Secureboot: Base Support of Opening/Closing Memory Regions via SBE

This commit provides the base support of Opening and Closing Unsecure
Memory Regions via PSU commands to the SBE.  It introduces external
interfaces, a Memory Region Manager class, and a testcase that
covers the expected use of the interfaces.  However, it does not
enable the actual PSU commands to the SBE since their support
is not yet available.

Change-Id: I086011fcbd485abf2db574a82d43cfdea120ffc8
RTC:145686
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/42834
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>

3 files changed, 110 insertions, 2 deletions

diff --git a/src/include/usr/sbeio/sbe_psudd.H b/src/include/usr/sbeio/sbe_psudd.H
index e03aa5552..cd8b08050 100644
--- a/src/include/usr/sbeio/sbe_psudd.H
+++ b/src/include/usr/sbeio/sbe_psudd.H
@@ -68,9 +68,10 @@ class SbePsu
         // BYTE 6 options
         enum psuCommandClass
         {
-            SBE_PSU_CLASS_UNKNOWN      = 0,
-            SBE_PSU_CLASS_CORE_STATE   = 0xD1,
+            SBE_PSU_CLASS_UNKNOWN           = 0,
+            SBE_PSU_CLASS_CORE_STATE        = 0xD1,
             SBE_PSU_PUT_RING_FROM_IMAGE_CMD = 0xD3,
+            SBE_PSU_CLASS_SECURITY_CONTROL  = 0xD6,
             SBE_PSU_GENERIC_MESSAGE         = 0xD7
         };
 
@@ -107,6 +108,15 @@ class SbePsu
         };
 
         /**
+        * @brief enums for SBE Security Control commands
+        */
+        //BYTE 7 options
+        enum psuSecurityContolCommands
+        {
+            SBE_PSU_SET_UNSECURE_MEMORY_REGION_CMD  = 0x01,
+        };
+
+        /**
          * @brief enums for SBE core state control flags
          */
         //BYTE 2  & 3, Control Flags
@@ -129,6 +139,21 @@ class SbePsu
         };
 
         /**
+        * @brief enums for SBE Set Unsecure Memory Region control flags
+        */
+        //BYTE 2  & 3, Control Flags
+        enum psuSetUnsecureMemoryRegionControlFlags
+        {
+            SBE_MEM_REGION_OPEN_READ_ONLY   = 0x0011,
+            SBE_MEM_REGION_OPEN_READ_WRITE  = 0x0012,
+            SBE_MEM_REGION_CLOSE            = 0x0020,
+
+            // Re-use SBE_REQUIRE_RESPONSE and SBE_REQUIRE_ACK from above
+            SBE_MEM_REGION_RESPONSE_REQUIRED = SBE_REQUIRE_RESPONSE,
+            SBE_MEM_REGION_ACK_REQUIRED      = SBE_REQUIRE_ACK,
+        };
+
+        /**
          * @brief non reserved word enums
          *
          * Shows which of the request and response msg registers are
@@ -227,6 +252,26 @@ class SbePsu
         };
 
         /**
+        * @brief non reserved word enums
+        *
+        * Shows which of the request and response msg registers are
+        * not reserved. Reserved registers do not need to be written
+        * or read.
+        *
+        * This is a 4 bit field:
+        * 0x1 - Reg 0 is non-reserved (read or write this reg)
+        * 0x2 - Reg 1 is non-reserved (read or write this reg)
+        * 0x4 - Reg 2 is non-reserved (read or write this reg)
+        * 0x8 - Reg 3 is non-reserved (read or write this reg)
+        */
+        enum psuSetUnsecureMemoryRegionNonReservedMsgs
+        {
+            SBE_MEM_REGION_REQ_USED_REGS  = 0x07,
+            SBE_MEM_REGION_RSP_USED_REGS  = 0x01,
+        };
+
+
+        /**
          * @brief Struct for PSU command message format
          *
          */
@@ -341,6 +386,19 @@ class SbePsu
                 uint64_t cd7_stashKeyAddr_MbxReg3Reserved;  //Mbx Reg 3
             } PACKED;
 
+            struct //setUnsecureMemoryRegion
+            {
+                uint16_t cd6_memRegion_Reserved;        //Mbx Reg 0
+                uint16_t cd6_memRegion_ControlFlags;    //Mbx Reg 0
+                uint16_t cd6_memRegion_SeqID;           //Mbx Reg 0
+                uint8_t  cd6_memRegion_CommandClass;    //Mbx Reg 0
+                uint8_t  cd6_memRegion_Command;         //Mbx Reg 0
+                uint32_t cd6_memRegion_MbxReg1reserved; //Mbx Reg 1
+                uint32_t cd6_memRegion_Size;            //Mbx Reg 1
+                uint64_t cd6_memRegion_Start_Addr;      //Mbx Reg 2
+                uint64_t cd6_memRegion_MbxReg3reserved; //Mbx Reg 3
+            } PACKED;
+
             struct //setFFDCAddress
             {
                 uint16_t cd7_setFFDCAddr_Reserved;
@@ -496,6 +554,8 @@ class SbePsu
             SBE_SEC_INSUFFICIENT_DATA_PASSED          = 0x0E,
             SBE_SEC_EXCESS_DATA_PASSED                = 0x0F,
             SBE_SEC_SBE_BUSY_TO_HANDLE_COMMAND        = 0x10,
+            SBE_SEC_MEM_REGION_NOT_FOUND              = 0x11,
+            SBE_SEC_EXCEEDED_MAX_NUM_MEM_REGIONS      = 0x12,
         };
 
         enum SBE_TARGET_TYPES {
diff --git a/src/include/usr/sbeio/sbeioif.H b/src/include/usr/sbeio/sbeioif.H
index d34bfbcf2..fc3fb347b 100644
--- a/src/include/usr/sbeio/sbeioif.H
+++ b/src/include/usr/sbeio/sbeioif.H
@@ -176,6 +176,50 @@ namespace SBEIO
                                const uint64_t i_sbeCommAddr,
                                TARGETING::Target * i_procChip);
 
+    /**
+     * @brief Open Unsecure Memory Region via the SBE
+     *
+     * @param[in] i_start_addr  Starting Physical Memory Address of the
+     *                          Unsecure Memory Region to Open
+     *
+     * @param[in] i_size        Size in bytes of the Unsecure Memory Region
+     *
+     * @param[in] i_isWritable  Specifies if the Unsecure Memory is Read-Only
+     *                          or Read-Write: If false then Read-only Region
+     *                                         If true then Read-Write Region
+     *
+     * @return errlHndl_t Error log handle on failure.
+     *
+     * @note  Function is not thread-safe.
+     * @note  Read-Only/Read-Write settings are not considered when closing any
+     *        existing regions that overlap with the requested region to open.
+     */
+    errlHndl_t openUnsecureMemRegion(const uint64_t i_start_addr,
+                                     const uint32_t i_size,
+                                     const bool     i_isWritable);
+
+    /**
+     * @brief Close Unsecure Memory Region
+     *
+     * @param[in] i_start_addr  Starting Physical Memory Address of the
+     *                          Unsecure Memory Region to Close
+     *
+     * @return errlHndl_t Error log handle on failure.
+     *
+     * @note  Function is not thread-safe.
+     */
+    errlHndl_t closeUnsecureMemRegion(const uint64_t i_start_addr);
+
+
+    /**
+     * @brief Close All Unsecure Memory Regions
+     *
+     * @return errlHndl_t Error log handle on failure.
+     *
+     * @note  Function is not thread-safe.
+     */
+    errlHndl_t closeAllUnsecureMemRegions();
+
 } //end namespace SBEIO
 
 #endif /* _SBEIOIF_H */
diff --git a/src/include/usr/sbeio/sbeioreasoncodes.H b/src/include/usr/sbeio/sbeioreasoncodes.H
index d7eb94ac8..43c33395e 100644
--- a/src/include/usr/sbeio/sbeioreasoncodes.H
+++ b/src/include/usr/sbeio/sbeioreasoncodes.H
@@ -48,6 +48,7 @@ enum sbeioModuleId
     SBEIO_FFDC_PARSER                   = 0x03,
     SBEIO_FIFO_CONTINUE_MPIPL           = 0x04,
     SBEIO_RUNTIME                       = 0x05,
+    SBEIO_MEM_REGION                    = 0x06,
 };
 
 /**
@@ -99,6 +100,9 @@ enum sbeioReasonCode
     SBEIO_RT_NO_INTERFACE_POINTER      = SBEIO_COMP_ID | 0x3A,
     SBEIO_RT_NO_INTERFACE_FUNCTION     = SBEIO_COMP_ID | 0x3B,
 
+    // SBE Unsecure Memory Region error codes
+    SBEIO_MEM_REGION_DOES_NOT_EXIST    = SBEIO_COMP_ID | 0x50,
+
     // Remove once we collect the FFDC ourselves - @todo-RTC:144313
     //termination_rc
     SBEIO_HWSV_COLLECT_SBE_RC          = SBEIO_COMP_ID | 0xFF,