diff options
author | Jaymes Wilks <mjwilks@us.ibm.com> | 2017-09-13 09:53:39 -0500 |
---|---|---|
committer | William G. Hoffa <wghoffa@us.ibm.com> | 2017-10-20 12:50:04 -0400 |
commit | b70fc1ac984f9da0d9e4932b8a9e40b1ccf4da50 (patch) | |
tree | 509a1189bbbb420583dadd61603a08eb6691e2c3 /src/include | |
parent | 3f4963bae6821005c0d355587e43ca17512e5a3b (diff) | |
download | talos-hostboot-b70fc1ac984f9da0d9e4932b8a9e40b1ccf4da50.tar.gz talos-hostboot-b70fc1ac984f9da0d9e4932b8a9e40b1ccf4da50.zip |
Implement Secure unload
Implement Secure unload of secure sections within PNOR.
Change-Id: I92a00013d23e0506f89f89ec41a193eac0b25d25
RTC:157475
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/46203
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
Diffstat (limited to 'src/include')
-rw-r--r-- | src/include/usr/pnor/pnor_reasoncodes.H | 6 | ||||
-rw-r--r-- | src/include/usr/pnor/pnorif.H | 19 |
2 files changed, 18 insertions, 7 deletions
diff --git a/src/include/usr/pnor/pnor_reasoncodes.H b/src/include/usr/pnor/pnor_reasoncodes.H index 3eee83930..e9e98f9c5 100644 --- a/src/include/usr/pnor/pnor_reasoncodes.H +++ b/src/include/usr/pnor/pnor_reasoncodes.H @@ -105,9 +105,10 @@ namespace PNOR MOD_SPNORRP_WAITFORMESSAGE = 0xD3, /**< SPnorRP::waitForMessage */ MOD_SPNORRP_VERIFYSECTIONS = 0xD4, /**< SPnorRP::verifySections */ MOD_SPNORRP_SET_PERMISSION = 0xD5, /**< SPnorRP::initDaemon */ - MOD_PNORRP_LOADSECURESECTION = 0xD6, /**< PnorRP::loadSecureSection */ + MOD_PNORRP_LOADUNLOADSECURESECTION = 0xD6, /**< PnorRP::loadSecureSection */ MOD_SPNORRP_BASE_EXT_VER_CHK = 0xD7, /**< SPnorRP::baseExtVersCheck */ MOD_SPNORRP_KEY_TRAN_CHK = 0xD8, /**< SPnorRP::keyTransitionCheck */ + MOD_SPNORRP_REMOVE_PAGES = 0xD9, // ast_mboxdd.C MOD_ASTMBOXDD_DO_MESSAGE = 0xE0, /**< astMbox::doMessage */ @@ -178,6 +179,9 @@ namespace PNOR RC_MBOX_BAD_SEQUENCE = PNOR_COMP_ID | 0x32, RC_MBOX_ERROR_STATUS = PNOR_COMP_ID | 0x33, RC_UNSIGNED_PNOR_SECTION = PNOR_COMP_ID | 0x34, + RC_NOT_A_LOADED_SECTION = PNOR_COMP_ID | 0x35, + RC_NOT_A_SUPPORTED_SECTION = PNOR_COMP_ID | 0x36, + RC_SECURE_UNLOAD_DISALLOWED = PNOR_COMP_ID | 0x37, //@fixme-RTC:131607-Temporary value to allow HWSV compile //termination_rc diff --git a/src/include/usr/pnor/pnorif.H b/src/include/usr/pnor/pnorif.H index 7e62e6042..1c35ec852 100644 --- a/src/include/usr/pnor/pnorif.H +++ b/src/include/usr/pnor/pnorif.H @@ -94,8 +94,9 @@ errlHndl_t getSectionInfo( SectionId i_section, * placing it in the address space. Returns error if the requested * section does not have secure space support. * - * @param[in] i_section PNOR section to load. Section must not already be - * loaded. + * @param[in] i_section PNOR section to load. If the section is already loaded, + * the bulk of the load operation will not be repeated as + * a reference count is maintained for each section. * * @return errlHndl_t Error log handle * @retval NULL Successfully loaded PNOR section @@ -104,14 +105,20 @@ errlHndl_t getSectionInfo( SectionId i_section, errlHndl_t loadSecureSection(SectionId i_section); /** - * @brief Flushes any applicable pending writes and unloads requested PNOR - * section from secure virtual address space + * @brief Unloads requested PNOR section from secure virtual address space. + * There are some restrictions about which sections can be unloaded. + * 1. You cannot unload HBB, HBI, or targeting sections. These are core + * sections that need to be available as much as possible. + * 2. You can only unload sections for which the secure payload is + * the entire payload. Sections with unsecured pages are not + * supported. * - * @param[in] i_section PNOR section to unload. No-op if already unloaded. + * @param[in] i_section PNOR section to unload. * * @return errlHndl_t Error log handle * @retval NULL Successfully unloaded PNOR section - * @retval !NULL Failed to unload PNOR section + * @retval !NULL Failed to unload PNOR section for the reasons listed above + * or if the section is not currently loaded. */ errlHndl_t unloadSecureSection(SectionId i_section); |