diff options
-rw-r--r-- | src/include/usr/hwas/common/hwas_reasoncodes.H | 4 | ||||
-rw-r--r-- | src/include/usr/targeting/common/util.H | 22 | ||||
-rw-r--r-- | src/include/usr/targeting/targplatutil.H | 16 | ||||
-rw-r--r-- | src/usr/hwas/common/README.md | 92 | ||||
-rw-r--r-- | src/usr/hwas/common/hwas.C | 356 | ||||
-rw-r--r-- | src/usr/secureboot/smf/smf_utils.C | 2 | ||||
-rw-r--r-- | src/usr/secureboot/smf/test/testsmfutils.H | 2 | ||||
-rw-r--r-- | src/usr/targeting/common/xmltohb/attribute_types.xml | 69 | ||||
-rw-r--r-- | src/usr/targeting/common/xmltohb/target_types.xml | 6 | ||||
-rwxr-xr-x | src/usr/targeting/targetservicestart.C | 6 |
10 files changed, 546 insertions, 29 deletions
diff --git a/src/include/usr/hwas/common/hwas_reasoncodes.H b/src/include/usr/hwas/common/hwas_reasoncodes.H index 09e0e2a56..7b793ecb3 100644 --- a/src/include/usr/hwas/common/hwas_reasoncodes.H +++ b/src/include/usr/hwas/common/hwas_reasoncodes.H @@ -40,6 +40,7 @@ namespace HWAS MOD_IS_DESCENDANT_FUNCTIONAL = 0x09, MOD_FIND_RULES_FOR_TARGET = 0x0A, MOD_DISCOVER_TARGETS = 0x0B, + MOD_UPDATE_PROC_COMPAT_RISK_LEVEL = 0x0C, }; enum HwasReasonCode @@ -74,6 +75,9 @@ namespace HWAS RC_SYSAVAIL_NO_MEMORY_PRESENT = HWAS_COMP_ID | 0x18, RC_PG_INDEX_INVALID = HWAS_COMP_ID | 0x19, RC_PARTIAL_GOOD_INFORMATION = HWAS_COMP_ID | 0x1A, + RC_FORCED_COMPAT_INVALID_LEVEL = HWAS_COMP_ID | 0x1B, + RC_FORCED_NATIVE_INVALID_MIXED_EC = HWAS_COMP_ID | 0x1C, + RC_FORCED_NATIVE_OF_INCOMPATIBLE_RISK = HWAS_COMP_ID | 0x1D, }; enum HwasPlatUserDetailsTypes diff --git a/src/include/usr/targeting/common/util.H b/src/include/usr/targeting/common/util.H index e26e0c795..aaf576919 100644 --- a/src/include/usr/targeting/common/util.H +++ b/src/include/usr/targeting/common/util.H @@ -83,6 +83,28 @@ namespace PROPERTIES } +namespace UTIL +{ + // Better definition of RISK_LEVEL attribute settings + // WARNING: addition of risk levels that don't support SMF will have a + // significant effect on the behavior of SMF code. Please ensure that + // (at least) src/usr/secureboot/smf/smf_utils.C is updated + // accordingly! + typedef enum + { + // Compatibility modes + P9N22_P9C12_RUGBY_FAVOR_SECURITY = 0x00, + P9N22_P9C12_RUGBY_FAVOR_PERFORMANCE = 0x01, + P9N22_NO_RUGBY_MITIGATIONS = 0x02, + P9N22_P9N23_JAVA_PERF = 0x03, + + // Native modes + P9N23_P9C13_NATIVE_MODE_MINIMUM = 0x04, + P9N23_P9C13_NATIVE_SMF_RUGBY_FAVOR_SECURITY = 0x04, + P9N23_P9C13_NATIVE_SMF_RUGBY_FAVOR_PERFORMANCE = 0x05, + } Risk_level; +} + /** * @brief Checks to see if we are running in a hardware simulation * environment, i.e. VPO/VBU (not Simics) diff --git a/src/include/usr/targeting/targplatutil.H b/src/include/usr/targeting/targplatutil.H index 34d8bebc0..1f010f852 100644 --- a/src/include/usr/targeting/targplatutil.H +++ b/src/include/usr/targeting/targplatutil.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2013,2018 */ +/* Contributors Listed Below - COPYRIGHT 2013,2019 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -58,20 +58,6 @@ namespace UTIL // is reserved for invalid sensor static const uint16_t INVALID_IPMI_SENSOR = 0xFF; - // WARNING: addition of risk levels that don't support SMF will have a - // significant effect on the behavior of SMF code. Please ensure that - // (at least) src/usr/secureboot/smf/smf_utils.C is updated - // accordingly! - typedef enum - { - P9N22_P9C12_RUGBY_FAVOR_SECURITY = 0x00, - P9N22_P9C12_RUGBY_FAVOR_PERFORMANCE = 0x01, - P9N22_NO_RUGBY_MITIGATIONS = 0x02, - P9N22_P9N23_JAVA_PERF = 0x03, - P9N23_P9C13_NATIVE_SMF_RUGBY_FAVOR_SECURITY = 0x04, - P9N23_P9C13_NATIVE_SMF_RUGBY_FAVOR_PERFORMANCE = 0x05, - } Risk_level; - /** * @brief Creates a standard error log of tracing type * diff --git a/src/usr/hwas/common/README.md b/src/usr/hwas/common/README.md index 6b4a7e796..d2621e4c5 100644 --- a/src/usr/hwas/common/README.md +++ b/src/usr/hwas/common/README.md @@ -18,14 +18,90 @@ ### _deconfigAffinityParent ###### Deconfigure parent if is has no functional children -- checks if it is allowed to rollup deconfigure to parent -- Checks base attribute: ATTR_PARENT_DECONFIG_DISABLED - - 0 = allow parent deconfigure (default) - - 1 = do not allow parent deconfigure +- Checks base attribute: ATTR_PARENT_DECONFIG_RULES + - childRollupAllowed - Does this target allow its child's deconfiguration to rollup to it? + - deconfigureParent - Is this child target allowed to rollup its deconfigure to parent? + - valid - Are the previous two rules valid? +- checks if it is allowed to rollup deconfigure to parent (deconfigureParent) - Grab parent target via new utility: getImmediateParentByAffinity(childTarget) - Checks parent is functional -- Check if parent target has a functional AFFINITY child. +- Verifies parent is allowed to be deconfigured by child rollup(childRollupAllowed) +- Check if parent target has a functional AFFINITY child that is same type/class as the child. - If no functional child found, then deconfigure the parent target and then call - _deconfigParentAssoc passing the parent target. We already know this parent - target has no functional children, so we just continue the deconfigure - rollup to the next level. + _deconfigureByAssoc passing the parent target. Need to account for possible non-like + children that need to be deconfigured under the parent target. + + +# 2.3 Compatibility RISK_LEVEL update + +## updateProcCompatibilityRiskLevel() +- This function changes the RISK_LEVEL based on ECs installed, + Input RISK_LEVEL, and PROC_COMPATIBILITY_REQ setting +- ATTR_RISK_LEVEL is being used to control what processor security/performance +is allowable + - *Compatibility levels:* + + 0 - P9N22_P9C12_RUGBY_FAVOR_SECURITY + + 1 - P9N22_P9C12_RUGBY_FAVOR_PERFORMANCE + + 2 - P9N22_NO_RUGBY_MITIGATIONS + + 3 - P9N22_P9N23_JAVA_PERF + - *Native levels: (DD2.3 supported)* + + 4 - P9N23_P9C13_NATIVE_SMF_RUGBY_FAVOR_SECURITY + + 5 - P9N23_P9C13_NATIVE_SMF_RUGBY_FAVOR_PERFORMANCE + +- ATTR_RISK_LEVEL is either setup via MRW or USER (Firmware code). + + ATTR_RISK_LEVEL_ORIGIN is defaulted to USER unless MRW is used. + + ATTR_RISK_LEVEL_ORIGIN is used for error case of FORCED_COMPATIBIILITY + +- ATTR_PROC_COMPATIBILITY_REQ is used to determine how to update the system's +risk level. + + 0 - ALLOW_COMPATIBILITY = set RISK_LEVEL to best allowed (default) + + 1 - FORCED_COMPATIBILITY = set RISK_LEVEL to a compatible level + + 2 - FORCED_NATIVE = set RISK_LEVEL to ECs native setting + (DD2.2 = compatible level, DD2.3 = Native) + +### Compatibility Truth Tables + +1. **ALLOW_COMPATIBILITY** (default) + +| Input RISK_LEVEL | RISK_LEVEL_ORIGIN | Output RISK_LEVEL (All DD2.3) | Output RISK_LEVEL (All DD2.2) | Output RISK_LEVEL (Mixed) | +|:---------- |:----------------- |:-----------------:|:-----------------:|:-----------------:| +| 0,1 | User | 0,1 | 0,1 | 0,1 | +| 2 | User | 2 | 2 | 2 | +| 3 | User | 3 | 3 | 3 | +| 4 | User | 4 | `0` | `0` | +| 5 | User | 5 | `2` | `2` | +| 0,1 | MRW | `4` | 0,1 | 0,1 | +| 2 | MRW | `5` | 2 | 2 | +| 3 | MRW | 3 | 3 | 3 | +| 4 | MRW | 4 | `0` | `0` | +| 5 | MRW | 5 | `2` | `2` | + +2. **FORCED_COMPATIBILITY** + +| Input RISK_LEVEL | RISK_LEVEL_ORIGIN | Output RISK_LEVEL (All DD2.3) | Output RISK_LEVEL (All DD2.2) | Output RISK_LEVEL (Mixed) | +|:---------- |:----------------- |:-----------------:|:-----------------:|:-----------------:| +| 0,1 | User | 0,1 | 0,1 | 0,1 | +| 2 | User | 2 | 2 | 2 | +| 3 | User | 3 | 3 | 3 | +| 4 | User | `0` | `0` | `0` | +| 5 | User | `2` | `2` | `2` | +| 0,1 | MRW | 0,1 | 0,1 | 0,1 | +| 2 | MRW | 2 | 2 | 2 | +| 3 | MRW | 3 | 3 | 3 | +| 4 | MRW | **ERROR** | **ERROR** | **ERROR** | +| 5 | MRW | **ERROR** | **ERROR** | **ERROR** | + +3. **FORCE_NATIVE** + +| Input RISK_LEVEL | RISK_LEVEL_ORIGIN | Output RISK_LEVEL (All DD2.3) | Output RISK_LEVEL (All DD2.2) | Output RISK_LEVEL (Mixed) | +|:---------- |:----------------- |:-----------------:|:-----------------:|:-----------------:| +| 0,1 | User | `4` | 0,1 | **ERROR** | +| 2 | User | `5` | 2 | **ERROR** | +| 3 | User | **ERROR** | 3 | **ERROR** | +| 4 | User | 4 | `0` | **ERROR** | +| 5 | User | 5 | `2` | **ERROR** | +| 0,1 | MRW | `4` | 0,1 | **ERROR** | +| 2 | MRW | `5` | 2 | **ERROR** | +| 3 | MRW | **ERROR** | 3 | **ERROR** | +| 4 | MRW | 4 | `0` | **ERROR** | +| 5 | MRW | 5 | `2` | **ERROR** | diff --git a/src/usr/hwas/common/hwas.C b/src/usr/hwas/common/hwas.C index db91372f2..eaeaef5a5 100644 --- a/src/usr/hwas/common/hwas.C +++ b/src/usr/hwas/common/hwas.C @@ -38,6 +38,8 @@ #include <stdint.h> #include <algorithm> #include <map> +#include <stdio.h> // sprintf + #ifdef __HOSTBOOT_MODULE #include <config.h> #include <initservice/initserviceif.H> @@ -45,6 +47,7 @@ #include <targeting/common/commontargeting.H> #include <targeting/common/utilFilter.H> +#include <targeting/common/util.H> #include <hwas/common/hwas.H> #include <hwas/common/hwasCommon.H> @@ -53,7 +56,6 @@ #include <hwas/common/deconfigGard.H> #include <hwas/common/hwas_reasoncodes.H> -#include <targeting/common/utilFilter.H> namespace HWAS { @@ -3559,7 +3561,7 @@ bool mixedECsAllowed(TARGETING::ATTR_MODEL_type i_model, //actually running compat mode if ((i_baseEC != i_compareEC) && #ifdef __HOSTBOOT_MODULE //Only check risk level in HB, HWSV always allow - (l_risk < 4) && + (l_risk < TARGETING::UTIL::P9N23_P9C13_NATIVE_MODE_MINIMUM) && #endif ((i_baseEC == 0x22) || (i_baseEC == 0x23)) && ((i_compareEC == 0x22) || (i_compareEC == 0x23))) @@ -3574,7 +3576,7 @@ bool mixedECsAllowed(TARGETING::ATTR_MODEL_type i_model, //actually running compat mode if ((i_baseEC != i_compareEC) && #ifdef __HOSTBOOT_MODULE //Only check risk level in HB, HWSV always allow - (l_risk < 4) && + (l_risk < TARGETING::UTIL::P9N23_P9C13_NATIVE_MODE_MINIMUM) && #endif ((i_baseEC == 0x12) || (i_baseEC == 0x13)) && ((i_compareEC == 0x12) || (i_compareEC == 0x13))) @@ -3587,6 +3589,343 @@ bool mixedECsAllowed(TARGETING::ATTR_MODEL_type i_model, return l_mixOk; } +/** + * @brief Upgrade the Compatibility Risk Level to Native Risk Level + * @param io_risk - RISK_LEVEL that gets upgraded + */ +void upgradeRiskLevel( uint8_t & io_risk ) +{ + if (io_risk <= TARGETING::UTIL::P9N22_P9C12_RUGBY_FAVOR_PERFORMANCE) + { + // 0,1 -> 4 + io_risk = TARGETING::UTIL::P9N23_P9C13_NATIVE_MODE_MINIMUM; + } + else if (io_risk == TARGETING::UTIL::P9N22_NO_RUGBY_MITIGATIONS) + { + // 2 -> 5 + io_risk = + TARGETING::UTIL::P9N23_P9C13_NATIVE_SMF_RUGBY_FAVOR_PERFORMANCE; + } + // 3-5: stay same +} + +/** + * @brief Downgrade the Native Risk Level to Compatibility Risk Level + * @param io_risk - RISK_LEVEL that gets downgraded + */ +void downgradeRiskLevel( uint8_t & io_risk ) +{ + if (io_risk == TARGETING::UTIL::P9N23_P9C13_NATIVE_MODE_MINIMUM) + { + // Base level Native needs to go to base level Compatibilty + // 4 -> 0 + io_risk = TARGETING::UTIL::P9N22_P9C12_RUGBY_FAVOR_SECURITY; + } + else if + (io_risk == TARGETING::UTIL::P9N23_P9C13_NATIVE_SMF_RUGBY_FAVOR_PERFORMANCE) + { + // 5 -> 2 + io_risk = TARGETING::UTIL::P9N22_NO_RUGBY_MITIGATIONS; + } + // 0-3: stay same +} + +/** + * @brief Update ATTR_RISK_LEVEL of NIMBUS_ONLY systems to + * a native or compatibility level if so directed via + * MRW attribute setting + * See README file for Compatibility Truth Tables that will + * indicate what RISK_LEVEL should be after this function. + * @return Error if not able to update setting, else nullptr + */ +errlHndl_t updateProcCompatibilityRiskLevel() +{ + HWAS_INF("updateProcCompatibilityRiskLevel entry"); + errlHndl_t l_err = nullptr; + + // First EC chip level on the system (first processor's checked level) + TARGETING::ATTR_EC_type l_firstEc = 0; + TARGETING::Target * pFirstEcChip = nullptr; + // Last EC chip level on the system (last processor's checked level) + TARGETING::ATTR_EC_type l_lastEc = 0; + TARGETING::Target * pLastEcChip = nullptr; + TARGETING::TargetHandleList l_procChips; + bool mixedEc = false; + + do + { + //Get all functional chips + getAllChips(l_procChips, TYPE_PROC); + + //Loop through all functional procs and + //check for a mismatch of EC levels + for(const auto & l_chip : l_procChips) + { + l_lastEc = l_chip->getAttr<TARGETING::ATTR_EC>(); + if (l_firstEc == 0) + { + // first chip, setup the last EC read to valid values + l_firstEc = l_lastEc; + pFirstEcChip = l_chip; + } + if (l_firstEc != l_lastEc) + { + // found a different EC level so mark ECs mixed + mixedEc = true; + pLastEcChip = l_chip; + break; + } + } + + // Now update the RISK_LEVEL + Target* pSys; + targetService().getTopLevelTarget(pSys); + auto l_risk = pSys->getAttr<TARGETING::ATTR_RISK_LEVEL>(); + auto l_original_risk = l_risk; + auto l_risk_origin = pSys->getAttr<TARGETING::ATTR_RISK_LEVEL_ORIGIN>(); + auto l_proc_compatibility_req = + pSys->getAttr<TARGETING::ATTR_PROC_COMPATIBILITY_REQ>(); + + if (l_proc_compatibility_req == + TARGETING::PROC_COMPATIBILITY_REQ_FORCED_COMPATIBILITY) + { + // If RISK_LEVEL is a Native setting (4 or more) + if (l_risk >= TARGETING::UTIL::P9N23_P9C13_NATIVE_MODE_MINIMUM) + { + // Both PROC_COMPATIBILITY_REQ and DEFAULT_MRW_RISK_LEVEL are + // MRW attributes that should make sense + // Error if risk is Native and set by the MRW because + // we don't know what the MRW really wants for RISK_LEVEL. + if (l_risk_origin == TARGETING::RISK_LEVEL_ORIGIN_MRW) + { + HWAS_ERR("updateProcCompatibilityRiskLevel::Trying to " + "force compatibility of invalid MRW risk level %d", + l_risk); + + /* + * @errortype + * @severity ERRL_SEV_UNRECOVERABLE + * @moduleid MOD_UPDATE_PROC_COMPAT_RISK_LEVEL + * @reasoncode RC_FORCED_COMPAT_INVALID_LEVEL + * @devdesc MRW setting of RISK_VALUE is invalid + * for FORCED_COMPATIBILITY + * @custdesc Incompatible Processor Chip Levels + * @userdata1[00:31] 1st EC level + * @userdata1[32:63] 2nd EC level + * @userdata2[00:15] RISK_LEVEL + * @userdata2[16:31] PROC_COMPATIBILITY_REQ + * @userdata2[32:63] RISK_LEVEL_ORIGIN (0=USER, 1=MRW) + * + */ + const uint64_t userdata1 = + (static_cast<uint64_t>(l_firstEc) << 32) | + static_cast<uint64_t>(l_lastEc); + + const uint64_t userdata2 = + (static_cast<uint64_t>(l_risk) << 48) | + (static_cast<uint64_t>(l_proc_compatibility_req) << 32) | + (static_cast<uint64_t>(l_risk_origin)); + + l_err = hwasError(ERRL_SEV_UNRECOVERABLE, + MOD_UPDATE_PROC_COMPAT_RISK_LEVEL, + RC_FORCED_COMPAT_INVALID_LEVEL, + userdata1, + userdata2); + // SW_CALLOUT - MRW setting error + hwasErrorAddProcedureCallout( l_err, + HWAS::EPUB_PRC_HB_CODE, HWAS::SRCI_PRIORITY_LOW ); + break; + } + + // All system types should be put in compatibility mode so + // downgrade to force compatibility if risk is 4 or more + downgradeRiskLevel(l_risk); + } + } + else if (l_proc_compatibility_req == + TARGETING::PROC_COMPATIBILITY_REQ_ALLOW_COMPATIBILITY) + { + // Upgrade DD2.3 system if risk is 2 or less and set by MRW + if (!mixedEc && + (l_risk <= TARGETING::UTIL::P9N22_NO_RUGBY_MITIGATIONS) && + (l_risk_origin == TARGETING::RISK_LEVEL_ORIGIN_MRW) && + (l_firstEc == 0x23)) + { + upgradeRiskLevel(l_risk); + } + // Downgrade Mixed or DD2.2 systems with risk = 4 or more + else if ((mixedEc || (l_firstEc == 0x22)) && + (l_risk >= TARGETING::UTIL::P9N23_P9C13_NATIVE_MODE_MINIMUM)) + { + downgradeRiskLevel(l_risk); + } + } + else // TARGETING::MRW_COMPATIBILITY_RISK_FLAG_FORCE_NATIVE + { + // NATIVE mode does NOT allow mixed EC + if (mixedEc) + { + HWAS_ERR("updateProcCompatibilityRiskLevel::Trying to " + "force native compatibility of mixed processor levels", + " (0x%02X and 0x%02X)", l_firstEc, l_lastEc ); + + /* + * @errortype + * @severity ERRL_SEV_UNRECOVERABLE + * @moduleid MOD_UPDATE_PROC_COMPAT_RISK_LEVEL + * @reasoncode RC_FORCED_NATIVE_INVALID_MIXED_EC + * @devdesc Forced native compatibility not allowed + * for mixed EC levels + * @custdesc Incompatible Processor Chip Levels + * @userdata1[00:31] 1st EC level + * @userdata1[32:63] 2nd EC level + * @userdata2[00:15] RISK_LEVEL + * @userdata2[16:31] PROC_COMPATIBILITY_REQ + * @userdata2[32:63] RISK_LEVEL_ORIGIN (0=USER, 1=MRW) + * + */ + const uint64_t userdata1 = + (static_cast<uint64_t>(l_firstEc) << 32) | + static_cast<uint64_t>(l_lastEc); + + const uint64_t userdata2 = + (static_cast<uint64_t>(l_risk) << 48) | + (static_cast<uint64_t>(l_proc_compatibility_req) << 32) | + (static_cast<uint64_t>(l_risk_origin)); + + l_err = hwasError(ERRL_SEV_UNRECOVERABLE, + MOD_UPDATE_PROC_COMPAT_RISK_LEVEL, + RC_FORCED_NATIVE_INVALID_MIXED_EC, + userdata1, + userdata2); + // Callout the DD2.2 as high and DD2.3 as low + if (l_firstEc == 0x22) + { + // pFirstEcChip is DD2.2 + platHwasErrorAddHWCallout(l_err, + pFirstEcChip, + HWAS::SRCI_PRIORITY_HIGH, + NO_DECONFIG, + GARD_NULL); + // pLastEcChip is DD2.3 + platHwasErrorAddHWCallout(l_err, + pLastEcChip, + HWAS::SRCI_PRIORITY_LOW, + NO_DECONFIG, + GARD_NULL); + } + else + { + // pFirstEcChip is DD2.3 + platHwasErrorAddHWCallout(l_err, + pFirstEcChip, + HWAS::SRCI_PRIORITY_LOW, + NO_DECONFIG, + GARD_NULL); + // pLastEcChip is DD2.2 + platHwasErrorAddHWCallout(l_err, + pLastEcChip, + HWAS::SRCI_PRIORITY_HIGH, + NO_DECONFIG, + GARD_NULL); + } + break; + } + + // DD2.3 system does not support risk=3, if in NATIVE mode + if ((l_firstEc == 0x23) && + (l_risk == TARGETING::UTIL::P9N22_P9N23_JAVA_PERF)) + { + HWAS_ERR("updateProcCompatibilityRiskLevel::Trying to " + "force native compatibility of DD2.3 for risk level %d", + l_risk); + + /* + * @errortype + * @severity ERRL_SEV_UNRECOVERABLE + * @moduleid MOD_UPDATE_PROC_COMPAT_RISK_LEVEL + * @reasoncode RC_FORCED_NATIVE_OF_INCOMPATIBLE_RISK + * @devdesc Risk level 3 is incompatible for forced + * native setting of DD2.3 + * @custdesc Incompatible Processor Chip Levels + * @userdata1[00:31] 1st EC level + * @userdata1[32:63] 2nd EC level + * @userdata2[00:15] RISK_LEVEL + * @userdata2[16:31] PROC_COMPATIBILITY_REQ + * @userdata2[32:63] RISK_LEVEL_ORIGIN (0=USER, 1=MRW) + * + */ + const uint64_t userdata1 = + (static_cast<uint64_t>(l_firstEc) << 32) | + static_cast<uint64_t>(l_lastEc); + + const uint64_t userdata2 = + (static_cast<uint64_t>(l_risk) << 48) | + (static_cast<uint64_t>(l_proc_compatibility_req) << 32) | + (static_cast<uint64_t>(l_risk_origin)); + + l_err = hwasError(ERRL_SEV_UNRECOVERABLE, + MOD_UPDATE_PROC_COMPAT_RISK_LEVEL, + RC_FORCED_NATIVE_OF_INCOMPATIBLE_RISK, + userdata1, + userdata2); + // SW_CALLOUT - MRW setting error (FORCED_NATIVE) + hwasErrorAddProcedureCallout( l_err, + HWAS::EPUB_PRC_HB_CODE, + HWAS::SRCI_PRIORITY_LOW ); + break; + } + + // DD2.3 system should be upgraded to native level if + // risk is 2 or less + if ((l_firstEc == 0x23) && + (l_risk <= TARGETING::UTIL::P9N22_NO_RUGBY_MITIGATIONS)) + { + upgradeRiskLevel(l_risk); + } + + // DD2.2 system should be downgraded to run in its + // native mode if risk is 4 or more + if ((l_firstEc == 0x22) && + (l_risk >= TARGETING::UTIL::P9N23_P9C13_NATIVE_MODE_MINIMUM)) + { + downgradeRiskLevel(l_risk); + } + } + + char ecLevelStr[20]; + if (mixedEc) + { + sprintf(ecLevelStr,"Mixed"); + } + else + { + sprintf(ecLevelStr,"0x%02X", l_firstEc); + } + if (l_risk != l_original_risk) + { + HWAS_INF("updateProcCompatibilityRiskLevel: " + "Update RISK_LEVEL from %d to %d " + "(EC Level: %s, RISK_ORIGIN: %s, PROC_COMPATIBILITY_REQ: %d)", + l_original_risk, l_risk, ecLevelStr, + l_risk_origin==TARGETING::RISK_LEVEL_ORIGIN_MRW?"MRW":"User", + l_proc_compatibility_req); + pSys->setAttr<TARGETING::ATTR_RISK_LEVEL>(l_risk); + } + else + { + HWAS_DBG("updateProcCompatibilityRiskLevel: " + "Keeping RISK_LEVEL %d " + "(EC Level: %s, RISK_ORIGIN: %s, PROC_COMPATIBILITY_REQ: %d)", + l_risk, ecLevelStr, + l_risk_origin==TARGETING::RISK_LEVEL_ORIGIN_MRW?"MRW":"User", + l_proc_compatibility_req); + } + } while (0); + + HWAS_INF("updateProcCompatibilityRiskLevel exit"); + return l_err; +} errlHndl_t validateProcessorEcLevels() { @@ -3623,6 +3962,17 @@ errlHndl_t validateProcessorEcLevels() l_masterHuid = get_huid(l_pMasterProc); l_model = l_pMasterProc->getAttr<TARGETING::ATTR_MODEL>(); + // Update the RISK_LEVEL attribute before checking EC level mismatch + if(TARGETING::MODEL_NIMBUS == l_model) + { + l_err = updateProcCompatibilityRiskLevel(); + if (l_err) + { + HWAS_ERR("validateProcessorEcLevels:: Unable to update RISK_LEVEL"); + break; + } + } + //Loop through all functional procs and create error logs //for any processors whose EC does not match the master for(const auto & l_chip : l_procChips) diff --git a/src/usr/secureboot/smf/smf_utils.C b/src/usr/secureboot/smf/smf_utils.C index 1548560a9..047fcb041 100644 --- a/src/usr/secureboot/smf/smf_utils.C +++ b/src/usr/secureboot/smf/smf_utils.C @@ -25,7 +25,7 @@ #include <secureboot/smf_utils.H> #include <targeting/common/target.H> #include <targeting/common/targetservice.H> -#include <targeting/targplatutil.H> +#include <targeting/common/util.H> #include <secureboot/secure_reasoncodes.H> #include <assert.h> #include <limits.h> diff --git a/src/usr/secureboot/smf/test/testsmfutils.H b/src/usr/secureboot/smf/test/testsmfutils.H index 917979108..0e61c9785 100644 --- a/src/usr/secureboot/smf/test/testsmfutils.H +++ b/src/usr/secureboot/smf/test/testsmfutils.H @@ -29,9 +29,9 @@ #include <targeting/common/target.H> #include <targeting/common/targetservice.H> +#include <targeting/common/util.H> #include <errl/errlmanager.H> #include <hbotcompid.H> -#include <targeting/targplatutil.H> #include <secureboot/secure_reasoncodes.H> #include <secureboot/smf_utils.H> #include <errl/errlmanager.H> diff --git a/src/usr/targeting/common/xmltohb/attribute_types.xml b/src/usr/targeting/common/xmltohb/attribute_types.xml index 21eca1fd7..065c65307 100644 --- a/src/usr/targeting/common/xmltohb/attribute_types.xml +++ b/src/usr/targeting/common/xmltohb/attribute_types.xml @@ -5845,7 +5845,7 @@ <description> Tracks if a specific core has previously experienced a timeout during initial activation. - 0 = No previous errors reported; + 0 = No previous errors reported; 1 = Core failed on the last attempt to be started </description> <id>PREVIOUS_WAKEUP_FAIL</id> @@ -5905,6 +5905,41 @@ </attribute> <attribute> + <description>Required Processor Compatibility Setting</description> + <id>PROC_COMPATIBILITY_REQ</id> + <persistency>non-volatile</persistency> + <readable/> + <simpleType> + <enumeration> + <id>PROC_COMPATIBILITY_REQ</id> + </enumeration> + </simpleType> + </attribute> + + <enumerationType> + <default>ALLOW_COMPATIBILITY</default> + <description> + Enumeration specifying the compatibility setting for Processor ECs + ALLOW_COMPATIBILITY = set RISK_LEVEL to best allowed + FORCED_COMPATIBILITY = set RISK_LEVEL to a compatible level + FORCED_NATIVE = set RISK_LEVEL to ECs native setting + </description> + <enumerator> + <name>ALLOW_COMPATIBILITY</name> + <value>0</value> + </enumerator> + <enumerator> + <name>FORCED_COMPATIBILITY</name> + <value>1</value> + </enumerator> + <enumerator> + <name>FORCED_NATIVE</name> + <value>2</value> + </enumerator> + <id>PROC_COMPATIBILITY_REQ</id> + </enumerationType> + + <attribute> <id>PROC_DCM_INSTALLED</id> <description> PROC_CHIP Attribute @@ -6644,6 +6679,38 @@ </attribute> <attribute> + <description>Where did the RISK_LEVEL setting originate? + This is used to make sure the MRW isn't setting an invalid level + for FORCED_COMPATIBILITY. + </description> + <id>RISK_LEVEL_ORIGIN</id> + <persistency>volatile-zeroed</persistency> + <readable/> + <simpleType> + <enumeration> + <id>RISK_LEVEL_ORIGIN</id> + </enumeration> + </simpleType> + <writeable/> + </attribute> + + <enumerationType> + <default>USER</default> + <description> + Enumeration specifying what was used to setup the RISK_LEVEL + </description> + <enumerator> + <name>USER</name> + <value>0</value> + </enumerator> + <enumerator> + <name>MRW</name> + <value>1</value> + </enumerator> + <id>RISK_LEVEL_ORIGIN</id> + </enumerationType> + + <attribute> <description>Size of RNG IO Region</description> <id>RNG_BAR_SIZE</id> <persistency>non-volatile</persistency> diff --git a/src/usr/targeting/common/xmltohb/target_types.xml b/src/usr/targeting/common/xmltohb/target_types.xml index 70ebfc55d..bed5fc6fe 100644 --- a/src/usr/targeting/common/xmltohb/target_types.xml +++ b/src/usr/targeting/common/xmltohb/target_types.xml @@ -1730,6 +1730,9 @@ <id>PNOR_FLASH_WORKAROUNDS</id> </attribute> <attribute> + <id>PROC_COMPATIBILITY_REQ</id> + </attribute> + <attribute> <id>PROC_REFCLOCK_RCVR_TERM</id> </attribute> <attribute> @@ -1748,6 +1751,9 @@ <id>REDUNDANT_CLOCKS</id> </attribute> <attribute> + <id>RISK_LEVEL_ORIGIN</id> + </attribute> + <attribute> <id>RUN_MAX_MEM_PATTERNS</id> </attribute> <attribute> diff --git a/src/usr/targeting/targetservicestart.C b/src/usr/targeting/targetservicestart.C index 1b86a9c6b..74cd23fc6 100755 --- a/src/usr/targeting/targetservicestart.C +++ b/src/usr/targeting/targetservicestart.C @@ -522,6 +522,12 @@ static void initializeAttributes(TargetService& i_targetService, i_masterScratch[INITSERVICE::SPLESS::SCRATCH_3]; l_riskLevel = l_scratch3.riskLevel; } + else + { + // MRW used to setup RISK_LEVEL + l_pTopLevel->setAttr<ATTR_RISK_LEVEL_ORIGIN> + (RISK_LEVEL_ORIGIN_MRW); + } TARG_INF( "Setting RISK_LEVEL=%d", l_riskLevel ); l_pTopLevel->setAttr<ATTR_RISK_LEVEL>(l_riskLevel); |