From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id EB128C433E0 for ; Tue, 7 Jul 2020 02:08:28 +0000 (UTC) Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 8837D206E6 for ; Tue, 7 Jul 2020 02:08:28 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=axtens.net header.i=@axtens.net header.b="YwcARj7v" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8837D206E6 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=axtens.net Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 4B15Sn6nMYzDqg1 for ; Tue, 7 Jul 2020 12:08:25 +1000 (AEST) Received: from ozlabs.org (bilbo.ozlabs.org [203.11.71.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4B15Qm0R5zzDqRJ for ; Tue, 7 Jul 2020 12:06:40 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=axtens.net Authentication-Results: lists.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=axtens.net header.i=@axtens.net header.a=rsa-sha256 header.s=google header.b=YwcARj7v; dkim-atps=neutral Received: from ozlabs.org (bilbo.ozlabs.org [IPv6:2401:3900:2:1::2]) by bilbo.ozlabs.org (Postfix) with ESMTP id 4B15Ql6Ndzz8t4p for ; Tue, 7 Jul 2020 12:06:39 +1000 (AEST) Received: by ozlabs.org (Postfix) id 4B15Ql60cMz9sRf; Tue, 7 Jul 2020 12:06:39 +1000 (AEST) Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=axtens.net (client-ip=2607:f8b0:4864:20::444; helo=mail-pf1-x444.google.com; envelope-from=dja@axtens.net; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=axtens.net Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=axtens.net header.i=@axtens.net header.a=rsa-sha256 header.s=google header.b=YwcARj7v; dkim-atps=neutral Received: from mail-pf1-x444.google.com (mail-pf1-x444.google.com [IPv6:2607:f8b0:4864:20::444]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4B15Ql3yHBz9sRR for ; Tue, 7 Jul 2020 12:06:38 +1000 (AEST) Received: by mail-pf1-x444.google.com with SMTP id t11so12888192pfq.11 for ; Mon, 06 Jul 2020 19:06:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=axtens.net; s=google; h=from:to:cc:subject:in-reply-to:references:date:message-id :mime-version; bh=ufAMLYZ5uV6bHta35HYJH1XfzcRlJb5HFWlT4qXEYfo=; b=YwcARj7v1GayRBLXaoyXzW79MNuNWyyF5vyLq1cIB7n9Y3VhKk3KvpBJF0dJ/fGjWG Y2vIYLCAwyATgtfbWA+BrcFEyx7ttSCb2IDdkfYIBwFNYc6GSEetLR/sKHvbA2hgK3qI HSd+WUnLi00yppS1fmG+Jf7N1PukSZK6ulkDg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:in-reply-to:references:date :message-id:mime-version; bh=ufAMLYZ5uV6bHta35HYJH1XfzcRlJb5HFWlT4qXEYfo=; b=Y7oWCw+XI4QGZ4Sh36f2o5V8whMCpMk5VHCwuBfv/zUtz8eQjPxvZw4Y10JdtYMm3B jUJsBMnYZvqyJYjCKYjRyxeI2BSX4zavsWf6hHsLI7OKxLAvsEksZunW4XP4D1QLXrKL bvtdBIo/NAkPMCUejLneqcP9nE+xpZimcqXbpgsEaVT8nEy/57EeUQ/Fyj0OSTPjWdMH ecAzdZYM6Npio4hywcnIxItYnoZKP5/2sAsA/fB6j09fDcdJATv6VxYen8Aa59unxIxn NCpwTF5pYS1QlbKY9ONXICxCZausz9wMUpfOHz8wrmN36I6zX8cQxx/C09iMOI4TKUrg 79rA== X-Gm-Message-State: AOAM533V4ZIxUZfeviVBwzd/YCTSJq5d/gqO8H9VfxHkhyp/770bVhAJ A8XyKVSWNT23qdkTLnVtTSiMvQ== X-Google-Smtp-Source: ABdhPJzLFy1WJWtquEz3mBN0TcABoY5qRw+cnTVC6hS+qEfcSZKtVrJWb+JBCTwkkizgqQEp5HWd9A== X-Received: by 2002:a63:182:: with SMTP id 124mr40086924pgb.288.1594087595729; Mon, 06 Jul 2020 19:06:35 -0700 (PDT) Received: from localhost (2001-44b8-1113-6700-4ddf-cfaf-3be5-4008.static.ipv6.internode.on.net. [2001:44b8:1113:6700:4ddf:cfaf:3be5:4008]) by smtp.gmail.com with ESMTPSA id g9sm19308737pfm.151.2020.07.06.19.06.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 Jul 2020 19:06:35 -0700 (PDT) From: Daniel Axtens To: Nayna Jain , linuxppc-dev@ozlabs.org Subject: Re: [PATCH] powerpc/pseries: detect secure and trusted boot state of the system. In-Reply-To: <1593882535-21368-1-git-send-email-nayna@linux.ibm.com> References: <1593882535-21368-1-git-send-email-nayna@linux.ibm.com> Date: Tue, 07 Jul 2020 12:06:32 +1000 Message-ID: <87a70c3wpj.fsf@dja-thinkpad.axtens.net> MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Nayna Jain , linux-kernel@vger.kernel.org, Mimi Zohar Errors-To: linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Sender: "Linuxppc-dev" Thanks Nayna! I'm hoping to get better public documentation for this soon as it's not documented in a public PAPR yet. Until then: The values of ibm,secure-boot under PowerVM are: 0 - disabled 1 - audit mode only. This patch ignores this value for Linux, which I think is the appropriate thing to do. 2 - enabled and enforcing 3-9 - enabled, OS-defined behaviour. In this patch we map all these values to enabled and enforcing. Again I think this is the appropriate thing to do. ibm,trusted-boot isn't published by a current PowerVM LPAR but will be published in future. (Currently, trusted boot state is inferred by the presence or absense of a vTPM.) It's simply 1 = enabled, 0 = disabled. As for this patch specifically, with the very small nits below, Reviewed-by: Daniel Axtens > - node = get_ppc_fw_sb_node(); > - enabled = of_property_read_bool(node, "os-secureboot-enforcing"); > + if (machine_is(powernv)) { > + node = get_ppc_fw_sb_node(); > + enabled = > + of_property_read_bool(node, "os-secureboot-enforcing"); > + of_node_put(node); > + } > > - of_node_put(node); > + if (machine_is(pseries)) { Maybe this should be an else if? > + secureboot = of_get_property(of_root, "ibm,secure-boot", NULL); > + if (secureboot) > + enabled = (*secureboot > 1) ? true : false; > + } > > pr_info("Secure boot mode %s\n", enabled ? "enabled" : "disabled"); > > @@ -38,11 +48,20 @@ bool is_ppc_trustedboot_enabled(void) > { > struct device_node *node; > bool enabled = false; > + const u32 *trustedboot; > > - node = get_ppc_fw_sb_node(); > - enabled = of_property_read_bool(node, "trusted-enabled"); > + if (machine_is(powernv)) { > + node = get_ppc_fw_sb_node(); > + enabled = of_property_read_bool(node, "trusted-enabled"); > + of_node_put(node); > + } > > - of_node_put(node); > + if (machine_is(pseries)) { Likewise. > + trustedboot = > + of_get_property(of_root, "ibm,trusted-boot", NULL); > + if (trustedboot) > + enabled = (*trustedboot > 0) ? true : false; Regards, Daniel From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A1D1DC433E0 for ; Tue, 7 Jul 2020 02:06:38 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 75C0C206E6 for ; Tue, 7 Jul 2020 02:06:38 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=axtens.net header.i=@axtens.net header.b="YwcARj7v" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726805AbgGGCGh (ORCPT ); Mon, 6 Jul 2020 22:06:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50692 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726491AbgGGCGg (ORCPT ); Mon, 6 Jul 2020 22:06:36 -0400 Received: from mail-pf1-x441.google.com (mail-pf1-x441.google.com [IPv6:2607:f8b0:4864:20::441]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9D2E2C061755 for ; Mon, 6 Jul 2020 19:06:36 -0700 (PDT) Received: by mail-pf1-x441.google.com with SMTP id a14so13172063pfi.2 for ; Mon, 06 Jul 2020 19:06:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=axtens.net; s=google; h=from:to:cc:subject:in-reply-to:references:date:message-id :mime-version; bh=ufAMLYZ5uV6bHta35HYJH1XfzcRlJb5HFWlT4qXEYfo=; b=YwcARj7v1GayRBLXaoyXzW79MNuNWyyF5vyLq1cIB7n9Y3VhKk3KvpBJF0dJ/fGjWG Y2vIYLCAwyATgtfbWA+BrcFEyx7ttSCb2IDdkfYIBwFNYc6GSEetLR/sKHvbA2hgK3qI HSd+WUnLi00yppS1fmG+Jf7N1PukSZK6ulkDg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:in-reply-to:references:date :message-id:mime-version; bh=ufAMLYZ5uV6bHta35HYJH1XfzcRlJb5HFWlT4qXEYfo=; b=Is/ncVCQNp8cXL0EBvh/0/tIM9c6LSg+OYkkdR7DHDyF5XMjlmbRGZ+7XcushU6gAx 2Qh1wFjnto4njQ3vRsE+723N63A2bP3xmP1byVeQxEm4bsqbcP69A1csPhD3DBB8dpoX oMSv18aDI0fxSoEuvlpuYn9NwUtyT9lJMZnXg5XLetmtTrwiU1EJTnl81jghy/Rn98AR f6RDhofe7ijxr4mWHa8fJfidVQyMKcIkhESDK4M7pQqmjvPpC4EkBgi6xdzpvwBea5nt vM3Of0VCgSwUFPyrOmruCZE8XDIQuMP8cKSgNkEqY+mFmno5+/ZSsDEC8P9FT4RBDtl4 nNFQ== X-Gm-Message-State: AOAM531d37JCcqQasZcdAcgwK0GYW5Yu1ZCRzCYOyCGErLFriSr/e2TD Vt2qtE8wU9BRudC4/R9niFwoHdGMyE8= X-Google-Smtp-Source: ABdhPJzLFy1WJWtquEz3mBN0TcABoY5qRw+cnTVC6hS+qEfcSZKtVrJWb+JBCTwkkizgqQEp5HWd9A== X-Received: by 2002:a63:182:: with SMTP id 124mr40086924pgb.288.1594087595729; Mon, 06 Jul 2020 19:06:35 -0700 (PDT) Received: from localhost (2001-44b8-1113-6700-4ddf-cfaf-3be5-4008.static.ipv6.internode.on.net. [2001:44b8:1113:6700:4ddf:cfaf:3be5:4008]) by smtp.gmail.com with ESMTPSA id g9sm19308737pfm.151.2020.07.06.19.06.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 Jul 2020 19:06:35 -0700 (PDT) From: Daniel Axtens To: Nayna Jain , linuxppc-dev@ozlabs.org Cc: Michael Ellerman , Mimi Zohar , linux-kernel@vger.kernel.org, Nayna Jain Subject: Re: [PATCH] powerpc/pseries: detect secure and trusted boot state of the system. In-Reply-To: <1593882535-21368-1-git-send-email-nayna@linux.ibm.com> References: <1593882535-21368-1-git-send-email-nayna@linux.ibm.com> Date: Tue, 07 Jul 2020 12:06:32 +1000 Message-ID: <87a70c3wpj.fsf@dja-thinkpad.axtens.net> MIME-Version: 1.0 Content-Type: text/plain Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Thanks Nayna! I'm hoping to get better public documentation for this soon as it's not documented in a public PAPR yet. Until then: The values of ibm,secure-boot under PowerVM are: 0 - disabled 1 - audit mode only. This patch ignores this value for Linux, which I think is the appropriate thing to do. 2 - enabled and enforcing 3-9 - enabled, OS-defined behaviour. In this patch we map all these values to enabled and enforcing. Again I think this is the appropriate thing to do. ibm,trusted-boot isn't published by a current PowerVM LPAR but will be published in future. (Currently, trusted boot state is inferred by the presence or absense of a vTPM.) It's simply 1 = enabled, 0 = disabled. As for this patch specifically, with the very small nits below, Reviewed-by: Daniel Axtens > - node = get_ppc_fw_sb_node(); > - enabled = of_property_read_bool(node, "os-secureboot-enforcing"); > + if (machine_is(powernv)) { > + node = get_ppc_fw_sb_node(); > + enabled = > + of_property_read_bool(node, "os-secureboot-enforcing"); > + of_node_put(node); > + } > > - of_node_put(node); > + if (machine_is(pseries)) { Maybe this should be an else if? > + secureboot = of_get_property(of_root, "ibm,secure-boot", NULL); > + if (secureboot) > + enabled = (*secureboot > 1) ? true : false; > + } > > pr_info("Secure boot mode %s\n", enabled ? "enabled" : "disabled"); > > @@ -38,11 +48,20 @@ bool is_ppc_trustedboot_enabled(void) > { > struct device_node *node; > bool enabled = false; > + const u32 *trustedboot; > > - node = get_ppc_fw_sb_node(); > - enabled = of_property_read_bool(node, "trusted-enabled"); > + if (machine_is(powernv)) { > + node = get_ppc_fw_sb_node(); > + enabled = of_property_read_bool(node, "trusted-enabled"); > + of_node_put(node); > + } > > - of_node_put(node); > + if (machine_is(pseries)) { Likewise. > + trustedboot = > + of_get_property(of_root, "ibm,trusted-boot", NULL); > + if (trustedboot) > + enabled = (*trustedboot > 0) ? true : false; Regards, Daniel