diff options
author | Stephen Cprek <smcprek@us.ibm.com> | 2017-11-20 16:56:44 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-12-18 17:27:59 -0500 |
commit | 9ae6e9595f9773d295b7e3ade47088f554c1ed48 (patch) | |
tree | f33427b681154991423fb9faad3476bf4aa17ff4 /src/include/usr/pnor | |
parent | 8392e4f606607e505bb99de2a8d229ae69be5efe (diff) | |
download | blackbird-hostboot-9ae6e9595f9773d295b7e3ade47088f554c1ed48.tar.gz blackbird-hostboot-9ae6e9595f9773d295b7e3ade47088f554c1ed48.zip |
Remove Secure Boot workarounds
- Removing the magic number checks that would block sb functionality
if things didn't appear secure
- Remove Best Effort Policy and all of its related code
- Remove the legacy PCR extension
- Remove the non-secure header preservation path.
- Always load HB base image header from the bl to hb data path
vs settings unsecurely out of pnor
Change-Id: Ie638384ac50ed47850985c959ea7a32e5757d64e
RTC: 178520
RTC: 155374
RTC: 173489
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/49925
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/include/usr/pnor')
-rw-r--r-- | src/include/usr/pnor/pnorif.H | 45 |
1 files changed, 0 insertions, 45 deletions
diff --git a/src/include/usr/pnor/pnorif.H b/src/include/usr/pnor/pnorif.H index 1c35ec852..cef8617fd 100644 --- a/src/include/usr/pnor/pnorif.H +++ b/src/include/usr/pnor/pnorif.H @@ -36,9 +36,6 @@ namespace PNOR { -// @TODO RTC:155374 Remove this in the future -extern const size_t BEST_EFFORT_NUM_BYTES; - /** * Information about a side of PNOR */ @@ -228,48 +225,6 @@ const char * SectionIdToString( uint32_t i_secIdIndex ); */ bool cmpSecurebootMagicNumber(const uint8_t* i_vaddr); -// @TODO RTC 173489 -// Remove API once FSP fully supports signing of PNOR sections that did not -// previously have a sha512 header -/** - * @brief Determines whether requested PNOR section has a recognized header - * - * @param[in] i_secId ID of requested section - * @param[in] i_TOC TOC entry for requested section - * @param[out] o_knownHeader Whether header was recognized or not - * - * @return errlHndl_t Error log handle - * @retval nullptr Success! Output parameter valid - * @retval !nullptr Error log pointer; output parameter invalid - */ -errlHndl_t hasKnownHeader( - PNOR::SectionId i_secId, - const PNOR::SectionData_t& i_TOC, - bool& o_knownHeader); - -// @TODO RTC 173489 -// Remove API once FSP fully supports signing of PNOR sections that did not -// previously have a sha512 header -/** - * @brief Read first few bytes of requested section's "potential" header - * - * @param[in] i_secId ID of requested section - * @param[in] i_TOC TOC entry for requested section - * @param[in] i_size Number of bytes to read from the beginning of the - * requested section - * @param[in] o_pData Pointer to a buffer of at least "i_size" bytes to - * hold the returned data. Asserts if nullptr - * - * @return errlHndl_t Error log handle - * @retval nullptr Success! Requested bytes read to output buffer - * @retval !nullptr Error log pointer; output buffer invalid - */ -errlHndl_t readHeaderMagic( - PNOR::SectionId i_secId, - const PNOR::SectionData_t& i_TOC, - size_t i_size, - void* o_pData); - /** * @brief Determine if a PNOR section is empty by checking if first PAGE * is all 0xFF's or 0x00's depending on ECC or not. |