From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CE73BC3A5A5 for ; Mon, 2 Sep 2019 11:52:42 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id A8337217D7 for ; Mon, 2 Sep 2019 11:52:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730618AbfIBLwl (ORCPT ); Mon, 2 Sep 2019 07:52:41 -0400 Received: from ozlabs.org ([203.11.71.1]:48367 "EHLO ozlabs.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729850AbfIBLwl (ORCPT ); Mon, 2 Sep 2019 07:52:41 -0400 Received: from authenticated.ozlabs.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail.ozlabs.org (Postfix) with ESMTPSA id 46MT3T1Rzqz9s7T; Mon, 2 Sep 2019 21:52:37 +1000 (AEST) From: Michael Ellerman To: Nayna Jain , linuxppc-dev@ozlabs.org, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Paul Mackerras , Benjamin Herrenschmidt , Ard Biesheuvel , Jeremy Kerr , Matthew Garret , Mimi Zohar , Claudio Carvalho , Elaine Palmer , George Wilson , Eric Ricther , Nayna Jain Subject: Re: [PATCH v5 1/2] powerpc: detect the secure boot mode of the system In-Reply-To: <1566218108-12705-2-git-send-email-nayna@linux.ibm.com> References: <1566218108-12705-1-git-send-email-nayna@linux.ibm.com> <1566218108-12705-2-git-send-email-nayna@linux.ibm.com> Date: Mon, 02 Sep 2019 21:52:36 +1000 Message-ID: <87tv9usynv.fsf@mpe.ellerman.id.au> MIME-Version: 1.0 Content-Type: text/plain Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Nayna, Sorry I've taken so long to get to this series, there's just too many patches that need reviewing :/ Nayna Jain writes: > Secure boot on POWER defines different IMA policies based on the secure > boot state of the system. The terminology throughout is a bit vague, we have POWER, PowerPC, Linux on POWER etc. What this patch is talking about is a particular implemention of secure boot on some OpenPOWER machines running bare metal - am I right? So saying "Secure boot on POWER defines different IMA policies" is a bit broad I think. Really we've just decided that a way to implement secure boot is to use IMA policies. > This patch defines a function to detect the secure boot state of the > system. > > The PPC_SECURE_BOOT config represents the base enablement of secureboot > on POWER. > > Signed-off-by: Nayna Jain > --- > arch/powerpc/Kconfig | 11 +++++ > arch/powerpc/include/asm/secboot.h | 27 ++++++++++++ > arch/powerpc/kernel/Makefile | 2 + > arch/powerpc/kernel/secboot.c | 71 ++++++++++++++++++++++++++++++ > 4 files changed, 111 insertions(+) > create mode 100644 arch/powerpc/include/asm/secboot.h > create mode 100644 arch/powerpc/kernel/secboot.c > > diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig > index 77f6ebf97113..c902a39124dc 100644 > --- a/arch/powerpc/Kconfig > +++ b/arch/powerpc/Kconfig > @@ -912,6 +912,17 @@ config PPC_MEM_KEYS > > If unsure, say y. > > +config PPC_SECURE_BOOT > + prompt "Enable PowerPC Secure Boot" How about "Enable secure boot support" > + bool > + default n The default is 'n', so you don't need that default line. > + depends on PPC64 Should it just depend on POWERNV for now? AFAIK there's nothing in here that's necessarily going to be shared with the guest secure boot code is there? > + help > + Linux on POWER with firmware secure boot enabled needs to define > + security policies to extend secure boot to the OS.This config > + allows user to enable OS Secure Boot on PowerPC systems that > + have firmware secure boot support. Again POWER vs PowerPC. I think something like: "Enable support for secure boot on some systems that have firmware support for it. If in doubt say N." > diff --git a/arch/powerpc/include/asm/secboot.h b/arch/powerpc/include/asm/secboot.h secure_boot.h would be fine. > new file mode 100644 > index 000000000000..e726261bb00b > --- /dev/null > +++ b/arch/powerpc/include/asm/secboot.h > @@ -0,0 +1,27 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > +/* > + * PowerPC secure boot definitions > + * > + * Copyright (C) 2019 IBM Corporation > + * Author: Nayna Jain I prefer to not have email addresses in copyright headers, as they just bit rot. Your email is in the git log. > + * > + */ > +#ifndef POWERPC_SECBOOT_H > +#define POWERPC_SECBOOT_H We usually do _ASM_POWERPC_SECBOOT_H (or _ASM_POWERPC_SECURE_BOOT_H). > +#ifdef CONFIG_PPC_SECURE_BOOT > +extern struct device_node *is_powerpc_secvar_supported(void); > +extern bool get_powerpc_secureboot(void); You don't need 'extern' for functions in headers. > +#else > +static inline struct device_node *is_powerpc_secvar_supported(void) > +{ > + return NULL; > +} > + > +static inline bool get_powerpc_secureboot(void) > +{ > + return false; > +} > + > +#endif > +#endif > diff --git a/arch/powerpc/kernel/Makefile b/arch/powerpc/kernel/Makefile > index ea0c69236789..d310ebb4e526 100644 > --- a/arch/powerpc/kernel/Makefile > +++ b/arch/powerpc/kernel/Makefile > @@ -157,6 +157,8 @@ endif > obj-$(CONFIG_EPAPR_PARAVIRT) += epapr_paravirt.o epapr_hcalls.o > obj-$(CONFIG_KVM_GUEST) += kvm.o kvm_emul.o > > +obj-$(CONFIG_PPC_SECURE_BOOT) += secboot.o > + > # Disable GCOV, KCOV & sanitizers in odd or sensitive code > GCOV_PROFILE_prom_init.o := n > KCOV_INSTRUMENT_prom_init.o := n > diff --git a/arch/powerpc/kernel/secboot.c b/arch/powerpc/kernel/secboot.c > new file mode 100644 > index 000000000000..5ea0d52d64ef > --- /dev/null > +++ b/arch/powerpc/kernel/secboot.c > @@ -0,0 +1,71 @@ > +// SPDX-License-Identifier: GPL-2.0 > +/* > + * Copyright (C) 2019 IBM Corporation > + * Author: Nayna Jain > + * > + * secboot.c > + * - util function to get powerpc secboot state That's not really necessary. > + */ > +#include > +#include > +#include > + > +struct device_node *is_powerpc_secvar_supported(void) This is a pretty weird signature. The "is_" implies it will return a bool, but then it actually returns a device node *. > +{ > + struct device_node *np; > + int status; > + > + np = of_find_node_by_name(NULL, "ibm,secureboot"); > + if (!np) { > + pr_info("secureboot node is not found\n"); > + return NULL; > + } There's no good reason to search by name. You should just search by compatible. eg. of_find_compatible_node() > + status = of_device_is_compatible(np, "ibm,secureboot-v3"); > + if (!status) { > + pr_info("Secure variables are not supported by this firmware\n"); > + return NULL; > + } > + > + return np; > +} > + > +bool get_powerpc_secureboot(void) > +{ > + struct device_node *np; > + struct device_node *secvar_np; > + const u64 *psecboot; > + u64 secboot = 0; > + > + np = is_powerpc_secvar_supported(); > + if (!np) > + goto disabled; > + > + /* Fail-safe for any failure related to secvar */ > + secvar_np = of_get_child_by_name(np, "secvar"); Finding a child by name is not ideal, it encodes the structure of the tree in the API. It's better to just search by compatible. eg. of_find_compatible_node("ibm,secvar-v1") You should also define what that means, ie. write a little snippet of doc to define what the expected properties are and their meaning and so on. > + if (!secvar_np) { > + pr_err("Expected secure variables support, fail-safe\n"); I'm a bit confused by this. This is the exact opposite of what I understand fail-safe to mean. We shouldn't tell the user the system is securely booted unless we're 100% sure it is. Right? > + goto enabled; > + } > + > + if (!of_device_is_available(secvar_np)) { > + pr_err("Secure variables support is in error state, fail-safe\n"); > + goto enabled; > + } It seems a little weird to use the status property to indicate ok/error and then also have a "secure-mode" property. Wouldn't just "secure-mode" be sufficient with several states to represent what we need? > + psecboot = of_get_property(secvar_np, "secure-mode", NULL); > + if (!psecboot) > + goto enabled; Please use of_read_property_u64() or similar. > + secboot = be64_to_cpup((__be64 *)psecboot); > + if (!(secboot & (~0x0))) I'm not sure what that's trying to do. > + goto disabled; > + > +enabled: > + pr_info("secureboot mode enabled\n"); > + return true; > + > +disabled: > + pr_info("secureboot mode disabled\n"); > + return false; > +} cheers From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B765AC3A5A7 for ; Mon, 2 Sep 2019 11:54:45 +0000 (UTC) Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id E7349217F4 for ; Mon, 2 Sep 2019 11:54:44 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org E7349217F4 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=ellerman.id.au Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 46MT5s6ZwRzDqfp for ; Mon, 2 Sep 2019 21:54:41 +1000 (AEST) Received: from ozlabs.org (bilbo.ozlabs.org [IPv6:2401:3900:2:1::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 46MT3V0T3jzDqYY for ; Mon, 2 Sep 2019 21:52:38 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=ellerman.id.au Received: by ozlabs.org (Postfix) id 46MT3T6XlYz9sN1; Mon, 2 Sep 2019 21:52:37 +1000 (AEST) Received: from authenticated.ozlabs.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail.ozlabs.org (Postfix) with ESMTPSA id 46MT3T1Rzqz9s7T; Mon, 2 Sep 2019 21:52:37 +1000 (AEST) From: Michael Ellerman To: Nayna Jain , linuxppc-dev@ozlabs.org, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v5 1/2] powerpc: detect the secure boot mode of the system In-Reply-To: <1566218108-12705-2-git-send-email-nayna@linux.ibm.com> References: <1566218108-12705-1-git-send-email-nayna@linux.ibm.com> <1566218108-12705-2-git-send-email-nayna@linux.ibm.com> Date: Mon, 02 Sep 2019 21:52:36 +1000 Message-ID: <87tv9usynv.fsf@mpe.ellerman.id.au> MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ard Biesheuvel , Eric Ricther , Nayna Jain , Claudio Carvalho , Mimi Zohar , Matthew Garret , Paul Mackerras , Jeremy Kerr , Elaine Palmer , George Wilson Errors-To: linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Sender: "Linuxppc-dev" Hi Nayna, Sorry I've taken so long to get to this series, there's just too many patches that need reviewing :/ Nayna Jain writes: > Secure boot on POWER defines different IMA policies based on the secure > boot state of the system. The terminology throughout is a bit vague, we have POWER, PowerPC, Linux on POWER etc. What this patch is talking about is a particular implemention of secure boot on some OpenPOWER machines running bare metal - am I right? So saying "Secure boot on POWER defines different IMA policies" is a bit broad I think. Really we've just decided that a way to implement secure boot is to use IMA policies. > This patch defines a function to detect the secure boot state of the > system. > > The PPC_SECURE_BOOT config represents the base enablement of secureboot > on POWER. > > Signed-off-by: Nayna Jain > --- > arch/powerpc/Kconfig | 11 +++++ > arch/powerpc/include/asm/secboot.h | 27 ++++++++++++ > arch/powerpc/kernel/Makefile | 2 + > arch/powerpc/kernel/secboot.c | 71 ++++++++++++++++++++++++++++++ > 4 files changed, 111 insertions(+) > create mode 100644 arch/powerpc/include/asm/secboot.h > create mode 100644 arch/powerpc/kernel/secboot.c > > diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig > index 77f6ebf97113..c902a39124dc 100644 > --- a/arch/powerpc/Kconfig > +++ b/arch/powerpc/Kconfig > @@ -912,6 +912,17 @@ config PPC_MEM_KEYS > > If unsure, say y. > > +config PPC_SECURE_BOOT > + prompt "Enable PowerPC Secure Boot" How about "Enable secure boot support" > + bool > + default n The default is 'n', so you don't need that default line. > + depends on PPC64 Should it just depend on POWERNV for now? AFAIK there's nothing in here that's necessarily going to be shared with the guest secure boot code is there? > + help > + Linux on POWER with firmware secure boot enabled needs to define > + security policies to extend secure boot to the OS.This config > + allows user to enable OS Secure Boot on PowerPC systems that > + have firmware secure boot support. Again POWER vs PowerPC. I think something like: "Enable support for secure boot on some systems that have firmware support for it. If in doubt say N." > diff --git a/arch/powerpc/include/asm/secboot.h b/arch/powerpc/include/asm/secboot.h secure_boot.h would be fine. > new file mode 100644 > index 000000000000..e726261bb00b > --- /dev/null > +++ b/arch/powerpc/include/asm/secboot.h > @@ -0,0 +1,27 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > +/* > + * PowerPC secure boot definitions > + * > + * Copyright (C) 2019 IBM Corporation > + * Author: Nayna Jain I prefer to not have email addresses in copyright headers, as they just bit rot. Your email is in the git log. > + * > + */ > +#ifndef POWERPC_SECBOOT_H > +#define POWERPC_SECBOOT_H We usually do _ASM_POWERPC_SECBOOT_H (or _ASM_POWERPC_SECURE_BOOT_H). > +#ifdef CONFIG_PPC_SECURE_BOOT > +extern struct device_node *is_powerpc_secvar_supported(void); > +extern bool get_powerpc_secureboot(void); You don't need 'extern' for functions in headers. > +#else > +static inline struct device_node *is_powerpc_secvar_supported(void) > +{ > + return NULL; > +} > + > +static inline bool get_powerpc_secureboot(void) > +{ > + return false; > +} > + > +#endif > +#endif > diff --git a/arch/powerpc/kernel/Makefile b/arch/powerpc/kernel/Makefile > index ea0c69236789..d310ebb4e526 100644 > --- a/arch/powerpc/kernel/Makefile > +++ b/arch/powerpc/kernel/Makefile > @@ -157,6 +157,8 @@ endif > obj-$(CONFIG_EPAPR_PARAVIRT) += epapr_paravirt.o epapr_hcalls.o > obj-$(CONFIG_KVM_GUEST) += kvm.o kvm_emul.o > > +obj-$(CONFIG_PPC_SECURE_BOOT) += secboot.o > + > # Disable GCOV, KCOV & sanitizers in odd or sensitive code > GCOV_PROFILE_prom_init.o := n > KCOV_INSTRUMENT_prom_init.o := n > diff --git a/arch/powerpc/kernel/secboot.c b/arch/powerpc/kernel/secboot.c > new file mode 100644 > index 000000000000..5ea0d52d64ef > --- /dev/null > +++ b/arch/powerpc/kernel/secboot.c > @@ -0,0 +1,71 @@ > +// SPDX-License-Identifier: GPL-2.0 > +/* > + * Copyright (C) 2019 IBM Corporation > + * Author: Nayna Jain > + * > + * secboot.c > + * - util function to get powerpc secboot state That's not really necessary. > + */ > +#include > +#include > +#include > + > +struct device_node *is_powerpc_secvar_supported(void) This is a pretty weird signature. The "is_" implies it will return a bool, but then it actually returns a device node *. > +{ > + struct device_node *np; > + int status; > + > + np = of_find_node_by_name(NULL, "ibm,secureboot"); > + if (!np) { > + pr_info("secureboot node is not found\n"); > + return NULL; > + } There's no good reason to search by name. You should just search by compatible. eg. of_find_compatible_node() > + status = of_device_is_compatible(np, "ibm,secureboot-v3"); > + if (!status) { > + pr_info("Secure variables are not supported by this firmware\n"); > + return NULL; > + } > + > + return np; > +} > + > +bool get_powerpc_secureboot(void) > +{ > + struct device_node *np; > + struct device_node *secvar_np; > + const u64 *psecboot; > + u64 secboot = 0; > + > + np = is_powerpc_secvar_supported(); > + if (!np) > + goto disabled; > + > + /* Fail-safe for any failure related to secvar */ > + secvar_np = of_get_child_by_name(np, "secvar"); Finding a child by name is not ideal, it encodes the structure of the tree in the API. It's better to just search by compatible. eg. of_find_compatible_node("ibm,secvar-v1") You should also define what that means, ie. write a little snippet of doc to define what the expected properties are and their meaning and so on. > + if (!secvar_np) { > + pr_err("Expected secure variables support, fail-safe\n"); I'm a bit confused by this. This is the exact opposite of what I understand fail-safe to mean. We shouldn't tell the user the system is securely booted unless we're 100% sure it is. Right? > + goto enabled; > + } > + > + if (!of_device_is_available(secvar_np)) { > + pr_err("Secure variables support is in error state, fail-safe\n"); > + goto enabled; > + } It seems a little weird to use the status property to indicate ok/error and then also have a "secure-mode" property. Wouldn't just "secure-mode" be sufficient with several states to represent what we need? > + psecboot = of_get_property(secvar_np, "secure-mode", NULL); > + if (!psecboot) > + goto enabled; Please use of_read_property_u64() or similar. > + secboot = be64_to_cpup((__be64 *)psecboot); > + if (!(secboot & (~0x0))) I'm not sure what that's trying to do. > + goto disabled; > + > +enabled: > + pr_info("secureboot mode enabled\n"); > + return true; > + > +disabled: > + pr_info("secureboot mode disabled\n"); > + return false; > +} cheers