summaryrefslogtreecommitdiffstats
path: root/src/build/buildpnor/genPnorImages.pl
diff options
context:
space:
mode:
authorStephen Cprek <smcprek@us.ibm.com>2017-04-10 16:32:00 -0500
committerWilliam G. Hoffa <wghoffa@us.ibm.com>2017-05-01 17:53:46 -0400
commit863b78e70f9b11e9948c380e1d5cd5790d8d9962 (patch)
tree37e0685a747c34d2bc4e58018eb2ac7f1910072a /src/build/buildpnor/genPnorImages.pl
parent142a25c1a3453d0cc5bac4a93a2765e60a281d2d (diff)
downloadtalos-hostboot-863b78e70f9b11e9948c380e1d5cd5790d8d9962.tar.gz
talos-hostboot-863b78e70f9b11e9948c380e1d5cd5790d8d9962.zip
Port P8 HBI page verification functionality
Verify HBI pages via its securely signed hash page table Change-Id: I86d29ee393c19aa0d9c5270b0b6c561a9fc4ab51 RTC: 167668 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/39071 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
Diffstat (limited to 'src/build/buildpnor/genPnorImages.pl')
-rwxr-xr-xsrc/build/buildpnor/genPnorImages.pl10
1 files changed, 4 insertions, 6 deletions
diff --git a/src/build/buildpnor/genPnorImages.pl b/src/build/buildpnor/genPnorImages.pl
index 3c8d4c973..fb5c5f5d7 100755
--- a/src/build/buildpnor/genPnorImages.pl
+++ b/src/build/buildpnor/genPnorImages.pl
@@ -541,7 +541,7 @@ sub manipulateImages
# Sections that have secureboot support. Secureboot still must be
# enabled for secureboot actions on these partitions to occur.
# @TODO securebootp9 re-enable with SBE/SBEC/PAYLOAD secureboot ports
- my $isNormalSecure ||= ($eyeCatch eq "HBBL");
+ my $isNormalSecure = ($eyeCatch eq "HBBL");
$isNormalSecure ||= ($eyeCatch eq "SBE");
$isNormalSecure ||= ($eyeCatch eq "HBRT");
#$isNormalSecure ||= ($eyeCatch eq "SBEC");
@@ -552,7 +552,7 @@ sub manipulateImages
my $isSpecialSecure = ($eyeCatch eq "HBB");
$isSpecialSecure ||= ($eyeCatch eq "HBD");
- #$isSpecialSecure ||= ($eyeCatch eq "HBI");
+ $isSpecialSecure ||= ($eyeCatch eq "HBI");
# Used to indicate security is supported in firmware
my $secureSupported = $isNormalSecure || $isSpecialSecure;
@@ -620,8 +620,7 @@ sub manipulateImages
if ($secureboot && $secureSupported)
{
$callerHwHdrFields{configure} = 1;
- # @TODO securebootp9 re-enable hash page table with vfs page table port
- if (0) #exists $hashPageTablePartitions{$eyeCatch})
+ if (exists $hashPageTablePartitions{$eyeCatch})
{
if ($eyeCatch eq "HBI")
{
@@ -635,8 +634,7 @@ sub manipulateImages
}
}
# Add hash page table
- # @TODO securebootp9 re-enable hash page table with vfs page table port
- if (0) #$tempImages{hashPageTable} ne "" && -e $tempImages{hashPageTable})
+ if ($tempImages{hashPageTable} ne "" && -e $tempImages{hashPageTable})
{
trace(1,"Adding hash page table for $eyeCatch");
my $hashPageTableSize = -s $tempImages{hashPageTable};
OpenPOWER on IntegriCloud