diff options
author | Stephen Cprek <smcprek@us.ibm.com> | 2017-11-06 16:51:54 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-11-19 15:40:17 -0500 |
commit | f4d54e9c85b36d7d557003ebdfbeb3182636e904 (patch) | |
tree | 6ebabc54b1cf9de8bdbf1a8bf11c8a3e1ddb4968 | |
parent | 1f2edbc95b80c24c9eef2f0be50fbefda7b04780 (diff) | |
download | talos-hostboot-f4d54e9c85b36d7d557003ebdfbeb3182636e904.tar.gz talos-hostboot-f4d54e9c85b36d7d557003ebdfbeb3182636e904.zip |
Fix standalone compile and simics when secureboot compiled out
Change-Id: Ia5e50817208eee672c7899441166add7af718c02
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/49329
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
-rwxr-xr-x | src/build/buildpnor/genPnorImages.pl | 4 | ||||
-rwxr-xr-x | src/build/mkrules/dist.targets.mk | 8 | ||||
-rwxr-xr-x | src/build/mkrules/hbfw/img/makefile | 1 | ||||
-rwxr-xr-x | src/build/tools/hb | 21 | ||||
-rwxr-xr-x | src/build/tools/hbDistribute | 2 | ||||
-rw-r--r-- | src/usr/isteps/istep07/call_mss_eff_config.C | 2 | ||||
-rwxr-xr-x | src/usr/targeting/xmltohb/makefile | 14 |
7 files changed, 36 insertions, 16 deletions
diff --git a/src/build/buildpnor/genPnorImages.pl b/src/build/buildpnor/genPnorImages.pl index 1c6abf877..6bfca0884 100755 --- a/src/build/buildpnor/genPnorImages.pl +++ b/src/build/buildpnor/genPnorImages.pl @@ -523,6 +523,10 @@ sub manipulateImages # Partitions that have a hash page table at the beginning of the section # for secureboot purposes. my %hashPageTablePartitions = (HBI => 1); + if($ENV{'RM_HASH_PAGE_TABLE'}) + { + undef %hashPageTablePartitions; + } my %preReqImages = ( HBB_SW_SIG_FILE => "$bin_dir/$parallelPrefix.hbb_sw_sig.bin" diff --git a/src/build/mkrules/dist.targets.mk b/src/build/mkrules/dist.targets.mk index adf24e579..fea703b09 100755 --- a/src/build/mkrules/dist.targets.mk +++ b/src/build/mkrules/dist.targets.mk @@ -264,10 +264,10 @@ fsp.tar_CONTENTS = \ $(if $(FAKEPNOR), img/dvpd.dat, ) \ img/simics_NIMBUS_targeting.bin \ img/simics_CUMULUS_targeting.bin \ - $(if $(CONFIG_SECUREBOOT),img/simics_NIMBUS_targeting.bin.protected) \ - $(if $(CONFIG_SECUREBOOT),img/simics_NIMBUS_targeting.bin.unprotected) \ - $(if $(CONFIG_SECUREBOOT),img/simics_CUMULUS_targeting.bin.protected) \ - $(if $(CONFIG_SECUREBOOT),img/simics_CUMULUS_targeting.bin.unprotected) \ + img/simics_NIMBUS_targeting.bin.protected \ + img/simics_NIMBUS_targeting.bin.unprotected \ + img/simics_CUMULUS_targeting.bin.protected \ + img/simics_CUMULUS_targeting.bin.unprotected \ obj/genfiles/fapiattrs.xml \ obj/genfiles/attribute_types_sp.xml \ obj/genfiles/target_types_sp.xml \ diff --git a/src/build/mkrules/hbfw/img/makefile b/src/build/mkrules/hbfw/img/makefile index 5aab72e81..7ea1667d0 100755 --- a/src/build/mkrules/hbfw/img/makefile +++ b/src/build/mkrules/hbfw/img/makefile @@ -166,6 +166,7 @@ SIGNING_LIBS%=${SIGNING_DIR}/libssl.so:${SIGNING_DIR}/libcrypto.so PATH%=/usr/bin:${SIGNING_DIR}:${SIGNING_DIR}/../sb-signing-framework/sb-signing-framework/src/client:${PATH} # Dump information about the Secure Boot configuration +# NOTE: fips/$bb/src/Buildconf sets $CONFIG_SECUREBOOT dump-secureboot-config : .FORCEBLD echo -e "\n\n\ Secure Boot Signing Config:\n\ diff --git a/src/build/tools/hb b/src/build/tools/hb index 7771a1d4b..22e5ca7ed 100755 --- a/src/build/tools/hb +++ b/src/build/tools/hb @@ -392,8 +392,25 @@ hb_startsimics() fi needs_machine_variable - # Force simics into Secure Mode - export SECURITY_HW_POLICY="1" + + # Dynamically check config file if secureboot enabled build occurred and + # set mode accordingly + if [[ -f ${PROJECT_ROOT}/obj/genfiles/config.h ]]; then + if cat ${PROJECT_ROOT}/obj/genfiles/config.h | grep -q "CONFIG_SECUREBOOT 1"; then + echo "In secure mode" + if [ -z "${SECURITY_HW_POLICY}" ]; then + export SECURITY_HW_POLICY="1" + fi + else + if [ -z "${SECURITY_HW_POLICY}" ]; then + export SECURITY_HW_POLICY="0" + fi + echo "In unsecure mode" + fi + else + echo "File DNE ${PROJECT_ROOT}/obj/genfiles/config.h" + exit -1 + fi execute_in_sandbox \ "start_simics -machine ${MACHINE} ${SIMICSOPTIONS} $*" "ppc" } diff --git a/src/build/tools/hbDistribute b/src/build/tools/hbDistribute index cd1d4deb8..188145c77 100755 --- a/src/build/tools/hbDistribute +++ b/src/build/tools/hbDistribute @@ -195,8 +195,8 @@ echo "Secure Boot: Signing tool edition is ${SIGNING_TOOL_EDITION}" if [[ -f ${PROJECT_ROOT}/obj/genfiles/config.h ]]; then if cat ${PROJECT_ROOT}/obj/genfiles/config.h | grep -q "CONFIG_SECUREBOOT 1"; then echo "In secure mode" - export CONFIG_SECUREBOOT=1 else + export RM_HASH_PAGE_TABLE=1 echo "In unsecure mode" fi else diff --git a/src/usr/isteps/istep07/call_mss_eff_config.C b/src/usr/isteps/istep07/call_mss_eff_config.C index 5c55e2663..904425da9 100644 --- a/src/usr/isteps/istep07/call_mss_eff_config.C +++ b/src/usr/isteps/istep07/call_mss_eff_config.C @@ -156,7 +156,9 @@ void* call_mss_eff_config( void *io_pArgs ) { IStepError l_StepError; errlHndl_t l_err = nullptr; +#ifdef CONFIG_SECUREBOOT auto memdLoaded = false; +#endif do { diff --git a/src/usr/targeting/xmltohb/makefile b/src/usr/targeting/xmltohb/makefile index eaf50a587..ffe66821f 100755 --- a/src/usr/targeting/xmltohb/makefile +++ b/src/usr/targeting/xmltohb/makefile @@ -187,15 +187,11 @@ VMM_CONSTS_FILE = \ GENFILES = ${XMLTOHB_TARGETS} -XMLTOHB_SYSTEM_BINARIES += \ - $(if $(CONFIG_SECUREBOOT),simics_NIMBUS_targeting.bin.protected) -XMLTOHB_SYSTEM_BINARIES += \ - $(if $(CONFIG_SECUREBOOT),simics_NIMBUS_targeting.bin.unprotected) - -XMLTOHB_SYSTEM_BINARIES += \ - $(if $(CONFIG_SECUREBOOT),simics_CUMULUS_targeting.bin.protected) -XMLTOHB_SYSTEM_BINARIES += \ - $(if $(CONFIG_SECUREBOOT),simics_CUMULUS_targeting.bin.unprotected) +XMLTOHB_SYSTEM_BINARIES += simics_NIMBUS_targeting.bin.protected +XMLTOHB_SYSTEM_BINARIES += simics_NIMBUS_targeting.bin.unprotected + +XMLTOHB_SYSTEM_BINARIES += simics_CUMULUS_targeting.bin.protected +XMLTOHB_SYSTEM_BINARIES += simics_CUMULUS_targeting.bin.unprotected #debug : # @echo COMMON_TARGETING_PATH_PREFIX = ${COMMON_TARGETING_PATH_PREFIX} |