1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
|
/* SPDX-License-Identifier: GPL-2.0-only */
#include <amdblocks/reset.h>
#include <bootstate.h>
#include <console/console.h>
#include <device/mmio.h>
#include <types.h>
#include "psp_def.h"
#define PSB_STATUS_OFFSET 0x10994
#define FUSE_PLATFORM_SECURE_BOOT_EN BIT(24)
#define PSB_TEST_STATUS_MASK 0xff
#define PSB_FUSING_READY_MASK BIT(8)
/* PSB Test Status and Error Codes (doc#56654) */
#define PSB_TEST_STATUS_PASS 0x00
#define PSB_TEST_STATUS_FUSE_READ_ERR 0x3e
#define PSB_TEST_STATUS_BIOS_KEY_BAD_USAGE 0x81
#define PSB_TEST_STATUS_BIOS_RTM_SIG_NOENT 0x82
#define PSB_TEST_STATUS_BIOS_RTM_COPY_ERR 0x83
#define PSB_TEST_STATUS_BIOS_RTM_BAD_SIG 0x84
#define PSB_TEST_STATUS_BIOS_KEY_BAD_SIG 0x85
#define PSB_TEST_STATUS_PLATFORM_BAD_ID 0x86
#define PSB_TEST_STATUS_BIOS_COPY_BIT_UNSET 0x87
#define PSB_TEST_STATUS_BIOS_CA_BAD_SIG 0x8a
#define PSB_TEST_STATUS_BIOS_CA_BAD_USAGE 0x8b
#define PSB_TEST_STATUS_BIOS_KEY_BAD_REVISION 0x8c
#define FUSE_STATUS_SUCCESS 0x00
#define FUSE_STATUS_NOT_ALLOWED 0x09
#define FUSE_STATUS_FUSING_ERR 0x0a
#define FUSE_STATUS_BOOT_DONE 0x0b
static const char *psb_test_status_to_string(uint32_t status)
{
switch (status) {
case PSB_TEST_STATUS_PASS:
return "Psb Test Status PASS";
case PSB_TEST_STATUS_FUSE_READ_ERR:
return "Error reading fuse info";
case PSB_TEST_STATUS_BIOS_KEY_BAD_USAGE:
return "OEM BIOS signing key usage flag violation";
case PSB_TEST_STATUS_BIOS_RTM_SIG_NOENT:
return "BIOS RTM signature entry not found";
case PSB_TEST_STATUS_BIOS_RTM_COPY_ERR:
return "BIOS copy to DRAM failed";
case PSB_TEST_STATUS_BIOS_RTM_BAD_SIG:
return "BIOS RTM signature verification failed";
case PSB_TEST_STATUS_BIOS_KEY_BAD_SIG:
return "OEM BIOS signing key failed signature verification";
case PSB_TEST_STATUS_PLATFORM_BAD_ID:
return "Platform vendor id and/or model id binding violation";
case PSB_TEST_STATUS_BIOS_COPY_BIT_UNSET:
return "BIOS copy bit unset for reset image";
case PSB_TEST_STATUS_BIOS_CA_BAD_SIG:
return "OEM BIOS signing CA key failed signature verification";
case PSB_TEST_STATUS_BIOS_CA_BAD_USAGE:
return "OEM BIOS signing CA key usage flag violation";
case PSB_TEST_STATUS_BIOS_KEY_BAD_REVISION:
return "OEM BIOS signing key revision violation";
default:
return "Unknown failure";
}
}
static const char *fuse_status_to_string(uint32_t status)
{
switch (status) {
case FUSE_STATUS_SUCCESS:
return "PSB Fusing completed successfully";
case FUSE_STATUS_NOT_ALLOWED:
return "Fusing not allowed or already done";
case FUSE_STATUS_FUSING_ERR:
return "Fuse programming failed";
case FUSE_STATUS_BOOT_DONE:
return "Issued after BOOT DONE";
default:
return "Unknown failure";
}
}
static enum cb_err get_psb_status(uint32_t *psb_status_value)
{
const uintptr_t psp_mmio = get_psp_mmio_base();
if (!psp_mmio) {
printk(BIOS_WARNING, "PSP: PSP_ADDR_MSR uninitialized\n");
return CB_ERR;
}
*psb_status_value = read32p(psp_mmio | PSB_STATUS_OFFSET);
return CB_SUCCESS;
}
/*
* Request Platform Secure Boot enablement via the PSP if it is not already
* enabled. Upon receiving this command, the PSP will program all PSB fuses
* so long as the BIOS signing key token is valid.
*/
static enum cb_err psb_enable(void)
{
uint32_t status;
struct mbox_default_buffer buffer = {
.header = {
.size = sizeof(buffer)
}
};
if (get_psb_status(&status) != CB_SUCCESS) {
printk(BIOS_ERR, "PSP: Failed to get base address.\n");
return CB_ERR;
}
printk(BIOS_INFO, "PSB: Status = %x\n", status);
if (status & FUSE_PLATFORM_SECURE_BOOT_EN) {
printk(BIOS_DEBUG, "PSB: Already enabled\n");
return CB_SUCCESS;
}
if (soc_read_c2p38(&status) != CB_SUCCESS) {
printk(BIOS_ERR, "PSP: Failed to get base address.\n");
return CB_ERR;
}
printk(BIOS_INFO, "PSB: HSTI = %x\n", status);
const uint32_t psb_test_status = status & PSB_TEST_STATUS_MASK;
if (psb_test_status != PSB_TEST_STATUS_PASS) {
printk(BIOS_ERR, "PSB: %s\n", psb_test_status_to_string(psb_test_status));
return CB_ERR;
}
if (!(status & PSB_FUSING_READY_MASK)) {
printk(BIOS_ERR, "PSB: Fusing not allowed\n");
return CB_ERR;
}
printk(BIOS_DEBUG, "PSB: Enable...\n");
const int cmd_status = send_psp_command(MBOX_BIOS_CMD_PSB_AUTO_FUSING, &buffer);
psp_print_cmd_status(cmd_status, &buffer.header);
if (cmd_status) {
printk(BIOS_ERR, "PSB: Fusing request failed: %d\n", cmd_status);
return CB_ERR;
}
const uint32_t fuse_status = read32(&buffer.header.status);
if (fuse_status != FUSE_STATUS_SUCCESS) {
printk(BIOS_ERR, "PSB: %s\n", fuse_status_to_string(fuse_status));
return CB_ERR;
}
printk(BIOS_NOTICE, "PSB: Rebooting\n");
cold_reset();
}
static void enable_secure_boot(void *unused)
{
/*
* Enable secure boot before loading payload. Psb fusing is done late in
* boot process to avoid any fuse access conflicts with other components
* which happens during boot process.
*/
if (psb_enable() == CB_ERR)
printk(BIOS_NOTICE, "Enabling PSB failed.\n");
}
BOOT_STATE_INIT_ENTRY(BS_PAYLOAD_LOAD, BS_ON_ENTRY, enable_secure_boot, NULL);
|
