diff options
| author | Jaymes Wilks <mjwilks@us.ibm.com> | 2017-03-28 11:52:52 -0500 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-05-10 15:25:50 -0400 |
| commit | b947a1a4119b06ee50287854e5ea974c0926226e (patch) | |
| tree | 3087d2fa1f5a40354ba9030a176eb969652abd1d /src/include/usr/secureboot/settings.H | |
| parent | 17969937b73f10ffe25ba6b4ac22e5d64a2e1f4c (diff) | |
| download | blackbird-hostboot-b947a1a4119b06ee50287854e5ea974c0926226e.tar.gz blackbird-hostboot-b947a1a4119b06ee50287854e5ea974c0926226e.zip | |
Enforce synchronized processor security state
Ensure the secure state is consistent across all processors.
Change-Id: I671253b99d5d87509909681a2cec2380ca6918b0
RTC:167775
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/38764
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/include/usr/secureboot/settings.H')
| -rw-r--r-- | src/include/usr/secureboot/settings.H | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/src/include/usr/secureboot/settings.H b/src/include/usr/secureboot/settings.H index 1de694948..417e14d96 100644 --- a/src/include/usr/secureboot/settings.H +++ b/src/include/usr/secureboot/settings.H @@ -73,6 +73,16 @@ namespace SECUREBOOT StatusRegisterFsi = 0x00002804ull, // used for FSI operation }; + inline bool operator|(const ProcCbsControl i_cbs, const uint64_t i_value) + { + return (static_cast<uint64_t>(i_cbs) | i_value); + } + + inline bool operator&(const ProcCbsControl i_cbs, const uint64_t i_value) + { + return (static_cast<uint64_t>(i_cbs) & i_value); + } + /** @class Settings * * @brief Caches and parses the hardware settings for Secureboot. @@ -90,7 +100,14 @@ namespace SECUREBOOT * in Secureboot's service.H for documentation */ errlHndl_t getSecuritySwitch(uint64_t& o_regValue, - TARGETING::Target* i_targ + TARGETING::Target* i_pProc + = TARGETING::MASTER_PROCESSOR_CHIP_TARGET_SENTINEL) const; + + /** @brief Get Processor CBS Control regeister value. See wrapper + * in Secureboot's service.H for documentation + */ + errlHndl_t getProcCbsControlRegister(uint64_t& o_regValue, + TARGETING::Target* i_pProc = TARGETING::MASTER_PROCESSOR_CHIP_TARGET_SENTINEL) const; /** @@ -115,7 +132,7 @@ namespace SECUREBOOT * for documenation. */ errlHndl_t getJumperState(SecureJumperState& o_state, - TARGETING::Target* i_targ + TARGETING::Target* i_pProc = TARGETING::MASTER_PROCESSOR_CHIP_TARGET_SENTINEL) const; private: @@ -127,7 +144,7 @@ namespace SECUREBOOT * Reads a register at a given scom address and * provides its result via the supplied register * value reference. Returns an error if unsuccesful. - * @param [in] i_targ The target processor to obtain the + * @param [in] i_pProc The target processor to obtain the * jumper state from. Must not be null. * @param [in] i_scomAddress A uint64_t corresponding to * desired scomAddress to read. @@ -139,7 +156,7 @@ namespace SECUREBOOT * successful. * @retval null if successful otherwise pointer to error log */ - errlHndl_t readSecurityRegister(TARGETING::Target* i_targ, + errlHndl_t readSecurityRegister(TARGETING::Target* i_pProc, const uint64_t i_scomAddress, uint64_t& o_regValue) const; |
