diff options
| author | Ilya Smirnov <ismirno@us.ibm.com> | 2018-02-27 13:22:03 -0600 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2018-03-12 14:27:28 -0400 |
| commit | c82b626e6ea1d56c0d25cbd5954064e256135002 (patch) | |
| tree | 7cc298f3a52c630881ff24398f993f1635035e36 /src/include/usr | |
| parent | e4a7de38d08d2ebb31dde21f3983791e2c2c4307 (diff) | |
| download | talos-hostboot-c82b626e6ea1d56c0d25cbd5954064e256135002.tar.gz talos-hostboot-c82b626e6ea1d56c0d25cbd5954064e256135002.zip | |
Check the Section Headers in Non-Secure Mode
When a PNOR section without a header is flashed onto a system that
doesn't have SECUREBOOT compiled in, no header checks are performed,
but the code still acts as if the header is present, and so the
virtual address of the section is set to point past the secure
header, which is 0x1000 into the section image, which causes all
kinds of issues. This change adds logic to check the headers even
when Secure Boot features are compiled out.
Change-Id: Ieece371014192f160273939a35cb175aef0ddb25
Resolves: #126
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/54831
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/include/usr')
| -rw-r--r-- | src/include/usr/pnor/pnor_reasoncodes.H | 4 | ||||
| -rw-r--r-- | src/include/usr/pnor/pnorif.H | 12 |
2 files changed, 14 insertions, 2 deletions
diff --git a/src/include/usr/pnor/pnor_reasoncodes.H b/src/include/usr/pnor/pnor_reasoncodes.H index 589337a3b..e0c156e74 100644 --- a/src/include/usr/pnor/pnor_reasoncodes.H +++ b/src/include/usr/pnor/pnor_reasoncodes.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2011,2017 */ +/* Contributors Listed Below - COPYRIGHT 2011,2018 */ /* [+] Google Inc. */ /* [+] International Business Machines Corp. */ /* */ @@ -96,6 +96,7 @@ namespace PNOR // pnor_common.C MOD_PNORCOMMON_PARSETOC = 0xC0, /**< PNOR::parseTOC */ + MOD_PNORCOMMON_GETSECTIONINFO = 0xC1, /**< PNOR::getSectionInfo */ // spnorrp.C // Note: 0xD0 is available, so should be the next one used for spnorrp. @@ -187,6 +188,7 @@ namespace PNOR RC_SECURE_SIZE_MISMATCH = PNOR_COMP_ID | 0x3A, RC_NOT_PAGE_ALIGNED = PNOR_COMP_ID | 0x3B, RC_SECURE_PRO_SIZE_MISMATCH = PNOR_COMP_ID | 0x3C, + RC_BAD_HEADER_FORMAT = PNOR_COMP_ID | 0x3D, //@fixme-RTC:131607-Temporary value to allow HWSV compile //termination_rc diff --git a/src/include/usr/pnor/pnorif.H b/src/include/usr/pnor/pnorif.H index cef8617fd..b4d1a668f 100644 --- a/src/include/usr/pnor/pnorif.H +++ b/src/include/usr/pnor/pnorif.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2011,2017 */ +/* Contributors Listed Below - COPYRIGHT 2011,2018 */ /* [+] Google Inc. */ /* [+] International Business Machines Corp. */ /* */ @@ -226,6 +226,16 @@ const char * SectionIdToString( uint32_t i_secIdIndex ); bool cmpSecurebootMagicNumber(const uint8_t* i_vaddr); /** + * @brief Determines whether requested PNOR section has a recognized header + * @param[in] i_vaddr: vaddr of the beginning of the secureboot header. + * @param[in] o_magicNumber: the read value of the header's magic number. + Used for error logging purposes. Always populated. + * @return bool: True if the header was recognized, false otherwise. + */ +bool hasKnownHeader(const uint8_t* i_vaddr, + uint64_t& o_magicNumber); + +/** * @brief Determine if a PNOR section is empty by checking if first PAGE * is all 0xFF's or 0x00's depending on ECC or not. * |
