Fix standalone compile and simics when secureboot compiled out

Change-Id: Ia5e50817208eee672c7899441166add7af718c02
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/49329
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>

7 files changed, 36 insertions, 16 deletions

diff --git a/src/build/buildpnor/genPnorImages.pl b/src/build/buildpnor/genPnorImages.pl
index 1c6abf877..6bfca0884 100755
--- a/src/build/buildpnor/genPnorImages.pl
+++ b/src/build/buildpnor/genPnorImages.pl
@@ -523,6 +523,10 @@ sub manipulateImages
     # Partitions that have a hash page table at the beginning of the section
     # for secureboot purposes.
     my %hashPageTablePartitions = (HBI => 1);
+    if($ENV{'RM_HASH_PAGE_TABLE'})
+    {
+        undef %hashPageTablePartitions;
+    }
 
     my %preReqImages = (
         HBB_SW_SIG_FILE => "$bin_dir/$parallelPrefix.hbb_sw_sig.bin"
diff --git a/src/build/mkrules/dist.targets.mk b/src/build/mkrules/dist.targets.mk
index adf24e579..fea703b09 100755
--- a/src/build/mkrules/dist.targets.mk
+++ b/src/build/mkrules/dist.targets.mk
@@ -264,10 +264,10 @@ fsp.tar_CONTENTS = \
     $(if $(FAKEPNOR), img/dvpd.dat, ) \
     img/simics_NIMBUS_targeting.bin \
     img/simics_CUMULUS_targeting.bin \
-    $(if $(CONFIG_SECUREBOOT),img/simics_NIMBUS_targeting.bin.protected) \
-    $(if $(CONFIG_SECUREBOOT),img/simics_NIMBUS_targeting.bin.unprotected) \
-    $(if $(CONFIG_SECUREBOOT),img/simics_CUMULUS_targeting.bin.protected) \
-    $(if $(CONFIG_SECUREBOOT),img/simics_CUMULUS_targeting.bin.unprotected) \
+    img/simics_NIMBUS_targeting.bin.protected \
+    img/simics_NIMBUS_targeting.bin.unprotected \
+    img/simics_CUMULUS_targeting.bin.protected \
+    img/simics_CUMULUS_targeting.bin.unprotected \
     obj/genfiles/fapiattrs.xml \
     obj/genfiles/attribute_types_sp.xml \
     obj/genfiles/target_types_sp.xml \
diff --git a/src/build/mkrules/hbfw/img/makefile b/src/build/mkrules/hbfw/img/makefile
index 5aab72e81..7ea1667d0 100755
--- a/src/build/mkrules/hbfw/img/makefile
+++ b/src/build/mkrules/hbfw/img/makefile
@@ -166,6 +166,7 @@ SIGNING_LIBS%=${SIGNING_DIR}/libssl.so:${SIGNING_DIR}/libcrypto.so
 PATH%=/usr/bin:${SIGNING_DIR}:${SIGNING_DIR}/../sb-signing-framework/sb-signing-framework/src/client:${PATH}
 
 # Dump information about the Secure Boot configuration
+# NOTE: fips/$bb/src/Buildconf sets $CONFIG_SECUREBOOT
 dump-secureboot-config : .FORCEBLD
 	echo -e "\n\n\
 Secure Boot Signing Config:\n\
diff --git a/src/build/tools/hb b/src/build/tools/hb
index 7771a1d4b..22e5ca7ed 100755
--- a/src/build/tools/hb
+++ b/src/build/tools/hb
@@ -392,8 +392,25 @@ hb_startsimics()
     fi
 
     needs_machine_variable
-    # Force simics into Secure Mode
-    export SECURITY_HW_POLICY="1"
+
+    # Dynamically check config file if secureboot enabled build occurred and
+    # set mode accordingly
+    if [[ -f ${PROJECT_ROOT}/obj/genfiles/config.h ]]; then
+        if cat ${PROJECT_ROOT}/obj/genfiles/config.h | grep -q "CONFIG_SECUREBOOT 1"; then
+            echo "In secure mode"
+            if [ -z "${SECURITY_HW_POLICY}" ]; then
+                export SECURITY_HW_POLICY="1"
+            fi
+        else
+            if [ -z "${SECURITY_HW_POLICY}" ]; then
+                export SECURITY_HW_POLICY="0"
+            fi
+            echo "In unsecure mode"
+        fi
+    else
+        echo "File DNE ${PROJECT_ROOT}/obj/genfiles/config.h"
+        exit -1
+    fi
     execute_in_sandbox \
         "start_simics -machine ${MACHINE} ${SIMICSOPTIONS} $*"  "ppc"
 }
diff --git a/src/build/tools/hbDistribute b/src/build/tools/hbDistribute
index cd1d4deb8..188145c77 100755
--- a/src/build/tools/hbDistribute
+++ b/src/build/tools/hbDistribute
@@ -195,8 +195,8 @@ echo "Secure Boot: Signing tool edition is ${SIGNING_TOOL_EDITION}"
 if [[ -f ${PROJECT_ROOT}/obj/genfiles/config.h ]]; then
     if cat ${PROJECT_ROOT}/obj/genfiles/config.h | grep -q "CONFIG_SECUREBOOT 1"; then
         echo "In secure mode"
-        export CONFIG_SECUREBOOT=1
     else
+        export RM_HASH_PAGE_TABLE=1
         echo "In unsecure mode"
     fi
 else
diff --git a/src/usr/isteps/istep07/call_mss_eff_config.C b/src/usr/isteps/istep07/call_mss_eff_config.C
index 5c55e2663..904425da9 100644
--- a/src/usr/isteps/istep07/call_mss_eff_config.C
+++ b/src/usr/isteps/istep07/call_mss_eff_config.C
@@ -156,7 +156,9 @@ void*    call_mss_eff_config( void *io_pArgs )
 {
     IStepError l_StepError;
     errlHndl_t l_err = nullptr;
+#ifdef CONFIG_SECUREBOOT
     auto memdLoaded = false;
+#endif
 
     do {
 
diff --git a/src/usr/targeting/xmltohb/makefile b/src/usr/targeting/xmltohb/makefile
index eaf50a587..ffe66821f 100755
--- a/src/usr/targeting/xmltohb/makefile
+++ b/src/usr/targeting/xmltohb/makefile
@@ -187,15 +187,11 @@ VMM_CONSTS_FILE = \
 
 GENFILES = ${XMLTOHB_TARGETS}
 
-XMLTOHB_SYSTEM_BINARIES += \
-	$(if $(CONFIG_SECUREBOOT),simics_NIMBUS_targeting.bin.protected)
-XMLTOHB_SYSTEM_BINARIES += \
-	$(if $(CONFIG_SECUREBOOT),simics_NIMBUS_targeting.bin.unprotected)
-
-XMLTOHB_SYSTEM_BINARIES += \
-	$(if $(CONFIG_SECUREBOOT),simics_CUMULUS_targeting.bin.protected)
-XMLTOHB_SYSTEM_BINARIES += \
-	$(if $(CONFIG_SECUREBOOT),simics_CUMULUS_targeting.bin.unprotected)
+XMLTOHB_SYSTEM_BINARIES += simics_NIMBUS_targeting.bin.protected
+XMLTOHB_SYSTEM_BINARIES += simics_NIMBUS_targeting.bin.unprotected
+
+XMLTOHB_SYSTEM_BINARIES += simics_CUMULUS_targeting.bin.protected
+XMLTOHB_SYSTEM_BINARIES += simics_CUMULUS_targeting.bin.unprotected
 
 #debug :
 #	@echo COMMON_TARGETING_PATH_PREFIX = ${COMMON_TARGETING_PATH_PREFIX}