aboutsummaryrefslogtreecommitdiff
path: root/libstb
diff options
context:
space:
mode:
authorPridhiviraj Paidipeddi <ppaidipe@linux.vnet.ibm.com>2018-02-06 07:46:32 +0530
committerStewart Smith <stewart@linux.vnet.ibm.com>2018-02-08 18:21:42 -0600
commit2109b81d9f78c59b4099b625e18d34a66baa1b71 (patch)
tree1a8687cb64a42d86c2627a6f3245c2c6e60da562 /libstb
parent7912f9750bfcb77d463d4854328c6a470516d8b0 (diff)
downloadskiboot-2109b81d9f78c59b4099b625e18d34a66baa1b71.zip
skiboot-2109b81d9f78c59b4099b625e18d34a66baa1b71.tar.gz
skiboot-2109b81d9f78c59b4099b625e18d34a66baa1b71.tar.bz2
libstb: fix failure of calling cvc verify without STB initialization.
Currently in OPAL init time at various stages we are loading various PNOR partition containers from the flash device. When we load a flash resource STB calls the CVC verify and trusted measure(sha512) functions. So when we have a flash resource gets loaded before STB initialization, then cvc verify function fails to start the verify and enforce the boot. Below is one of the example failure where our VERSION partition gets loading early in the boot stage without STB initialization done. This is with secure mode off. STB: VERSION NOT VERIFIED, invalid param. buf=0x305ed930, len=4096 key-hash=0x0 hash-size=0 In the same code path when secure mode is on, the boot process will abort. So this patch fixes this issue by calling cvc verify only if we have STB init was done. And also we need a permanent fix in init path to ensure STB init gets done at first place and then start loading all other flash resources. Signed-off-by: Pridhiviraj Paidipeddi <ppaidipe@linux.vnet.ibm.com> Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
Diffstat (limited to 'libstb')
-rw-r--r--libstb/secureboot.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/libstb/secureboot.c b/libstb/secureboot.c
index 08a6ae6..2c7a8db 100644
--- a/libstb/secureboot.c
+++ b/libstb/secureboot.c
@@ -28,6 +28,7 @@
static const void* hw_key_hash = NULL;
static size_t hw_key_hash_size;
static bool secure_mode = false;
+static bool secure_init = false;
static struct {
enum secureboot_version version;
@@ -161,6 +162,8 @@ void secureboot_init(void)
}
if (cvc_init())
secureboot_enforce();
+
+ secure_init = true;
}
int secureboot_verify(enum resource_id id, void *buf, size_t len)
@@ -176,6 +179,12 @@ int secureboot_verify(enum resource_id id, void *buf, size_t len)
secureboot_enforce();
}
+ if (!secure_init) {
+ prlog(PR_WARNING, "container NOT VERIFIED, resource_id=%d "
+ "secureboot not yet initialized\n", id);
+ return -1;
+ }
+
rc = call_cvc_verify(buf, len, hw_key_hash, hw_key_hash_size, &log);
if (rc == OPAL_SUCCESS) {