diff options
author | Mike Baiocchi <mbaiocch@us.ibm.com> | 2017-07-06 21:17:47 -0500 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-07-19 13:49:22 -0400 |
commit | c0f528fbaf2532d8cfaf51165fe4f7055a11f24a (patch) | |
tree | 7643434d680a6bb7a3b44ffa81e038dae1861e3c /src/include/usr/sbeio/sbe_psudd.H | |
parent | bf8d6d1dfc603df78a07f9e413d54dc33be857e6 (diff) | |
download | talos-hostboot-c0f528fbaf2532d8cfaf51165fe4f7055a11f24a.tar.gz talos-hostboot-c0f528fbaf2532d8cfaf51165fe4f7055a11f24a.zip |
Secureboot: Base Support of Opening/Closing Memory Regions via SBE
This commit provides the base support of Opening and Closing Unsecure
Memory Regions via PSU commands to the SBE. It introduces external
interfaces, a Memory Region Manager class, and a testcase that
covers the expected use of the interfaces. However, it does not
enable the actual PSU commands to the SBE since their support
is not yet available.
Change-Id: I086011fcbd485abf2db574a82d43cfdea120ffc8
RTC:145686
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/42834
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/include/usr/sbeio/sbe_psudd.H')
-rw-r--r-- | src/include/usr/sbeio/sbe_psudd.H | 64 |
1 files changed, 62 insertions, 2 deletions
diff --git a/src/include/usr/sbeio/sbe_psudd.H b/src/include/usr/sbeio/sbe_psudd.H index e03aa5552..cd8b08050 100644 --- a/src/include/usr/sbeio/sbe_psudd.H +++ b/src/include/usr/sbeio/sbe_psudd.H @@ -68,9 +68,10 @@ class SbePsu // BYTE 6 options enum psuCommandClass { - SBE_PSU_CLASS_UNKNOWN = 0, - SBE_PSU_CLASS_CORE_STATE = 0xD1, + SBE_PSU_CLASS_UNKNOWN = 0, + SBE_PSU_CLASS_CORE_STATE = 0xD1, SBE_PSU_PUT_RING_FROM_IMAGE_CMD = 0xD3, + SBE_PSU_CLASS_SECURITY_CONTROL = 0xD6, SBE_PSU_GENERIC_MESSAGE = 0xD7 }; @@ -107,6 +108,15 @@ class SbePsu }; /** + * @brief enums for SBE Security Control commands + */ + //BYTE 7 options + enum psuSecurityContolCommands + { + SBE_PSU_SET_UNSECURE_MEMORY_REGION_CMD = 0x01, + }; + + /** * @brief enums for SBE core state control flags */ //BYTE 2 & 3, Control Flags @@ -129,6 +139,21 @@ class SbePsu }; /** + * @brief enums for SBE Set Unsecure Memory Region control flags + */ + //BYTE 2 & 3, Control Flags + enum psuSetUnsecureMemoryRegionControlFlags + { + SBE_MEM_REGION_OPEN_READ_ONLY = 0x0011, + SBE_MEM_REGION_OPEN_READ_WRITE = 0x0012, + SBE_MEM_REGION_CLOSE = 0x0020, + + // Re-use SBE_REQUIRE_RESPONSE and SBE_REQUIRE_ACK from above + SBE_MEM_REGION_RESPONSE_REQUIRED = SBE_REQUIRE_RESPONSE, + SBE_MEM_REGION_ACK_REQUIRED = SBE_REQUIRE_ACK, + }; + + /** * @brief non reserved word enums * * Shows which of the request and response msg registers are @@ -227,6 +252,26 @@ class SbePsu }; /** + * @brief non reserved word enums + * + * Shows which of the request and response msg registers are + * not reserved. Reserved registers do not need to be written + * or read. + * + * This is a 4 bit field: + * 0x1 - Reg 0 is non-reserved (read or write this reg) + * 0x2 - Reg 1 is non-reserved (read or write this reg) + * 0x4 - Reg 2 is non-reserved (read or write this reg) + * 0x8 - Reg 3 is non-reserved (read or write this reg) + */ + enum psuSetUnsecureMemoryRegionNonReservedMsgs + { + SBE_MEM_REGION_REQ_USED_REGS = 0x07, + SBE_MEM_REGION_RSP_USED_REGS = 0x01, + }; + + + /** * @brief Struct for PSU command message format * */ @@ -341,6 +386,19 @@ class SbePsu uint64_t cd7_stashKeyAddr_MbxReg3Reserved; //Mbx Reg 3 } PACKED; + struct //setUnsecureMemoryRegion + { + uint16_t cd6_memRegion_Reserved; //Mbx Reg 0 + uint16_t cd6_memRegion_ControlFlags; //Mbx Reg 0 + uint16_t cd6_memRegion_SeqID; //Mbx Reg 0 + uint8_t cd6_memRegion_CommandClass; //Mbx Reg 0 + uint8_t cd6_memRegion_Command; //Mbx Reg 0 + uint32_t cd6_memRegion_MbxReg1reserved; //Mbx Reg 1 + uint32_t cd6_memRegion_Size; //Mbx Reg 1 + uint64_t cd6_memRegion_Start_Addr; //Mbx Reg 2 + uint64_t cd6_memRegion_MbxReg3reserved; //Mbx Reg 3 + } PACKED; + struct //setFFDCAddress { uint16_t cd7_setFFDCAddr_Reserved; @@ -496,6 +554,8 @@ class SbePsu SBE_SEC_INSUFFICIENT_DATA_PASSED = 0x0E, SBE_SEC_EXCESS_DATA_PASSED = 0x0F, SBE_SEC_SBE_BUSY_TO_HANDLE_COMMAND = 0x10, + SBE_SEC_MEM_REGION_NOT_FOUND = 0x11, + SBE_SEC_EXCEEDED_MAX_NUM_MEM_REGIONS = 0x12, }; enum SBE_TARGET_TYPES { |