From 94eff06a67f84e9eb0f2189efd7a0b47029fd154 Mon Sep 17 00:00:00 2001
From: Mike Baiocchi <mbaiocch@us.ibm.com>
Date: Thu, 18 May 2017 17:12:26 -0500
Subject: Disable Attribute Overrides in Secure Mode

This commit disables attribute overrides during the IPL and at Runtime
when the system has security enabled.

Change-Id: Ia56b11fc1450c8e11be27c90c0de179038273873
RTC: 163094
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/40735
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
---
 src/include/usr/secureboot/service.H               | 3 +--
 src/include/usr/targeting/common/targreasoncodes.H | 4 +++-
 2 files changed, 4 insertions(+), 3 deletions(-)

(limited to 'src/include/usr')

diff --git a/src/include/usr/secureboot/service.H b/src/include/usr/secureboot/service.H
index 8826fe252..94fa09ec5 100644
--- a/src/include/usr/secureboot/service.H
+++ b/src/include/usr/secureboot/service.H
@@ -83,12 +83,11 @@ namespace SECUREBOOT
 
     /** @brief Determines if Secureboot is enabled.
      */
-#if defined(CONFIG_SECUREBOOT) && !defined(__HOSTBOOT_RUNTIME)
+#if defined(CONFIG_SECUREBOOT)
     bool enabled();
 #else
     inline bool enabled() { return false; };
 #endif
-    //@fixme-RTC:163094-Remove RUNTIME check once the code is there
 
     /** @brief Get security switch register value
      *  @par Detailed Description:
diff --git a/src/include/usr/targeting/common/targreasoncodes.H b/src/include/usr/targeting/common/targreasoncodes.H
index 979513cd5..cf88bc1a9 100644
--- a/src/include/usr/targeting/common/targreasoncodes.H
+++ b/src/include/usr/targeting/common/targreasoncodes.H
@@ -5,7 +5,7 @@
 /*                                                                        */
 /* OpenPOWER HostBoot Project                                             */
 /*                                                                        */
-/* Contributors Listed Below - COPYRIGHT 2012,2016                        */
+/* Contributors Listed Below - COPYRIGHT 2012,2017                        */
 /* [+] International Business Machines Corp.                              */
 /*                                                                        */
 /*                                                                        */
@@ -47,6 +47,7 @@ enum TargetingModuleId
     TARG_PARSE_ATTR_SECT_HEADER = 0x07,
     TARG_MSG_SERVICE_TASK       = 0x08,
     TARG_CREATE_VMM_SECTIONS    = 0x09,
+    TARG_APPLY_ATTR_OVER        = 0x0A,
 };
 
 enum TargetingReasonCode
@@ -70,6 +71,7 @@ enum TargetingReasonCode
     TARG_RC_WRITE_ATTR_OVER_WRONG_PNOR_SEC  = TARG_COMP_ID | 0x11,
     TARG_RC_WRITE_ATTR_OVER_NO_TANK_LAYER   = TARG_COMP_ID | 0x12,
     TARG_RC_MM_BLOCK_MAP_FAIL               = TARG_COMP_ID | 0x13,
+    TARG_RC_APPLY_ATTR_OVER_NOT_ALLOWED     = TARG_COMP_ID | 0x14,
 };
 
 }; // End TARGETING namespace
-- 
cgit v1.2.3