summaryrefslogtreecommitdiffstats
path: root/src/bootloader
diff options
context:
space:
mode:
authorStephen Cprek <smcprek@us.ibm.com>2017-07-26 10:33:24 -0500
committerDaniel M. Crowell <dcrowell@us.ibm.com>2017-08-25 23:16:28 -0400
commitcefc4c2c1bf3a43a993f2091813ee181779ddee4 (patch)
treef6b15a971c3207dbae3b1800f8555b55d5dd8ae7 /src/bootloader
parentb8f86e3a6bb4f491360dc3771854e36e903f8a71 (diff)
downloadtalos-hostboot-cefc4c2c1bf3a43a993f2091813ee181779ddee4.tar.gz
talos-hostboot-cefc4c2c1bf3a43a993f2091813ee181779ddee4.zip
Refactor SecureBoot Workarounds to better control leniency
At this time we are trying to secure OpenPOWER in secure mode, but allow best effort policies in other scenarios Change-Id: I9ec2b5be49dbfcff678c4d30bb85f8762e448cb6 RTC: 170136 RTC: 155374 RTC: 168021 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/43640 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/bootloader')
-rw-r--r--src/bootloader/bootloader.C23
1 files changed, 20 insertions, 3 deletions
diff --git a/src/bootloader/bootloader.C b/src/bootloader/bootloader.C
index 55969fa0b..99ac0b1ec 100644
--- a/src/bootloader/bootloader.C
+++ b/src/bootloader/bootloader.C
@@ -198,18 +198,35 @@ namespace Bootloader{
{
BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_SAB_UNSET);
}
- // # @TODO RTC:170136 terminate in this case
- // Ensure SecureRom is actually present
+ // Terminate if a valid securerom is not present
else if ( !g_blData->secureRomValid )
{
+#ifdef CONFIG_SECUREBOOT_BEST_EFFORT
BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_NO_EYECATCH);
+#else
+ BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_INVALID_SECROM);
+ /*@
+ * @errortype
+ * @moduleid Bootloader::MOD_BOOTLOADER_VERIFY
+ * @reasoncode SECUREBOOT::RC_SECROM_INVALID
+ * @userdata1[0:15] TI_WITH_SRC
+ * @userdata1[16:31] TI_BOOTLOADER
+ * @userdata1[32:63] Failing address = 0
+ * @devdesc Valid securerom not present
+ * @custdesc Security failure occurred while running processor
+ * boot code.
+ */
+ bl_terminate(Bootloader::MOD_BOOTLOADER_VERIFY,
+ SECUREBOOT::RC_SECROM_INVALID);
+#endif
}
- // # @TODO RTC:170136 terminate in this case
+#ifdef CONFIG_SECUREBOOT_BEST_EFFORT
else if ( !PNOR::cmpSecurebootMagicNumber(
reinterpret_cast<const uint8_t*>(i_pContainer)))
{
BOOTLOADER_TRACE(BTLDR_TRC_MAIN_VERIFY_NO_MAGIC_NUM);
}
+#endif
else
{
// Set startAddr to ROM_verify() function at an offset of Secure ROM
OpenPOWER on IntegriCloud