is an expectation from users that this should be able to
boot not just vmlinux kernels but things like Zimages too.
The bootwrapper of a BE zImage is a 32-bit ELF. Attempting to load that
with go-64 means that it will be ran with MSR_SF set (64-bit mode). This
crashes early in boot (usually due to what should be 32-bit operations
being done with 64-bit registers eventually leading to an incorrect
address being generated and branched to).
Note that our 64-bit payloads are prepared to enter with MSR_SF cleared
and set it themselves very early.
Add a new word named go-direct that will execute any simple payload
in-place and will enter with MSR_SF cleared. This allows booting a BE
zImage from qemu with -machine kernel-addr=0.
Signed-off-by: Jordan Niethe <jniethe5@gmail.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
By default, SLOF would implement the cpu_to_le64() helper with
the 'stdbrx' instruction which is invalid under POWER5+ and 970
CPUs. This breaks the QEMU pseries machine with such CPUs when
virtio or USB devices or in use.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
We enabled additional compiler warnings in commit 26d8ba170355c9, but
so far we did not address the additional warnings in the js2x code
yet. This patch fixes at least some of the trivial warnings there.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
This moves shared symbols out from the header file and leaves only
the minimum in bmc.h.
This fixes a "while (...); {" bug spotted by the modern gcc.
This fixes cleanup as otherwise the board-js2x/Makefile's "clean" tries
cleaning "rtas" which tries cleaning all libs (not just the ones it uses)
and that in turn triggers generation of lib/libtpm/Makefile.dep which
fails due to missing ./board-js2x/include/version.h.
This fixes create_reloc_table.sh to build with newer toolchains which
otherwise fail with:
ld: cannot use executable file 'reloc_table.o' as input to a link
This adds js2x compile to the travis script to know when it breaks
again.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Since we're already using Travis for some testing, we should also
compile-test the sources with the pre-installed Advanced Toolchain
compiler there.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
It's better to use a newer version of the compiler which might catch
more issues in the code.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
All the documentation on travis-ci.com talks about "jobs:" instead of
"matrix:" these days, so let's also use this keywords now. Also fix
a typo in "inlcude" - it's weird that Travis did not complain about
this, but it's certainly better to have this fixed.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
In the rare case of a TPM 2 failure, disable the platform hierarchy after
disabling the endorsement and owner hierarchies.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
It should be "channel" instead of "cannel", obviously.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
It has been moved to a new location in the Linux git repository
quite a while ago already.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
SLOF coding style is to use spaces in Forth code, not TABs, and the TAB
in the (accept) function breaks the right indentation in my editor, so
let's replace the TABs in this file with spaces now.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Let's hope that this will help to avoid that people run into the same
problem again in the future. At least we've got some lines of documentation
this way where we can point people to who try to use "nc" in the wrong way.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
This reverts commit 283d88c46c1d4d2ae65f0a3eaf582d0c124d37db as:
- it wrongly assumes the default V=0 (V=1 is the default);
- the new rule broke js2x;
- does not really solve the original problem of printing partial
filenames in gcc error messages.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Add test cases for sha1, sha256, sha384, and sha512 and a test script
to run the test cases.
The tests are passing on little and big endian machines (Fedora 28).
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Instead of just using sha256 for all PCR banks (and truncating
the value or zero-padding it) use the proper hash function for
each one of the banks. For unimplemented hashes, fill the buffer
with 0xff.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Use assembly for the 32 bit rotr in the sha256 implementation
similar to the assembly used in the sha1 and sha512 implementations.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Change the format of the S_CRTM_VERSION string to ucs-2 since this
is what seems to be commonly used by other firmwares following
insight from a TCG work group member.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Add a new firmware API call with the name 2HASH-EXT-LOG that will be used
by trusted grub for measuring, logging, and extending TPM PCRs.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
This fixes gcc warnings from -Waddress-of-packed-member and -Wzero-length-bounds.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>
---
tpm_drivers.c: In function ‘spapr_send_crq_and_wait’:
tpm_drivers.c:153:2: warning: converting a packed ‘struct crq’ pointer (alignment 1) to a ‘uint64_t’ {aka ‘long long unsigned int’} pointer alignment 8) may result in an unaligned pointer value [-Waddress-of-packed-member]
153 | rc = hv_send_crq(unit, (uint64_t *)crq);
| ^~
tpm_drivers.c:34:8: note: defined here
34 | struct crq {
| ^~~
tpm_drivers.c: In function ‘spapr_vtpm_senddata’:
tpm_drivers.c:346:2: warning: converting a packed ‘struct crq’ pointer (alignment 1) to a ‘uint64_t’ {aka ‘long long unsigned int’} pointer (alignment 8) may result in an unaligned pointer value [-Waddress-of-packed-member]
346 | rc = hv_send_crq(spapr_vtpm.unit, (uint64_t *)&crq);
| ^~
tpm_drivers.c:34:8: note: defined here
34 | struct crq {
| ^~~
[CC] common-libs
[CC] common-libs
tcgbios.c: In function ‘tpm20_write_EfiSpecIdEventStruct’:
tcgbios.c:708:24: warning: array subscript ‘numAlgs’ is outside the bounds of an interior zero-length array ‘struct TCG_EfiSpecIdEventAlgorithmSize[0]’ [-Wzero-length-bounds]
708 | event.hdr.digestSizes[numAlgs].algorithmId =
| ~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~
In file included from tpm_drivers.h:20,
from tcgbios.c:27:
tcgbios_int.h:92:4: note: while referencing ‘digestSizes’
92 | } digestSizes[0];
| ^~~~~~~~~~~
tcgbios.c:710:24: warning: array subscript ‘numAlgs’ is outside the bounds of an interior zero-length array ‘struct TCG_EfiSpecIdEventAlgorithmSize[0]’ [-Wzero-length-bounds]
710 | event.hdr.digestSizes[numAlgs].digestSize = cpu_to_log16(hsize);
| ~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~
In file included from tpm_drivers.h:20,
from tcgbios.c:27:
tcgbios_int.h:92:4: note: while referencing ‘digestSizes’
92 | } digestSizes[0];
| ^~~~~~~~~~~
|
|
The #define in version.h does not match the #ifndef in the line before
due to a typo in the suffix ("_F" instead of "_H"). Fix it, and while
we're at it, also remove the underscore at the beginning to avoid that
we're using an identifier here that is reserved by the C standard.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Fix two details of the logs:
- Set the filed SpecErrata to 2 as required by specs.
- Write the separator into the log entry's event field.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
-Wextra enables a bunch of rather useful checks which this fixes.
The only exception is -Wno-unused-parameter, one thing at the time.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
|
-Wextra enables a bunch of rather useful checks which this fixes.
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
|
