From 35964668f9dc302401ff03c691e579a4c48eecea Mon Sep 17 00:00:00 2001
From: Mike Baiocchi <mbaiocch@us.ibm.com>
Date: Thu, 12 Sep 2019 09:00:52 -0500
Subject: Add Physical Presence Check and Window Open Features

This commit does the following:
- Adds an interface to detect if physical presence has been asserted
-- This happens in istep 6
-- If the window is open to detect this, it is then closed here
- Adds an interface to possibly open the window to look for physical presence
-- This happens in istep 10
-- It first checks to see if the window should be opened
-- If the window is opened then the system shuts down to wait for
   physical presence to be asserted on the next power on
- Adds the necessary attributes to support and test this functionality

RTC:211220
Change-Id: I05a26ebad581875a4b9f2a51eb1ca3062f36c5fb
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/84656
Reviewed-by: Ilya Smirnov <ismirno@us.ibm.com>
Reviewed-by: Christopher J Engel <cjengel@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E Bofferding <bofferdn@us.ibm.com>
---
 src/usr/runtime/hdatstructs.H        | 7 +++++--
 src/usr/runtime/populate_hbruntime.C | 7 +++++++
 2 files changed, 12 insertions(+), 2 deletions(-)

(limited to 'src/usr/runtime')

diff --git a/src/usr/runtime/hdatstructs.H b/src/usr/runtime/hdatstructs.H
index 94f4c1b71..46cde05f7 100644
--- a/src/usr/runtime/hdatstructs.H
+++ b/src/usr/runtime/hdatstructs.H
@@ -5,7 +5,7 @@
 /*                                                                        */
 /* OpenPOWER HostBoot Project                                             */
 /*                                                                        */
-/* Contributors Listed Below - COPYRIGHT 2012,2018                        */
+/* Contributors Listed Below - COPYRIGHT 2012,2019                        */
 /* [+] International Business Machines Corp.                              */
 /*                                                                        */
 /*                                                                        */
@@ -453,7 +453,10 @@ typedef struct sysSecSets
     // NOTE: This bit is labeled "Platform Security Overrides Allowed"
     // in the section 6.1.1 of HDAT spec.
     uint16_t sbeSecBackdoor : 1;
-    uint16_t reserved : 13;
+
+    // bit 3: "System Physical Presence has been asserted"
+    uint16_t physicalPresenceAsserted : 1;
+    uint16_t reserved : 12;
 } SysSecSets;
 
 #endif
diff --git a/src/usr/runtime/populate_hbruntime.C b/src/usr/runtime/populate_hbruntime.C
index 78fafd406..3b726c3a9 100644
--- a/src/usr/runtime/populate_hbruntime.C
+++ b/src/usr/runtime/populate_hbruntime.C
@@ -1879,6 +1879,13 @@ errlHndl_t populate_hbSecurebootData ( void )
         // populate security override setting
         l_sysSecSets->sbeSecBackdoor = SECUREBOOT::getSbeSecurityBackdoor();
 
+        // populate "System Physical Presence has been asserted"
+        TARGETING::Target* sys = nullptr;
+        TARGETING::targetService().getTopLevelTarget( sys );
+        assert(sys != nullptr, "populate_hbSecurebootData() - Could not obtain top level target");
+        l_sysSecSets->physicalPresenceAsserted =
+            sys->getAttr<TARGETING::ATTR_PHYS_PRES_ASSERTED>();
+
         // populate TPM config bits in hdat
         bool tpmRequired = false;
 #ifdef CONFIG_TPMDD
-- 
cgit v1.2.1