diff options
author | Stephen Cprek <smcprek@us.ibm.com> | 2017-07-26 10:33:24 -0500 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-08-25 23:16:28 -0400 |
commit | cefc4c2c1bf3a43a993f2091813ee181779ddee4 (patch) | |
tree | f6b15a971c3207dbae3b1800f8555b55d5dd8ae7 /src/kernel | |
parent | b8f86e3a6bb4f491360dc3771854e36e903f8a71 (diff) | |
download | talos-hostboot-cefc4c2c1bf3a43a993f2091813ee181779ddee4.tar.gz talos-hostboot-cefc4c2c1bf3a43a993f2091813ee181779ddee4.zip |
Refactor SecureBoot Workarounds to better control leniency
At this time we are trying to secure OpenPOWER in secure mode,
but allow best effort policies in other scenarios
Change-Id: I9ec2b5be49dbfcff678c4d30bb85f8762e448cb6
RTC: 170136
RTC: 155374
RTC: 168021
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/43640
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/kernel')
-rw-r--r-- | src/kernel/bltohbdatamgr.C | 45 |
1 files changed, 30 insertions, 15 deletions
diff --git a/src/kernel/bltohbdatamgr.C b/src/kernel/bltohbdatamgr.C index 3d33715b2..e33fab6ef 100644 --- a/src/kernel/bltohbdatamgr.C +++ b/src/kernel/bltohbdatamgr.C @@ -44,15 +44,6 @@ bool BlToHbDataManager::iv_initialized = false; bool BlToHbDataManager::iv_dataValid = false; size_t BlToHbDataManager::iv_preservedSize = 0; -void BlToHbDataManager::validAssert() const -{ - if(!iv_dataValid) - { - printk("E> BlToHbDataManager is invalid, cannot access\n"); - kassert(iv_dataValid); - } -} - void BlToHbDataManager::print() const { if(iv_dataValid) @@ -269,13 +260,21 @@ const uint64_t BlToHbDataManager::getBranchtableOffset() const const void* BlToHbDataManager::getSecureRom() const { - validAssert(); + if(!iv_dataValid) + { + printk("E> BlToHbDataManager is invalid, cannot access SecureRom\n"); + crit_assert(iv_dataValid); + } return iv_data.secureRom; } const uint64_t BlToHbDataManager::getSecureRomAddr() const { - validAssert(); + if(!iv_dataValid) + { + printk("E> BlToHbDataManager is invalid, cannot access SecureRomAddr\n"); + crit_assert(iv_dataValid); + } return reinterpret_cast<uint64_t>(iv_data.secureRom); } @@ -286,13 +285,21 @@ const size_t BlToHbDataManager::getSecureRomSize() const const void* BlToHbDataManager::getHwKeysHash() const { - validAssert(); + if(!iv_dataValid) + { + printk("E> BlToHbDataManager is invalid, cannot access HwKeysHash\n"); + crit_assert(iv_dataValid); + } return iv_data.hwKeysHash; } const uint64_t BlToHbDataManager::getHwKeysHashAddr() const { - validAssert(); + if(!iv_dataValid) + { + printk("E> BlToHbDataManager is invalid, cannot access HwKeysHashAddr\n"); + crit_assert(iv_dataValid); + } return reinterpret_cast<uint64_t>(iv_data.hwKeysHash); } @@ -303,13 +310,21 @@ const size_t BlToHbDataManager::getHwKeysHashSize() const const void* BlToHbDataManager::getHbbHeader() const { - validAssert(); + if(!iv_dataValid) + { + printk("E> BlToHbDataManager is invalid, cannot access HbbHeader\n"); + crit_assert(iv_dataValid); + } return iv_data.hbbHeader; } const uint64_t BlToHbDataManager::getHbbHeaderAddr() const { - validAssert(); + if(!iv_dataValid) + { + printk("E> BlToHbDataManager is invalid, cannot access HbbHeaderAddr\n"); + crit_assert(iv_dataValid); + } return reinterpret_cast<uint64_t>(iv_data.hbbHeader); } |