diff options
| author | Stephen Cprek <smcprek@us.ibm.com> | 2017-03-16 14:55:36 -0500 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-03-30 10:59:38 -0400 |
| commit | 7e53643075803b2654bebec85f693c90d1b503f6 (patch) | |
| tree | 67d6fbfb13b8b74dcb72cca54320e0d4efab39bf /src/bootloader | |
| parent | da8ebbbccc858f874bb9841a1a23390798d4f14d (diff) | |
| download | talos-hostboot-7e53643075803b2654bebec85f693c90d1b503f6.tar.gz talos-hostboot-7e53643075803b2654bebec85f693c90d1b503f6.zip | |
Secureboot best effort compatibility support
Change-Id: I1671459ca58684b14f65f322ff6dccddcaad40a2
RTC: 170685
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/38104
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/bootloader')
| -rw-r--r-- | src/bootloader/bootloader.C | 19 |
1 files changed, 3 insertions, 16 deletions
diff --git a/src/bootloader/bootloader.C b/src/bootloader/bootloader.C index 305033f44..4c0e70034 100644 --- a/src/bootloader/bootloader.C +++ b/src/bootloader/bootloader.C @@ -137,19 +137,6 @@ namespace Bootloader{ sizeof(BlToHbData)); } - /** - * @brief Memcmp a vaddr to the known secureboot magic number - * - * @param[in] i_vaddr: vaddr of secureboot header to check for magic number - * Note: must point to a buffer of size >= 4 bytes - * - * @return bool - True if the magic number and starting bytes of the vaddr - * match. False otherwise. - */ - bool cmpSecurebootMagicNumber(const uint8_t* i_vaddr) - { - return memcmp(&ROM_MAGIC_NUMBER, i_vaddr, sizeof(ROM_MAGIC_NUMBER))==0; - } /** * @brief Verify Container against system hash keys @@ -179,8 +166,8 @@ namespace Bootloader{ BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_NO_EYECATCH); } // # @TODO RTC:170136 terminate in this case - else if ( !cmpSecurebootMagicNumber(reinterpret_cast<const uint8_t*> - (i_pContainer))) + else if ( !PNOR::cmpSecurebootMagicNumber( + reinterpret_cast<const uint8_t*>(i_pContainer))) { BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_NO_MAGIC_NUM); } @@ -328,7 +315,7 @@ namespace Bootloader{ verifyContainer(l_src_addr); // Increment past secure header - if (isSecureSection(PNOR::HB_BASE_CODE)) + if (isEnforcedSecureSection(PNOR::HB_BASE_CODE)) { l_src_addr += PAGE_SIZE/sizeof(uint64_t); l_hbbLength -= PAGE_SIZE; |
