diff options
author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2021-07-22 07:35:58 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2021-07-28 17:46:40 +0000 |
commit | 5dd9d73ea5f5411d00e73adcf2e417a53b267cb8 (patch) | |
tree | 73cee5a43e42bc31fc17afb4b7333f5d17027f8c | |
parent | 75ee01bc0b33a7503808647f19be4ae846a6f7f3 (diff) | |
download | chrome-ec-5dd9d73ea5f5411d00e73adcf2e417a53b267cb8.tar.gz |
cr50: add FIPS module self-integrity check
Added computation of FIPS module SHA256 digest and comparison with
precomputed value.
BUG=b:138578318
TEST=make BOARD=cr50, check console output
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I3aaac07ff460b5021f2b7dab4f6df2710325c60b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3045839
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
-rw-r--r-- | board/cr50/fips.c | 28 | ||||
-rw-r--r-- | board/cr50/fips.h | 5 |
2 files changed, 33 insertions, 0 deletions
diff --git a/board/cr50/fips.c b/board/cr50/fips.c index 6726d1beb8..f89b3ff205 100644 --- a/board/cr50/fips.c +++ b/board/cr50/fips.c @@ -576,6 +576,30 @@ static bool call_on_stack(void *new_stack, bool (*func)(void)) return result; } +/* Placeholder for SHA256 digest of module computed during build time. */ +const uint8_t fips_integrity[SHA256_DIGEST_SIZE] + __attribute__((section(".rodata.fips.checksum"))); + +static bool fips_self_integrity(void) +{ + uint8_t digest[SHA256_DIGEST_SIZE]; + size_t module_length = &__fips_module_end - &__fips_module_start; + +#ifdef CR50_DEV + CPRINTS("FIPS self-integrity start %x, length %u", + (uintptr_t)&__fips_module_start, module_length); +#endif + DCRYPTO_SHA256_hash(&__fips_module_start, module_length, digest); + +#ifdef CR50_DEV + CPRINTS("Stored, %ph, computed %ph", + HEX_BUF(fips_integrity, sizeof(fips_integrity)), + HEX_BUF(digest, sizeof(digest))); +#endif + + return DCRYPTO_equals(fips_integrity, digest, sizeof(digest)); +} + /** * FIPS Power-up known-answer tests. * Single point of initialization for all FIPS-compliant @@ -592,6 +616,10 @@ static uint64_t fips_power_up_tests(void) uint64_t starttime; starttime = get_time().val; + + if (!fips_self_integrity()) + _fips_status |= FIPS_FATAL_SELF_INTEGRITY; + /** * Since we are very limited on stack and static RAM, acquire * shared memory for KAT tests temporary larger stack. diff --git a/board/cr50/fips.h b/board/cr50/fips.h index 588930ef3b..4a7eef2f0e 100644 --- a/board/cr50/fips.h +++ b/board/cr50/fips.h @@ -29,6 +29,7 @@ enum fips_status { FIPS_FATAL_ECDSA = 1 << 7, FIPS_FATAL_RSA2048 = 1 << 8, FIPS_FATAL_AES256 = 1 << 9, + FIPS_FATAL_SELF_INTEGRITY = 1 << 10, FIPS_FATAL_OTHER = 1 << 15, FIPS_ERROR_MASK = 0xffff, FIPS_RFU_MASK = 0x7fff0000 @@ -60,6 +61,10 @@ enum fips_cmd { FIPS_CMD_NO_BREAK = 9 }; +/* These symbols defined in core/cortex-m/ec.lds.S. */ +extern uint8_t __fips_module_start; +extern uint8_t __fips_module_end; + /* Return current FIPS status of operations. */ enum fips_status fips_status(void); |