diff options
| author | Stewart Smith <stewart@linux.vnet.ibm.com> | 2016-10-10 17:41:31 +1100 |
|---|---|---|
| committer | Stewart Smith <stewart@linux.vnet.ibm.com> | 2016-10-10 18:51:30 +1100 |
| commit | 862d870dee62f601374c7ed3f8fa73e9b21f9e24 (patch) | |
| tree | 53f59a240ff9f5c4d712d6f0c0b7ca0c8829bee6 /libstb | |
| parent | a5f26b3af58379b18821215a91cb23f443b48abd (diff) | |
| download | skiboot-862d870dee62f601374c7ed3f8fa73e9b21f9e24.zip skiboot-862d870dee62f601374c7ed3f8fa73e9b21f9e24.tar.gz skiboot-862d870dee62f601374c7ed3f8fa73e9b21f9e24.tar.bz2 | |
stb: always recompute hash of container payload and compare
If our computed hash of stb container doesn't match what's in the container,
we should abort.
Useful in debug (e.g. in mambo)
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
Diffstat (limited to 'libstb')
| -rw-r--r-- | libstb/stb.c | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/libstb/stb.c b/libstb/stb.c index 6e1dcef..8c8f380 100644 --- a/libstb/stb.c +++ b/libstb/stb.c @@ -188,7 +188,7 @@ int tb_measure(enum resource_id id, uint32_t subid, void *buf, size_t len) { int rc, r; uint8_t digest[SHA512_DIGEST_LENGTH]; - uint8_t* digestp; + const uint8_t *digestp; rc = 0; digestp = NULL; @@ -227,20 +227,35 @@ int tb_measure(enum resource_id id, uint32_t subid, void *buf, size_t len) * the hash of the container payload (if it's a container) or the image * (if it's not a container) */ - if (secure_mode && stb_is_container(buf, len)) { - digestp = (uint8_t*) stb_sw_payload_hash(buf, len); - memcpy(digest, digestp, TPM_ALG_SHA256_SIZE); - } else if (!secure_mode && stb_is_container(buf, len)) { + if (stb_is_container(buf, len)) { + digestp = stb_sw_payload_hash(buf, len); + if(!digestp) { + prlog(PR_EMERG, "STB Container is corrupt, can't find hash\n"); + abort(); + } + rom_driver->sha512( (void*)((uint8_t*)buf + SECURE_BOOT_HEADERS_SIZE), len - SECURE_BOOT_HEADERS_SIZE, digest); + prlog(PR_INFO, "STB: %s sha512 hash re-calculated\n", resource_map[r].name); + if (memcmp(digestp, digest, TPM_ALG_SHA256_SIZE) != 0) { + prlog(PR_ALERT, "STB: HASH IN CONTAINER DOESN'T MATCH CONTENT!\n"); + prlog(PR_ALERT, "STB: Container hash:\n"); + stb_print_data(digestp, TPM_ALG_SHA256_SIZE); + prlog(PR_ALERT, "STB: Computed hash (on %lx bytes):\n", len); + stb_print_data(digest, TPM_ALG_SHA256_SIZE); + + if (secure_mode) + abort(); + } } else { rom_driver->sha512(buf, len, digest); prlog(PR_INFO, "STB: %s sha512 hash calculated\n", resource_map[r].name); } + #ifdef STB_DEBUG /* print the payload/image hash */ prlog(PR_NOTICE, "STB: %s hash:\n", resource_map[r].name); |