summaryrefslogtreecommitdiff
path: root/src/vendorcode/eltan/security
AgeCommit message (Collapse)Author
2021-01-15vc/eltan/security/verified_boot/vboot_check.c: Add check PROG_POSTCARFrans Hendriks
On Coffee Lake systems prog_locate_hook() is called with PROG_POSTCAR. For this reason the early check is not executed. Add check for prog->type == PROG_POSTCAR, but execute verified_boot_early_check() once. BUG = N/A TEST = Build and boot on Facebook FBG1701 and Intel CoffeeLake system Change-Id: Ia3bd36064bcc8176302834c1e46a225937d61c20 Signed-off-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/48852 Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-12-02cbfs: Simplify load/map API names, remove type argumentsJulius Werner
This patch renames cbfs_boot_map_with_leak() and cbfs_boot_load_file() to cbfs_map() and cbfs_load() respectively. This is supposed to be the start of a new, better organized CBFS API where the most common operations have the most simple and straight-forward names. Less commonly used variants of these operations (e.g. cbfs_ro_load() or cbfs_region_load()) can be introduced later. It seems unnecessary to keep carrying around "boot" in the names of most CBFS APIs if the vast majority of accesses go to the boot CBFS (instead, more unusual operations should have longer names that describe how they diverge from the common ones). cbfs_map() is paired with a new cbfs_unmap() to allow callers to cleanly reap mappings when desired. A few new cbfs_unmap() calls are added to generic code where it makes sense, but it seems unnecessary to introduce this everywhere in platform or architecture specific code where the boot medium is known to be memory-mapped anyway. In fact, even for non-memory-mapped platforms, sometimes leaking a mapping to the CBFS cache is a much cleaner solution than jumping through hoops to provide some other storage for some long-lived file object, and it shouldn't be outright forbidden when it makes sense. Additionally, remove the type arguments from these function signatures. The goal is to eventually remove type arguments for lookup from the whole CBFS API. Filenames already uniquely identify CBFS files. The type field is just informational, and there should be APIs to allow callers to check it when desired, but it's not clear what we gain from forcing this as a parameter into every single CBFS access when the vast majority of the time it provides no additional value and is just clutter. Signed-off-by: Julius Werner <jwerner@chromium.org> Change-Id: Ib24325400815a9c3d25f66c61829a24a239bb88e Reviewed-on: https://review.coreboot.org/c/coreboot/+/39304 Reviewed-by: Hung-Te Lin <hungte@chromium.org> Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-by: Mariusz Szafrański <mariuszx.szafranski@intel.com> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-11-22vendorcode/eltan/security: Add dependency for menu itemsFrans Hendriks
Subitem for VENDORCODE_ELTAN_VBOOT and VENDORCODE_ELTAN_MBOOT are always displayed. Add dependency and display these items when feature is enabled only. Tested on Facebook FBG1701. Change-Id: I51e47efddbcf51d87439bec33b85432da56fa4c6 Signed-off-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/47740 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Angel Pons <th3fanbus@gmail.com>
2020-06-19Kconfig: Escape variable to accommodate new Kconfig versionsPatrick Georgi
Kconfig 4.17 started using the $(..) syntax for environment variable expansion while we want to keep expansion to the build system. Older Kconfig versions (like ours) simply drop the escapes, not changing the behavior. While we could let Kconfig expand some of the variables, that only splits the handling in two places, making debugging harder and potentially messing with reproducible builds (e.g. when paths end up in configs), so escape them all. Change-Id: Ibc4087fdd76089352bd8dd0edb1351ec79ea4faa Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/42481 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
2020-06-01src: Fix up ##-commented SPDX headersAngel Pons
Delete leading empty comment lines. Change-Id: If1c5f568af3290c329d22dfc054d10d01c079065 Signed-off-by: Angel Pons <th3fanbus@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41833 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
2020-05-11treewide: Remove "this file is part of" linesPatrick Georgi
Stefan thinks they don't add value. Command used: sed -i -e '/file is part of /d' $(git grep "file is part of " |egrep ":( */\*.*\*/\$|#|;#|-- | *\* )" | cut -d: -f1 |grep -v crossgcc |grep -v gcov | grep -v /elf.h |grep -v nvramtool) The exceptions are for: - crossgcc (patch file) - gcov (imported from gcc) - elf.h (imported from GNU's libc) - nvramtool (more complicated header) The removed lines are: - fmt.Fprintln(f, "/* This file is part of the coreboot project. */") -# This file is part of a set of unofficial pre-commit hooks available -/* This file is part of coreboot */ -# This file is part of msrtool. -/* This file is part of msrtool. */ - * This file is part of ncurses, designed to be appended after curses.h.in -/* This file is part of pgtblgen. */ - * This file is part of the coreboot project. - /* This file is part of the coreboot project. */ -# This file is part of the coreboot project. -# This file is part of the coreboot project. -## This file is part of the coreboot project. --- This file is part of the coreboot project. -/* This file is part of the coreboot project */ -/* This file is part of the coreboot project. */ -;## This file is part of the coreboot project. -# This file is part of the coreboot project. It originated in the - * This file is part of the coreinfo project. -## This file is part of the coreinfo project. - * This file is part of the depthcharge project. -/* This file is part of the depthcharge project. */ -/* This file is part of the ectool project. */ - * This file is part of the GNU C Library. - * This file is part of the libpayload project. -## This file is part of the libpayload project. -/* This file is part of the Linux kernel. */ -## This file is part of the superiotool project. -/* This file is part of the superiotool project */ -/* This file is part of uio_usbdebug */ Change-Id: I82d872b3b337388c93d5f5bf704e9ee9e53ab3a9 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41194 Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-05-09src/: Replace GPL boilerplate with SPDX headersPatrick Georgi
Used commands: perl -i -p0e 's|\/\*[\s*]*.*is free software[:;][\s*]*you[\s*]*can[\s*]*redistribute[\s*]*it[\s*]*and\/or[\s*]*modify[\s*]*it[\s*]*under[\s*]*the[\s*]*terms[\s*]*of[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*as[\s*]*published[\s*]*by[\s*]*the[\s*]*Free[\s*]*Software[\s*]*Foundation[;,][\s*]*version[\s*]*2[\s*]*of[\s*]*the[\s*]*License.[\s*]*This[\s*]*program[\s*]*is[\s*]*distributed[\s*]*in[\s*]*the[\s*]*hope[\s*]*that[\s*]*it[\s*]*will[\s*]*be[\s*]*useful,[\s*]*but[\s*]*WITHOUT[\s*]*ANY[\s*]*WARRANTY;[\s*]*without[\s*]*even[\s*]*the[\s*]*implied[\s*]*warranty[\s*]*of[\s*]*MERCHANTABILITY[\s*]*or[\s*]*FITNESS[\s*]*FOR[\s*]*A[\s*]*PARTICULAR[\s*]*PURPOSE.[\s*]*See[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*for[\s*]*more[\s*]*details.[\s*]*\*\/|/* SPDX-License-Identifier: GPL-2.0-only */|' $(cat filelist) perl -i -p0e 's|\/\*[\s*]*.*is[\s*]*free[\s*]*software[:;][\s*]*you[\s*]*can[\s*]*redistribute[\s*]*it[\s*]*and/or[\s*]*modify[\s*]*it[\s*]*under[\s*]*the[\s*]*terms[\s*]*of[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*as[\s*]*published[\s*]*by[\s*]*the[\s*]*Free[\s*]*Software[\s*]*Foundation[;,][\s*]*either[\s*]*version[\s*]*2[\s*]*of[\s*]*the[\s*]*License,[\s*]*or[\s*]*.at[\s*]*your[\s*]*option.[\s*]*any[\s*]*later[\s*]*version.[\s*]*This[\s*]*program[\s*]*is[\s*]*distributed[\s*]*in[\s*]*the[\s*]*hope[\s*]*that[\s*]*it[\s*]*will[\s*]*be[\s*]*useful,[\s*]*but[\s*]*WITHOUT[\s*]*ANY[\s*]*WARRANTY;[\s*]*without[\s*]*even[\s*]*the[\s*]*implied[\s*]*warranty[\s*]*of[\s*]*MERCHANTABILITY[\s*]*or[\s*]*FITNESS[\s*]*FOR[\s*]*A[\s*]*PARTICULAR[\s*]*PURPOSE.[\s*]*See[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*for[\s*]*more[\s*]*details.[\s*]*\*\/|/* SPDX-License-Identifier: GPL-2.0-or-later */|' $(cat filelist) perl -i -p0e 's|\/\*[\s*]*.*is[\s*#]*free[\s*#]*software[;:,][\s*#]*you[\s*#]*can[\s*#]*redistribute[\s*#]*it[\s*#]*and/or[\s*#]*modify[\s*#]*it[\s*#]*under[\s*#]*the[\s*#]*terms[\s*#]*of[\s*#]*the[\s*#]*GNU[\s*#]*General[\s*#]*Public[\s*#]*License[\s*#]*as[\s*#]*published[\s*#]*by[\s*#]*the[\s*#]*Free[\s*#]*Software[\s*#]*Foundation[;:,][\s*#]*either[\s*#]*version[\s*#]*3[\s*#]*of[\s*#]*the[\s*#]*License[;:,][\s*#]*or[\s*#]*.at[\s*#]*your[\s*#]*option.[\s*#]*any[\s*#]*later[\s*#]*version.[\s*#]*This[\s*#]*program[\s*#]*is[\s*#]*distributed[\s*#]*in[\s*#]*the[\s*#]*hope[\s*#]*that[\s*#]*it[\s*#]*will[\s*#]*be[\s*#]*useful[;:,][\s*#]*but[\s*#]*WITHOUT[\s*#]*ANY[\s*#]*WARRANTY[;:,][\s*#]*without[\s*#]*even[\s*#]*the[\s*#]*implied[\s*#]*warranty[\s*#]*of[\s*#]*MERCHANTABILITY[\s*#]*or[\s*#]*FITNESS[\s*#]*FOR[\s*#]*A[\s*#]*PARTICULAR[\s*#]*PURPOSE.[\s*#]*See[\s*#]*the[\s*#]*GNU[\s*#]*General[\s*#]*Public[\s*#]*License[\s*#]*for[\s*#]*more[\s*#]*details.[\s*]*\*\/|/* SPDX-License-Identifier: GPL-3.0-or-later */|' $(cat filelist) perl -i -p0e 's|(\#\#*)[\w]*.*is free software[:;][\#\s]*you[\#\s]*can[\#\s]*redistribute[\#\s]*it[\#\s]*and\/or[\#\s]*modify[\#\s]*it[\s\#]*under[\s \#]*the[\s\#]*terms[\s\#]*of[\s\#]*the[\s\#]*GNU[\s\#]*General[\s\#]*Public[\s\#]*License[\s\#]*as[\s\#]*published[\s\#]*by[\s\#]*the[\s\#]*Free[\s\#]*Software[\s\#]*Foundation[;,][\s\#]*version[\s\#]*2[\s\#]*of[\s\#]*the[\s\#]*License.*[\s\#]*This[\s\#]*program[\s\#]*is[\s\#]*distributed[\s\#]*in[\s\#]*the[\s\#]*hope[\s\#]*that[\s\#]*it[\s\#]*will[\#\s]*be[\#\s]*useful,[\#\s]*but[\#\s]*WITHOUT[\#\s]*ANY[\#\s]*WARRANTY;[\#\s]*without[\#\s]*even[\#\s]*the[\#\s]*implied[\#\s]*warranty[\#\s]*of[\#\s]*MERCHANTABILITY[\#\s]*or[\#\s]*FITNESS[\#\s]*FOR[\#\s]*A[\#\s]*PARTICULAR[\#\s]*PURPOSE.[\#\s]*See[\#\s]*the[\#\s]*GNU[\#\s]*General[\#\s]*Public[\#\s]*License[\#\s]*for[\#\s]*more[\#\s]*details.\s(#* *\n)*|\1 SPDX-License-Identifier: GPL-2.0-only\n\n|' $(cat filelist) perl -i -p0e 's|(\#\#*)[\w*]*.*is free software[:;][\s*]*you[\s*]*can[\s*]*redistribute[\s*]*it[\s*]*and\/or[\s*]*modify[\s*]*it[\s*]*under[\s*]*the[\s*]*terms[\s*]*of[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*as[\s*]*published[\s*]*by[\s*]*the[\s*]*Free[\s*]*Software[\s*]*Foundation[;,][\s*]*version[\s*]*2[\s*]*of[\s*]*the[\s*]*License.[\s*]*This[\s*]*program[\s*]*is[\s*]*distributed[\s*]*in[\s*]*the[\s*]*hope[\s*]*that[\s*]*it[\s*]*will[\s*]*be[\s*]*useful,[\s*]*but[\s*]*WITHOUT[\s*]*ANY[\s*]*WARRANTY;[\s*]*without[\s*]*even[\s*]*the[\s*]*implied[\s*]*warranty[\s*]*of[\s*]*MERCHANTABILITY[\s*]*or[\s*]*FITNESS[\s*]*FOR[\s*]*A[\s*]*PARTICULAR[\s*]*PURPOSE.[\s*]*See[\s*]*the[\s*]*GNU[\s*]*General[\s*]*Public[\s*]*License[\s*]*for[\s*]*more[\s*]*details.\s(#* *\n)*|\1 SPDX-License-Identifier: GPL-2.0-only\n\n|' $(cat filelist) Change-Id: Ia01908544f4b92a2e06ea621eca548e582728280 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41178 Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-05-02acpi: Move ACPI table support out of arch/x86 (3/5)Furquan Shaikh
This change moves all ACPI table support in coreboot currently living under arch/x86 into common code to make it architecture independent. ACPI table generation is not really tied to any architecture and hence it makes sense to move this to its own directory. In order to make it easier to review, this change is being split into multiple CLs. This is change 3/5 which basically is generated by running the following command: $ git grep -iIl "arch/acpi" | xargs sed -i 's/arch\/acpi/acpi\/acpi/g' BUG=b:155428745 Change-Id: I16b1c45d954d6440fb9db1d3710063a47b582eae Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/40938 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
2020-05-01vc/eltan/security/verified_boot/vboot_check.c: Increase wb_buffer sizeFrans Hendriks
Running commit aee0baf0690681fae85d24e6887d6cbb9209de83 on Facebook fbg1701 results in an error: VB2:vb2_rsa_verify_digest() ERROR - vboot2 work buffer too small! ERROR: HASH table verification failed! The actual vboot structures require more space. Workbuffer size needs to be increased. We didn't determine the commit causing the issue because this change fixes the issue. BUG=N/A TEST=Build and boot Facebook fbg1701 Change-Id: I5caebc643eb493f4285c2f2fc164ff3a5d35e24e Signed-off-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/40526 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
2020-04-24vc/eltan/security/verified_boot/vboot_check.c: Correct code styleFrans Hendriks
Remove double space and limit lines to 96 column. BUG=N/A TEST=Build and boot Facebook fbg1701 Signed-off-by: Frans Hendriks <fhendriks@eltan.com> Change-Id: Ib6373bbf9b666540304e8a2bdaa9add9914476bc Reviewed-on: https://review.coreboot.org/c/coreboot/+/40528 Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-04-04src/vendorcode: Use SPDX for GPL-2.0-only filesAngel Pons
Done with sed and God Lines. Only done for C-like code for now. Change-Id: I49dc615178aaef278d6445376842d45152759234 Signed-off-by: Angel Pons <th3fanbus@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/40060 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2020-03-31security/vboot: relocate and rename vboot_platform_is_resuming()Bill XIE
After measured boot is decoupled from verified boot in CB:35077, vboot_platform_is_resuming() is never vboot-specific, thus it is renamed to platform_is_resuming() and declared in bootmode.h. Change-Id: I29b5b88af0576c34c10cfbd99659a5cdc0c75842 Signed-off-by: Bill XIE <persmule@hardenedlinux.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/39103 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2020-03-17src (minus soc and mainboard): Remove copyright noticesPatrick Georgi
They're listed in AUTHORS and often incorrect anyway, for example: - What's a "Copyright $year-present"? - Which incarnation of Google (Inc, LLC, ...) is the current copyright holder? - People sometimes have their editor auto-add themselves to files even though they only deleted stuff - Or they let the editor automatically update the copyright year, because why not? - Who is the copyright holder "The coreboot project Authors"? - Or "Generated Code"? Sidestep all these issues by simply not putting these notices in individual files, let's list all copyright holders in AUTHORS instead and use the git history to deal with the rest. Change-Id: I89b10076e0f4a4b3acd59160fb7abe349b228321 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/39611 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Reviewed-by: David Hendricks <david.hendricks@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-02-19vboot: remove use of NEED_VB20_INTERNALS switchJoel Kitching
The NEED_VB20_INTERNALS switch is being deprecated. Use the header file vb2_internals_please_do_not_use.h instead. BUG=b:124141368, chromium:957880 TEST=make clean && make test-abuild BRANCH=none Change-Id: Ie35644876178b806fab4f0ce8089a556227312db Signed-off-by: Joel Kitching <kitching@google.com> Cq-Depend: chromium:2055600 Reviewed-on: https://review.coreboot.org/c/coreboot/+/38887 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2020-02-07security/vboot: relocate vb2ex_abort and vb2ex_printfJoel Kitching
Enabling an assertion in vb2_member_of() results in coreboot linking vb2ex_abort() and vb2ex_printf() in ramstage. Move these two functions from vboot_logic.c to vboot_lib.c, which is should be enabled in all stages if CONFIG_VBOOT_LIB is enabled. Note that CONFIG_VBOOT_LIB is implied by CONFIG_VBOOT. Relevant vboot_reference commit: CL:2037263. BUG=b:124141368, chromium:1005700 TEST=make clean && make test-abuild BRANCH=none Change-Id: Ica0103c5684b3d50ba7dc1b4c39559cb192efa81 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/38706 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Martin Roth <martinroth@google.com>
2020-02-05vendorcode/eltan/security: Switch to vb2 vboot libraryWim Vervoorn
The eltan verified_boot is using the vboot 2.1 data structures and code, as well as the fwlib21 build target, they are all deprecated. Refer to CB:37654 for more information. The verified_boot code is updated to use the vb2 structures and code and make sure only public functions are used. BUG=N/A TEST=build Change-Id: I1e1a7bce6110fe35221a4d7a47c1eb7c7074c318 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/38590 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-12-19Drop ROMCC code and header guardsArthur Heymans
Change-Id: I730f80afd8aad250f26534435aec24bea75a849c Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37334 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
2019-11-25Kconfig: Drop the C_ENVIRONMENT_BOOTBLOCK symbolArthur Heymans
The romcc bootblock will be deprecated soon and most platforms use C_ENVIRONMENT_BOOTBLOCK already. This patch drops the CONFIG_C_ENVIRONMENT_BOOTBLOCK symbol and adds CONFIG_ROMCC_BOOTBLOCK where needed. Change-Id: I773a76aade623303b7cd95ebe9b0411e5a7ecbaf Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37154 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-by: Michał Żygowski <michal.zygowski@3mdeb.com>
2019-11-25Drop superfluous C_ENVIRONMENT_BOOTBLOCK checksArthur Heymans
Some guarding is not needed because the linker drops the code, other guarding is not needed because all platforms using the code now have C_ENVIRONMENT_BOOTBLOCK. Change-Id: I3b1a94e709aa291e1156c854874d7bf461981f32 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37157 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
2019-11-23Kconfig: comply to Linux 5.3's Kconfig language rulesPatrick Georgi
Kconfig became stricter on what it accepts, so accomodate before updating to a new release. Change-Id: I92a9e9bf0d557a7532ba533cd7776c48f2488f91 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37156 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2019-11-16vendorcode/eltan/security: Move eltan security from chipset to security menuWim Vervoorn
The eltan security items ended up in the chipset menu which is not desired. Now the eltan security option (when enabled in mainboard) shows up in the security menu. BUG=N/A TEST=build Change-Id: I3b2aa3836e8d9a3242c6d1f3ba7b7821a5cfb9d3 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36851 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-11-16vendorcode/security/eltan: Allocate memory from bootmem to speed up hashingWim Vervoorn
The verified_boot_check_cbfsfile() will now try to allocate a buffer from bootmem if the item in the list has the VERIFIED_BOOT_COPY_BLOCK attribute set. For large payloads this speeds up the hash operation. BUG=N/A TEST=build Change-Id: Ifa0c93632c59d05ae6d32f8785009a3c3568abc5 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36822 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-11-15vendorcode/eltan/security: Cleanup prog_locate_hookWim Vervoorn
Cleanup of the prog_locate_hook routine so the actual coreboot flow is more clearly reflected in the code. Remove logging that is not really needed. BUG=N/A TEST=tested on fbg1701 Change-Id: Iab6c75beac35d043d296336021c0bce1f828cf34 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36846 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-15vendorcode/eltan/security: Remove cbfs prepare and locateWim Vervoorn
The prepare functionality will be removed from cbfs support and the eltan verified boot is the only software using it. This is not really required as we can use the prog_locate_hook() for this functionality. BUG=N/A TEST=tested on fbg1701 Change-Id: I189cbad4b24bbbb0840ce6100c89a42a327c5456 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36821 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-11-15vendorcode/eltan/security: Add all verify_lists to include fileWim Vervoorn
Some of the verify lists were added to the include file while others are on vboot_check.c. Also added the ramstage_verify_list. BUG=N/A TEST=tested on fbg1701 Change-Id: If4f1d8b2278277d0af78e357ecce0d5bef441179 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36820 Reviewed-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-15vendor/eltan/security: Removed long lines from vboot_checkWim Vervoorn
Removed long lines from the verified_boot_check_buffer() function. BUG=N/A TEST=build Change-Id: I2ea0ae82bd531355111d6b45c67bdc2b1759b7bc Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36849 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-11-14cbfs: Stop checking master headerJulius Werner
The CBFS master header is a legacy structure that just conveys the same information we already have from the FMAP these days. We're still including it to support older CBFS implementations in some payloads, but there's no need for coreboot itself to follow this indirection anymore. This patch simplifies the default CBFS locator to just return the CBFS offset and size from the FMAP directly. Change-Id: I6b00dd7f276364d62fa1f637efbaee0e80607c49 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36688 Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-14cbfs: Make cbfs_master_header_props() externally availableJulius Werner
This patch makes the CBFS default locator .locate() callback externally available so that code which overrides cbfs_master_header_locator can reuse or wrap it and doesn't have to copy&paste the whole thing. Use it for the Eltan vendorcode implementation which previously did this. Change-Id: I54dad5c8ea64ea0fc472217e275daa815736991e Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36797 Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-11vendorcode/eltan/security/mboot/mboot.c: Correct parameter descriptionFrans Hendriks
The flags parameter of the tpm2_get_capability_pcrs() is used by mboot_hash_extend_log(). BUGS=NA TEST=Build Change-Id: Ia718d27f21d41a5e16230c74ca402ea6099470b2 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36680 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-11-08eltan/security: Replace __PRE_RAM__ with ENV_ROMSTAGE_OR_BEFOREKyösti Mälkki
Change-Id: Id56a63a67b7eb70dce6687bb9c2734a711f611b3 Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36635 Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-by: Frans Hendriks <fhendriks@eltan.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-08eltan/security: Replace __BOOTBLOCK__ with ENV_BOOTBLOCKKyösti Mälkki
Change-Id: I6ec5a33cd6a6342adfe73c050e0c376bbefad96a Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36634 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-11-08eltan/security: Remove some preprocessor guardsKyösti Mälkki
We generally let garbage-collection take care of unused functions. While at it, move some related variable declarations in to the header file and declare them const like they should be. Change-Id: I7c6fa15bd45f861f13b6123ccb14c55415e42bc7 Signed-off-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36632 Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-05vendorcode/eltan/security: Align mboot with coreboot tpmWim Vervoorn
Align the eltan mboot support with coreboot tpm support to limit the amount of custom code. We now only support SHA256 pcrs, only single a single digest will be handled in a call. The pcr invalidation has been changed fixed values are now loaded while the correct algortihm is selected. BUG=N/A TEST=tested on fbg1701 Change-Id: Id11389ca90c1e6121293353402a2dd464a2e6727 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36483 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-11-04vendorcode/eltan/security: Correct debug outputWim Vervoorn
Correct debug ouput in tpm2_get_capability_pcrs. BUG=N/A TEST=build Change-Id: Ibd12c9dc22980f21ecba204729c5da0d11618e12 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36484 Reviewed-by: Frans Hendriks <fhendriks@eltan.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-04vendorcode/eltan/security: Address layout issuesWim Vervoorn
Corrected several layout issues in the mboot.c file. BUG=N/A TEST=build Change-Id: I1599c7be075130345f018a08bede3eb849129a1c Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36485 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-11-04vendorcode/eltan/security: Use custom hash for little endian onlyWim Vervoorn
Only use the custom hash routine when we need little endian. Rename the function as well as it is little endian only now. BUG=N/A TEST=tested on fbg1701 board. Change-Id: I037fa38c5961dab7a81e752c1685da2dc6b33d12 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36482 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-11-04vendorcode/eltan: Cleanup Kconfig filesWim Vervoorn
The vendorcode/eltan and vendorcode/eltan/security directories were both adding the mboot and verified_boot Kconfigs. BUG=N/A TEST=build Change-Id: I6b5f19b4660d60345391b7320ce42466fd2cc769 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36479 Reviewed-by: Frans Hendriks <fhendriks@eltan.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-01mb/facebook/fbg1701: Add public key to bootblock_verify_listWim Vervoorn
The public key was not verified during the verified boot operation. This is now added. The items in the manifest are now fixed at 12 as we always have the postcar stage. BUG=N/A TEST=tested on facebook fbg1701 Change-Id: I85fd391294db0ea796001720c2509f797be5aedf Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36504 Reviewed-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-11-01vendorcode/eltan/security: Use vb2 public keyWim Vervoorn
Start using the vb2 public key format and process the signature verification using the vb2 routines. This allows us to use the futility to prepare the keys and eliminates the need for custom tools. BUG=N/A TEST=tested on fbg1701 board Change-Id: Id5d28595bbfb1f5ca5bca0fcfb06134bb1143f25 Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36480 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
2019-10-04vendorcode/eltan/security/verified_boot: Add verified boot supportFrans Hendriks
Create verified boot support, which includes verifiication of bootblock. This feature use the vendorcode/eltan/security/lib. cbfs_locator is used to init the verified boot support. vendor_secure_prepare() and vendor_secure_locate() are used to preform the required action in each stage. The next lists will be used for verification: * bootblock_verify_list * postcar_verify_list * romstage_verify_list * ramstage_verify_list BUG=N/A TEST=Created binary and verify logging on Facebook FBG-1701 Change-Id: If6c1423b0b4a309cefb7fe7a29d5100ba289e0b4 Signed-off-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/30835 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Lance Zhao <lance.zhao@gmail.com> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2019-10-04vendorcode/eltan/security/mboot: Add measured boot supportFrans Hendriks
Create measured boot. This feature uses the vendorcode/eltan/security/lib. Measure boot can work with and without Verified boot enabled. The function mb_measure() is starting point for the support. This function will be called by the common Verified boot code. BUG=N/A TEST=Created binary and verify logging on Facebook FBG-1701 Change-Id: I7f880a17e240515dd42d57383b5ddddf576985b0 Signed-off-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/30833 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2019-08-26vendorcode/eltan/security/lib: Always include cb_sha.c for bootblockFrans Hendriks
cb_sha.c depends on C_ENVIRONMENT_BOOTBLOCK. Include cb_sha.c unconditional since C_ENVIRONMENT_BOOTBLOCK is default for chipsets. BUG=N/A TEST=Boot Linux 4.20 and verify logging on Facebook FBG-1701 Change-Id: If93195596efe7d8f298430e67eb1cf79804b96fc Signed-off-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/34667 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Lance Zhao <lance.zhao@gmail.com>
2019-08-11vendorcode/eltan/security/lib: Add missing vb2ex_printf()Frans Hendriks
Build error on missing vb2ex_printf() in bootblock stage Add the file vboot_logic.c which contains the missing vb2ex_printf(). BUG=N/A TEST=Boot Linux 4.20 and verify logging on Facebook FBG-1701 Change-Id: I3f649f3faf1e812d592e4981bc75698e2cad1cc8 Signed-off-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/34666 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Lance Zhao <lance.zhao@gmail.com>
2019-08-08vendorcode/eltan/security: Use config VENDORCODE_ELTAN_XXXFrans Hendriks
To avoid confusion use VENDORCODE_ELTAN_VBOOT and VENDORCODE_ELTAN_MBOOT config values. Include verfied_boot and mboot subdirectories as CPPFLAGS when measured boot or verified boot is enabled. This allows to generate binary with measured boot enabled only. BUG=N/A TEST=Boot Linux 4.20 and verify logging on Facebook FBG-1701 Change-Id: Iaaf3c8cacbc8d2be7387264ca9c973e583871f0a Signed-off-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/33442 Reviewed-by: Lance Zhao <lance.zhao@gmail.com> Reviewed-by: Martin Roth <martinroth@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-07-10vendorcode/eltan/security/lib: Implement SHA endian functionFrans Hendriks
digest from vb2_digest_bufer() does not contains the correct endian. Create cb_sha_endian() which can convert the calculated digest into big endian or little endian when required. BUG=N/A TEST=Created binary and verify logging on Facebok FBG-1701 Change-Id: If828bde54c79e836a5b05ff0447645d7e06e819a Signed-off-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/30831 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
2019-06-04vendorcode/eltan: Add vendor code for measured and verified bootFrans Hendriks
This patch contains the general files for the vendorcode/eltan that has been uploaded recently: - Add eltan directory to vendorcode. - Add documentation about the support in the vendorcode directories. - Add the Makefile.inc and Kconfig for the vendorcode/eltan and vendorcode/eltan/security. BUG=N/A TEST=Created verified binary and verify logging on Portwell PQ-M107 Change-Id: Ic1d5a21d40b6a31886777e8e9fe7b28c860f1a80 Signed-off-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/30218 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>