Consume Secure Access Bit from SBE HB communication area

Disable verification in bootloader if SAB not set

Change-Id: If5f1adcbe0277f2a4223d8cea6a5e2048019871d
RTC: 167741
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/37214
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>

4 files changed, 19 insertions, 3 deletions

diff --git a/src/include/bootloader/bootloader.H b/src/include/bootloader/bootloader.H
index 102d23a77..74e2364ee 100644
--- a/src/include/bootloader/bootloader.H
+++ b/src/include/bootloader/bootloader.H
@@ -183,6 +183,10 @@ namespace Bootloader{
 #define HBB_HRMOR               (getHRMOR() - ( 2*MEGABYTE))
 #define HBB_RUNNING_ADDR        (getHRMOR() - ( 2*MEGABYTE))
 
+    /** Location of SBE HB communication area
+        Defined in SBE code and bootloader.ld */
+#define SBE_HB_COMM_ADDR        (getHRMOR() + 0x4)
+
     enum
     {
         /** Offset for starting running copy of HBB */
diff --git a/src/include/bootloader/bootloader_trace.H b/src/include/bootloader/bootloader_trace.H
index 980f90881..6de32997c 100644
--- a/src/include/bootloader/bootloader_trace.H
+++ b/src/include/bootloader/bootloader_trace.H
@@ -72,10 +72,12 @@ enum BootloaderTraces
     /** Bootloader main verifyContainer skip verification - no eyecatch */
     BTLDR_TRC_MAIN_VERIFY_NO_EYECATCH           = 0x17,
 
-    // @TODO RTC:167740 remove magic number check once fsp/op signs HBB
     /** Bootloader main verifyContainer skip verification - no magic number */
     BTLDR_TRC_MAIN_VERIFY_NO_MAGIC_NUM          = 0x18,
 
+    /** Bootloader main verifyContainer skip verification - SAB unset */
+    BTLDR_TRC_MAIN_VERIFY_SAB_UNSET          = 0x19,
+
     /** Bootloader handleMMIO started */
     BTLDR_TRC_HANDLEMMIO_START               = 0x20,
 
diff --git a/src/include/bootloader/bootloaderif.H b/src/include/bootloader/bootloaderif.H
index eb157a348..6c6486e57 100644
--- a/src/include/bootloader/bootloaderif.H
+++ b/src/include/bootloader/bootloaderif.H
@@ -50,7 +50,8 @@ const uint64_t BLTOHB_EYECATCHER = 0x23626C746F686200; // #BLTOHB\0
 enum BlToHbDataVersion
 {
     // [release:4][version:4]
-    BLTOHB_INIT = 0x0000000900000001
+    BLTOHB_INIT = 0x0000000900000001,
+    BLTOHB_SAB  = 0x0000000900000002
 };
 
 
@@ -69,7 +70,7 @@ struct BlToHbData
                    branchtableOffset(0), secureRom(nullptr),
                    secureRomSize(0), hwKeysHash(nullptr),
                    hwKeysHashSize(0), hbbHeader(nullptr),
-                   hbbHeaderSize(0) {}
+                   hbbHeaderSize(0), secureAccessBit(false) {}
 
     // Simple way to tell if data is valid
     uint64_t eyeCatch;
@@ -89,6 +90,8 @@ struct BlToHbData
     const void* hbbHeader;
     // size of Hostboot base header
     size_t hbbHeaderSize;
+    // Secure Access Bit
+    bool secureAccessBit;
 } __attribute__((packed));
 
 /**
diff --git a/src/include/kernel/bltohbdatamgr.H b/src/include/kernel/bltohbdatamgr.H
index 49f5db525..8ddccf49f 100644
--- a/src/include/kernel/bltohbdatamgr.H
+++ b/src/include/kernel/bltohbdatamgr.H
@@ -144,6 +144,13 @@ class BlToHbDataManager
         const size_t getHbbHeaderSize() const;
 
         /*
+         * @brief Returns internal secure access bit
+         *
+         * @return bool     secure access bit
+         */
+        const bool getSecureAccessBit() const;
+
+        /*
          * @brief Returns internal preserved size
          *
          * @return size_t     preserved size