Support setting security mode based on SBE key indicator bit

Change-Id: I9db3857b73116db5761b55eb3aa6ec7e47dd4c3d
RTC: 170650
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/39515
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>

1 files changed, 16 insertions, 6 deletions

diff --git a/src/include/securerom/ROM.H b/src/include/securerom/ROM.H
index 9e3d7d4ca..9d928de28 100644
--- a/src/include/securerom/ROM.H
+++ b/src/include/securerom/ROM.H
@@ -248,6 +248,7 @@ enum HW_SB_FLAGS
     HB_FW_FLAG = 0x80000000,
     OPAL_FLAG = 0x40000000,
     PHYP_FLAG = 0x20000000,
+    LAB_OVERRIDE_FLAG = 0x00080000,
     KEY_TRANSITION_FLAG = 0x00000001
 };
 
@@ -260,12 +261,21 @@ enum SW_SB_FLAGS
 // Structure to store all hw and sw flag values in a container header
 struct sb_flags_t
 {
-    sb_flags_t() : hw_hb_fw(false), hw_opal(false), hw_phyp(false),
-                   hw_key_transition(false) {}
-    bool hw_hb_fw;
-    bool hw_opal;
-    bool hw_phyp;
-    bool hw_key_transition;
+    sb_flags_t() :
+        hw_hb_fw(false),
+        hw_opal(false),
+        hw_phyp(false),
+        hw_lab_override(false),
+        hw_key_transition(false)
+    {
+    }
+
+    bool hw_hb_fw;          ///< Signed using HB keys
+    bool hw_opal;           ///< Signed using OPAL keys
+    bool hw_phyp;           ///< Signed using PHyp keys
+    bool hw_lab_override;   ///< Whether to enable lab security override;
+                            ///< Only applicable for SBE partition
+    bool hw_key_transition; ///< Indicates this is a key transition container
 };