diff options
author | Mike Baiocchi <baiocchi@us.ibm.com> | 2013-06-11 14:30:01 -0500 |
---|---|---|
committer | A. Patrick Williams III <iawillia@us.ibm.com> | 2013-07-08 10:38:26 -0500 |
commit | 32526fcbef7d67fbb3d6ab23fc60181b834ed21d (patch) | |
tree | 72b5305fae334b9579e9f1a7d899fe8752bb9e1c /src/kernel | |
parent | e60a4810ddce203fd6a2cb5c3a3f1483fa18d6c4 (diff) | |
download | talos-hostboot-32526fcbef7d67fbb3d6ab23fc60181b834ed21d.tar.gz talos-hostboot-32526fcbef7d67fbb3d6ab23fc60181b834ed21d.zip |
Base Support for Secure ROM verification
This change adds the basic structure needed to call and
implement a verifcation of a signed container via the
loaded/initliaized Secure ROM device.
Change-Id: Ieada4eb0b557fc556cd12647a698bbfa16aba278
RTC:64764
Reviewed-on: http://gfw160.austin.ibm.com:8080/gerrit/4958
Tested-by: Jenkins Server
Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
Diffstat (limited to 'src/kernel')
-rw-r--r-- | src/kernel/exception.C | 50 |
1 files changed, 49 insertions, 1 deletions
diff --git a/src/kernel/exception.C b/src/kernel/exception.C index ac8638585..77499f03a 100644 --- a/src/kernel/exception.C +++ b/src/kernel/exception.C @@ -158,6 +158,12 @@ void kernel_execute_hype_emu_assist() TaskManager::endTask(t, NULL, TASK_STATUS_CRASHED); } +const uint32_t EXCEPTION_BRANCH_INSTR_MASK = 0xFC000000; +const uint32_t EXCEPTION_BRANCH_INSTR = 0x48000000; +const uint32_t EXCEPTION_MFSPR_CFAR_INSTR_MASK = 0xFC1FFFFE; +const uint32_t EXCEPTION_MFSPR_CFAR_INSTR = 0x7C1C02A6; +const uint32_t EXCEPTION_MFSPR_GFR_NAME_MASK = 0x03E00000; + namespace ExceptionHandles { bool PrivInstr(task_t* t) @@ -176,9 +182,51 @@ namespace ExceptionHandles { printk("Error: Nap executed with lowered permissions on %d\n", t->tid); - t->context.nip = static_cast<void*>(instruction + 1); + t->context.nip = reinterpret_cast<void *> ( + (reinterpret_cast<uint64_t>(t->context.nip)) + 4); return true; } + + + // Check for 'mfspr r*, CFAR' instructions (from MFSPR RT,SPR) + // and handle the setting of the specific r* register + if (( *instruction & EXCEPTION_MFSPR_CFAR_INSTR_MASK) + == EXCEPTION_MFSPR_CFAR_INSTR ) + { + + // check to make sure previous instruction was a branch + // if not, then we don't want to handle ths exception + uint32_t* previous_instr = + (reinterpret_cast<uint32_t*>(phys_addr)) - 1; + if ( (*previous_instr & EXCEPTION_BRANCH_INSTR_MASK) + == EXCEPTION_BRANCH_INSTR ) + { + uint32_t gpr_name = 0; + + // GPR register in bits 6:10 of mfspr instruction + gpr_name = (*instruction & EXCEPTION_MFSPR_GFR_NAME_MASK) + >> 21; + + // Move contents of previous instruction address to r* + t->context.gprs[gpr_name] = + (reinterpret_cast<uint64_t>(t->context.nip)) - 4; + + // move instruction stream to next instruction + t->context.nip = reinterpret_cast<void *> ( + (reinterpret_cast<uint64_t>(t->context.nip)) + 4); + + printkd("mfsr r%d to CFAR handled, nip=%p\n", + gpr_name, t->context.nip ); + + return true; + } + else + { + printk("Error: mfspr r* to CFAR found, but previous " + "inst not a branch\n"); + return false; + } + } } return false; |