diff options
author | Julius Werner <jwerner@chromium.org> | 2022-05-19 14:37:21 -0700 |
---|---|---|
committer | Felix Held <felix-coreboot@felixheld.de> | 2022-06-21 12:31:48 +0000 |
commit | 5eda52a599e9dac2f51de3738c9da0a8d96ee17a (patch) | |
tree | 67b54142260c70a1433538ebf2a8ed42c8b3d88f /src | |
parent | 600856dec27dcb32687c8d0098a92822024c7f2c (diff) |
security/vboot: Add support for GSCVD (Google "RO verification")
This patch adds a new CONFIG_VBOOT_GSCVD option that will be enabled by
default for TPM_GOOGLE_TI50 devices. It makes the build system run the
`futility gscvd` command to create a GSCVD (GSC verification data) which
signs the CBFS trust anchor (bootblock and GBB). In order for this to
work, boards will need to have an RO_GSCVD section in their FMAP, and
production boards should override the CONFIG_VBOOT_GSC_BOARD_ID option
with the correct ID for each variant.
BUG=b:229015103
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I1cf86e90b2687e81edadcefa5a8826b02fbc8b24
Reviewed-on: https://review.coreboot.org/c/coreboot/+/64707
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/mainboard/google/brya/Kconfig | 4 | ||||
-rw-r--r-- | src/mainboard/google/skyrim/Kconfig | 5 | ||||
-rw-r--r-- | src/mainboard/google/volteer/Kconfig | 4 | ||||
-rw-r--r-- | src/security/vboot/Kconfig | 54 | ||||
-rw-r--r-- | src/security/vboot/Makefile.inc | 55 |
5 files changed, 113 insertions, 9 deletions
diff --git a/src/mainboard/google/brya/Kconfig b/src/mainboard/google/brya/Kconfig index 9066a093c6..4ab0e29632 100644 --- a/src/mainboard/google/brya/Kconfig +++ b/src/mainboard/google/brya/Kconfig @@ -244,6 +244,10 @@ config VBOOT select VBOOT_EARLY_EC_SYNC if !BOARD_GOOGLE_BASEBOARD_NISSA select VBOOT_LID_SWITCH +config VBOOT_GSC_BOARD_ID + string + default "LBTV" if BOARD_GOOGLE_JOXER + config DIMM_SPD_SIZE default 512 diff --git a/src/mainboard/google/skyrim/Kconfig b/src/mainboard/google/skyrim/Kconfig index 5da562ac04..50068e78a4 100644 --- a/src/mainboard/google/skyrim/Kconfig +++ b/src/mainboard/google/skyrim/Kconfig @@ -78,6 +78,11 @@ config VBOOT select VBOOT_SEPARATE_VERSTAGE select VBOOT_STARTS_IN_BOOTBLOCK +# TODO: Remove once CBFS verification on AMD has been fixed. +config VBOOT_GSCVD + bool + default n + if !EM100 # EM100 defaults in soc/amd/common/blocks/spi/Kconfig config EFS_SPI_READ_MODE default 2 # Dual IO (1-1-2) diff --git a/src/mainboard/google/volteer/Kconfig b/src/mainboard/google/volteer/Kconfig index 682d247300..8947cd8bcf 100644 --- a/src/mainboard/google/volteer/Kconfig +++ b/src/mainboard/google/volteer/Kconfig @@ -135,6 +135,10 @@ config CHROMEOS select VBOOT_EARLY_EC_SYNC select VBOOT_LID_SWITCH +config VBOOT_GSCVD + bool + default n + config CHROMEOS_WIFI_SAR bool "Enable SAR options for Chrome OS build" depends on CHROMEOS diff --git a/src/security/vboot/Kconfig b/src/security/vboot/Kconfig index 3e29c7e655..04770c94eb 100644 --- a/src/security/vboot/Kconfig +++ b/src/security/vboot/Kconfig @@ -290,6 +290,37 @@ config VBOOT_DEFINE_WIDEVINE_COUNTERS config will only define the counter space. Counters need to be incremented separately before any read operation is performed on them. +config VBOOT_HASH_BLOCK_SIZE + hex + default 0x400 + help + Set the default hash size. Generally 1k is reasonable, but in some + cases it may improve hashing speed to increase the size. + + Note that this buffer is allocated in the stack. Although the + build should fail if the stack size is exceeded, it's something to + be aware of when changing the size. + +config VBOOT_GSCVD + bool "Generate GSC verification data" + depends on TPM_GOOGLE + select CBFS_VERIFICATION + default n if TPM_GOOGLE_CR50 + default y + help + Generate a Google Security Chip Verification Data (GSCVD) structure on the flash to + allow the GSC to verify the CBFS verification anchor. Used by default with Ti50 GSCs. + Requires an RO_GSCVD FMAP section. + +config VBOOT_GSC_BOARD_ID + string + depends on VBOOT_GSCVD + default "ZZCR" + help + GSC board ID to be embedded in the GSCVD. Usually each specific mainboard variant + has its own. Google engineers can find these in the go/cros-dlm database ("Products"). + (Note: This is a completely separate thing from coreboot's `board_id()` function.) + menu "GBB configuration" config GBB_HWID @@ -400,16 +431,21 @@ config VBOOT_KEYBLOCK_PREAMBLE_FLAGS hex "Keyblock preamble flags" default 0x0 -config VBOOT_HASH_BLOCK_SIZE - hex - default 0x400 - help - Set the default hash size. Generally 1k is reasonable, but in some - cases it may improve hashing speed to increase the size. +if VBOOT_GSCVD - Note that this buffer is allocated in the stack. Although the - build should fail if the stack size is exceeded, it's something to - be aware of when changing the size. +config VBOOT_GSCVD_ROOT_PUBKEY + string "GSCVD root key (public)" + default "\$(VBOOT_SOURCE)/tests/devkeys/arv_root.vbpubk" + +config VBOOT_GSCVD_PLATFORM_PRIVKEY + string "GSCVD platform key (private)" + default "\$(VBOOT_SOURCE)/tests/devkeys/arv_platform.vbprivk" + +config VBOOT_GSCVD_PLATFORM_KEYBLOCK + string "GSCVD platform keyblock (public)" + default "\$(VBOOT_SOURCE)/tests/devkeys/arv_platform.keyblock" + +endif # VBOOT_GSCVD endmenu # Keys endif # VBOOT diff --git a/src/security/vboot/Makefile.inc b/src/security/vboot/Makefile.inc index 2ea5d3005c..52f374ec82 100644 --- a/src/security/vboot/Makefile.inc +++ b/src/security/vboot/Makefile.inc @@ -294,6 +294,61 @@ build_complete:: $(CBFSTOOL) $(obj)/coreboot.rom write -u -r SHARED_DATA -i 0 -f $(obj)/shared_data.region endif +fmap-section-offset-cmd = $(FUTILITY) dump_fmap -p $(obj)/coreboot.rom | \ + grep '^$(1) ' | cut '-d ' -f2 + +ifeq ($(CONFIG_VBOOT_GSCVD),y) +# +# vboot-gscvd-ranges +# +# This variable expands to the list of ranges that will be verified by the GSC +# before releasing the SoC from reset. It needs to cover all security-relevant +# ranges of the flash that CBFS verification cannot cover itself. By default +# this is the `GBB` FMAP section (not handled here but through the special `-G` +# parameter to `futility gscvd` below) and the bootblock. Here we are +# initializing the variable to expansions that produce ranges for both the +# `BOOTBLOCK` FMAP section (filled up to the real size of +# `$(objcbfs)/bootblock.bin`) and the `bootblock` file in the primary CBFS -- +# only one of those two should normally exist on a given platform. +# +# Platforms where the bootblock isn't the first and only thing loaded by the +# hardware or which otherwise have special security-relevant flash areas that +# cannot be covered normally by CBFS verification will need to manually add +# ranges to this variable in their own Makefiles, in the format produced by +# printf("%x:%x", start_offset, size). The variable is only expanded once in a +# recipe of the `files_added` target, so $(shell) expansions that depend on +# inspecting $(obj)/coreboot.rom (or any of its dependencies) are valid. +# +vboot-gscvd-ranges += $(shell ( \ + offset=$$($(call fmap-section-offset-cmd,BOOTBLOCK)) ;\ + if [ -n "$$offset" ]; then \ + size=$$(wc -c < $(objcbfs)/bootblock.bin) ;\ + printf "%x:%x" $$offset $$size ;\ + fi ;\ +)) +vboot-gscvd-ranges += $(shell ( \ + line=$$($(CBFSTOOL) $(obj)/coreboot.rom print -k | grep '^bootblock[[:space:]]') ;\ + if [ -n "$$line" ]; then \ + cbfs_start=$$($(call fmap-section-offset-cmd,COREBOOT)) ;\ + offset=$$(printf "$$line" | cut -f2) ;\ + size=$$(printf "$$line" | cut -f6) ;\ + printf "%x:%x" $$((cbfs_start + offset)) $$size ;\ + fi ;\ +)) +files_added:: $(FUTILITY) + @printf " WRITE GSCVD\n" + gscvd_range_args="$(foreach range,$(vboot-gscvd-ranges),-R $(range))" ;\ + if [ -z "$$gscvd_range_args" ]; then \ + echo "ERROR: No valid GSCVD ranges detected in image!" ;\ + exit 1 ;\ + fi ;\ + $(FUTILITY) gscvd -G $$gscvd_range_args -b $(CONFIG_VBOOT_GSC_BOARD_ID) \ + -r "$(CONFIG_VBOOT_GSCVD_ROOT_PUBKEY)" \ + -p "$(CONFIG_VBOOT_GSCVD_PLATFORM_PRIVKEY)" \ + -k "$(CONFIG_VBOOT_GSCVD_PLATFORM_KEYBLOCK)" \ + $(obj)/coreboot.rom +endif + # Extract FW_MAIN_? region and minimize it if the last file is empty, so it # doesn't contain this empty file (that can have a significant size), # improving a lot on hash times due to a smaller amount of data loaded from |