diff options
author | Stewart Smith <stewart@linux.vnet.ibm.com> | 2016-10-06 11:57:25 +1100 |
---|---|---|
committer | Stewart Smith <stewart@linux.vnet.ibm.com> | 2016-10-10 15:29:38 +1100 |
commit | 32a7d96144d9e9e9992ecf856c2b1fbe2828aa95 (patch) | |
tree | 6d72186c595b5487c9c7c1fcb99d06faf9be66e3 /external | |
parent | 712df1f5f80b4684124d57486306ab28da85a52c (diff) | |
download | skiboot-32a7d96144d9e9e9992ecf856c2b1fbe2828aa95.zip skiboot-32a7d96144d9e9e9992ecf856c2b1fbe2828aa95.tar.gz skiboot-32a7d96144d9e9e9992ecf856c2b1fbe2828aa95.tar.bz2 |
Add software STB "ROM" implementation for Mambo
Pass SKIBOOT_ENABLE_MAMBO_STB=1 as environment variable to skiboot.tcl
and the tcl will enable the /ibm,secureboot node, enabling hash and
signature "verification" for that mambo session.
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
Diffstat (limited to 'external')
-rw-r--r-- | external/mambo/skiboot.tcl | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/external/mambo/skiboot.tcl b/external/mambo/skiboot.tcl index e9aea02..8d221de 100644 --- a/external/mambo/skiboot.tcl +++ b/external/mambo/skiboot.tcl @@ -243,6 +243,34 @@ for { set c 0 } { $c < $mconf(cpus) } { incr c } { mysim of addprop $cpu_node array "ibm,ppc-interrupt-server#s" irqreg } +mconfig enable_stb SKIBOOT_ENABLE_MAMBO_STB 0 + +if { [info exists env(SKIBOOT_ENABLE_MAMBO_STB)] } { + set stb_node [ mysim of addchild $root_node "ibm,secureboot" "" ] + mysim of addprop $stb_node string "compatible" "ibm,secureboot-v1-softrom" + mysim of addprop $stb_node string "secure-enabled" "" + mysim of addprop $stb_node string "trusted-enabled" "" + mysim of addprop $stb_node string "hash-algo" "sha512" + set hw_key_hash {} + lappend hw_key_hash 0x40d487ff + lappend hw_key_hash 0x7380ed6a + lappend hw_key_hash 0xd54775d5 + lappend hw_key_hash 0x795fea0d + lappend hw_key_hash 0xe2f541fe + lappend hw_key_hash 0xa9db06b8 + lappend hw_key_hash 0x466a42a3 + lappend hw_key_hash 0x20e65f75 + lappend hw_key_hash 0xb4866546 + lappend hw_key_hash 0x0017d907 + lappend hw_key_hash 0x515dc2a5 + lappend hw_key_hash 0xf9fc5095 + lappend hw_key_hash 0x4d6ee0c9 + lappend hw_key_hash 0xb67d219d + lappend hw_key_hash 0xfb708535 + lappend hw_key_hash 0x1d01d6d1 + mysim of addprop $stb_node array "hw-key-hash" hw_key_hash +} + # Load images set boot_size [file size $mconf(boot_image)] |