Skip to content

[rom_ext] Cherry-pick pr26888, pr27385 from earlgrey_1.0.0 #28858

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
siemen11 wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

[rom_ext] Cherry-pick pr26888, pr27385 from earlgrey_1.0.0 #28858

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions sw/device/silicon_creator/lib/ownership/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,7 @@ dual_cc_library(
"//sw/device/silicon_creator/lib/drivers:keymgr",
"//sw/device/silicon_creator/lib/drivers:kmac",
"//sw/device/silicon_creator/lib/drivers:flash_ctrl",
"//sw/device/silicon_creator/lib/sigverify:flash_exec",
],
host = [
"//sw/device/lib/base:global_mock",
Expand Down Expand Up @@ -114,6 +115,7 @@ cc_library(
"//sw/device/silicon_creator/lib/drivers:flash_ctrl",
"//sw/device/silicon_creator/lib/drivers:lifecycle",
"//sw/device/silicon_creator/lib/drivers:rnd",
"//sw/device/silicon_creator/lib/sigverify:flash_exec",
],
)

Expand Down Expand Up @@ -166,6 +168,7 @@ cc_library(
"//sw/device/silicon_creator/lib/drivers:flash_ctrl",
"//sw/device/silicon_creator/lib/drivers:hmac",
"//sw/device/silicon_creator/lib/drivers:lifecycle",
"//sw/device/silicon_creator/lib/sigverify:flash_exec",
],
)

Expand All @@ -183,6 +186,7 @@ cc_test(
"//sw/device/silicon_creator/lib/boot_svc:boot_svc_header",
"//sw/device/silicon_creator/lib/drivers:lifecycle",
"//sw/device/silicon_creator/lib/drivers:rnd",
"//sw/device/silicon_creator/lib/sigverify:flash_exec",
"//sw/device/silicon_creator/testing:rom_test",
"@googletest//:gtest_main",
],
Expand All @@ -202,6 +206,7 @@ cc_library(
"//sw/device/silicon_creator/lib/boot_svc:boot_svc_msg",
"//sw/device/silicon_creator/lib/drivers:flash_ctrl",
"//sw/device/silicon_creator/lib/drivers:lifecycle",
"//sw/device/silicon_creator/lib/sigverify:flash_exec",
],
)

Expand All @@ -217,6 +222,7 @@ cc_test(
"//sw/device/lib/base:hardened",
"//sw/device/silicon_creator/lib:boot_data",
"//sw/device/silicon_creator/lib/boot_svc:boot_svc_header",
"//sw/device/silicon_creator/lib/sigverify:flash_exec",
"//sw/device/silicon_creator/testing:rom_test",
"@googletest//:gtest_main",
],
Expand Down
5 changes: 3 additions & 2 deletions sw/device/silicon_creator/lib/ownership/mock_ownership_key.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,10 @@ extern "C" {

hardened_bool_t ownership_key_validate(size_t page, ownership_key_t key,
const owner_signature_t *signature,
const void *message, size_t len) {
const void *message, size_t len,
uint32_t *flash_exec) {
return MockOwnershipKey::Instance().validate(page, key, signature, message,
len);
len, flash_exec);
}

rom_error_t ownership_seal_init() {
Expand Down
2 changes: 1 addition & 1 deletion sw/device/silicon_creator/lib/ownership/mock_ownership_key.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ class MockOwnershipKey : public global_mock::GlobalMock<MockOwnershipKey> {
public:
MOCK_METHOD(hardened_bool_t, validate,
(size_t, ownership_key_t, const owner_signature_t *, const void *,
size_t));
size_t, uint32_t *));
MOCK_METHOD(rom_error_t, seal_init, ());
MOCK_METHOD(rom_error_t, seal_page, (size_t));
MOCK_METHOD(rom_error_t, seal_check, (size_t));
Expand Down
6 changes: 3 additions & 3 deletions sw/device/silicon_creator/lib/ownership/ownership.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,9 +47,9 @@ static owner_page_status_t owner_page_validity_check(size_t page) {
return kOwnerPageStatusSealed;
}

hardened_bool_t result = ownership_key_validate(page, kOwnershipKeyOwner,
&owner_page[page].signature,
&owner_page[page], sig_len);
hardened_bool_t result = ownership_key_validate(
page, kOwnershipKeyOwner, &owner_page[page].signature, &owner_page[page],
sig_len, NULL);
if (result == kHardenedBoolFalse) {
// If the page is bad, destroy the RAM copy.
memset(&owner_page[page], 0x5a, sizeof(owner_page[0]));
Expand Down
11 changes: 9 additions & 2 deletions sw/device/silicon_creator/lib/ownership/ownership_activate.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
#include "sw/device/silicon_creator/lib/error.h"
#include "sw/device/silicon_creator/lib/ownership/owner_block.h"
#include "sw/device/silicon_creator/lib/ownership/ownership_key.h"
#include "sw/device/silicon_creator/lib/sigverify/flash_exec.h"

rom_error_t ownership_activate(boot_data_t *bootdata,
hardened_bool_t write_both_pages) {
Expand Down Expand Up @@ -62,15 +63,21 @@ static rom_error_t activate_handler(boot_svc_msg_t *msg,
return kErrorOwnershipInvalidInfoPage;
}

// Set the variable checking whether the correct signatures have been
// verified.
uint32_t flash_exec = 0;

// Check the activation key and the nonce.
size_t len = (uintptr_t)&msg->ownership_activate_req.signature -
(uintptr_t)&msg->ownership_activate_req.primary_bl0_slot;
if (ownership_key_validate(/*page=*/1, kOwnershipKeyActivate,
&msg->ownership_activate_req.signature,
&msg->ownership_activate_req.primary_bl0_slot,
len) == kHardenedBoolFalse) {
&msg->ownership_activate_req.primary_bl0_slot, len,
&flash_exec) == kHardenedBoolFalse) {
return kErrorOwnershipInvalidSignature;
}
// Verify that we passed signature verification for the message.
HARDENED_CHECK_EQ(flash_exec, kSigverifyFlashExec);
if (!nonce_equal(&msg->ownership_activate_req.nonce, &bootdata->nonce)) {
return kErrorOwnershipInvalidNonce;
}
Expand Down
31 changes: 19 additions & 12 deletions sw/device/silicon_creator/lib/ownership/ownership_activate_unittest.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,10 +21,12 @@
#include "sw/device/silicon_creator/lib/ownership/datatypes.h"
#include "sw/device/silicon_creator/lib/ownership/mock_ownership_key.h"
#include "sw/device/silicon_creator/lib/ownership/owner_block.h"
#include "sw/device/silicon_creator/lib/sigverify/flash_exec.h"
#include "sw/device/silicon_creator/testing/rom_test.h"

namespace {
using ::testing::_;
using ::testing::DoAll;
using ::testing::Return;
using ::testing::SetArgPointee;

Expand Down Expand Up @@ -131,8 +133,9 @@ TEST_P(OwnershipActivateValidStateTest, InvalidVersion) {
MakePage1Valid(true);
owner_page[1].header.version.major = 5;

EXPECT_CALL(ownership_key_, validate(1, kOwnershipKeyActivate, _, _, _))
.WillOnce(Return(kHardenedBoolTrue));
EXPECT_CALL(ownership_key_, validate(1, kOwnershipKeyActivate, _, _, _, _))
.WillOnce(DoAll(SetArgPointee<5>(kSigverifyFlashExec),
Return(kHardenedBoolTrue)));
EXPECT_CALL(lifecycle_, DeviceId(_))
.WillOnce(SetArgPointee<0>((lifecycle_device_id_t){0}));
EXPECT_CALL(hdr_, Finalize(_, _, _));
Expand All @@ -147,8 +150,8 @@ TEST_P(OwnershipActivateValidStateTest, InvalidSignature) {
// We want to pass the page 1 validity test to check the signature on the
// message.
MakePage1Valid(true);
EXPECT_CALL(ownership_key_, validate(1, kOwnershipKeyActivate, _, _, _))
.WillOnce(Return(kHardenedBoolFalse));
EXPECT_CALL(ownership_key_, validate(1, kOwnershipKeyActivate, _, _, _, _))
.WillOnce(DoAll(SetArgPointee<5>(0), Return(kHardenedBoolFalse)));
EXPECT_CALL(hdr_, Finalize(_, _, _));

rom_error_t error = ownership_activate_handler(&message_, &bootdata_);
Expand All @@ -162,8 +165,9 @@ TEST_P(OwnershipActivateValidStateTest, InvalidNonce) {
// We want to pass the page 1 validity test to check the nonce of the
// message.
MakePage1Valid(true);
EXPECT_CALL(ownership_key_, validate(1, kOwnershipKeyActivate, _, _, _))
.WillOnce(Return(kHardenedBoolTrue));
EXPECT_CALL(ownership_key_, validate(1, kOwnershipKeyActivate, _, _, _, _))
.WillOnce(DoAll(SetArgPointee<5>(kSigverifyFlashExec),
Return(kHardenedBoolTrue)));
EXPECT_CALL(hdr_, Finalize(_, _, _));

rom_error_t error = ownership_activate_handler(&message_, &bootdata_);
Expand All @@ -176,8 +180,9 @@ TEST_P(OwnershipActivateValidStateTest, InvalidActivateDin) {
// We want to pass the page 1 validity test to check the nonce of the
// message.
MakePage1Valid(true);
EXPECT_CALL(ownership_key_, validate(1, kOwnershipKeyActivate, _, _, _))
.WillOnce(Return(kHardenedBoolTrue));
EXPECT_CALL(ownership_key_, validate(1, kOwnershipKeyActivate, _, _, _, _))
.WillOnce(DoAll(SetArgPointee<5>(kSigverifyFlashExec),
Return(kHardenedBoolTrue)));
EXPECT_CALL(lifecycle_, DeviceId(_))
.WillOnce(SetArgPointee<0>((lifecycle_device_id_t){0, 1, 1}));
EXPECT_CALL(hdr_, Finalize(_, _, _));
Expand Down Expand Up @@ -228,8 +233,9 @@ TEST_P(OwnershipActivateValidStateTest, OwnerPageValid) {
bootdata_.next_owner[0] = 12345;
MakePage1Valid(true);

EXPECT_CALL(ownership_key_, validate(1, kOwnershipKeyActivate, _, _, _))
.WillOnce(Return(kHardenedBoolTrue));
EXPECT_CALL(ownership_key_, validate(1, kOwnershipKeyActivate, _, _, _, _))
.WillOnce(DoAll(SetArgPointee<5>(kSigverifyFlashExec),
Return(kHardenedBoolTrue)));
EXPECT_CALL(lifecycle_, DeviceId(_))
.WillOnce(SetArgPointee<0>((lifecycle_device_id_t){0}));

Expand Down Expand Up @@ -297,8 +303,9 @@ TEST_P(OwnershipActivateValidStateTest, UpdateBootdataBl0) {
MakePage1Valid(true);
owner_page[1].min_security_version_bl0 = 5;

EXPECT_CALL(ownership_key_, validate(1, kOwnershipKeyActivate, _, _, _))
.WillOnce(Return(kHardenedBoolTrue));
EXPECT_CALL(ownership_key_, validate(1, kOwnershipKeyActivate, _, _, _, _))
.WillOnce(DoAll(SetArgPointee<5>(kSigverifyFlashExec),
Return(kHardenedBoolTrue)));
EXPECT_CALL(lifecycle_, DeviceId(_))
.WillOnce(SetArgPointee<0>((lifecycle_device_id_t){0}));

Expand Down
6 changes: 5 additions & 1 deletion sw/device/silicon_creator/lib/ownership/ownership_key.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
#include "sw/device/silicon_creator/lib/drivers/keymgr.h"
#include "sw/device/silicon_creator/lib/drivers/kmac.h"
#include "sw/device/silicon_creator/lib/ownership/ecdsa.h"
#include "sw/device/silicon_creator/lib/sigverify/flash_exec.h"

// RAM copy of the owner INFO pages from flash.
extern owner_block_t owner_page[2];
Expand All @@ -18,7 +19,10 @@ OT_WEAK const owner_key_t *const kNoOwnerRecoveryKey;

hardened_bool_t ownership_key_validate(size_t page, ownership_key_t key,
const owner_signature_t *signature,
const void *message, size_t len) {
const void *message, size_t len,
uint32_t *flash_exec) {
// TODO: Pipe this through to a secure ecdsa.
*flash_exec = kSigverifyFlashExec;
if ((key & kOwnershipKeyUnlock) == kOwnershipKeyUnlock) {
if (ecdsa_verify_message(&owner_page[page].unlock_key.ecdsa,
&signature->ecdsa, message,
Expand Down
5 changes: 4 additions & 1 deletion sw/device/silicon_creator/lib/ownership/ownership_key.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,11 +49,14 @@ typedef struct owner_secret_page {
* @param signature The signature over the message.
* @param message Pointer to the message.
* @param len Size of the message.
* @param flash_exec The magic value signifying whether the signature was
* verified.
* @return kHardenedBoolTrue if the message is valid.
*/
hardened_bool_t ownership_key_validate(size_t page, ownership_key_t key,
const owner_signature_t *signature,
const void *message, size_t len);
const void *message, size_t len,
uint32_t *flash_exec);

/**
* Initialize sealing.
Expand Down
43 changes: 31 additions & 12 deletions sw/device/silicon_creator/lib/ownership/ownership_unlock.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
#include "sw/device/silicon_creator/lib/error.h"
#include "sw/device/silicon_creator/lib/ownership/owner_block.h"
#include "sw/device/silicon_creator/lib/ownership/ownership_key.h"
#include "sw/device/silicon_creator/lib/sigverify/flash_exec.h"

static hardened_bool_t is_locked_none(uint32_t ownership_state) {
if (ownership_state == kOwnershipStateLockedOwner ||
Expand All @@ -24,12 +25,16 @@ static hardened_bool_t is_locked_none(uint32_t ownership_state) {
return kHardenedBoolTrue;
}

static rom_error_t do_unlock(boot_svc_msg_t *msg, boot_data_t *bootdata) {
static rom_error_t do_unlock(boot_svc_msg_t *msg, boot_data_t *bootdata,
uint32_t *flash_exec) {
// Verify that the nonce is correct.
if (!nonce_equal(&msg->ownership_unlock_req.nonce, &bootdata->nonce)) {
return kErrorOwnershipInvalidNonce;
}

// Verify that we passed signature verification for the message.
HARDENED_CHECK_EQ(*flash_exec, kSigverifyFlashExec);

// Verify the device identification number is correct.
lifecycle_device_id_t device_id;
lifecycle_device_id_get(&device_id);
Expand Down Expand Up @@ -59,6 +64,9 @@ static rom_error_t unlock(boot_svc_msg_t *msg, boot_data_t *bootdata) {
size_t len = (uintptr_t)&msg->ownership_unlock_req.signature -
(uintptr_t)&msg->ownership_unlock_req.unlock_mode;
if (bootdata->ownership_state == kOwnershipStateLockedOwner) {
// Set the variable checking whether the correct signatures have been
// verified
uint32_t flash_exec = 0;
switch (owner_page[0].update_mode) {
case kOwnershipUpdateModeOpen:
// The Open mode allows unlock to any unlock state.
Expand All @@ -79,21 +87,24 @@ static rom_error_t unlock(boot_svc_msg_t *msg, boot_data_t *bootdata) {
if (ownership_key_validate(
/*page=*/0, kOwnershipKeyUnlock | kOwnershipKeyRecovery,
&msg->ownership_unlock_req.signature,
&msg->ownership_unlock_req.unlock_mode,
len) == kHardenedBoolFalse) {
&msg->ownership_unlock_req.unlock_mode, len,
&flash_exec) == kHardenedBoolFalse) {
return kErrorOwnershipInvalidSignature;
}
return do_unlock(msg, bootdata);
return do_unlock(msg, bootdata, &flash_exec);
} else if (is_locked_none(bootdata->ownership_state) == kHardenedBoolTrue) {
// In the No-Owner state, we check against the silicon_creator's
// no_owner_recovery_key.
// Set the variable checking whether the correct signatures have been
// verified
uint32_t flash_exec = 0;
if (ownership_key_validate(/*page=*/0, kOwnershipKeyRecovery,
&msg->ownership_unlock_req.signature,
&msg->ownership_unlock_req.unlock_mode,
len) == kHardenedBoolFalse) {
&msg->ownership_unlock_req.unlock_mode, len,
&flash_exec) == kHardenedBoolFalse) {
return kErrorOwnershipInvalidSignature;
}
return do_unlock(msg, bootdata);
return do_unlock(msg, bootdata, &flash_exec);
} else {
return kErrorOwnershipInvalidState;
}
Expand All @@ -102,6 +113,9 @@ static rom_error_t unlock(boot_svc_msg_t *msg, boot_data_t *bootdata) {
static rom_error_t unlock_update(boot_svc_msg_t *msg, boot_data_t *bootdata) {
size_t len = (uintptr_t)&msg->ownership_unlock_req.signature -
(uintptr_t)&msg->ownership_unlock_req.unlock_mode;
// Set the variable checking whether the correct signatures have been
// verified.
uint32_t flash_exec = 0;
if (bootdata->ownership_state == kOwnershipStateLockedOwner) {
switch (owner_page[0].update_mode) {
case kOwnershipUpdateModeNewVersion:
Expand All @@ -118,11 +132,11 @@ static rom_error_t unlock_update(boot_svc_msg_t *msg, boot_data_t *bootdata) {
// Check the signature against the unlock key.
if (ownership_key_validate(/*page=*/0, kOwnershipKeyUnlock,
&msg->ownership_unlock_req.signature,
&msg->ownership_unlock_req.unlock_mode,
len) == kHardenedBoolFalse) {
&msg->ownership_unlock_req.unlock_mode, len,
&flash_exec) == kHardenedBoolFalse) {
return kErrorOwnershipInvalidSignature;
}
return do_unlock(msg, bootdata);
return do_unlock(msg, bootdata, &flash_exec);
}
return kErrorOwnershipInvalidState;
}
Expand All @@ -133,13 +147,18 @@ static rom_error_t unlock_abort(boot_svc_msg_t *msg, boot_data_t *bootdata) {
if (bootdata->ownership_state == kOwnershipStateUnlockedEndorsed ||
bootdata->ownership_state == kOwnershipStateUnlockedAny ||
bootdata->ownership_state == kOwnershipStateUnlockedSelf) {
// Set the variable checking whether the correct signatures have been
// verified.
uint32_t flash_exec = 0;
// Check the signature against the unlock key.
if (ownership_key_validate(/*page=*/0, kOwnershipKeyUnlock,
&msg->ownership_unlock_req.signature,
&msg->ownership_unlock_req.unlock_mode,
len) == kHardenedBoolFalse) {
&msg->ownership_unlock_req.unlock_mode, len,
&flash_exec) == kHardenedBoolFalse) {
return kErrorOwnershipInvalidSignature;
}
// Verify that we passed signature verification for the message.
HARDENED_CHECK_EQ(flash_exec, kSigverifyFlashExec);
if (!nonce_equal(&msg->ownership_unlock_req.nonce, &bootdata->nonce)) {
return kErrorOwnershipInvalidNonce;
}
Expand Down
Loading
Loading