lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 14 Apr 2021 08:51:55 -0700
From:   Tom Rix <trix@...hat.com>
To:     Russ Weight <russell.h.weight@...el.com>, lee.jones@...aro.org,
        linux-kernel@...r.kernel.org
Cc:     lgoncalv@...hat.com, yilun.xu@...el.com, hao.wu@...el.com,
        matthew.gerlach@...el.com
Subject: Re: [PATCH v9 1/1] mfd: intel-m10-bmc: support for MAX10 BMC Secure
 Updates


On 4/12/21 12:53 PM, Russ Weight wrote:
> Add macros and definitions required by the MAX10 BMC
> Secure Update driver.
>
> Signed-off-by: Russ Weight <russell.h.weight@...el.com>
> Acked-by: Lee Jones <lee.jones@...aro.org>
> ---
> v9:
>    - Rebased on next-20210412
> v8:
>    - Previously patch 1/6 in "Intel MAX10 BMC Secure Update Driver"
>    - Rebased on next-20210121
> v7:
>    - No change
> v6:
>    - No change
> v5:
>    - Renamed USER_FLASH_COUNT to STAGING_FLASH_COUNT
> v4:
>    - No change
> v3:
>    - Changed "MAX10 BMC Secure Engine driver" to "MAX10 BMC Secure
>      Update driver"
>    - Removed wrapper functions (m10bmc_raw_*, m10bmc_sys_*). The
>      underlying functions will be called directly.
> v2:
>    - These functions and macros were previously distributed among
>      the patches that needed them. They are now grouped together
>      in a single patch containing changes to the Intel MAX10 BMC
>      driver.
>    - Added DRBL_ prefix to some definitions
>    - Some address definitions were moved here from the .c files that
>      use them.
> ---
>   include/linux/mfd/intel-m10-bmc.h | 85 +++++++++++++++++++++++++++++++
>   1 file changed, 85 insertions(+)
>
> diff --git a/include/linux/mfd/intel-m10-bmc.h b/include/linux/mfd/intel-m10-bmc.h
> index c4eb38c13eda..f0044b14136e 100644
> --- a/include/linux/mfd/intel-m10-bmc.h
> +++ b/include/linux/mfd/intel-m10-bmc.h
> @@ -16,6 +16,9 @@
>   #define M10BMC_FLASH_END		0x1fffffff
>   #define M10BMC_MEM_END			M10BMC_FLASH_END
>   
> +#define M10BMC_STAGING_BASE		0x18000000
> +#define M10BMC_STAGING_SIZE		0x3800000
> +
>   /* Register offset of system registers */
>   #define NIOS2_FW_VERSION		0x0
>   #define M10BMC_MAC_LOW			0x10
> @@ -33,6 +36,88 @@
>   #define M10BMC_VER_PCB_INFO_MSK		GENMASK(31, 24)
>   #define M10BMC_VER_LEGACY_INVALID	0xffffffff
>   
> +/* Secure update doorbell register, in system register region */
> +#define M10BMC_DOORBELL			0x400

To be consistent with the existing register #defines,

The bit values for the register should follow the register and have a 
M10BMC_ prefix

Tom

> +
> +/* Authorization Result register, in system register region */
> +#define M10BMC_AUTH_RESULT		0x404
> +
> +/* Doorbell register fields */
> +#define DRBL_RSU_REQUEST		BIT(0)
> +#define DRBL_RSU_PROGRESS		GENMASK(7, 4)
> +#define DRBL_HOST_STATUS		GENMASK(11, 8)
> +#define DRBL_RSU_STATUS			GENMASK(23, 16)
> +#define DRBL_PKVL_EEPROM_LOAD_SEC	BIT(24)
> +#define DRBL_PKVL1_POLL_EN		BIT(25)
> +#define DRBL_PKVL2_POLL_EN		BIT(26)
> +#define DRBL_CONFIG_SEL			BIT(28)
> +#define DRBL_REBOOT_REQ			BIT(29)
> +#define DRBL_REBOOT_DISABLED		BIT(30)
> +
> +/* Progress states */
> +#define RSU_PROG_IDLE			0x0
> +#define RSU_PROG_PREPARE		0x1
> +#define RSU_PROG_READY			0x3
> +#define RSU_PROG_AUTHENTICATING		0x4
> +#define RSU_PROG_COPYING		0x5
> +#define RSU_PROG_UPDATE_CANCEL		0x6
> +#define RSU_PROG_PROGRAM_KEY_HASH	0x7
> +#define RSU_PROG_RSU_DONE		0x8
> +#define RSU_PROG_PKVL_PROM_DONE		0x9
> +
> +/* Device and error states */
> +#define RSU_STAT_NORMAL			0x0
> +#define RSU_STAT_TIMEOUT		0x1
> +#define RSU_STAT_AUTH_FAIL		0x2
> +#define RSU_STAT_COPY_FAIL		0x3
> +#define RSU_STAT_FATAL			0x4
> +#define RSU_STAT_PKVL_REJECT		0x5
> +#define RSU_STAT_NON_INC		0x6
> +#define RSU_STAT_ERASE_FAIL		0x7
> +#define RSU_STAT_WEAROUT		0x8
> +#define RSU_STAT_NIOS_OK		0x80
> +#define RSU_STAT_USER_OK		0x81
> +#define RSU_STAT_FACTORY_OK		0x82
> +#define RSU_STAT_USER_FAIL		0x83
> +#define RSU_STAT_FACTORY_FAIL		0x84
> +#define RSU_STAT_NIOS_FLASH_ERR		0x85
> +#define RSU_STAT_FPGA_FLASH_ERR		0x86
> +
> +#define HOST_STATUS_IDLE		0x0
> +#define HOST_STATUS_WRITE_DONE		0x1
> +#define HOST_STATUS_ABORT_RSU		0x2
> +
> +#define rsu_prog(doorbell)	FIELD_GET(DRBL_RSU_PROGRESS, doorbell)
> +#define rsu_stat(doorbell)	FIELD_GET(DRBL_RSU_STATUS, doorbell)
> +
> +/* interval 100ms and timeout 5s */
> +#define NIOS_HANDSHAKE_INTERVAL_US	(100 * 1000)
> +#define NIOS_HANDSHAKE_TIMEOUT_US	(5 * 1000 * 1000)
> +
> +/* RSU PREP Timeout (2 minutes) to erase flash staging area */
> +#define RSU_PREP_INTERVAL_MS		100
> +#define RSU_PREP_TIMEOUT_MS		(2 * 60 * 1000)
> +
> +/* RSU Complete Timeout (40 minutes) for full flash update */
> +#define RSU_COMPLETE_INTERVAL_MS	1000
> +#define RSU_COMPLETE_TIMEOUT_MS		(40 * 60 * 1000)
> +
> +/* Addresses for security related data in FLASH */
> +#define BMC_REH_ADDR	0x17ffc004
> +#define BMC_PROG_ADDR	0x17ffc000
> +#define BMC_PROG_MAGIC	0x5746
> +
> +#define SR_REH_ADDR	0x17ffd004
> +#define SR_PROG_ADDR	0x17ffd000
> +#define SR_PROG_MAGIC	0x5253
> +
> +#define PR_REH_ADDR	0x17ffe004
> +#define PR_PROG_ADDR	0x17ffe000
> +#define PR_PROG_MAGIC	0x5250
> +
> +/* Address of 4KB inverted bit vector containing staging area FLASH count */
> +#define STAGING_FLASH_COUNT	0x17ffb000
> +
>   /**
>    * struct intel_m10bmc - Intel MAX 10 BMC parent driver data structure
>    * @dev: this device

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ