From 2144057da82a4264eaea0707c9c9599c0857cec1 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Wed, 26 Jul 2023 17:54:35 +0200 Subject: [PATCH 01/21] Added option for authentication in stage1 --- arch.mk | 7 +++++++ hal/x86_fsp_qemu_stage1.ld.in | 7 ++++++- lib/wolfTPM | 2 +- src/boot_x86_fsp_start.S | 2 +- src/x86/tgl_fsp.c | 2 +- tools/scripts/qemu64/qemudbg.sh | 2 +- 6 files changed, 17 insertions(+), 5 deletions(-) diff --git a/arch.mk b/arch.mk index c75d8bad0..6aba9f6cb 100644 --- a/arch.mk +++ b/arch.mk @@ -501,6 +501,13 @@ ifeq ("${FSP}", "1") OBJS += src/pci.o OBJS += hal/x86_uart.o OBJS += src/string.o + ifeq ($(filter-out $(STAGE1_AUTH),1),) + OBJS += src/libwolfboot.o + OBJS += src/image.o + OBJS += src/keystore.o + OBJS += $(WOLFCRYPT_OBJS) + endif + CFLAGS += -fno-stack-protector -m32 -fno-PIC -fno-pie -mno-mmx -mno-sse -DDEBUG_UART ifeq ($(FSP_TGL), 1) OBJS+=src/x86/tgl_fsp.o diff --git a/hal/x86_fsp_qemu_stage1.ld.in b/hal/x86_fsp_qemu_stage1.ld.in index 1b73ba728..9a4ff5c75 100644 --- a/hal/x86_fsp_qemu_stage1.ld.in +++ b/hal/x86_fsp_qemu_stage1.ld.in @@ -1,5 +1,6 @@ FLASH_SIZE = @BOOTLOADER_PARTITION_SIZE@; FLASH_START = 0x100000000 - @BOOTLOADER_PARTITION_SIZE@; +BOOTLOADER_JUMP32_START = 0xfffff000; RESETVECTOR_START = 0xffffffec; FSP_T_BASE = @FSP_T_BASE@; /* default base:size 0xFFFFF000:0x3000 [0xfffff000:0x100002000] */ FSP_M_BASE = @FSP_M_BASE@; /* default base:size 0xfffdd000:0x22000 [0xfffdd000:0xfffff000] */ @@ -16,6 +17,11 @@ MEMORY SECTIONS { + .jmpto32 BOOTLOADER_JUMP32_START : + { + _off_boot = ABSOLUTE(.) & 0xffff; + KEEP(*(.jmpto32)) + } .reset_vector RESETVECTOR_START : { KEEP(*(.reset_vector)) @@ -23,7 +29,6 @@ SECTIONS .bootloader WOLFBOOT_ORIGIN : { - _off_boot = ABSOLUTE(.) & 0xffff; KEEP(*(.boot*)) *(.text*) *(.rodata*) diff --git a/lib/wolfTPM b/lib/wolfTPM index 50bf4beb0..cdff04859 160000 --- a/lib/wolfTPM +++ b/lib/wolfTPM @@ -1 +1 @@ -Subproject commit 50bf4beb08a0483d0bdaf181fd294a15d2e4ce4a +Subproject commit cdff048597c632399231df937c54f14f5505e0ce diff --git a/src/boot_x86_fsp_start.S b/src/boot_x86_fsp_start.S index 4e1beb5df..5e829a398 100644 --- a/src/boot_x86_fsp_start.S +++ b/src/boot_x86_fsp_start.S @@ -50,7 +50,7 @@ extern _off_boot extern _start_fsp_t extern TempRamInitParams extern start -[section .boot] +[section .jmpto32] ;; If the offset to the segment selector code_sel_long is changed, make sure to ;; update the corresponding code in src/x86/common.c accordingly. gdt: diff --git a/src/x86/tgl_fsp.c b/src/x86/tgl_fsp.c index c7c6d4ede..ffbbee619 100644 --- a/src/x86/tgl_fsp.c +++ b/src/x86/tgl_fsp.c @@ -110,7 +110,7 @@ __attribute__((__section__(".boot"))) const struct fit_table_entry fit_table[FIT }, }; -__attribute__((__section__(".boot"))) const +__attribute__((__section__(".jmpto32"))) const FSPT_UPD TempRamInitParams = { .FspUpdHeader = { .Signature = FSPT_UPD_SIGNATURE, diff --git a/tools/scripts/qemu64/qemudbg.sh b/tools/scripts/qemu64/qemudbg.sh index e7ab6863b..17f8b0de4 100755 --- a/tools/scripts/qemu64/qemudbg.sh +++ b/tools/scripts/qemu64/qemudbg.sh @@ -1,6 +1,6 @@ #!/bin/bash qemu-system-i386 -m 1G -machine q35 -serial mon:stdio -nographic \ - -pflash stage1/loader_stage1.bin -drive id=mydisk,format=raw,file=app.bin,if=none \g + -pflash stage1/loader_stage1.bin -drive id=mydisk,format=raw,file=app.bin,if=none \ -device ide-hd,drive=mydisk \ -S -s From 06b6c0103e079c902348eea8e18e2d6d29e2ecae Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Thu, 27 Jul 2023 09:39:53 +0200 Subject: [PATCH 02/21] Feature: verification of FSP images' signatures --- arch.mk | 4 ++ config/examples/x86_fsp_qemu.config | 3 +- hal/x86_fsp_qemu_stage1.ld.in | 17 ++++-- src/boot_x86_fsp.c | 85 +++++++++++++++++++++++++++++ src/image.c | 12 ++++ stage1/Makefile | 1 + stage1/x86_fsp.mk | 18 ++++++ 7 files changed, 135 insertions(+), 5 deletions(-) diff --git a/arch.mk b/arch.mk index 6aba9f6cb..160aabcfb 100644 --- a/arch.mk +++ b/arch.mk @@ -505,7 +505,11 @@ ifeq ("${FSP}", "1") OBJS += src/libwolfboot.o OBJS += src/image.o OBJS += src/keystore.o + OBJS += src/sig_fsp_m.o + OBJS += src/sig_fsp_s.o + OBJS += src/sig_fsp_t.o OBJS += $(WOLFCRYPT_OBJS) + CFLAGS+=-DSTAGE1_AUTH endif CFLAGS += -fno-stack-protector -m32 -fno-PIC -fno-pie -mno-mmx -mno-sse -DDEBUG_UART diff --git a/config/examples/x86_fsp_qemu.config b/config/examples/x86_fsp_qemu.config index 1833b423e..48b64c3b8 100644 --- a/config/examples/x86_fsp_qemu.config +++ b/config/examples/x86_fsp_qemu.config @@ -30,7 +30,7 @@ WOLFBOOT_DATA_ADDRESS=0x1000000 FSP_M_BASE=0xffe30000 FSP_S_BASE=0xffed6000 FSP_T_BASE=0xfffe0000 -WOLFBOOT_ORIGIN=0xffff0000 +WOLFBOOT_ORIGIN=0xfffa0000 LINUX_PAYLOAD=1 BOOTLOADER_PARTITION_SIZE=0xa0000 @@ -39,3 +39,4 @@ MACHINE_OBJ=src/x86/qemu_fsp.o FSP_T_BIN=./src/x86/fsp_t.bin FSP_M_BIN=./src/x86/fsp_m.bin FSP_S_BIN=./src/x86/fsp_s.bin +STAGE1_AUTH=1 diff --git a/hal/x86_fsp_qemu_stage1.ld.in b/hal/x86_fsp_qemu_stage1.ld.in index 9a4ff5c75..05a16a636 100644 --- a/hal/x86_fsp_qemu_stage1.ld.in +++ b/hal/x86_fsp_qemu_stage1.ld.in @@ -2,9 +2,9 @@ FLASH_SIZE = @BOOTLOADER_PARTITION_SIZE@; FLASH_START = 0x100000000 - @BOOTLOADER_PARTITION_SIZE@; BOOTLOADER_JUMP32_START = 0xfffff000; RESETVECTOR_START = 0xffffffec; -FSP_T_BASE = @FSP_T_BASE@; /* default base:size 0xFFFFF000:0x3000 [0xfffff000:0x100002000] */ -FSP_M_BASE = @FSP_M_BASE@; /* default base:size 0xfffdd000:0x22000 [0xfffdd000:0xfffff000] */ -FSP_S_BASE = @FSP_S_BASE@; /* default base:size 0xfffc8000:0x15000 [0xfffdd000:0xfffdd000] */ +FSP_T_BASE = @FSP_T_BASE@ - 0x1000; /* default base:size 0xFFFFF000:0x3000 [0xfffff000:0x100002000] */ +FSP_M_BASE = @FSP_M_BASE@ - 0x1000; /* default base:size 0xfffdd000:0x22000 [0xfffdd000:0xfffff000] */ +FSP_S_BASE = @FSP_S_BASE@ - 0x1000; /* default base:size 0xfffc8000:0x15000 [0xfffdd000:0xfffdd000] */ WOLFBOOT_LOAD_BASE = @WOLFBOOT_LOAD_BASE@; WOLFBOOT_ORIGIN = @WOLFBOOT_ORIGIN@; OUTPUT_FORMAT(elf32-i386) @@ -34,7 +34,7 @@ SECTIONS *(.rodata*) *(.eh_frame*) *(.data*) - . = ALIGN(4); + . = ALIGN(256); } .wolfboot FLASH_START : @@ -47,18 +47,27 @@ SECTIONS .fsp_t FSP_T_BASE : AT(FSP_T_BASE) { + . += 0x0F00; + _fsp_t_hdr = .; + KEEP(*(.sig_fsp_t*)) _start_fsp_t = .; *(.fsp_t) } .fsp_s FSP_S_BASE : { + . += 0x0F00; + _fsp_s_hdr = .; + KEEP(*(.sig_fsp_s*)) _start_fsp_s = .; *(.fsp_s) } .fsp_m FSP_M_BASE : { + . += 0x0F00; + _fsp_m_hdr = .; + KEEP(*(.sig_fsp_m*)) _start_fsp_m = .; *(.fsp_m) } diff --git a/src/boot_x86_fsp.c b/src/boot_x86_fsp.c index b7689812b..eb1cc160b 100644 --- a/src/boot_x86_fsp.c +++ b/src/boot_x86_fsp.c @@ -35,8 +35,24 @@ #include #include +#ifdef STAGE1_AUTH +#include "wolfboot/wolfboot.h" +#include "image.h" +#endif + #define WOLFBOOT_X86_STACK_SIZE 0x10000 + +#ifndef STAGE1_AUTH +/* When STAGE1_AUTH is disabled, create dummy images to fill + * the space used by wolfBoot manifest headers to authenticate FSPs + */ +#define HEADER_SIZE 0x100 +const uint8_t __attribute__((section(".sig_fsp_t"))) empty_sig_fsp_t[HEADER_SIZE]; +const uint8_t __attribute__((section(".sig_fsp_m"))) empty_sig_fsp_m[HEADER_SIZE]; +const uint8_t __attribute__((section(".sig_fsp_s"))) empty_sig_fsp_s[HEADER_SIZE]; +#endif + /* info can be retrieved from the CfgRegionSize of FSP info header. we need to * know this at compile time because to make things simpler we want to use the * stack to store the parameters and we don't want to include machine specific @@ -80,6 +96,9 @@ int post_temp_ram_init_cb(void); extern uint8_t _start_fsp_t[]; extern uint8_t _start_fsp_m[]; extern uint8_t _start_fsp_s[]; +extern uint8_t _fsp_t_hdr[]; +extern uint8_t _fsp_m_hdr[]; +extern uint8_t _fsp_s_hdr[]; extern uint8_t _wolfboot_flash_start[]; extern uint8_t _wolfboot_flash_end[]; extern uint8_t wb_end_bss[], wb_start_bss[]; @@ -172,6 +191,72 @@ static void memory_ready_entry(void *ptr) unsigned int i; int ret; +#ifdef STAGE1_AUTH + struct wolfBoot_image fsp_m, fsp_t, fsp_s; + + /* Verify FSP_M */ + ret = wolfBoot_open_image_address(&fsp_m, _fsp_m_hdr); + if (ret < 0) { + wolfBoot_printf("Failed to open FSP_M image" ENDLINE); + panic(); + } + wolfBoot_printf("FSP_M open successfully." ENDLINE); + ret = wolfBoot_verify_integrity(&fsp_m); + if (ret < 0) { + wolfBoot_printf("Failed integrity check on FSP_M" ENDLINE); + panic(); + } + wolfBoot_printf("FSP_M is valid. Checking signature." ENDLINE); + ret = wolfBoot_verify_authenticity(&fsp_m); + if (ret < 0) { + wolfBoot_printf("Failed signature check on FSP_M" ENDLINE); + panic(); + } + wolfBoot_printf("FSP_M: verified OK." ENDLINE); + + /* Verify FSP_T */ + ret = wolfBoot_open_image_address(&fsp_m, _fsp_m_hdr); + ret = wolfBoot_open_image_address(&fsp_t, _fsp_t_hdr); + if (ret < 0) { + wolfBoot_printf("Failed to open FSP_T image" ENDLINE); + panic(); + } + wolfBoot_printf("FSP_T open successfully." ENDLINE); + ret = wolfBoot_verify_integrity(&fsp_t); + if (ret < 0) { + wolfBoot_printf("Failed integrity check on FSP_T" ENDLINE); + panic(); + } + wolfBoot_printf("FSP_T is valid. Checking signature." ENDLINE); + ret = wolfBoot_verify_authenticity(&fsp_t); + if (ret < 0) { + wolfBoot_printf("Failed signature check on FSP_T" ENDLINE); + panic(); + } + wolfBoot_printf("FSP_T: verified OK." ENDLINE); + + /* Verify FSP_S */ + ret = wolfBoot_open_image_address(&fsp_s, _fsp_s_hdr); + if (ret < 0) { + wolfBoot_printf("Failed to open FSP_S image" ENDLINE); + panic(); + } + wolfBoot_printf("FSP_S open successfully." ENDLINE); + ret = wolfBoot_verify_integrity(&fsp_s); + if (ret < 0) { + wolfBoot_printf("Failed integrity check on FSP_S" ENDLINE); + panic(); + } + wolfBoot_printf("FSP_S is valid. Checking signature." ENDLINE); + ret = wolfBoot_verify_authenticity(&fsp_s); + if (ret < 0) { + wolfBoot_printf("Failed signature check on FSP_S" ENDLINE); + panic(); + } + wolfBoot_printf("FSP_S: verified OK." ENDLINE); + +#endif + fsp_info_header = (struct fsp_info_header *)(_start_fsp_m + FSP_INFO_HEADER_OFFSET); TempRamExit = (temp_ram_exit_cb)(_start_fsp_m + diff --git a/src/image.c b/src/image.c index 70749a5bc..4fda57c56 100644 --- a/src/image.c +++ b/src/image.c @@ -959,6 +959,10 @@ int wolfBoot_verify_integrity(struct wolfBoot_image *img) { uint8_t *stored_sha; uint16_t stored_sha_len; +#ifdef STAGE1_AUTH + /* Override global */ + uint8_t digest[WOLFBOOT_SHA_DIGEST_SIZE]; +#endif stored_sha_len = get_header(img, WOLFBOOT_SHA_HDR, &stored_sha); if (stored_sha_len != WOLFBOOT_SHA_DIGEST_SIZE) return -1; @@ -999,6 +1003,10 @@ int wolfBoot_verify_authenticity(struct wolfBoot_image *img) uint32_t key_mask = 0U; uint32_t image_part = 1U; int key_slot; +#ifdef STAGE1_AUTH + /* Override global */ + uint8_t digest[WOLFBOOT_SHA_DIGEST_SIZE]; +#endif stored_signature_size = get_header(img, HDR_SIGNATURE, &stored_signature); if (stored_signature_size != IMAGE_SIGNATURE_SIZE) @@ -1068,6 +1076,10 @@ uint8_t* wolfBoot_peek_image(struct wolfBoot_image *img, uint32_t offset, #ifndef WOLFBOOT_NO_SIGN static int keyslot_id_by_sha(const uint8_t *hint) { +#ifdef STAGE1_AUTH + /* Override global */ + uint8_t digest[WOLFBOOT_SHA_DIGEST_SIZE]; +#endif int id = 0; for (id = 0; id < keystore_num_pubkeys(); id++) { diff --git a/stage1/Makefile b/stage1/Makefile index c95d0af38..46336c1f1 100644 --- a/stage1/Makefile +++ b/stage1/Makefile @@ -180,6 +180,7 @@ $(BUILD_DIR)/%.o: ../hal/%.S clean: $(Q)rm -f *.o + $(Q)rm -f *.bin $(Q)rm -f loader_stage1.bin loader_stage1.elf loader_stage1.map $(LSCRIPT) FORCE: diff --git a/stage1/x86_fsp.mk b/stage1/x86_fsp.mk index b6cfc9596..8038f4a53 100644 --- a/stage1/x86_fsp.mk +++ b/stage1/x86_fsp.mk @@ -1,3 +1,9 @@ +SIGN_TOOL?=../tools/keytools/sign +SIGN_OPTIONS?=--ecc256 --sha256 +SIGN_KEY?=../wolfboot_signing_private_key.der +X86FSP_PATH?=../src/x86 + + $(LSCRIPT_IN): $(WOLFBOOT_ROOT)/hal/$(LSCRIPT_IN).in FORCE @cat $(WOLFBOOT_ROOT)/hal/$(LSCRIPT_IN).in | \ sed -e "s/@FSP_T_BASE@/$(FSP_T_BASE)/g" | \ @@ -14,13 +20,25 @@ $(LSCRIPT_IN): $(WOLFBOOT_ROOT)/hal/$(LSCRIPT_IN).in FORCE $(Q)nasm -f elf32 -o $@ $^ fsp_t.o: ../$(FSP_T_BIN) + $(SIGN_TOOL) $(SIGN_OPTIONS) $^ $(SIGN_KEY) 1 + @dd if=$(X86FSP_PATH)/fsp_t_v1_signed.bin of=$(X86FSP_PATH)/fsp_t_signature.bin bs=256 count=1 + $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.sig_fsp_t $(X86FSP_PATH)/fsp_t_signature.bin sig_fsp_t.o $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.fsp_t $^ $@ + @rm -f $(X86FSP_PATH)/fsp_t_v1_signed.bin $(X86FSP_PATH)/fsp_t_signature.bin fsp_m.o: ../$(FSP_M_BIN) + $(SIGN_TOOL) $(SIGN_OPTIONS) $^ $(SIGN_KEY) 1 + @dd if=$(X86FSP_PATH)/fsp_m_v1_signed.bin of=$(X86FSP_PATH)/fsp_m_signature.bin bs=256 count=1 + $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.sig_fsp_m $(X86FSP_PATH)/fsp_m_signature.bin sig_fsp_m.o $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.fsp_m $^ $@ + @rm -f $(X86FSP_PATH)/fsp_m_v1_signed.bin $(X86FSP_PATH)/fsp_m_signature.bin fsp_s.o: ../$(FSP_S_BIN) + $(SIGN_TOOL) $(SIGN_OPTIONS) $^ $(SIGN_KEY) 1 + @dd if=$(X86FSP_PATH)/fsp_s_v1_signed.bin of=$(X86FSP_PATH)/fsp_s_signature.bin bs=256 count=1 + $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.sig_fsp_s $(X86FSP_PATH)/fsp_s_signature.bin sig_fsp_s.o $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.fsp_s $^ $@ + @rm -f $(X86FSP_PATH)/fsp_s_v1_signed.bin $(X86FSP_PATH)/fsp_s_signature.bin wolfboot_raw.bin: ../wolfboot.elf $(Q)$(OBJCOPY) -j .text -O binary $^ $@ From 82bf6c76c6734ceb9ff1d5beebdb8efb93809ab8 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Thu, 27 Jul 2023 10:16:07 +0200 Subject: [PATCH 03/21] Removed hardcoded manifest header size --- hal/x86_fsp_qemu_stage1.ld.in | 8 +++++--- src/boot_x86_fsp.c | 4 +--- stage1/Makefile | 3 ++- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/hal/x86_fsp_qemu_stage1.ld.in b/hal/x86_fsp_qemu_stage1.ld.in index 05a16a636..70b997711 100644 --- a/hal/x86_fsp_qemu_stage1.ld.in +++ b/hal/x86_fsp_qemu_stage1.ld.in @@ -7,6 +7,8 @@ FSP_M_BASE = @FSP_M_BASE@ - 0x1000; /* default base:size 0xfffdd000:0x22000 [0xf FSP_S_BASE = @FSP_S_BASE@ - 0x1000; /* default base:size 0xfffc8000:0x15000 [0xfffdd000:0xfffdd000] */ WOLFBOOT_LOAD_BASE = @WOLFBOOT_LOAD_BASE@; WOLFBOOT_ORIGIN = @WOLFBOOT_ORIGIN@; +IMAGE_HEADER_SIZE = @IMAGE_HEADER_SIZE@; +PRE_HEADER_FILL_SIZE = 0x1000 - IMAGE_HEADER_SIZE; OUTPUT_FORMAT(elf32-i386) MEMORY @@ -47,7 +49,7 @@ SECTIONS .fsp_t FSP_T_BASE : AT(FSP_T_BASE) { - . += 0x0F00; + . += PRE_HEADER_FILL_SIZE; _fsp_t_hdr = .; KEEP(*(.sig_fsp_t*)) _start_fsp_t = .; @@ -56,7 +58,7 @@ SECTIONS .fsp_s FSP_S_BASE : { - . += 0x0F00; + . += PRE_HEADER_FILL_SIZE; _fsp_s_hdr = .; KEEP(*(.sig_fsp_s*)) _start_fsp_s = .; @@ -65,7 +67,7 @@ SECTIONS .fsp_m FSP_M_BASE : { - . += 0x0F00; + . += PRE_HEADER_FILL_SIZE; _fsp_m_hdr = .; KEEP(*(.sig_fsp_m*)) _start_fsp_m = .; diff --git a/src/boot_x86_fsp.c b/src/boot_x86_fsp.c index eb1cc160b..695ba8d96 100644 --- a/src/boot_x86_fsp.c +++ b/src/boot_x86_fsp.c @@ -35,10 +35,8 @@ #include #include -#ifdef STAGE1_AUTH #include "wolfboot/wolfboot.h" #include "image.h" -#endif #define WOLFBOOT_X86_STACK_SIZE 0x10000 @@ -47,7 +45,7 @@ /* When STAGE1_AUTH is disabled, create dummy images to fill * the space used by wolfBoot manifest headers to authenticate FSPs */ -#define HEADER_SIZE 0x100 +#define HEADER_SIZE IMAGE_HEADER_SIZE const uint8_t __attribute__((section(".sig_fsp_t"))) empty_sig_fsp_t[HEADER_SIZE]; const uint8_t __attribute__((section(".sig_fsp_m"))) empty_sig_fsp_m[HEADER_SIZE]; const uint8_t __attribute__((section(".sig_fsp_s"))) empty_sig_fsp_s[HEADER_SIZE]; diff --git a/stage1/Makefile b/stage1/Makefile index 46336c1f1..f11d408a2 100644 --- a/stage1/Makefile +++ b/stage1/Makefile @@ -135,7 +135,8 @@ $(LSCRIPT): $(LSCRIPT_IN) FORCE sed -e "s/@WOLFBOOT_STAGE1_SIZE@/$(WOLFBOOT_STAGE1_SIZE)/g" | \ sed -e "s/@WOLFBOOT_STAGE1_LOAD_ADDR@/$(WOLFBOOT_STAGE1_LOAD_ADDR)/g" | \ sed -e "s/@WOLFBOOT_STAGE1_FLASH_ADDR@/$(WOLFBOOT_STAGE1_FLASH_ADDR)/g" | \ - sed -e "s/@WOLFBOOT_STAGE1_BASE_ADDR@/$(WOLFBOOT_STAGE1_BASE_ADDR)/g" \ + sed -e "s/@WOLFBOOT_STAGE1_BASE_ADDR@/$(WOLFBOOT_STAGE1_BASE_ADDR)/g" | \ + sed -e "s/@IMAGE_HEADER_SIZE@/$(IMAGE_HEADER_SIZE)/g" \ > $@ %.hex:%.elf From 0a56a70872e0e873cd4e00d1436af87497602433 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Thu, 27 Jul 2023 10:33:28 +0200 Subject: [PATCH 04/21] FSP_T auth: removed. FSP_M/S auth: before use --- arch.mk | 1 - hal/x86_fsp_qemu_stage1.ld.in | 5 +- src/boot_x86_fsp.c | 92 +++++++++++++++-------------------- stage1/x86_fsp.mk | 4 -- 4 files changed, 39 insertions(+), 63 deletions(-) diff --git a/arch.mk b/arch.mk index 160aabcfb..302af4349 100644 --- a/arch.mk +++ b/arch.mk @@ -507,7 +507,6 @@ ifeq ("${FSP}", "1") OBJS += src/keystore.o OBJS += src/sig_fsp_m.o OBJS += src/sig_fsp_s.o - OBJS += src/sig_fsp_t.o OBJS += $(WOLFCRYPT_OBJS) CFLAGS+=-DSTAGE1_AUTH endif diff --git a/hal/x86_fsp_qemu_stage1.ld.in b/hal/x86_fsp_qemu_stage1.ld.in index 70b997711..21f67e39b 100644 --- a/hal/x86_fsp_qemu_stage1.ld.in +++ b/hal/x86_fsp_qemu_stage1.ld.in @@ -2,7 +2,7 @@ FLASH_SIZE = @BOOTLOADER_PARTITION_SIZE@; FLASH_START = 0x100000000 - @BOOTLOADER_PARTITION_SIZE@; BOOTLOADER_JUMP32_START = 0xfffff000; RESETVECTOR_START = 0xffffffec; -FSP_T_BASE = @FSP_T_BASE@ - 0x1000; /* default base:size 0xFFFFF000:0x3000 [0xfffff000:0x100002000] */ +FSP_T_BASE = @FSP_T_BASE@; /* default base:size 0xFFFFF000:0x3000 [0xfffff000:0x100002000] */ FSP_M_BASE = @FSP_M_BASE@ - 0x1000; /* default base:size 0xfffdd000:0x22000 [0xfffdd000:0xfffff000] */ FSP_S_BASE = @FSP_S_BASE@ - 0x1000; /* default base:size 0xfffc8000:0x15000 [0xfffdd000:0xfffdd000] */ WOLFBOOT_LOAD_BASE = @WOLFBOOT_LOAD_BASE@; @@ -49,9 +49,6 @@ SECTIONS .fsp_t FSP_T_BASE : AT(FSP_T_BASE) { - . += PRE_HEADER_FILL_SIZE; - _fsp_t_hdr = .; - KEEP(*(.sig_fsp_t*)) _start_fsp_t = .; *(.fsp_t) } diff --git a/src/boot_x86_fsp.c b/src/boot_x86_fsp.c index 695ba8d96..0e28a547b 100644 --- a/src/boot_x86_fsp.c +++ b/src/boot_x86_fsp.c @@ -46,7 +46,6 @@ * the space used by wolfBoot manifest headers to authenticate FSPs */ #define HEADER_SIZE IMAGE_HEADER_SIZE -const uint8_t __attribute__((section(".sig_fsp_t"))) empty_sig_fsp_t[HEADER_SIZE]; const uint8_t __attribute__((section(".sig_fsp_m"))) empty_sig_fsp_m[HEADER_SIZE]; const uint8_t __attribute__((section(".sig_fsp_s"))) empty_sig_fsp_s[HEADER_SIZE]; #endif @@ -188,51 +187,21 @@ static void memory_ready_entry(void *ptr) uint32_t status; unsigned int i; int ret; - #ifdef STAGE1_AUTH - struct wolfBoot_image fsp_m, fsp_t, fsp_s; - - /* Verify FSP_M */ - ret = wolfBoot_open_image_address(&fsp_m, _fsp_m_hdr); - if (ret < 0) { - wolfBoot_printf("Failed to open FSP_M image" ENDLINE); - panic(); - } - wolfBoot_printf("FSP_M open successfully." ENDLINE); - ret = wolfBoot_verify_integrity(&fsp_m); - if (ret < 0) { - wolfBoot_printf("Failed integrity check on FSP_M" ENDLINE); - panic(); - } - wolfBoot_printf("FSP_M is valid. Checking signature." ENDLINE); - ret = wolfBoot_verify_authenticity(&fsp_m); - if (ret < 0) { - wolfBoot_printf("Failed signature check on FSP_M" ENDLINE); - panic(); - } - wolfBoot_printf("FSP_M: verified OK." ENDLINE); + struct wolfBoot_image fsp_s; +#endif - /* Verify FSP_T */ - ret = wolfBoot_open_image_address(&fsp_m, _fsp_m_hdr); - ret = wolfBoot_open_image_address(&fsp_t, _fsp_t_hdr); - if (ret < 0) { - wolfBoot_printf("Failed to open FSP_T image" ENDLINE); - panic(); - } - wolfBoot_printf("FSP_T open successfully." ENDLINE); - ret = wolfBoot_verify_integrity(&fsp_t); - if (ret < 0) { - wolfBoot_printf("Failed integrity check on FSP_T" ENDLINE); - panic(); - } - wolfBoot_printf("FSP_T is valid. Checking signature." ENDLINE); - ret = wolfBoot_verify_authenticity(&fsp_t); - if (ret < 0) { - wolfBoot_printf("Failed signature check on FSP_T" ENDLINE); + fsp_info_header = + (struct fsp_info_header *)(_start_fsp_m + FSP_INFO_HEADER_OFFSET); + TempRamExit = (temp_ram_exit_cb)(_start_fsp_m + + fsp_info_header->TempRamExitEntryOffset); + status = TempRamExit(NULL); + if (status != EFI_SUCCESS) { + wolfBoot_printf("temp ram exit failed" ENDLINE); panic(); } - wolfBoot_printf("FSP_T: verified OK." ENDLINE); +#ifdef STAGE1_AUTH /* Verify FSP_S */ ret = wolfBoot_open_image_address(&fsp_s, _fsp_s_hdr); if (ret < 0) { @@ -252,19 +221,8 @@ static void memory_ready_entry(void *ptr) panic(); } wolfBoot_printf("FSP_S: verified OK." ENDLINE); - #endif - fsp_info_header = - (struct fsp_info_header *)(_start_fsp_m + FSP_INFO_HEADER_OFFSET); - TempRamExit = (temp_ram_exit_cb)(_start_fsp_m + - fsp_info_header->TempRamExitEntryOffset); - status = TempRamExit(NULL); - if (status != EFI_SUCCESS) { - wolfBoot_printf("temp ram exit failed" ENDLINE); - panic(); - } - memcpy(silicon_init_parameter, _start_fsp_s + fsp_info_header->CfgRegionOffset, FSP_S_PARAM_SIZE); status = fsp_machine_update_s_parameters(silicon_init_parameter); @@ -337,6 +295,11 @@ void start(uint32_t stack_base, uint32_t stack_top, uint64_t timestamp, uint16_t type; uint32_t esp; +#ifdef STAGE1_AUTH + int ret; + struct wolfBoot_image fsp_m; +#endif + (void)stack_top; (void)timestamp; (void)bist; @@ -346,8 +309,30 @@ void start(uint32_t stack_base, uint32_t stack_top, uint64_t timestamp, wolfBoot_printf("post temp ram init cb failed" ENDLINE); panic(); } - wolfBoot_printf("Cache-as-RAM initialized" ENDLINE); + +#ifdef STAGE1_AUTH + /* Verify FSP_M */ + ret = wolfBoot_open_image_address(&fsp_m, _fsp_m_hdr); + if (ret < 0) { + wolfBoot_printf("Failed to open FSP_M image" ENDLINE); + panic(); + } + wolfBoot_printf("FSP_M open successfully." ENDLINE); + ret = wolfBoot_verify_integrity(&fsp_m); + if (ret < 0) { + wolfBoot_printf("Failed integrity check on FSP_M" ENDLINE); + panic(); + } + wolfBoot_printf("FSP_M is valid. Checking signature." ENDLINE); + ret = wolfBoot_verify_authenticity(&fsp_m); + if (ret < 0) { + wolfBoot_printf("Failed signature check on FSP_M" ENDLINE); + panic(); + } + wolfBoot_printf("FSP_M: verified OK." ENDLINE); +#endif + fsp_m_info_header = (struct fsp_info_header *)(_start_fsp_m + FSP_INFO_HEADER_OFFSET); udp_m_default = _start_fsp_m + fsp_m_info_header->CfgRegionOffset; @@ -369,7 +354,6 @@ void start(uint32_t stack_base, uint32_t stack_top, uint64_t timestamp, } wolfBoot_printf("calling FspMemInit..." ENDLINE); - /* enable_dram_scratch_bit(); */ MemoryInit = (memory_init_cb)(_start_fsp_m + fsp_m_info_header->FspMemoryInitEntryOffset); status = MemoryInit((void *)udp_m_parameter, &hobList); diff --git a/stage1/x86_fsp.mk b/stage1/x86_fsp.mk index 8038f4a53..1c3fdc553 100644 --- a/stage1/x86_fsp.mk +++ b/stage1/x86_fsp.mk @@ -20,11 +20,7 @@ $(LSCRIPT_IN): $(WOLFBOOT_ROOT)/hal/$(LSCRIPT_IN).in FORCE $(Q)nasm -f elf32 -o $@ $^ fsp_t.o: ../$(FSP_T_BIN) - $(SIGN_TOOL) $(SIGN_OPTIONS) $^ $(SIGN_KEY) 1 - @dd if=$(X86FSP_PATH)/fsp_t_v1_signed.bin of=$(X86FSP_PATH)/fsp_t_signature.bin bs=256 count=1 - $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.sig_fsp_t $(X86FSP_PATH)/fsp_t_signature.bin sig_fsp_t.o $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.fsp_t $^ $@ - @rm -f $(X86FSP_PATH)/fsp_t_v1_signed.bin $(X86FSP_PATH)/fsp_t_signature.bin fsp_m.o: ../$(FSP_M_BIN) $(SIGN_TOOL) $(SIGN_OPTIONS) $^ $(SIGN_KEY) 1 From 02dfec6fac6c48546ff8a23c3fb47bab2d31d8a8 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Thu, 27 Jul 2023 14:45:59 +0200 Subject: [PATCH 05/21] Added wolfBoot authentication in stage1 --- Makefile | 3 ++- arch.mk | 1 + hal/x86_fsp_qemu.ld.in | 2 +- hal/x86_fsp_qemu_stage1.ld.in | 2 ++ src/boot_x86_fsp.c | 42 +++++++++++++++++++++++++++++------ stage1/x86_fsp.mk | 3 +++ 6 files changed, 44 insertions(+), 9 deletions(-) diff --git a/Makefile b/Makefile index e556a7e64..d70fe6c4a 100644 --- a/Makefile +++ b/Makefile @@ -231,7 +231,8 @@ $(LSCRIPT): $(LSCRIPT_IN) FORCE sed -e "s/@WOLFBOOT_STAGE1_FLASH_ADDR@/$(WOLFBOOT_STAGE1_FLASH_ADDR)/g" | \ sed -e "s/@WOLFBOOT_STAGE1_BASE_ADDR@/$(WOLFBOOT_STAGE1_BASE_ADDR)/g" | \ sed -e "s/@WOLFBOOT_LOAD_BASE@/$(WOLFBOOT_LOAD_BASE)/g" | \ - sed -e "s/@BOOTLOADER_START@/$(BOOTLOADER_START)/g" \ + sed -e "s/@BOOTLOADER_START@/$(BOOTLOADER_START)/g" | \ + sed -e "s/@IMAGE_HEADER_SIZE@/$(IMAGE_HEADER_SIZE)/g" \ > $@ hex: wolfboot.hex diff --git a/arch.mk b/arch.mk index 302af4349..4ae577cb8 100644 --- a/arch.mk +++ b/arch.mk @@ -506,6 +506,7 @@ ifeq ("${FSP}", "1") OBJS += src/image.o OBJS += src/keystore.o OBJS += src/sig_fsp_m.o + OBJS += src/sig_wolfboot_raw.o OBJS += src/sig_fsp_s.o OBJS += $(WOLFCRYPT_OBJS) CFLAGS+=-DSTAGE1_AUTH diff --git a/hal/x86_fsp_qemu.ld.in b/hal/x86_fsp_qemu.ld.in index 5e65b15ee..15c2e3c35 100644 --- a/hal/x86_fsp_qemu.ld.in +++ b/hal/x86_fsp_qemu.ld.in @@ -1,5 +1,5 @@ MEM_SIZE = 536870912; -WOLFBOOT_LOAD_BASE = @WOLFBOOT_LOAD_BASE@; +WOLFBOOT_LOAD_BASE = @WOLFBOOT_LOAD_BASE@ + @IMAGE_HEADER_SIZE@; MEMORY { diff --git a/hal/x86_fsp_qemu_stage1.ld.in b/hal/x86_fsp_qemu_stage1.ld.in index 21f67e39b..56eccbbff 100644 --- a/hal/x86_fsp_qemu_stage1.ld.in +++ b/hal/x86_fsp_qemu_stage1.ld.in @@ -41,7 +41,9 @@ SECTIONS .wolfboot FLASH_START : { + . += PRE_HEADER_FILL_SIZE; _wolfboot_flash_start = .; + KEEP(*(.sig_wolfboot_raw*)) *(.wolfboot) _wolfboot_flash_end = .; } diff --git a/src/boot_x86_fsp.c b/src/boot_x86_fsp.c index 0e28a547b..4e605162b 100644 --- a/src/boot_x86_fsp.c +++ b/src/boot_x86_fsp.c @@ -46,8 +46,12 @@ * the space used by wolfBoot manifest headers to authenticate FSPs */ #define HEADER_SIZE IMAGE_HEADER_SIZE -const uint8_t __attribute__((section(".sig_fsp_m"))) empty_sig_fsp_m[HEADER_SIZE]; -const uint8_t __attribute__((section(".sig_fsp_s"))) empty_sig_fsp_s[HEADER_SIZE]; +const uint8_t __attribute__((section(".sig_fsp_m"))) + empty_sig_fsp_m[HEADER_SIZE] = {}; +const uint8_t __attribute__((section(".sig_fsp_s"))) + empty_sig_fsp_s[HEADER_SIZE] = {}; +const uint8_t __attribute__((section(".sig_wolfboot_raw"))) + empty_sig_wolfboot_raw[HEADER_SIZE] = {}; #endif /* info can be retrieved from the CfgRegionSize of FSP info header. we need to @@ -93,7 +97,6 @@ int post_temp_ram_init_cb(void); extern uint8_t _start_fsp_t[]; extern uint8_t _start_fsp_m[]; extern uint8_t _start_fsp_s[]; -extern uint8_t _fsp_t_hdr[]; extern uint8_t _fsp_m_hdr[]; extern uint8_t _fsp_s_hdr[]; extern uint8_t _wolfboot_flash_start[]; @@ -128,10 +131,9 @@ static void change_stack_and_invoke(uint32_t new_stack, : "%eax"); } -static void load_wolfboot() +static void load_wolfboot(void) { size_t wolfboot_size, bss_size; - wolfBoot_printf("loading wolfboot at %x..." ENDLINE, (uint32_t)WOLFBOOT_LOAD_BASE); wolfboot_size = _wolfboot_flash_end - _wolfboot_flash_start; @@ -140,6 +142,7 @@ static void load_wolfboot() bss_size = wb_end_bss - wb_start_bss; memset(wb_start_bss, 0, bss_size); wolfBoot_printf("load wolfboot end" ENDLINE); + } extern uint8_t _stage2_params[]; @@ -150,7 +153,7 @@ static void set_stage2_parameter(struct stage2_parameter *p) } #ifdef WOLFBOOT_64BIT -static void jump_into_wolfboot() +static void jump_into_wolfboot(void) { struct stage2_parameter *params = (struct stage2_parameter*)_stage2_params; uint32_t cr3; @@ -184,11 +187,13 @@ static void memory_ready_entry(void *ptr) silicon_init_cb SiliconInit; notify_phase_cb notifyPhase; NOTIFY_PHASE_PARAMS param; + uint32_t info[4]; uint32_t status; unsigned int i; int ret; #ifdef STAGE1_AUTH struct wolfBoot_image fsp_s; + struct wolfBoot_image wolfboot_raw; #endif fsp_info_header = @@ -260,10 +265,33 @@ static void memory_ready_entry(void *ptr) wolfBoot_printf("failed %d: %x\n", __LINE__, status); panic(); } - uint32_t info[4]; cpuid(0, &info[0], &info[1], &info[2], NULL); wolfBoot_printf("CPUID(0):%x %x %x\r\n", info[0], info[1], info[2]); load_wolfboot(); + +#ifdef STAGE1_AUTH + /* Verify wolfBoot */ + wolfBoot_printf("Authenticating wolfboot at %x..." ENDLINE, + WOLFBOOT_LOAD_BASE); + ret = wolfBoot_open_image_address(&wolfboot_raw, (void *)WOLFBOOT_LOAD_BASE); + if (ret < 0) { + wolfBoot_printf("Failed to open wolfBoot image" ENDLINE); + panic(); + } + wolfBoot_printf("wolfBoot open successfully." ENDLINE); + ret = wolfBoot_verify_integrity(&wolfboot_raw); + if (ret < 0) { + wolfBoot_printf("Failed integrity check on wolfBoot" ENDLINE); + panic(); + } + wolfBoot_printf("wolfBoot is valid. Checking signature." ENDLINE); + ret = wolfBoot_verify_authenticity(&wolfboot_raw); + if (ret < 0) { + wolfBoot_printf("Failed signature check on wolfBoot" ENDLINE); + panic(); + } + wolfBoot_printf("wolfBoot: verified OK." ENDLINE); +#endif set_stage2_parameter(stage2_params); jump_into_wolfboot(); } diff --git a/stage1/x86_fsp.mk b/stage1/x86_fsp.mk index 1c3fdc553..07389be72 100644 --- a/stage1/x86_fsp.mk +++ b/stage1/x86_fsp.mk @@ -40,6 +40,9 @@ wolfboot_raw.bin: ../wolfboot.elf $(Q)$(OBJCOPY) -j .text -O binary $^ $@ wolfboot_raw.o: wolfboot_raw.bin + $(SIGN_TOOL) $(SIGN_OPTIONS) $^ $(SIGN_KEY) 1 + @dd if=wolfboot_raw_v1_signed.bin of=wolfboot_raw_signature.bin bs=256 count=1 + $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.sig_wolfboot_raw wolfboot_raw_signature.bin sig_wolfboot_raw.o $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.wolfboot $^ $@ fsp_tgl_s_upd.o: ../$(FSP_S_UPD_DATA_BIN) From 7712a3863914d916e9394d28119bd6be09a02c6e Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Thu, 27 Jul 2023 15:56:41 +0200 Subject: [PATCH 06/21] Load FSP_S and FSP_M to RAM before auth --- arch.mk | 2 + hal/x86_fsp_qemu_stage1.ld.in | 2 + src/boot_x86_fsp.c | 55 ++++++++++++++++++++-------- tools/x86_fsp/qemu/qemu_build_fsp.sh | 17 ++++++--- 4 files changed, 55 insertions(+), 21 deletions(-) diff --git a/arch.mk b/arch.mk index 4ae577cb8..14761be0e 100644 --- a/arch.mk +++ b/arch.mk @@ -490,6 +490,8 @@ ifeq ("${FSP}", "1") --defsym wb_end_bss=`grep _end_bss ../wolfboot.map | awk '{print $$1}'` \ --defsym _stage2_params=`grep _stage2_params ../wolfboot.map | awk '{print $$1}'` LDFLAGS += --no-gc-sections --print-gc-sections -T $(LSCRIPT) -m elf_i386 -Map=loader.map + CFLAGS+=-DFSP_M_LOAD_BASE=$(FSP_M_LOAD_BASE) + CFLAGS+=-DFSP_S_LOAD_BASE=$(FSP_S_LOAD_BASE) OBJS += src/boot_x86_fsp.o OBJS += src/boot_x86_fsp_start.o OBJS += src/fsp_m.o diff --git a/hal/x86_fsp_qemu_stage1.ld.in b/hal/x86_fsp_qemu_stage1.ld.in index 56eccbbff..28d86e941 100644 --- a/hal/x86_fsp_qemu_stage1.ld.in +++ b/hal/x86_fsp_qemu_stage1.ld.in @@ -62,6 +62,7 @@ SECTIONS KEEP(*(.sig_fsp_s*)) _start_fsp_s = .; *(.fsp_s) + _end_fsp_s = .; } .fsp_m FSP_M_BASE : @@ -71,6 +72,7 @@ SECTIONS KEEP(*(.sig_fsp_m*)) _start_fsp_m = .; *(.fsp_m) + _end_fsp_m = .; } } diff --git a/src/boot_x86_fsp.c b/src/boot_x86_fsp.c index 4e605162b..4dfee6c58 100644 --- a/src/boot_x86_fsp.c +++ b/src/boot_x86_fsp.c @@ -94,11 +94,10 @@ int fsp_machine_update_s_parameters(uint8_t *default_s_params); int post_temp_ram_init_cb(void); /* from the linker */ -extern uint8_t _start_fsp_t[]; -extern uint8_t _start_fsp_m[]; -extern uint8_t _start_fsp_s[]; extern uint8_t _fsp_m_hdr[]; extern uint8_t _fsp_s_hdr[]; +extern uint8_t _end_fsp_m[]; +extern uint8_t _end_fsp_s[]; extern uint8_t _wolfboot_flash_start[]; extern uint8_t _wolfboot_flash_end[]; extern uint8_t wb_end_bss[], wb_start_bss[]; @@ -145,6 +144,22 @@ static void load_wolfboot(void) } +static void load_fsp_to_ram(void) +{ + size_t fsp_m_size, fsp_s_size; + wolfBoot_printf("loading FSP_M at %x..." ENDLINE, + (uint32_t)(FSP_M_LOAD_BASE - IMAGE_HEADER_SIZE)); + fsp_m_size = _end_fsp_m - _fsp_m_hdr; + memcpy((uint8_t*)FSP_M_LOAD_BASE - IMAGE_HEADER_SIZE, + _fsp_m_hdr, fsp_m_size); + + wolfBoot_printf("loading FSP_S at %x..." ENDLINE, + (uint32_t)(FSP_S_LOAD_BASE - IMAGE_HEADER_SIZE)); + fsp_s_size = _end_fsp_s - _fsp_s_hdr; + memcpy((uint8_t*)FSP_S_LOAD_BASE - IMAGE_HEADER_SIZE, + _fsp_s_hdr, fsp_s_size); +} + extern uint8_t _stage2_params[]; static void set_stage2_parameter(struct stage2_parameter *p) @@ -191,14 +206,20 @@ static void memory_ready_entry(void *ptr) uint32_t status; unsigned int i; int ret; + uint8_t *fsp_s_base; + uint8_t *fsp_m_base; #ifdef STAGE1_AUTH struct wolfBoot_image fsp_s; struct wolfBoot_image wolfboot_raw; #endif + + fsp_s_base = (uint8_t *)(FSP_S_LOAD_BASE); + fsp_m_base = (uint8_t *)(FSP_M_LOAD_BASE); + fsp_info_header = - (struct fsp_info_header *)(_start_fsp_m + FSP_INFO_HEADER_OFFSET); - TempRamExit = (temp_ram_exit_cb)(_start_fsp_m + + (struct fsp_info_header *)(fsp_m_base + FSP_INFO_HEADER_OFFSET); + TempRamExit = (temp_ram_exit_cb)(fsp_m_base + fsp_info_header->TempRamExitEntryOffset); status = TempRamExit(NULL); if (status != EFI_SUCCESS) { @@ -208,7 +229,7 @@ static void memory_ready_entry(void *ptr) #ifdef STAGE1_AUTH /* Verify FSP_S */ - ret = wolfBoot_open_image_address(&fsp_s, _fsp_s_hdr); + ret = wolfBoot_open_image_address(&fsp_s, (fsp_s_base - IMAGE_HEADER_SIZE)); if (ret < 0) { wolfBoot_printf("Failed to open FSP_S image" ENDLINE); panic(); @@ -228,13 +249,13 @@ static void memory_ready_entry(void *ptr) wolfBoot_printf("FSP_S: verified OK." ENDLINE); #endif - memcpy(silicon_init_parameter, _start_fsp_s + fsp_info_header->CfgRegionOffset, + memcpy(silicon_init_parameter, fsp_s_base + fsp_info_header->CfgRegionOffset, FSP_S_PARAM_SIZE); status = fsp_machine_update_s_parameters(silicon_init_parameter); fsp_info_header = - (struct fsp_info_header *)(_start_fsp_s + FSP_INFO_HEADER_OFFSET); - SiliconInit = (silicon_init_cb)(_start_fsp_s + + (struct fsp_info_header *)(fsp_s_base + FSP_INFO_HEADER_OFFSET); + SiliconInit = (silicon_init_cb)(fsp_s_base + fsp_info_header->FspSiliconInitEntryOffset); wolfBoot_printf("call silicon..." ENDLINE); @@ -245,7 +266,7 @@ static void memory_ready_entry(void *ptr) } wolfBoot_printf("success" ENDLINE); pci_enum_do(); - notifyPhase = (notify_phase_cb)(_start_fsp_s + + notifyPhase = (notify_phase_cb)(fsp_s_base + fsp_info_header->NotifyPhaseEntryOffset); param.Phase = EnumInitPhaseAfterPciEnumeration; status = notifyPhase(¶m); @@ -314,7 +335,7 @@ void start(uint32_t stack_base, uint32_t stack_top, uint64_t timestamp, uint8_t udp_m_parameter[FSP_M_UDP_MAX_SIZE], *udp_m_default; struct fsp_info_header *fsp_m_info_header; struct stage2_parameter *stage2_params; - uint8_t *_fsp_m_base, done = 0; + uint8_t *fsp_m_base, done = 0; struct efi_hob *hobList, *it; memory_init_cb MemoryInit; uint64_t top_address; @@ -332,6 +353,8 @@ void start(uint32_t stack_base, uint32_t stack_top, uint64_t timestamp, (void)timestamp; (void)bist; + fsp_m_base = (uint8_t *)(FSP_M_LOAD_BASE); + status = post_temp_ram_init_cb(); if (status != 0) { wolfBoot_printf("post temp ram init cb failed" ENDLINE); @@ -339,9 +362,11 @@ void start(uint32_t stack_base, uint32_t stack_top, uint64_t timestamp, } wolfBoot_printf("Cache-as-RAM initialized" ENDLINE); + load_fsp_to_ram(); + #ifdef STAGE1_AUTH /* Verify FSP_M */ - ret = wolfBoot_open_image_address(&fsp_m, _fsp_m_hdr); + ret = wolfBoot_open_image_address(&fsp_m, fsp_m_base - IMAGE_HEADER_SIZE); if (ret < 0) { wolfBoot_printf("Failed to open FSP_M image" ENDLINE); panic(); @@ -362,8 +387,8 @@ void start(uint32_t stack_base, uint32_t stack_top, uint64_t timestamp, #endif fsp_m_info_header = - (struct fsp_info_header *)(_start_fsp_m + FSP_INFO_HEADER_OFFSET); - udp_m_default = _start_fsp_m + fsp_m_info_header->CfgRegionOffset; + (struct fsp_info_header *)(fsp_m_base + FSP_INFO_HEADER_OFFSET); + udp_m_default = fsp_m_base + fsp_m_info_header->CfgRegionOffset; if (!fsp_info_header_is_ok(fsp_m_info_header)) { wolfBoot_printf("invalid FSP_INFO_HEADER" ENDLINE); panic(); @@ -382,7 +407,7 @@ void start(uint32_t stack_base, uint32_t stack_top, uint64_t timestamp, } wolfBoot_printf("calling FspMemInit..." ENDLINE); - MemoryInit = (memory_init_cb)(_start_fsp_m + + MemoryInit = (memory_init_cb)(fsp_m_base + fsp_m_info_header->FspMemoryInitEntryOffset); status = MemoryInit((void *)udp_m_parameter, &hobList); if (status == FSP_STATUS_RESET_REQUIRED_WARM) { diff --git a/tools/x86_fsp/qemu/qemu_build_fsp.sh b/tools/x86_fsp/qemu/qemu_build_fsp.sh index 5f980af3c..835ba84b1 100755 --- a/tools/x86_fsp/qemu/qemu_build_fsp.sh +++ b/tools/x86_fsp/qemu/qemu_build_fsp.sh @@ -9,6 +9,7 @@ SCRIPT_DIR=$(readlink -f "$(dirname "$0")") WOLFBOOT_DIR="${SCRIPT_DIR}/../../.." FSP_NAME=QEMU_FSP_DEBUG CONFIG_FILE=${CONFIG_FILE:-"${WOLFBOOT_DIR}/.config"} +IMAGE_HEADER_SIZE=256 set -e @@ -18,9 +19,13 @@ fi if [ -f "${CONFIG_FILE}" ] then + IMAGE_HEADER_SIZE=$(grep -Eo '^IMAGE_HEADER_SIZE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) + if [ -z "${IMAGE_HEADER_SIZE}" ]; then + IMAGE_HEADER_SIZE=256 + fi FSP_T_BASE=$(grep -Eo '^FSP_T_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) - FSP_M_BASE=$(grep -Eo '^FSP_M_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) - FSP_S_BASE=$(grep -Eo '^FSP_S_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) + FSP_M_LOAD_BASE=$(grep -Eo '^FSP_M_LOAD_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) + FSP_S_LOAD_BASE=$(grep -Eo '^FSP_S_LOAD_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) else echo "Error: ${CONFIG_FILE} file not found in current directory" exit @@ -87,9 +92,9 @@ download_edkii download_sbl_patch_and_patch_edkii build_qemu_fsp rebase_fsp_component "T" ${FSP_T_BASE} -rebase_fsp_component "M" ${FSP_M_BASE} -rebase_fsp_component "S" ${FSP_S_BASE} +rebase_fsp_component "M" ${FSP_M_LOAD_BASE} +rebase_fsp_component "S" ${FSP_S_LOAD_BASE} copy_fsp_component "T" ${FSP_T_BASE} -copy_fsp_component "M" ${FSP_M_BASE} -copy_fsp_component "S" ${FSP_S_BASE} +copy_fsp_component "M" ${FSP_M_LOAD_BASE} +copy_fsp_component "S" ${FSP_S_LOAD_BASE} copy_fsp_headers From 979e8615d33dc7d10a40edcf8fb5902b8f9865d9 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Thu, 27 Jul 2023 18:01:04 +0200 Subject: [PATCH 07/21] Qemu script: removed unused variable --- tools/x86_fsp/qemu/qemu_build_fsp.sh | 5 ----- 1 file changed, 5 deletions(-) diff --git a/tools/x86_fsp/qemu/qemu_build_fsp.sh b/tools/x86_fsp/qemu/qemu_build_fsp.sh index 835ba84b1..b12be2941 100755 --- a/tools/x86_fsp/qemu/qemu_build_fsp.sh +++ b/tools/x86_fsp/qemu/qemu_build_fsp.sh @@ -9,7 +9,6 @@ SCRIPT_DIR=$(readlink -f "$(dirname "$0")") WOLFBOOT_DIR="${SCRIPT_DIR}/../../.." FSP_NAME=QEMU_FSP_DEBUG CONFIG_FILE=${CONFIG_FILE:-"${WOLFBOOT_DIR}/.config"} -IMAGE_HEADER_SIZE=256 set -e @@ -19,10 +18,6 @@ fi if [ -f "${CONFIG_FILE}" ] then - IMAGE_HEADER_SIZE=$(grep -Eo '^IMAGE_HEADER_SIZE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) - if [ -z "${IMAGE_HEADER_SIZE}" ]; then - IMAGE_HEADER_SIZE=256 - fi FSP_T_BASE=$(grep -Eo '^FSP_T_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) FSP_M_LOAD_BASE=$(grep -Eo '^FSP_M_LOAD_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) FSP_S_LOAD_BASE=$(grep -Eo '^FSP_S_LOAD_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) From a81365437b6d052f89d7da7f63d8e81ef8de1c56 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Tue, 1 Aug 2023 11:44:58 +0200 Subject: [PATCH 08/21] STAGE1_AUTH feature ported to TGL (untested) --- arch.mk | 2 +- config/examples/kontron_vx3060_s2.config | 11 ++- .../examples/x86_fsp_qemu_stage1_auth.config | 44 +++++++++ hal/x86_fsp_tgl.c | 1 + hal/x86_fsp_tgl_loader.c | 95 +++++++++++++++++++ hal/x86_fsp_tgl_stage1.ld.in | 30 ++++-- tools/x86_fsp/tgl/tgl_download_fsp.sh | 12 +-- 7 files changed, 179 insertions(+), 16 deletions(-) create mode 100644 config/examples/x86_fsp_qemu_stage1_auth.config create mode 100644 hal/x86_fsp_tgl_loader.c diff --git a/arch.mk b/arch.mk index 14761be0e..cd0820ac4 100644 --- a/arch.mk +++ b/arch.mk @@ -519,7 +519,7 @@ ifeq ("${FSP}", "1") OBJS+=src/x86/tgl_fsp.o OBJS+=src/fsp_tgl_s_upd.o OBJS+=src/ucode0.o - OBJS+=$(MATH_OBJS) + OBJS += hal/x86_fsp_tgl_loader.o CFLAGS += -DUCODE0_ADDRESS=$(UCODE0_BASE) endif ifeq ($(TARGET),x86_fsp_qemu) diff --git a/config/examples/kontron_vx3060_s2.config b/config/examples/kontron_vx3060_s2.config index d86e93527..ad4ee547c 100644 --- a/config/examples/kontron_vx3060_s2.config +++ b/config/examples/kontron_vx3060_s2.config @@ -21,11 +21,11 @@ WOLFBOOT_LOAD_ADDRESS=0x1000000 WOLFBOOT_SECTOR_SIZE?=0x1000 WOLFBOOT_DATA_ADDRESS=0x1000000 -FSP_M_BASE=0xffe37000 +FSP_M_BASE=0xffc33000 FSP_S_BASE=0xffed6000 FSP_T_BASE=0xfffe0000 -WOLFBOOT_ORIGIN=0xffff0000 +WOLFBOOT_ORIGIN=0xfffa0000 # 4 MB BOOTLOADER_PARTITION_SIZE=0x400000 # 12 MB @@ -51,9 +51,14 @@ FSP_S_UPD_DATA_BASE=0xffe35000 PCI_USE_ECAM=1 PCH_HAS_PCR=1 -WOLFTPM=1 +WOLFTPM=0 64BIT=1 ELF=1 DEBUG_ELF=0 MULTIBOOT2=1 64BIT=1 + +STAGE1_AUTH=1 +FSP_M_LOAD_BASE=0x0FE2FF00 +FSP_S_LOAD_BASE=0x0FED5F00 + diff --git a/config/examples/x86_fsp_qemu_stage1_auth.config b/config/examples/x86_fsp_qemu_stage1_auth.config new file mode 100644 index 000000000..eea46c40f --- /dev/null +++ b/config/examples/x86_fsp_qemu_stage1_auth.config @@ -0,0 +1,44 @@ +ARCH=x86_64 +TARGET=x86_fsp_qemu +WOLFBOOT_SMALL_STACK=1 +SIGN?=ECC256 +HASH?=SHA256 +DEBUG=1 +SPMATH=1 +FORCE_32BIT=1 +ENCRYPTION=0 +WOLFBOOT_FIXED_PARTITIONS=1 +WOLFBOOT_PARTITION_SIZE=0x8000000 +WOLFTPM=0 + +# TPM Keystore options +#WOLFBOOT_TPM_KEYSTORE?=1 +#WOLFBOOT_TPM_KEYSTORE_NV_INDEX?=0x01800200 +#WOLFBOOT_TPM_POLICY_NV_INDEX?=0x01800201 + +# 4gb - 8mb +WOLFBOOT_PARTITION_BOOT_ADDRESS=0xff800000 +WOLFBOOT_PARTITION_SWAP_ADDRESS=0x0 +WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x0 +WOLFBOOT_LOAD_BASE=0x2000000 +WOLFBOOT_LOAD_ADDRESS=0x1000000 + +# required for keytools +WOLFBOOT_SECTOR_SIZE?=0x1000 +WOLFBOOT_DATA_ADDRESS=0x1000000 + +FSP_M_BASE=0xffe30000 +FSP_S_BASE=0xffed6000 +FSP_T_BASE=0xfffe0000 +FSP_M_LOAD_BASE=0x0FE2FF00 +FSP_S_LOAD_BASE=0x0FED5F00 +WOLFBOOT_ORIGIN=0xfffa0000 +LINUX_PAYLOAD=1 + +BOOTLOADER_PARTITION_SIZE=0xa0000 +BIOS_REGION_SIZE=0x800000 +MACHINE_OBJ=src/x86/qemu_fsp.o +FSP_T_BIN=./src/x86/fsp_t.bin +FSP_M_BIN=./src/x86/fsp_m.bin +FSP_S_BIN=./src/x86/fsp_s.bin +STAGE1_AUTH=1 diff --git a/hal/x86_fsp_tgl.c b/hal/x86_fsp_tgl.c index 1be61effb..b79d0973e 100644 --- a/hal/x86_fsp_tgl.c +++ b/hal/x86_fsp_tgl.c @@ -47,3 +47,4 @@ void x86_fsp_tgl_init_sata(void) } #endif + diff --git a/hal/x86_fsp_tgl_loader.c b/hal/x86_fsp_tgl_loader.c new file mode 100644 index 000000000..b786e6d2e --- /dev/null +++ b/hal/x86_fsp_tgl_loader.c @@ -0,0 +1,95 @@ +/* x86_fsp_qemu_loader.c + * + * Copyright (C) 2023 wolfSSL Inc. + * + * This file is part of wolfBoot. + * + * wolfBoot is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfBoot is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#include +#include +#include +#include + +#ifdef __WOLFBOOT +#include + +extern uint8_t* _stage2_params[]; + +static void panic(void); + +void hal_init(void) +{ +} + +void hal_prepare_boot(void) +{ +} +#endif + +int hal_flash_write(uint32_t address, const uint8_t *data, int len) +{ + return 0; +} + +void hal_flash_unlock(void) +{ +} + +void hal_flash_lock(void) +{ +} + +int hal_flash_erase(uint32_t address, int len) +{ + return 0; +} + +int wolfBoot_fallback_is_possible(void) +{ + return 0; + +} + +int wolfBoot_dualboot_candidate(void) +{ + return PART_BOOT; +} + +void* hal_get_primary_address(void) +{ + return (void*)0; +} + +void* hal_get_update_address(void) +{ + return (void*)0; +} + +void *hal_get_dts_address(void) +{ + return 0; +} + +void *hal_get_dts_update_address(void) +{ + return 0; +} + +static void panic(void) +{ + while(1) {} +} diff --git a/hal/x86_fsp_tgl_stage1.ld.in b/hal/x86_fsp_tgl_stage1.ld.in index c11ebe421..dd8dd02f1 100644 --- a/hal/x86_fsp_tgl_stage1.ld.in +++ b/hal/x86_fsp_tgl_stage1.ld.in @@ -1,15 +1,17 @@ FLASH_SIZE = @BOOTLOADER_PARTITION_SIZE@; FLASH_START = 0x100000000 - @BOOTLOADER_PARTITION_SIZE@; RESETVECTOR_START = 0xffffffec; +BOOTLOADER_JUMP32_START = 0xfffff000; FSP_T_BASE = @FSP_T_BASE@; /* default base:size 0xFFFFF000:0x3000 [0xfffff000:0x100002000] */ -FSP_M_BASE = @FSP_M_BASE@; /* default base:size 0xfffdd000:0x22000 [0xfffdd000:0xfffff000] */ -FSP_S_BASE = @FSP_S_BASE@; /* default base:size 0xfffc8000:0x15000 [0xfffdd000:0xfffdd000] */ +FSP_M_BASE = @FSP_M_BASE@ - 0x1000; /* default base:size 0xfffdd000:0x22000 [0xfffdd000:0xfffff000] */ +FSP_S_BASE = @FSP_S_BASE@ - 0x1000; /* default base:size 0xfffc8000:0x15000 [0xfffdd000:0xfffdd000] */ WOLFBOOT_LOAD_BASE = @WOLFBOOT_LOAD_BASE@; FIT_TABLE_PTR = 0xffffffc0; UCODE0_BASE = @UCODE0_BASE@; FSP_S_UPD_DATA_BASE = @FSP_S_UPD_DATA_BASE@; WOLFBOOT_ORIGIN = @WOLFBOOT_ORIGIN@; - +IMAGE_HEADER_SIZE = @IMAGE_HEADER_SIZE@; +PRE_HEADER_FILL_SIZE = 0x1000 - IMAGE_HEADER_SIZE; OUTPUT_FORMAT(elf32-i386) MEMORY @@ -20,6 +22,12 @@ MEMORY SECTIONS { + .jmpto32 BOOTLOADER_JUMP32_START : + { + _off_boot = ABSOLUTE(.) & 0xffff; + KEEP(*(.jmpto32)) + } + .fit_table_tr FIT_TABLE_PTR : { QUAD(fit_table); @@ -55,9 +63,11 @@ SECTIONS .text FLASH_START : { - _wolfboot_flash_start = ABSOLUTE(FLASH_START); - *(.wolfboot) - _wolfboot_flash_end = .; + . += PRE_HEADER_FILL_SIZE; + _wolfboot_flash_start = .; + KEEP(*(.sig_wolfboot_raw*)) + *(.wolfboot) + _wolfboot_flash_end = .; } .fsp_t FSP_T_BASE : @@ -69,14 +79,22 @@ SECTIONS .fsp_s FSP_S_BASE : { + . += PRE_HEADER_FILL_SIZE; + _fsp_s_hdr = .; + KEEP(*(.sig_fsp_s*)) _start_fsp_s = .; *(.fsp_s) + _end_fsp_s = .; } .fsp_m FSP_M_BASE : { + . += PRE_HEADER_FILL_SIZE; + _fsp_m_hdr = .; + KEEP(*(.sig_fsp_m*)) _start_fsp_m = .; *(.fsp_m) + _end_fsp_m = .; } } diff --git a/tools/x86_fsp/tgl/tgl_download_fsp.sh b/tools/x86_fsp/tgl/tgl_download_fsp.sh index 3d33a1848..a68a9ffb7 100755 --- a/tools/x86_fsp/tgl/tgl_download_fsp.sh +++ b/tools/x86_fsp/tgl/tgl_download_fsp.sh @@ -22,8 +22,8 @@ fi if [ -f "${CONFIG_FILE}" ] then FSP_T_BASE=$(grep -Eo '^FSP_T_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) - FSP_M_BASE=$(grep -Eo '^FSP_M_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) - FSP_S_BASE=$(grep -Eo '^FSP_S_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) + FSP_M_LOAD_BASE=$(grep -Eo '^FSP_M_LOAD_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) + FSP_S_LOAD_BASE=$(grep -Eo '^FSP_S_LOAD_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) else echo "Error: ${CONFIG_FILE} file not found in current directory" exit @@ -94,11 +94,11 @@ copy_tgl_fsp download_split_tool split_fsp rebase_fsp_component "T" ${FSP_T_BASE} -rebase_fsp_component "M" ${FSP_M_BASE} -rebase_fsp_component "S" ${FSP_S_BASE} +rebase_fsp_component "M" ${FSP_M_LOAD_BASE} +rebase_fsp_component "S" ${FSP_S_LOAD_BASE} copy_fsp_component "T" ${FSP_T_BASE} -copy_fsp_component "M" ${FSP_M_BASE} -copy_fsp_component "S" ${FSP_S_BASE} +copy_fsp_component "M" ${FSP_M_LOAD_BASE} +copy_fsp_component "S" ${FSP_S_LOAD_BASE} patch_tgl_fsp copy_fsp_headers download_ucode From 66c9ce8daad653e30ab588125e16e7d918086faf Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Thu, 3 Aug 2023 19:37:31 +0200 Subject: [PATCH 09/21] Addressed some of reviewer's comments --- config/examples/kontron_vx3060_s2.config | 2 +- hal/x86_fsp_tgl_loader.c | 2 +- hal/x86_fsp_tgl_stage1.ld.in | 1 - src/boot_x86_fsp.c | 107 +++++++++++------------ 4 files changed, 52 insertions(+), 60 deletions(-) diff --git a/config/examples/kontron_vx3060_s2.config b/config/examples/kontron_vx3060_s2.config index ad4ee547c..6782f0e8d 100644 --- a/config/examples/kontron_vx3060_s2.config +++ b/config/examples/kontron_vx3060_s2.config @@ -51,7 +51,7 @@ FSP_S_UPD_DATA_BASE=0xffe35000 PCI_USE_ECAM=1 PCH_HAS_PCR=1 -WOLFTPM=0 +WOLFTPM=1 64BIT=1 ELF=1 DEBUG_ELF=0 diff --git a/hal/x86_fsp_tgl_loader.c b/hal/x86_fsp_tgl_loader.c index b786e6d2e..d8f491857 100644 --- a/hal/x86_fsp_tgl_loader.c +++ b/hal/x86_fsp_tgl_loader.c @@ -1,4 +1,4 @@ -/* x86_fsp_qemu_loader.c +/* x86_fsp_tgl_loader.c * * Copyright (C) 2023 wolfSSL Inc. * diff --git a/hal/x86_fsp_tgl_stage1.ld.in b/hal/x86_fsp_tgl_stage1.ld.in index dd8dd02f1..5545ac2a1 100644 --- a/hal/x86_fsp_tgl_stage1.ld.in +++ b/hal/x86_fsp_tgl_stage1.ld.in @@ -45,7 +45,6 @@ SECTIONS .bootloader WOLFBOOT_ORIGIN : { - _off_boot = ABSOLUTE(.) & 0xffff; KEEP(./boot_x86_fsp_start.o(.boot*)) KEEP(./tgl_fsp.o(.boot)) *(.boot*) diff --git a/src/boot_x86_fsp.c b/src/boot_x86_fsp.c index 4dfee6c58..a7c3d604b 100644 --- a/src/boot_x86_fsp.c +++ b/src/boot_x86_fsp.c @@ -144,15 +144,19 @@ static void load_wolfboot(void) } -static void load_fsp_to_ram(void) +static void load_fsp_m_to_ram(void) { - size_t fsp_m_size, fsp_s_size; + size_t fsp_m_size; wolfBoot_printf("loading FSP_M at %x..." ENDLINE, (uint32_t)(FSP_M_LOAD_BASE - IMAGE_HEADER_SIZE)); fsp_m_size = _end_fsp_m - _fsp_m_hdr; memcpy((uint8_t*)FSP_M_LOAD_BASE - IMAGE_HEADER_SIZE, _fsp_m_hdr, fsp_m_size); +} +static void load_fsp_s_to_ram(void) +{ + size_t fsp_s_size; wolfBoot_printf("loading FSP_S at %x..." ENDLINE, (uint32_t)(FSP_S_LOAD_BASE - IMAGE_HEADER_SIZE)); fsp_s_size = _end_fsp_s - _fsp_s_hdr; @@ -193,6 +197,31 @@ static void jump_into_wolfboot() } #endif /* WOLFBOOT_64BIT */ +static inline int verify_payload(uint8_t *base_addr) +{ + int ret = -1; + struct wolfBoot_image wb_img; + memset(&wb_img, 0, sizeof(struct wolfBoot_image)); + ret = wolfBoot_open_image_address(&wb_img, base_addr); + if (ret < 0) { + wolfBoot_printf("verify_payload: Failed to open image" ENDLINE); + panic(); + } + wolfBoot_printf("verify_payload: image open successfully." ENDLINE); + ret = wolfBoot_verify_integrity(&wb_img); + if (ret < 0) { + wolfBoot_printf("verify_payload: Failed integrity check" ENDLINE); + panic(); + } + wolfBoot_printf("verify_payload: integrity OK. Checking signature." ENDLINE); + ret = wolfBoot_verify_authenticity(&wb_img); + if (ret < 0) { + wolfBoot_printf("verify_payload: Failed signature check" ENDLINE); + panic(); + } + return ret; +} + static void memory_ready_entry(void *ptr) { struct stage2_parameter *stage2_params = (struct stage2_parameter *)ptr; @@ -208,11 +237,6 @@ static void memory_ready_entry(void *ptr) int ret; uint8_t *fsp_s_base; uint8_t *fsp_m_base; -#ifdef STAGE1_AUTH - struct wolfBoot_image fsp_s; - struct wolfBoot_image wolfboot_raw; -#endif - fsp_s_base = (uint8_t *)(FSP_S_LOAD_BASE); fsp_m_base = (uint8_t *)(FSP_M_LOAD_BASE); @@ -227,26 +251,19 @@ static void memory_ready_entry(void *ptr) panic(); } + /* Load FSP_S to RAM */ + load_fsp_s_to_ram(); + #ifdef STAGE1_AUTH /* Verify FSP_S */ - ret = wolfBoot_open_image_address(&fsp_s, (fsp_s_base - IMAGE_HEADER_SIZE)); - if (ret < 0) { - wolfBoot_printf("Failed to open FSP_S image" ENDLINE); - panic(); - } - wolfBoot_printf("FSP_S open successfully." ENDLINE); - ret = wolfBoot_verify_integrity(&fsp_s); - if (ret < 0) { - wolfBoot_printf("Failed integrity check on FSP_S" ENDLINE); - panic(); - } - wolfBoot_printf("FSP_S is valid. Checking signature." ENDLINE); - ret = wolfBoot_verify_authenticity(&fsp_s); - if (ret < 0) { - wolfBoot_printf("Failed signature check on FSP_S" ENDLINE); + wolfBoot_printf("Authenticating FSP_S at %x..." ENDLINE, + fsp_s_base - IMAGE_HEADER_SIZE); + + if (verify_payload(fsp_s_base - IMAGE_HEADER_SIZE) == 0) + wolfBoot_printf("FSP_S: verified OK." ENDLINE); + else { panic(); } - wolfBoot_printf("FSP_S: verified OK." ENDLINE); #endif memcpy(silicon_init_parameter, fsp_s_base + fsp_info_header->CfgRegionOffset, @@ -294,24 +311,11 @@ static void memory_ready_entry(void *ptr) /* Verify wolfBoot */ wolfBoot_printf("Authenticating wolfboot at %x..." ENDLINE, WOLFBOOT_LOAD_BASE); - ret = wolfBoot_open_image_address(&wolfboot_raw, (void *)WOLFBOOT_LOAD_BASE); - if (ret < 0) { - wolfBoot_printf("Failed to open wolfBoot image" ENDLINE); + if (verify_payload((uint8_t *)WOLFBOOT_LOAD_BASE) == 0) + wolfBoot_printf("FSP_S: verified OK." ENDLINE); + else { panic(); } - wolfBoot_printf("wolfBoot open successfully." ENDLINE); - ret = wolfBoot_verify_integrity(&wolfboot_raw); - if (ret < 0) { - wolfBoot_printf("Failed integrity check on wolfBoot" ENDLINE); - panic(); - } - wolfBoot_printf("wolfBoot is valid. Checking signature." ENDLINE); - ret = wolfBoot_verify_authenticity(&wolfboot_raw); - if (ret < 0) { - wolfBoot_printf("Failed signature check on wolfBoot" ENDLINE); - panic(); - } - wolfBoot_printf("wolfBoot: verified OK." ENDLINE); #endif set_stage2_parameter(stage2_params); jump_into_wolfboot(); @@ -352,9 +356,9 @@ void start(uint32_t stack_base, uint32_t stack_top, uint64_t timestamp, (void)stack_top; (void)timestamp; (void)bist; - fsp_m_base = (uint8_t *)(FSP_M_LOAD_BASE); + status = post_temp_ram_init_cb(); if (status != 0) { wolfBoot_printf("post temp ram init cb failed" ENDLINE); @@ -362,28 +366,17 @@ void start(uint32_t stack_base, uint32_t stack_top, uint64_t timestamp, } wolfBoot_printf("Cache-as-RAM initialized" ENDLINE); - load_fsp_to_ram(); + load_fsp_m_to_ram(); #ifdef STAGE1_AUTH /* Verify FSP_M */ - ret = wolfBoot_open_image_address(&fsp_m, fsp_m_base - IMAGE_HEADER_SIZE); - if (ret < 0) { - wolfBoot_printf("Failed to open FSP_M image" ENDLINE); - panic(); - } - wolfBoot_printf("FSP_M open successfully." ENDLINE); - ret = wolfBoot_verify_integrity(&fsp_m); - if (ret < 0) { - wolfBoot_printf("Failed integrity check on FSP_M" ENDLINE); - panic(); - } - wolfBoot_printf("FSP_M is valid. Checking signature." ENDLINE); - ret = wolfBoot_verify_authenticity(&fsp_m); - if (ret < 0) { - wolfBoot_printf("Failed signature check on FSP_M" ENDLINE); + //wolfBoot_printf("Authenticating FSP_M at %x..." ENDLINE, + // FSP_M_LOAD_BASE - IMAGE_HEADER_SIZE); + if (verify_payload((uint8_t *)(FSP_M_LOAD_BASE - IMAGE_HEADER_SIZE)) == 0) + wolfBoot_printf("FSP_M: verified OK." ENDLINE); + else { panic(); } - wolfBoot_printf("FSP_M: verified OK." ENDLINE); #endif fsp_m_info_header = From a088d04a873acb6afe729e0e96c255e39bca3410 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Fri, 4 Aug 2023 09:21:35 +0200 Subject: [PATCH 10/21] Renamed linker script variables --- hal/x86_fsp_qemu_stage1.ld.in | 15 +++++++-------- hal/x86_fsp_tgl_stage1.ld.in | 17 ++++++++--------- 2 files changed, 15 insertions(+), 17 deletions(-) diff --git a/hal/x86_fsp_qemu_stage1.ld.in b/hal/x86_fsp_qemu_stage1.ld.in index 28d86e941..16ac1f55d 100644 --- a/hal/x86_fsp_qemu_stage1.ld.in +++ b/hal/x86_fsp_qemu_stage1.ld.in @@ -2,10 +2,9 @@ FLASH_SIZE = @BOOTLOADER_PARTITION_SIZE@; FLASH_START = 0x100000000 - @BOOTLOADER_PARTITION_SIZE@; BOOTLOADER_JUMP32_START = 0xfffff000; RESETVECTOR_START = 0xffffffec; -FSP_T_BASE = @FSP_T_BASE@; /* default base:size 0xFFFFF000:0x3000 [0xfffff000:0x100002000] */ -FSP_M_BASE = @FSP_M_BASE@ - 0x1000; /* default base:size 0xfffdd000:0x22000 [0xfffdd000:0xfffff000] */ -FSP_S_BASE = @FSP_S_BASE@ - 0x1000; /* default base:size 0xfffc8000:0x15000 [0xfffdd000:0xfffdd000] */ -WOLFBOOT_LOAD_BASE = @WOLFBOOT_LOAD_BASE@; +FSP_T_ORIGIN = @FSP_T_BASE@; /* default base:size 0xFFFFF000:0x3000 [0xfffff000:0x100002000] */ +FSP_M_ORIGIN = @FSP_M_BASE@ - 0x1000; /* default base:size 0xfffdd000:0x22000 [0xfffdd000:0xfffff000] */ +FSP_S_ORIGIN = @FSP_S_BASE@ - 0x1000; /* default base:size 0xfffc8000:0x15000 [0xfffdd000:0xfffdd000] */ WOLFBOOT_ORIGIN = @WOLFBOOT_ORIGIN@; IMAGE_HEADER_SIZE = @IMAGE_HEADER_SIZE@; PRE_HEADER_FILL_SIZE = 0x1000 - IMAGE_HEADER_SIZE; @@ -48,14 +47,14 @@ SECTIONS _wolfboot_flash_end = .; } - .fsp_t FSP_T_BASE : - AT(FSP_T_BASE) + .fsp_t FSP_T_ORIGIN : + AT(FSP_T_ORIGIN) { _start_fsp_t = .; *(.fsp_t) } - .fsp_s FSP_S_BASE : + .fsp_s FSP_S_ORIGIN : { . += PRE_HEADER_FILL_SIZE; _fsp_s_hdr = .; @@ -65,7 +64,7 @@ SECTIONS _end_fsp_s = .; } - .fsp_m FSP_M_BASE : + .fsp_m FSP_M_ORIGIN : { . += PRE_HEADER_FILL_SIZE; _fsp_m_hdr = .; diff --git a/hal/x86_fsp_tgl_stage1.ld.in b/hal/x86_fsp_tgl_stage1.ld.in index 5545ac2a1..cb80b0987 100644 --- a/hal/x86_fsp_tgl_stage1.ld.in +++ b/hal/x86_fsp_tgl_stage1.ld.in @@ -1,11 +1,10 @@ FLASH_SIZE = @BOOTLOADER_PARTITION_SIZE@; FLASH_START = 0x100000000 - @BOOTLOADER_PARTITION_SIZE@; -RESETVECTOR_START = 0xffffffec; BOOTLOADER_JUMP32_START = 0xfffff000; -FSP_T_BASE = @FSP_T_BASE@; /* default base:size 0xFFFFF000:0x3000 [0xfffff000:0x100002000] */ -FSP_M_BASE = @FSP_M_BASE@ - 0x1000; /* default base:size 0xfffdd000:0x22000 [0xfffdd000:0xfffff000] */ -FSP_S_BASE = @FSP_S_BASE@ - 0x1000; /* default base:size 0xfffc8000:0x15000 [0xfffdd000:0xfffdd000] */ -WOLFBOOT_LOAD_BASE = @WOLFBOOT_LOAD_BASE@; +RESETVECTOR_START = 0xffffffec; +FSP_T_ORIGIN = @FSP_T_BASE@; /* default base:size 0xFFFFF000:0x3000 [0xfffff000:0x100002000] */ +FSP_M_ORIGIN = @FSP_M_BASE@ - 0x1000; /* default base:size 0xfffdd000:0x22000 [0xfffdd000:0xfffff000] */ +FSP_S_ORIGIN = @FSP_S_BASE@ - 0x1000; /* default base:size 0xfffc8000:0x15000 [0xfffdd000:0xfffdd000] */ FIT_TABLE_PTR = 0xffffffc0; UCODE0_BASE = @UCODE0_BASE@; FSP_S_UPD_DATA_BASE = @FSP_S_UPD_DATA_BASE@; @@ -69,14 +68,14 @@ SECTIONS _wolfboot_flash_end = .; } - .fsp_t FSP_T_BASE : - AT(FSP_T_BASE) + .fsp_t FSP_T_ORIGIN : + AT(FSP_T_ORIGIN) { _start_fsp_t = .; *(.fsp_t) } - .fsp_s FSP_S_BASE : + .fsp_s FSP_S_ORIGIN : { . += PRE_HEADER_FILL_SIZE; _fsp_s_hdr = .; @@ -86,7 +85,7 @@ SECTIONS _end_fsp_s = .; } - .fsp_m FSP_M_BASE : + .fsp_m FSP_M_ORIGIN : { . += PRE_HEADER_FILL_SIZE; _fsp_m_hdr = .; From 2777896ecefb44ebf5a49ea3ace70e0c6baf22a8 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Fri, 4 Aug 2023 09:45:33 +0200 Subject: [PATCH 11/21] Build separate targets for signed fsp+wolfboot bin --- stage1/x86_fsp.mk | 27 +++++++++++++++++---------- 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/stage1/x86_fsp.mk b/stage1/x86_fsp.mk index 07389be72..1e5e82eb0 100644 --- a/stage1/x86_fsp.mk +++ b/stage1/x86_fsp.mk @@ -23,27 +23,34 @@ fsp_t.o: ../$(FSP_T_BIN) $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.fsp_t $^ $@ fsp_m.o: ../$(FSP_M_BIN) - $(SIGN_TOOL) $(SIGN_OPTIONS) $^ $(SIGN_KEY) 1 - @dd if=$(X86FSP_PATH)/fsp_m_v1_signed.bin of=$(X86FSP_PATH)/fsp_m_signature.bin bs=256 count=1 - $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.sig_fsp_m $(X86FSP_PATH)/fsp_m_signature.bin sig_fsp_m.o $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.fsp_m $^ $@ - @rm -f $(X86FSP_PATH)/fsp_m_v1_signed.bin $(X86FSP_PATH)/fsp_m_signature.bin fsp_s.o: ../$(FSP_S_BIN) - $(SIGN_TOOL) $(SIGN_OPTIONS) $^ $(SIGN_KEY) 1 - @dd if=$(X86FSP_PATH)/fsp_s_v1_signed.bin of=$(X86FSP_PATH)/fsp_s_signature.bin bs=256 count=1 - $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.sig_fsp_s $(X86FSP_PATH)/fsp_s_signature.bin sig_fsp_s.o $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.fsp_s $^ $@ - @rm -f $(X86FSP_PATH)/fsp_s_v1_signed.bin $(X86FSP_PATH)/fsp_s_signature.bin wolfboot_raw.bin: ../wolfboot.elf $(Q)$(OBJCOPY) -j .text -O binary $^ $@ wolfboot_raw.o: wolfboot_raw.bin - $(SIGN_TOOL) $(SIGN_OPTIONS) $^ $(SIGN_KEY) 1 + $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.wolfboot $^ $@ + +sig_fsp_m.o: fsp_m.o $(SIGN_KEY) ../$(FSP_M_BIN) + $(SIGN_TOOL) $(SIGN_OPTIONS) ../$(FSP_M_BIN) $(SIGN_KEY) 1 + @dd if=$(X86FSP_PATH)/fsp_m_v1_signed.bin of=$(X86FSP_PATH)/fsp_m_signature.bin bs=256 count=1 + $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.sig_fsp_m $(X86FSP_PATH)/fsp_m_signature.bin sig_fsp_m.o + @rm -f $(X86FSP_PATH)/fsp_m_v1_signed.bin $(X86FSP_PATH)/fsp_m_signature.bin + +sig_fsp_s.o: fsp_s.o $(SIGN_KEY) ../$(FSP_S_BIN) + $(SIGN_TOOL) $(SIGN_OPTIONS) ../$(FSP_S_BIN) $(SIGN_KEY) 1 + @dd if=$(X86FSP_PATH)/fsp_s_v1_signed.bin of=$(X86FSP_PATH)/fsp_s_signature.bin bs=256 count=1 + $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.sig_fsp_s $(X86FSP_PATH)/fsp_s_signature.bin sig_fsp_s.o + @rm -f $(X86FSP_PATH)/fsp_s_v1_signed.bin $(X86FSP_PATH)/fsp_s_signature.bin + +sig_wolfboot_raw.o: wolfboot_raw.bin $(SIGN_KEY) + $(SIGN_TOOL) $(SIGN_OPTIONS) wolfboot_raw.bin $(SIGN_KEY) 1 @dd if=wolfboot_raw_v1_signed.bin of=wolfboot_raw_signature.bin bs=256 count=1 $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.sig_wolfboot_raw wolfboot_raw_signature.bin sig_wolfboot_raw.o - $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.wolfboot $^ $@ + fsp_tgl_s_upd.o: ../$(FSP_S_UPD_DATA_BIN) $(OBJCOPY) -I binary -O elf32-i386 -B i386 --rename-section .data=.fsps_upd $^ $@ From 817568ba2482f01376243bed4fcc30308332c168 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Fri, 4 Aug 2023 09:55:41 +0200 Subject: [PATCH 12/21] renamed: x86_fsp_tgl_loader.c to kontron_vx3060_s2_loader.c --- arch.mk | 4 +++- hal/{x86_fsp_tgl_loader.c => kontron_vx3060_s2_loader.c} | 0 2 files changed, 3 insertions(+), 1 deletion(-) rename hal/{x86_fsp_tgl_loader.c => kontron_vx3060_s2_loader.c} (100%) diff --git a/arch.mk b/arch.mk index cd0820ac4..0da82fda8 100644 --- a/arch.mk +++ b/arch.mk @@ -510,6 +510,9 @@ ifeq ("${FSP}", "1") OBJS += src/sig_fsp_m.o OBJS += src/sig_wolfboot_raw.o OBJS += src/sig_fsp_s.o + ifeq ($(TARGET), kontron_vx3060_s2) + OBJS += hal/kontron_vx3060_s2_loader.o + endif OBJS += $(WOLFCRYPT_OBJS) CFLAGS+=-DSTAGE1_AUTH endif @@ -519,7 +522,6 @@ ifeq ("${FSP}", "1") OBJS+=src/x86/tgl_fsp.o OBJS+=src/fsp_tgl_s_upd.o OBJS+=src/ucode0.o - OBJS += hal/x86_fsp_tgl_loader.o CFLAGS += -DUCODE0_ADDRESS=$(UCODE0_BASE) endif ifeq ($(TARGET),x86_fsp_qemu) diff --git a/hal/x86_fsp_tgl_loader.c b/hal/kontron_vx3060_s2_loader.c similarity index 100% rename from hal/x86_fsp_tgl_loader.c rename to hal/kontron_vx3060_s2_loader.c From 3e1c2eb5196cb89656c943dcd9db3d7a5f98982a Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Fri, 4 Aug 2023 10:06:32 +0200 Subject: [PATCH 13/21] Remove hardcoded path for signed fsp images --- stage1/x86_fsp.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stage1/x86_fsp.mk b/stage1/x86_fsp.mk index 1e5e82eb0..ea48facb9 100644 --- a/stage1/x86_fsp.mk +++ b/stage1/x86_fsp.mk @@ -1,7 +1,7 @@ SIGN_TOOL?=../tools/keytools/sign SIGN_OPTIONS?=--ecc256 --sha256 SIGN_KEY?=../wolfboot_signing_private_key.der -X86FSP_PATH?=../src/x86 +X86FSP_PATH?=../`dirname $(FSP_M_BIN)` $(LSCRIPT_IN): $(WOLFBOOT_ROOT)/hal/$(LSCRIPT_IN).in FORCE From 355811bc7e8cae692609d2d2a5964700f9cd8b56 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Fri, 4 Aug 2023 11:28:44 +0200 Subject: [PATCH 14/21] submodule wolfTPM updated --- lib/wolfTPM | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/wolfTPM b/lib/wolfTPM index cdff04859..7c9391ebf 160000 --- a/lib/wolfTPM +++ b/lib/wolfTPM @@ -1 +1 @@ -Subproject commit cdff048597c632399231df937c54f14f5505e0ce +Subproject commit 7c9391ebf3341ac10c8357adedd96ff42d59c845 From 98b7f48ea28c94966cf8e16433cac172af968b34 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Fri, 4 Aug 2023 11:40:49 +0200 Subject: [PATCH 15/21] Renamed "loader.map" -> "loader_stage1.map" --- arch.mk | 2 +- stage1/Makefile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch.mk b/arch.mk index 0da82fda8..3173a7123 100644 --- a/arch.mk +++ b/arch.mk @@ -489,7 +489,7 @@ ifeq ("${FSP}", "1") --defsym wb_start_bss=`grep _start_bss ../wolfboot.map | awk '{print $$1}'` \ --defsym wb_end_bss=`grep _end_bss ../wolfboot.map | awk '{print $$1}'` \ --defsym _stage2_params=`grep _stage2_params ../wolfboot.map | awk '{print $$1}'` - LDFLAGS += --no-gc-sections --print-gc-sections -T $(LSCRIPT) -m elf_i386 -Map=loader.map + LDFLAGS += --no-gc-sections --print-gc-sections -T $(LSCRIPT) -m elf_i386 -Map=loader_stage1.map CFLAGS+=-DFSP_M_LOAD_BASE=$(FSP_M_LOAD_BASE) CFLAGS+=-DFSP_S_LOAD_BASE=$(FSP_S_LOAD_BASE) OBJS += src/boot_x86_fsp.o diff --git a/stage1/Makefile b/stage1/Makefile index f11d408a2..54af56b7c 100644 --- a/stage1/Makefile +++ b/stage1/Makefile @@ -182,7 +182,7 @@ $(BUILD_DIR)/%.o: ../hal/%.S clean: $(Q)rm -f *.o $(Q)rm -f *.bin - $(Q)rm -f loader_stage1.bin loader_stage1.elf loader_stage1.map $(LSCRIPT) + $(Q)rm -f loader_stage1.bin loader_stage1.elf *.map $(LSCRIPT) FORCE: From 5c3ace8176bc103455a3b33456c11c03d9eb4ff0 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Fri, 4 Aug 2023 12:29:00 +0200 Subject: [PATCH 16/21] removed extra page before fsp image --- hal/x86_fsp_qemu_stage1.ld.in | 9 ++------- hal/x86_fsp_tgl_stage1.ld.in | 9 ++------- 2 files changed, 4 insertions(+), 14 deletions(-) diff --git a/hal/x86_fsp_qemu_stage1.ld.in b/hal/x86_fsp_qemu_stage1.ld.in index 16ac1f55d..a0d82d1b6 100644 --- a/hal/x86_fsp_qemu_stage1.ld.in +++ b/hal/x86_fsp_qemu_stage1.ld.in @@ -3,11 +3,9 @@ FLASH_START = 0x100000000 - @BOOTLOADER_PARTITION_SIZE@; BOOTLOADER_JUMP32_START = 0xfffff000; RESETVECTOR_START = 0xffffffec; FSP_T_ORIGIN = @FSP_T_BASE@; /* default base:size 0xFFFFF000:0x3000 [0xfffff000:0x100002000] */ -FSP_M_ORIGIN = @FSP_M_BASE@ - 0x1000; /* default base:size 0xfffdd000:0x22000 [0xfffdd000:0xfffff000] */ -FSP_S_ORIGIN = @FSP_S_BASE@ - 0x1000; /* default base:size 0xfffc8000:0x15000 [0xfffdd000:0xfffdd000] */ +FSP_M_ORIGIN = @FSP_M_BASE@; /* default base:size 0xfffdd000:0x22000 [0xfffdd000:0xfffff000] */ +FSP_S_ORIGIN = @FSP_S_BASE@; /* default base:size 0xfffc8000:0x15000 [0xfffdd000:0xfffdd000] */ WOLFBOOT_ORIGIN = @WOLFBOOT_ORIGIN@; -IMAGE_HEADER_SIZE = @IMAGE_HEADER_SIZE@; -PRE_HEADER_FILL_SIZE = 0x1000 - IMAGE_HEADER_SIZE; OUTPUT_FORMAT(elf32-i386) MEMORY @@ -40,7 +38,6 @@ SECTIONS .wolfboot FLASH_START : { - . += PRE_HEADER_FILL_SIZE; _wolfboot_flash_start = .; KEEP(*(.sig_wolfboot_raw*)) *(.wolfboot) @@ -56,7 +53,6 @@ SECTIONS .fsp_s FSP_S_ORIGIN : { - . += PRE_HEADER_FILL_SIZE; _fsp_s_hdr = .; KEEP(*(.sig_fsp_s*)) _start_fsp_s = .; @@ -66,7 +62,6 @@ SECTIONS .fsp_m FSP_M_ORIGIN : { - . += PRE_HEADER_FILL_SIZE; _fsp_m_hdr = .; KEEP(*(.sig_fsp_m*)) _start_fsp_m = .; diff --git a/hal/x86_fsp_tgl_stage1.ld.in b/hal/x86_fsp_tgl_stage1.ld.in index cb80b0987..b7dda4e6f 100644 --- a/hal/x86_fsp_tgl_stage1.ld.in +++ b/hal/x86_fsp_tgl_stage1.ld.in @@ -3,14 +3,12 @@ FLASH_START = 0x100000000 - @BOOTLOADER_PARTITION_SIZE@; BOOTLOADER_JUMP32_START = 0xfffff000; RESETVECTOR_START = 0xffffffec; FSP_T_ORIGIN = @FSP_T_BASE@; /* default base:size 0xFFFFF000:0x3000 [0xfffff000:0x100002000] */ -FSP_M_ORIGIN = @FSP_M_BASE@ - 0x1000; /* default base:size 0xfffdd000:0x22000 [0xfffdd000:0xfffff000] */ -FSP_S_ORIGIN = @FSP_S_BASE@ - 0x1000; /* default base:size 0xfffc8000:0x15000 [0xfffdd000:0xfffdd000] */ +FSP_M_ORIGIN = @FSP_M_BASE@; /* default base:size 0xfffdd000:0x22000 [0xfffdd000:0xfffff000] */ +FSP_S_ORIGIN = @FSP_S_BASE@; /* default base:size 0xfffc8000:0x15000 [0xfffdd000:0xfffdd000] */ FIT_TABLE_PTR = 0xffffffc0; UCODE0_BASE = @UCODE0_BASE@; FSP_S_UPD_DATA_BASE = @FSP_S_UPD_DATA_BASE@; WOLFBOOT_ORIGIN = @WOLFBOOT_ORIGIN@; -IMAGE_HEADER_SIZE = @IMAGE_HEADER_SIZE@; -PRE_HEADER_FILL_SIZE = 0x1000 - IMAGE_HEADER_SIZE; OUTPUT_FORMAT(elf32-i386) MEMORY @@ -61,7 +59,6 @@ SECTIONS .text FLASH_START : { - . += PRE_HEADER_FILL_SIZE; _wolfboot_flash_start = .; KEEP(*(.sig_wolfboot_raw*)) *(.wolfboot) @@ -77,7 +74,6 @@ SECTIONS .fsp_s FSP_S_ORIGIN : { - . += PRE_HEADER_FILL_SIZE; _fsp_s_hdr = .; KEEP(*(.sig_fsp_s*)) _start_fsp_s = .; @@ -87,7 +83,6 @@ SECTIONS .fsp_m FSP_M_ORIGIN : { - . += PRE_HEADER_FILL_SIZE; _fsp_m_hdr = .; KEEP(*(.sig_fsp_m*)) _start_fsp_m = .; From 95c7b927628b6c5d736234d3ebcb7dcd10ea07eb Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Mon, 7 Aug 2023 15:47:40 +0200 Subject: [PATCH 17/21] Moved FSP_M back to XIP --- arch.mk | 1 - config/examples/kontron_vx3060_s2.config | 1 - .../examples/x86_fsp_qemu_stage1_auth.config | 1 - hal/x86_fsp_qemu_stage1.ld.in | 2 -- hal/x86_fsp_tgl_stage1.ld.in | 1 - src/boot_x86_fsp.c | 31 ++----------------- tools/x86_fsp/qemu/qemu_build_fsp.sh | 6 ++-- tools/x86_fsp/tgl/tgl_download_fsp.sh | 2 +- 8 files changed, 7 insertions(+), 38 deletions(-) diff --git a/arch.mk b/arch.mk index 3173a7123..917d79214 100644 --- a/arch.mk +++ b/arch.mk @@ -507,7 +507,6 @@ ifeq ("${FSP}", "1") OBJS += src/libwolfboot.o OBJS += src/image.o OBJS += src/keystore.o - OBJS += src/sig_fsp_m.o OBJS += src/sig_wolfboot_raw.o OBJS += src/sig_fsp_s.o ifeq ($(TARGET), kontron_vx3060_s2) diff --git a/config/examples/kontron_vx3060_s2.config b/config/examples/kontron_vx3060_s2.config index 6782f0e8d..40fdfdfd4 100644 --- a/config/examples/kontron_vx3060_s2.config +++ b/config/examples/kontron_vx3060_s2.config @@ -59,6 +59,5 @@ MULTIBOOT2=1 64BIT=1 STAGE1_AUTH=1 -FSP_M_LOAD_BASE=0x0FE2FF00 FSP_S_LOAD_BASE=0x0FED5F00 diff --git a/config/examples/x86_fsp_qemu_stage1_auth.config b/config/examples/x86_fsp_qemu_stage1_auth.config index eea46c40f..18aab291f 100644 --- a/config/examples/x86_fsp_qemu_stage1_auth.config +++ b/config/examples/x86_fsp_qemu_stage1_auth.config @@ -30,7 +30,6 @@ WOLFBOOT_DATA_ADDRESS=0x1000000 FSP_M_BASE=0xffe30000 FSP_S_BASE=0xffed6000 FSP_T_BASE=0xfffe0000 -FSP_M_LOAD_BASE=0x0FE2FF00 FSP_S_LOAD_BASE=0x0FED5F00 WOLFBOOT_ORIGIN=0xfffa0000 LINUX_PAYLOAD=1 diff --git a/hal/x86_fsp_qemu_stage1.ld.in b/hal/x86_fsp_qemu_stage1.ld.in index a0d82d1b6..c65268d3e 100644 --- a/hal/x86_fsp_qemu_stage1.ld.in +++ b/hal/x86_fsp_qemu_stage1.ld.in @@ -62,8 +62,6 @@ SECTIONS .fsp_m FSP_M_ORIGIN : { - _fsp_m_hdr = .; - KEEP(*(.sig_fsp_m*)) _start_fsp_m = .; *(.fsp_m) _end_fsp_m = .; diff --git a/hal/x86_fsp_tgl_stage1.ld.in b/hal/x86_fsp_tgl_stage1.ld.in index b7dda4e6f..67d2f47ce 100644 --- a/hal/x86_fsp_tgl_stage1.ld.in +++ b/hal/x86_fsp_tgl_stage1.ld.in @@ -84,7 +84,6 @@ SECTIONS .fsp_m FSP_M_ORIGIN : { _fsp_m_hdr = .; - KEEP(*(.sig_fsp_m*)) _start_fsp_m = .; *(.fsp_m) _end_fsp_m = .; diff --git a/src/boot_x86_fsp.c b/src/boot_x86_fsp.c index a7c3d604b..c842577e5 100644 --- a/src/boot_x86_fsp.c +++ b/src/boot_x86_fsp.c @@ -46,8 +46,6 @@ * the space used by wolfBoot manifest headers to authenticate FSPs */ #define HEADER_SIZE IMAGE_HEADER_SIZE -const uint8_t __attribute__((section(".sig_fsp_m"))) - empty_sig_fsp_m[HEADER_SIZE] = {}; const uint8_t __attribute__((section(".sig_fsp_s"))) empty_sig_fsp_s[HEADER_SIZE] = {}; const uint8_t __attribute__((section(".sig_wolfboot_raw"))) @@ -94,7 +92,7 @@ int fsp_machine_update_s_parameters(uint8_t *default_s_params); int post_temp_ram_init_cb(void); /* from the linker */ -extern uint8_t _fsp_m_hdr[]; +extern uint8_t _start_fsp_m[]; extern uint8_t _fsp_s_hdr[]; extern uint8_t _end_fsp_m[]; extern uint8_t _end_fsp_s[]; @@ -144,16 +142,6 @@ static void load_wolfboot(void) } -static void load_fsp_m_to_ram(void) -{ - size_t fsp_m_size; - wolfBoot_printf("loading FSP_M at %x..." ENDLINE, - (uint32_t)(FSP_M_LOAD_BASE - IMAGE_HEADER_SIZE)); - fsp_m_size = _end_fsp_m - _fsp_m_hdr; - memcpy((uint8_t*)FSP_M_LOAD_BASE - IMAGE_HEADER_SIZE, - _fsp_m_hdr, fsp_m_size); -} - static void load_fsp_s_to_ram(void) { size_t fsp_s_size; @@ -238,8 +226,8 @@ static void memory_ready_entry(void *ptr) uint8_t *fsp_s_base; uint8_t *fsp_m_base; + fsp_m_base = _start_fsp_m; fsp_s_base = (uint8_t *)(FSP_S_LOAD_BASE); - fsp_m_base = (uint8_t *)(FSP_M_LOAD_BASE); fsp_info_header = (struct fsp_info_header *)(fsp_m_base + FSP_INFO_HEADER_OFFSET); @@ -356,7 +344,7 @@ void start(uint32_t stack_base, uint32_t stack_top, uint64_t timestamp, (void)stack_top; (void)timestamp; (void)bist; - fsp_m_base = (uint8_t *)(FSP_M_LOAD_BASE); + fsp_m_base = (uint8_t *)(_start_fsp_m); status = post_temp_ram_init_cb(); @@ -366,19 +354,6 @@ void start(uint32_t stack_base, uint32_t stack_top, uint64_t timestamp, } wolfBoot_printf("Cache-as-RAM initialized" ENDLINE); - load_fsp_m_to_ram(); - -#ifdef STAGE1_AUTH - /* Verify FSP_M */ - //wolfBoot_printf("Authenticating FSP_M at %x..." ENDLINE, - // FSP_M_LOAD_BASE - IMAGE_HEADER_SIZE); - if (verify_payload((uint8_t *)(FSP_M_LOAD_BASE - IMAGE_HEADER_SIZE)) == 0) - wolfBoot_printf("FSP_M: verified OK." ENDLINE); - else { - panic(); - } -#endif - fsp_m_info_header = (struct fsp_info_header *)(fsp_m_base + FSP_INFO_HEADER_OFFSET); udp_m_default = fsp_m_base + fsp_m_info_header->CfgRegionOffset; diff --git a/tools/x86_fsp/qemu/qemu_build_fsp.sh b/tools/x86_fsp/qemu/qemu_build_fsp.sh index b12be2941..0be29f9d4 100755 --- a/tools/x86_fsp/qemu/qemu_build_fsp.sh +++ b/tools/x86_fsp/qemu/qemu_build_fsp.sh @@ -19,7 +19,7 @@ fi if [ -f "${CONFIG_FILE}" ] then FSP_T_BASE=$(grep -Eo '^FSP_T_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) - FSP_M_LOAD_BASE=$(grep -Eo '^FSP_M_LOAD_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) + FSP_M_BASE=$(grep -Eo '^FSP_M_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) FSP_S_LOAD_BASE=$(grep -Eo '^FSP_S_LOAD_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) else echo "Error: ${CONFIG_FILE} file not found in current directory" @@ -87,9 +87,9 @@ download_edkii download_sbl_patch_and_patch_edkii build_qemu_fsp rebase_fsp_component "T" ${FSP_T_BASE} -rebase_fsp_component "M" ${FSP_M_LOAD_BASE} +rebase_fsp_component "M" ${FSP_M_BASE} rebase_fsp_component "S" ${FSP_S_LOAD_BASE} copy_fsp_component "T" ${FSP_T_BASE} -copy_fsp_component "M" ${FSP_M_LOAD_BASE} +copy_fsp_component "M" ${FSP_M_BASE} copy_fsp_component "S" ${FSP_S_LOAD_BASE} copy_fsp_headers diff --git a/tools/x86_fsp/tgl/tgl_download_fsp.sh b/tools/x86_fsp/tgl/tgl_download_fsp.sh index a68a9ffb7..f21e21c98 100755 --- a/tools/x86_fsp/tgl/tgl_download_fsp.sh +++ b/tools/x86_fsp/tgl/tgl_download_fsp.sh @@ -22,7 +22,7 @@ fi if [ -f "${CONFIG_FILE}" ] then FSP_T_BASE=$(grep -Eo '^FSP_T_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) - FSP_M_LOAD_BASE=$(grep -Eo '^FSP_M_LOAD_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) + FSP_M_BASE=$(grep -Eo '^FSP_M_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) FSP_S_LOAD_BASE=$(grep -Eo '^FSP_S_LOAD_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) else echo "Error: ${CONFIG_FILE} file not found in current directory" From 760028315e3b00280f4b4224b7eb51fa98f3db14 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Wed, 9 Aug 2023 16:40:23 +0200 Subject: [PATCH 18/21] Fixed tgl script FSP rebase address --- tools/x86_fsp/tgl/tgl_download_fsp.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/x86_fsp/tgl/tgl_download_fsp.sh b/tools/x86_fsp/tgl/tgl_download_fsp.sh index f21e21c98..321dbb137 100755 --- a/tools/x86_fsp/tgl/tgl_download_fsp.sh +++ b/tools/x86_fsp/tgl/tgl_download_fsp.sh @@ -94,10 +94,10 @@ copy_tgl_fsp download_split_tool split_fsp rebase_fsp_component "T" ${FSP_T_BASE} -rebase_fsp_component "M" ${FSP_M_LOAD_BASE} +rebase_fsp_component "M" ${FSP_M_BASE} rebase_fsp_component "S" ${FSP_S_LOAD_BASE} copy_fsp_component "T" ${FSP_T_BASE} -copy_fsp_component "M" ${FSP_M_LOAD_BASE} +copy_fsp_component "M" ${FSP_M_BASE} copy_fsp_component "S" ${FSP_S_LOAD_BASE} patch_tgl_fsp copy_fsp_headers From 3f03f6d460555b9e1b9612071064402ff1b34029 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Wed, 9 Aug 2023 16:48:53 +0200 Subject: [PATCH 19/21] Fixed wrong printf --- src/boot_x86_fsp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/boot_x86_fsp.c b/src/boot_x86_fsp.c index c842577e5..c16a804c2 100644 --- a/src/boot_x86_fsp.c +++ b/src/boot_x86_fsp.c @@ -300,7 +300,7 @@ static void memory_ready_entry(void *ptr) wolfBoot_printf("Authenticating wolfboot at %x..." ENDLINE, WOLFBOOT_LOAD_BASE); if (verify_payload((uint8_t *)WOLFBOOT_LOAD_BASE) == 0) - wolfBoot_printf("FSP_S: verified OK." ENDLINE); + wolfBoot_printf("wolfBoot: verified OK." ENDLINE); else { panic(); } From 51f240d8b134687488ef6e7427c1fd878271c717 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Thu, 10 Aug 2023 15:26:01 +0200 Subject: [PATCH 20/21] Moved load address for second stage wolfboot --- hal/x86_fsp_qemu.ld.in | 2 +- src/boot_x86_fsp.c | 7 +++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/hal/x86_fsp_qemu.ld.in b/hal/x86_fsp_qemu.ld.in index 15c2e3c35..5e65b15ee 100644 --- a/hal/x86_fsp_qemu.ld.in +++ b/hal/x86_fsp_qemu.ld.in @@ -1,5 +1,5 @@ MEM_SIZE = 536870912; -WOLFBOOT_LOAD_BASE = @WOLFBOOT_LOAD_BASE@ + @IMAGE_HEADER_SIZE@; +WOLFBOOT_LOAD_BASE = @WOLFBOOT_LOAD_BASE@; MEMORY { diff --git a/src/boot_x86_fsp.c b/src/boot_x86_fsp.c index c16a804c2..49a219e34 100644 --- a/src/boot_x86_fsp.c +++ b/src/boot_x86_fsp.c @@ -132,14 +132,13 @@ static void load_wolfboot(void) { size_t wolfboot_size, bss_size; wolfBoot_printf("loading wolfboot at %x..." ENDLINE, - (uint32_t)WOLFBOOT_LOAD_BASE); + (uint32_t)WOLFBOOT_LOAD_BASE - IMAGE_HEADER_SIZE); wolfboot_size = _wolfboot_flash_end - _wolfboot_flash_start; - memcpy((uint8_t*)WOLFBOOT_LOAD_BASE, + memcpy((uint8_t*)WOLFBOOT_LOAD_BASE - IMAGE_HEADER_SIZE, _wolfboot_flash_start, wolfboot_size); bss_size = wb_end_bss - wb_start_bss; memset(wb_start_bss, 0, bss_size); wolfBoot_printf("load wolfboot end" ENDLINE); - } static void load_fsp_s_to_ram(void) @@ -299,7 +298,7 @@ static void memory_ready_entry(void *ptr) /* Verify wolfBoot */ wolfBoot_printf("Authenticating wolfboot at %x..." ENDLINE, WOLFBOOT_LOAD_BASE); - if (verify_payload((uint8_t *)WOLFBOOT_LOAD_BASE) == 0) + if (verify_payload((uint8_t *)WOLFBOOT_LOAD_BASE - IMAGE_HEADER_SIZE) == 0) wolfBoot_printf("wolfBoot: verified OK." ENDLINE); else { panic(); From 051bbccce01a4403f411c0471892058a769841c7 Mon Sep 17 00:00:00 2001 From: David Garske Date: Thu, 10 Aug 2023 13:39:43 -0700 Subject: [PATCH 21/21] Fix filename in comment. --- hal/kontron_vx3060_s2_loader.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hal/kontron_vx3060_s2_loader.c b/hal/kontron_vx3060_s2_loader.c index d8f491857..a5f0f8588 100644 --- a/hal/kontron_vx3060_s2_loader.c +++ b/hal/kontron_vx3060_s2_loader.c @@ -1,4 +1,4 @@ -/* x86_fsp_tgl_loader.c +/* kontron_vx3060_s2_loader.c * * Copyright (C) 2023 wolfSSL Inc. *