Create AST2600 OTP image

Create AST2600 OTP image

[Jamin Lin]

[-- Attachment #1: Type: text/plain, Size: 3240 bytes --]

Hi OpenBMC team

I have some questions about OTP image creation in OpenBMC. To support AST2600 RoT(Root of Trust, AST2600 ROM code verified SPL), users should program "A public key" in OTP and uses "A private key" with SPL image to create signature and place it in SPL.
The SOCESEC tool help user to create OTP and SPL images for AST2600 secure boot support.
The following are my questions and solutions

  1.  There was a socsec-sign.bbclass in OpenBMC and it is used for SPL image generation with SOCSEC tool. Do you agree if I modify socsec-sign.bbclass to create OTP image?

If no, I will try to use solution 2.



  1.  I will create a new recipe to create OTP image and this recipe will be placed in meta-aspeed/recipes-aspeed/otp/otp.bb

To successfully build the OTP and SPL images, we should create the key-pair one for OTP(public key) and another for SPL(private key).

Do you have any suggestion to place these keys in where?

  1.  So far, we placed both private key and public keys here, https://github.com/openbmc/openbmc/tree/master/meta-aspeed/recipes-bsp/u-boot/files

How to get the public key in OTP recipe? It seems I need to place public key, https://github.com/openbmc/openbmc/blob/master/meta-aspeed/recipes-bsp/u-boot/files/rsa_pub_oem_dss_key.pem

in meta-aspeed/recipes-aspeed/otp/files and private key in u-boot, https://github.com/openbmc/openbmc/blob/master/meta-aspeed/recipes-bsp/u-boot/files/rsa_oem_dss_key.pem

  1.  The socsec tool settings should be consistent. For example: If user set the algorithm "RSA4096_SHA512" in SPL, it is required to use the corresponding *.json config in OTP.

https://github.com/openbmc/openbmc/blob/master/meta-aspeed/classes/socsec-sign.bbclass#L8

By default, it set SOCSEC_SIGN_ALGO ?= "RSA4096_SHA512" to create SPL, it is required to use https://github.com/AspeedTech-BMC/openbmc/blob/aspeed-master/meta-aspeed-sdk/recipes-aspeed/security/aspeed-secure-config/configs/ast2600/security/otp/evbA3_RSA4096_SHA512.json for OTP image generation.

  How to share the environment variable between u-boot and otp recipes?

  Do you prefer to add "SOCSEC_SIGN_ALGO" in machine configuration file, so this variable can be recognized between otp and u-boot recipes.

  Do you have any suggestion?

  1.  How to trigger the build process to build create OTP image if user only issues "bitbake obmc-phosphor-image"?

https://github.com/AspeedTech-BMC/openbmc/blob/aspeed-master/meta-aspeed-sdk/classes/image_types_phosphor_aspeed.bbclass#L84

Our solution set the do_generate_static_tar task dependencies. So, build process create the otp image first, then run do_generate_static_tar task.

Do you have any suggestion? Do I need to modify this bbclass, https://github.com/openbmc/openbmc/blob/master/meta-phosphor/classes/image_types_phosphor.bbclass ?
Thanks-Jamin

************* Email Confidentiality Notice ********************
DISCLAIMER:
This message (and any attachments) may contain legally privileged and/or other confidential information. If you have received it in error, please notify the sender by reply e-mail and immediately delete the e-mail and any attachments without copying or disclosing the contents. Thank you.


[-- Attachment #2: Type: text/html, Size: 14726 bytes --]

RE: Create AST2600 OTP image

[Jamin Lin]

[-- Attachment #1: Type: text/plain, Size: 4063 bytes --]

Hi OpenBMC team,
I created a patch set 1 and waiting for review.
https://gerrit.openbmc-project.xyz/c/openbmc/openbmc/+/49754
Thanks-Jamin

************* Email Confidentiality Notice ********************
DISCLAIMER:
This message (and any attachments) may contain legally privileged and/or other confidential information. If you have received it in error, please notify the sender by reply e-mail and immediately delete the e-mail and any attachments without copying or disclosing the contents. Thank you.

From: Jamin Lin <jamin_lin@aspeedtech.com>
Sent: Thursday, December 16, 2021 2:42 PM
To: openbmc@lists.ozlabs.org; andrew@aj.id.au; patrick@stwcx.xyz; Troy Lee <troy_lee@aspeedtech.com>; Steven Lee <steven_lee@aspeedtech.com>
Cc: Jamin Lin <jamin_lin@aspeedtech.com>
Subject: Create AST2600 OTP image

Hi OpenBMC team

I have some questions about OTP image creation in OpenBMC. To support AST2600 RoT(Root of Trust, AST2600 ROM code verified SPL), users should program "A public key" in OTP and uses "A private key" with SPL image to create signature and place it in SPL.
The SOCESEC tool help user to create OTP and SPL images for AST2600 secure boot support.
The following are my questions and solutions

  1.  There was a socsec-sign.bbclass in OpenBMC and it is used for SPL image generation with SOCSEC tool. Do you agree if I modify socsec-sign.bbclass to create OTP image?

If no, I will try to use solution 2.



  1.  I will create a new recipe to create OTP image and this recipe will be placed in meta-aspeed/recipes-aspeed/otp/otp.bb

To successfully build the OTP and SPL images, we should create the key-pair one for OTP(public key) and another for SPL(private key).

Do you have any suggestion to place these keys in where?

  1.  So far, we placed both private key and public keys here, https://github.com/openbmc/openbmc/tree/master/meta-aspeed/recipes-bsp/u-boot/files

How to get the public key in OTP recipe? It seems I need to place public key, https://github.com/openbmc/openbmc/blob/master/meta-aspeed/recipes-bsp/u-boot/files/rsa_pub_oem_dss_key.pem

in meta-aspeed/recipes-aspeed/otp/files and private key in u-boot, https://github.com/openbmc/openbmc/blob/master/meta-aspeed/recipes-bsp/u-boot/files/rsa_oem_dss_key.pem

  1.  The socsec tool settings should be consistent. For example: If user set the algorithm "RSA4096_SHA512" in SPL, it is required to use the corresponding *.json config in OTP.

https://github.com/openbmc/openbmc/blob/master/meta-aspeed/classes/socsec-sign.bbclass#L8

By default, it set SOCSEC_SIGN_ALGO ?= "RSA4096_SHA512" to create SPL, it is required to use https://github.com/AspeedTech-BMC/openbmc/blob/aspeed-master/meta-aspeed-sdk/recipes-aspeed/security/aspeed-secure-config/configs/ast2600/security/otp/evbA3_RSA4096_SHA512.json for OTP image generation.

  How to share the environment variable between u-boot and otp recipes?

  Do you prefer to add "SOCSEC_SIGN_ALGO" in machine configuration file, so this variable can be recognized between otp and u-boot recipes.

  Do you have any suggestion?

  1.  How to trigger the build process to build create OTP image if user only issues "bitbake obmc-phosphor-image"?

https://github.com/AspeedTech-BMC/openbmc/blob/aspeed-master/meta-aspeed-sdk/classes/image_types_phosphor_aspeed.bbclass#L84

Our solution set the do_generate_static_tar task dependencies. So, build process create the otp image first, then run do_generate_static_tar task.

Do you have any suggestion? Do I need to modify this bbclass, https://github.com/openbmc/openbmc/blob/master/meta-phosphor/classes/image_types_phosphor.bbclass ?
Thanks-Jamin

************* Email Confidentiality Notice ********************
DISCLAIMER:
This message (and any attachments) may contain legally privileged and/or other confidential information. If you have received it in error, please notify the sender by reply e-mail and immediately delete the e-mail and any attachments without copying or disclosing the contents. Thank you.


[-- Attachment #2: Type: text/html, Size: 19384 bytes --]

Re: Create AST2600 OTP image

[Andrew Jeffery]

Hi Jamin,

On Thu, 16 Dec 2021, at 17:11, Jamin Lin wrote:
> Hi OpenBMC team
>
> I have some questions about OTP image creation in OpenBMC. To support 
> AST2600 RoT(Root of Trust, AST2600 ROM code verified SPL), users should 
> program "A public key" in OTP and uses "A private key" with SPL image 
> to create signature and place it in SPL.
> The SOCESEC tool help user to create OTP and SPL images for AST2600 
> secure boot support.
> The following are my questions and solutions
>
>   1.  There was a socsec-sign.bbclass in OpenBMC and it is used for SPL 
> image generation with SOCSEC tool. Do you agree if I modify 
> socsec-sign.bbclass to create OTP image?

I'm not convinced on this one. While the OTP configuration and the 
output of the socsec signing process are tightly coupled they involve 
separate processes. Off the top of my head, the fact that socsec and 
otptool are separate utilities suggests to me that they should use 
separate bbclasses in the build process.

>
> If no, I will try to use solution 2.
>

This is the path you should follow - I have some comments below.

>
>
>   1.  I will create a new recipe to create OTP image and this recipe 
> will be placed in meta-aspeed/recipes-aspeed/otp/otp.bb

Okay.

>
> To successfully build the OTP and SPL images, we should create the 
> key-pair one for OTP(public key) and another for SPL(private key).
>
> Do you have any suggestion to place these keys in where?
>
>   1.  So far, we placed both private key and public keys here, 
> https://github.com/openbmc/openbmc/tree/master/meta-aspeed/recipes-bsp/u-boot/files
>
> How to get the public key in OTP recipe? It seems I need to place 
> public key, 
> https://github.com/openbmc/openbmc/blob/master/meta-aspeed/recipes-bsp/u-boot/files/rsa_pub_oem_dss_key.pem
>
> in meta-aspeed/recipes-aspeed/otp/files and private key in u-boot, 
> https://github.com/openbmc/openbmc/blob/master/meta-aspeed/recipes-bsp/u-boot/files/rsa_oem_dss_key.pem

We might need a separate recipe e.g. called 'aspeed-ast2600-rot-keys', 
and move the files you've pointed to above into that recipe. From there 
both the OTP and u-boot recipes can depend on 'aspeed-ast2600-rot-keys' 
to gain access to the files.

>
>   1.  The socsec tool settings should be consistent. For example: If 
> user set the algorithm "RSA4096_SHA512" in SPL, it is required to use 
> the corresponding *.json config in OTP.
>
> https://github.com/openbmc/openbmc/blob/master/meta-aspeed/classes/socsec-sign.bbclass#L8

Yes, but maybe this creates too many headaches to enforce? We'd have to 
parse the json and line it up with SOCSEC_SIGN_ALGO in the recipe. It 
seems much easier if we just do a `socsec verify ...` once we've 
generated all the artefacts, feeding in the OTP image we've also built 
through the otptool bbclass. If the verification fails then the build 
fails and someone can look at what happened.

>
> By default, it set SOCSEC_SIGN_ALGO ?= "RSA4096_SHA512" to create SPL, 
> it is required to use 
> https://github.com/AspeedTech-BMC/openbmc/blob/aspeed-master/meta-aspeed-sdk/recipes-aspeed/security/aspeed-secure-config/configs/ast2600/security/otp/evbA3_RSA4096_SHA512.json 
> for OTP image generation.

This isn't true. How I want this to work is that each platform provides 
its own OTP json configuration, and the otptool bbclass consumes that 
to produce the OTP image.

Platform designers should have the freedom to pick their own 
platform-specific OTP settings with respect to e.g. the ABR, boot 
source fallback, secureboot etc features. There's no point generating 
the cartesian product of configurations out of the box, it would just 
be confusing and a *huge* amount of noise.

I've cooked up a platform-specific config for our p10bmc systems for 
instance, and was planning on integrating that into the OpenBMC tree.

>
>   How to share the environment variable between u-boot and otp recipes?
>
>   Do you prefer to add "SOCSEC_SIGN_ALGO" in machine configuration 
> file, so this variable can be recognized between otp and u-boot recipes.
>
>   Do you have any suggestion?

It should be set by the platform config and so should be available to 
any recipe executed in the build process, included e.g. an otptool 
recipe. Platform bitbake configs shouldn't rely on any particular 
default value being set in socsec-sign bbclass for SOCSEC_SIGN_ALGO (we 
might change the default in the future - then any platforms relying on 
a particular default value would break).

>
>   1.  How to trigger the build process to build create OTP image if 
> user only issues "bitbake obmc-phosphor-image"?
>
> https://github.com/AspeedTech-BMC/openbmc/blob/aspeed-master/meta-aspeed-sdk/classes/image_types_phosphor_aspeed.bbclass#L84
>
> Our solution set the do_generate_static_tar task dependencies. So, 
> build process create the otp image first, then run 
> do_generate_static_tar task.

You probably want to add it as a dependency of u-boot. This way the 
socsec-sign bbclass can implement the functionality to run `socsec 
verify ...` with the OTP blob as its last step, triggered from the 
u-boot recipe.

>
> Do you have any suggestion? Do I need to modify this bbclass, 
> https://github.com/openbmc/openbmc/blob/master/meta-phosphor/classes/image_types_phosphor.bbclass 

No, I don't expect so.

Andrew

Re: Create AST2600 OTP image

[Jamin Lin]

The 12/16/2021 22:43, Andrew Jeffery wrote:
> Hi Jamin,
> 
> On Thu, 16 Dec 2021, at 17:11, Jamin Lin wrote:
> > Hi OpenBMC team
> >
> > I have some questions about OTP image creation in OpenBMC. To support 
> > AST2600 RoT(Root of Trust, AST2600 ROM code verified SPL), users should 
> > program "A public key" in OTP and uses "A private key" with SPL image 
> > to create signature and place it in SPL.
> > The SOCESEC tool help user to create OTP and SPL images for AST2600 
> > secure boot support.
> > The following are my questions and solutions
> >
> >   1.  There was a socsec-sign.bbclass in OpenBMC and it is used for SPL 
> > image generation with SOCSEC tool. Do you agree if I modify 
> > socsec-sign.bbclass to create OTP image?
> 
> I'm not convinced on this one. While the OTP configuration and the 
> output of the socsec signing process are tightly coupled they involve 
> separate processes. Off the top of my head, the fact that socsec and 
> otptool are separate utilities suggests to me that they should use 
> separate bbclasses in the build process.
> 
> >
> > If no, I will try to use solution 2.
> >
> 
> This is the path you should follow - I have some comments below.
> 
> >
> >
> >   1.  I will create a new recipe to create OTP image and this recipe 
> > will be placed in meta-aspeed/recipes-aspeed/otp/otp.bb
> 
> Okay.
> 
> >
> > To successfully build the OTP and SPL images, we should create the 
> > key-pair one for OTP(public key) and another for SPL(private key).
> >
> > Do you have any suggestion to place these keys in where?
> >
> >   1.  So far, we placed both private key and public keys here, 
> > https://github.com/openbmc/openbmc/tree/master/meta-aspeed/recipes-bsp/u-boot/files
> >
> > How to get the public key in OTP recipe? It seems I need to place 
> > public key, 
> > https://github.com/openbmc/openbmc/blob/master/meta-aspeed/recipes-bsp/u-boot/files/rsa_pub_oem_dss_key.pem
> >
> > in meta-aspeed/recipes-aspeed/otp/files and private key in u-boot, 
> > https://github.com/openbmc/openbmc/blob/master/meta-aspeed/recipes-bsp/u-boot/files/rsa_oem_dss_key.pem
> 
> We might need a separate recipe e.g. called 'aspeed-ast2600-rot-keys', 
> and move the files you've pointed to above into that recipe. From there 
> both the OTP and u-boot recipes can depend on 'aspeed-ast2600-rot-keys' 
> to gain access to the files.
> 
> >
> >   1.  The socsec tool settings should be consistent. For example: If 
> > user set the algorithm "RSA4096_SHA512" in SPL, it is required to use 
> > the corresponding *.json config in OTP.
> >
> > https://github.com/openbmc/openbmc/blob/master/meta-aspeed/classes/socsec-sign.bbclass#L8
> 
> Yes, but maybe this creates too many headaches to enforce? We'd have to 
> parse the json and line it up with SOCSEC_SIGN_ALGO in the recipe. It 
> seems much easier if we just do a `socsec verify ...` once we've 
> generated all the artefacts, feeding in the OTP image we've also built 
> through the otptool bbclass. If the verification fails then the build 
> fails and someone can look at what happened.
> 
> >
> > By default, it set SOCSEC_SIGN_ALGO ?= "RSA4096_SHA512" to create SPL, 
> > it is required to use 
> > https://github.com/AspeedTech-BMC/openbmc/blob/aspeed-master/meta-aspeed-sdk/recipes-aspeed/security/aspeed-secure-config/configs/ast2600/security/otp/evbA3_RSA4096_SHA512.json 
> > for OTP image generation.
> 
> This isn't true. How I want this to work is that each platform provides 
> its own OTP json configuration, and the otptool bbclass consumes that 
> to produce the OTP image.
> 
> Platform designers should have the freedom to pick their own 
> platform-specific OTP settings with respect to e.g. the ABR, boot 
> source fallback, secureboot etc features. There's no point generating 
> the cartesian product of configurations out of the box, it would just 
> be confusing and a *huge* amount of noise.
> 
> I've cooked up a platform-specific config for our p10bmc systems for 
> instance, and was planning on integrating that into the OpenBMC tree.
> 
> >
> >   How to share the environment variable between u-boot and otp recipes?
> >
> >   Do you prefer to add "SOCSEC_SIGN_ALGO" in machine configuration 
> > file, so this variable can be recognized between otp and u-boot recipes.
> >
> >   Do you have any suggestion?
> 
> It should be set by the platform config and so should be available to 
> any recipe executed in the build process, included e.g. an otptool 
> recipe. Platform bitbake configs shouldn't rely on any particular 
> default value being set in socsec-sign bbclass for SOCSEC_SIGN_ALGO (we 
> might change the default in the future - then any platforms relying on 
> a particular default value would break).
> 
> >
> >   1.  How to trigger the build process to build create OTP image if 
> > user only issues "bitbake obmc-phosphor-image"?
> >
> > https://github.com/AspeedTech-BMC/openbmc/blob/aspeed-master/meta-aspeed-sdk/classes/image_types_phosphor_aspeed.bbclass#L84
> >
> > Our solution set the do_generate_static_tar task dependencies. So, 
> > build process create the otp image first, then run 
> > do_generate_static_tar task.
> 
> You probably want to add it as a dependency of u-boot. This way the 
> socsec-sign bbclass can implement the functionality to run `socsec 
> verify ...` with the OTP blob as its last step, triggered from the 
> u-boot recipe.
> 
> >
> > Do you have any suggestion? Do I need to modify this bbclass, 
> > https://github.com/openbmc/openbmc/blob/master/meta-phosphor/classes/image_types_phosphor.bbclass 
> 
> No, I don't expect so.
> 
> Andrew

Hi Andrew
Thanks for all your suggestions and review.
I created two patches and waiting for review.
Thanks-Jamin