diff options
author | Nick Bofferding <bofferdn@us.ibm.com> | 2018-06-22 11:44:56 -0500 |
---|---|---|
committer | William G. Hoffa <wghoffa@us.ibm.com> | 2018-06-26 09:55:27 -0400 |
commit | be4d594926a5da4b5b8042498bb9be9287561339 (patch) | |
tree | f34985b78f38091d40a5adfcc0c4b200428b9019 /src/include | |
parent | cfa7304f5d6a12f59805477e7498635c67578dd6 (diff) | |
download | talos-hostboot-be4d594926a5da4b5b8042498bb9be9287561339.tar.gz talos-hostboot-be4d594926a5da4b5b8042498bb9be9287561339.zip |
Post informational error log for planar jumper settings
Change-Id: Iebdc09d10a62abab4e71b53fa88a4b21c89822e4
CQ: SW432936
Forwardport: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/61318
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
Diffstat (limited to 'src/include')
-rw-r--r-- | src/include/usr/secureboot/secure_reasoncodes.H | 124 | ||||
-rw-r--r-- | src/include/usr/secureboot/service.H | 6 |
2 files changed, 69 insertions, 61 deletions
diff --git a/src/include/usr/secureboot/secure_reasoncodes.H b/src/include/usr/secureboot/secure_reasoncodes.H index 17abc8ce6..30609603d 100644 --- a/src/include/usr/secureboot/secure_reasoncodes.H +++ b/src/include/usr/secureboot/secure_reasoncodes.H @@ -31,76 +31,78 @@ namespace SECUREBOOT { enum SECUREModuleId { - MOD_SECURE_INVALID = 0x00, - MOD_SECURE_BLINDPURGE = 0x01, - MOD_SECURE_ROM_INIT = 0x02, - MOD_SECURE_ROM_VERIFY = 0x03, - MOD_SECURE_ROM_CLEANUP = 0x04, - MOD_SECURE_ROM_SHA512 = 0x05, - MOD_SECURE_READ_REG = 0x06, - MOD_SECURE_WRITE_REG = 0x07, - MOD_SECURE_SETTINGS_INIT = 0x08, - MOD_SECURE_VERIFY_COMPONENT = 0x09, - MOD_SECURE_CONT_HDR_PARSE = 0x0A, - MOD_SECURE_CONT_HDR_CPY_INC = 0x0B, - MOD_SECURE_CONT_VALIDATE = 0x0C, - MOD_SECURE_SET_SBE_SECURE_MODE = 0x0D, - MOD_SECURE_GET_ALL_SEC_REGS = 0x0E, - MOD_SECURE_LOAD_HEADER = 0x0F, - MOD_SECURE_VALIDATE_ECID_COUNT = 0x10, - MOD_LOCK_ABUS_SEC_MAILBOXES = 0x11, + MOD_SECURE_INVALID = 0x00, + MOD_SECURE_BLINDPURGE = 0x01, + MOD_SECURE_ROM_INIT = 0x02, + MOD_SECURE_ROM_VERIFY = 0x03, + MOD_SECURE_ROM_CLEANUP = 0x04, + MOD_SECURE_ROM_SHA512 = 0x05, + MOD_SECURE_READ_REG = 0x06, + MOD_SECURE_WRITE_REG = 0x07, + MOD_SECURE_SETTINGS_INIT = 0x08, + MOD_SECURE_VERIFY_COMPONENT = 0x09, + MOD_SECURE_CONT_HDR_PARSE = 0x0A, + MOD_SECURE_CONT_HDR_CPY_INC = 0x0B, + MOD_SECURE_CONT_VALIDATE = 0x0C, + MOD_SECURE_SET_SBE_SECURE_MODE = 0x0D, + MOD_SECURE_GET_ALL_SEC_REGS = 0x0E, + MOD_SECURE_LOAD_HEADER = 0x0F, + MOD_SECURE_VALIDATE_ECID_COUNT = 0x10, + MOD_LOCK_ABUS_SEC_MAILBOXES = 0x11, + MOD_SECURE_LOG_PLAT_SECURITY_CONFIG = 0x12, // Use 0x20-0x2F range for Node Communications - MOD_NCDD_CHECK_FOR_ERRORS = 0x20, - MOD_NCDD_WAIT_FOR_CMD_COMP = 0x21, - MOD_NC_XBUS_TEST = 0x22, - MOD_NC_MAP_ATTN = 0x23, - MOD_NCDD_PERFORM_OP = 0x24, - MOD_NCDD_WRITE = 0x25, - MOD_NCEX_MAIN = 0x26, - MOD_NCEX_MASTER = 0x27, - MOD_NCEX_SLAVE = 0x28, - MOD_NCEX_GET_RANDOM = 0x29, - MOD_NCEX_RECV = 0x2A, + MOD_NCDD_CHECK_FOR_ERRORS = 0x20, + MOD_NCDD_WAIT_FOR_CMD_COMP = 0x21, + MOD_NC_XBUS_TEST = 0x22, + MOD_NC_MAP_ATTN = 0x23, + MOD_NCDD_PERFORM_OP = 0x24, + MOD_NCDD_WRITE = 0x25, + MOD_NCEX_MAIN = 0x26, + MOD_NCEX_MASTER = 0x27, + MOD_NCEX_SLAVE = 0x28, + MOD_NCEX_GET_RANDOM = 0x29, + MOD_NCEX_RECV = 0x2A, }; enum SECUREReasonCode { - RC_PURGEOP_PENDING = SECURE_COMP_ID | 0x01, - RC_PURGEOP_FAIL_COMPLETE = SECURE_COMP_ID | 0x02, - RC_DEV_MAP_FAIL = SECURE_COMP_ID | 0x03, - RC_PAGE_ALLOC_FAIL = SECURE_COMP_ID | 0x04, - RC_SET_PERMISSION_FAIL_EXE = SECURE_COMP_ID | 0x05, - RC_SET_PERMISSION_FAIL_WRITE = SECURE_COMP_ID | 0x06, + RC_PURGEOP_PENDING = SECURE_COMP_ID | 0x01, + RC_PURGEOP_FAIL_COMPLETE = SECURE_COMP_ID | 0x02, + RC_DEV_MAP_FAIL = SECURE_COMP_ID | 0x03, + RC_PAGE_ALLOC_FAIL = SECURE_COMP_ID | 0x04, + RC_SET_PERMISSION_FAIL_EXE = SECURE_COMP_ID | 0x05, + RC_SET_PERMISSION_FAIL_WRITE = SECURE_COMP_ID | 0x06, //termination_rc - RC_ROM_VERIFY = SECURE_COMP_ID | 0x07, - RC_ROM_SHA512 = SECURE_COMP_ID | 0x08, - RC_SECURE_BAD_TARGET = SECURE_COMP_ID | 0x09, - RC_SECURE_BOOT_DISABLED = SECURE_COMP_ID | 0x0A, - RC_SECROM_INVALID = SECURE_COMP_ID | 0x0B, - RC_CONT_HDR_NO_SPACE = SECURE_COMP_ID | 0x0C, - RC_CONT_HDR_INVALID = SECURE_COMP_ID | 0x0D, - RC_SBE_INVALID_SEC_MODE = SECURE_COMP_ID | 0x0E, - RC_DEVICE_WRITE_ERR = SECURE_COMP_ID | 0x0F, - RC_PROC_NOT_SCOMABLE = SECURE_COMP_ID | 0x10, - RC_DEVICE_READ_ERR = SECURE_COMP_ID | 0x11, - RC_INVALID_BASE_HEADER = SECURE_COMP_ID | 0x12, - RC_INVALID_ECID_COUNT = SECURE_COMP_ID | 0x13, - RC_LOCK_MAILBOXES_FAILED = SECURE_COMP_ID | 0x14, + RC_ROM_VERIFY = SECURE_COMP_ID | 0x07, + RC_ROM_SHA512 = SECURE_COMP_ID | 0x08, + RC_SECURE_BAD_TARGET = SECURE_COMP_ID | 0x09, + RC_SECURE_BOOT_DISABLED = SECURE_COMP_ID | 0x0A, + RC_SECROM_INVALID = SECURE_COMP_ID | 0x0B, + RC_CONT_HDR_NO_SPACE = SECURE_COMP_ID | 0x0C, + RC_CONT_HDR_INVALID = SECURE_COMP_ID | 0x0D, + RC_SBE_INVALID_SEC_MODE = SECURE_COMP_ID | 0x0E, + RC_DEVICE_WRITE_ERR = SECURE_COMP_ID | 0x0F, + RC_PROC_NOT_SCOMABLE = SECURE_COMP_ID | 0x10, + RC_DEVICE_READ_ERR = SECURE_COMP_ID | 0x11, + RC_INVALID_BASE_HEADER = SECURE_COMP_ID | 0x12, + RC_INVALID_ECID_COUNT = SECURE_COMP_ID | 0x13, + RC_LOCK_MAILBOXES_FAILED = SECURE_COMP_ID | 0x14, + RC_SECURE_LOG_PLAT_SECURITY_CONFIG = SECURE_COMP_ID | 0x15, // Use 0x20-0x2F range for Node Communications - RC_NCDD_HW_ERROR_FOUND = SECURE_COMP_ID | 0x20, - RC_NCDD_CMD_COMP_TIMEOUT = SECURE_COMP_ID | 0x21, - RC_NC_DATA_MISCOMPARE = SECURE_COMP_ID | 0x22, - RC_NC_NO_ATTN_FOUND = SECURE_COMP_ID | 0x23, - RC_NC_TOO_MANY_ATTNS_FOUND = SECURE_COMP_ID | 0x24, - RC_NCDD_INVALID_ARGS = SECURE_COMP_ID | 0x25, - RC_NCDD_DATA_NOT_SENT = SECURE_COMP_ID | 0x26, - RC_NCEX_MISMATCH_RECV_LINKS = SECURE_COMP_ID | 0x27, - RC_NCEX_NO_FUNCTIONAL_TPMS = SECURE_COMP_ID | 0x28, - RC_NCEX_INVALID_PHYS_PATH = SECURE_COMP_ID | 0x29, - RC_NCEX_INVALID_INSTANCE_COUNT = SECURE_COMP_ID | 0x2A, - RC_NCEX_WAITING_TIMEOUT = SECURE_COMP_ID | 0x2B, + RC_NCDD_HW_ERROR_FOUND = SECURE_COMP_ID | 0x20, + RC_NCDD_CMD_COMP_TIMEOUT = SECURE_COMP_ID | 0x21, + RC_NC_DATA_MISCOMPARE = SECURE_COMP_ID | 0x22, + RC_NC_NO_ATTN_FOUND = SECURE_COMP_ID | 0x23, + RC_NC_TOO_MANY_ATTNS_FOUND = SECURE_COMP_ID | 0x24, + RC_NCDD_INVALID_ARGS = SECURE_COMP_ID | 0x25, + RC_NCDD_DATA_NOT_SENT = SECURE_COMP_ID | 0x26, + RC_NCEX_MISMATCH_RECV_LINKS = SECURE_COMP_ID | 0x27, + RC_NCEX_NO_FUNCTIONAL_TPMS = SECURE_COMP_ID | 0x28, + RC_NCEX_INVALID_PHYS_PATH = SECURE_COMP_ID | 0x29, + RC_NCEX_INVALID_INSTANCE_COUNT = SECURE_COMP_ID | 0x2A, + RC_NCEX_WAITING_TIMEOUT = SECURE_COMP_ID | 0x2B, // Reason codes 0xA0 - 0xEF reserved for trustedboot_reasoncodes.H }; diff --git a/src/include/usr/secureboot/service.H b/src/include/usr/secureboot/service.H index 3060e9225..33d2771bf 100644 --- a/src/include/usr/secureboot/service.H +++ b/src/include/usr/secureboot/service.H @@ -328,6 +328,12 @@ namespace SECUREBOOT void addSecureUserDetailsToErrlog(errlHndl_t & io_err, bool i_calledByRP = false); + /** + * @brief Log an informational error containing platform security + * configuration. + */ + void logPlatformSecurityConfiguration(void); + /* * @brief Determines if Attribute Overrides are Allowed * If Secureboot is enabled, check allowAttrOverrides setting; |