diff options
| author | Mike Baiocchi <mbaiocch@us.ibm.com> | 2017-07-01 01:43:12 -0500 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-08-09 13:47:00 -0400 |
| commit | 776d1086a7ed224c482d2da3c49b2c597b8776ab (patch) | |
| tree | 1da81d9f9edec18550b4bd69dcfd95140e741fa1 /src/usr/initservice/istepdispatcher | |
| parent | e676209189922c5105629a9785a25958ba0972a9 (diff) | |
| download | talos-hostboot-776d1086a7ed224c482d2da3c49b2c597b8776ab.tar.gz talos-hostboot-776d1086a7ed224c482d2da3c49b2c597b8776ab.zip | |
Secureboot: Inhibit attribute overrides and sync exposures
For Secureboot purposes, we don't consider the FSP a secure source. So
this commit inhibts attribute overrides and any sort of attribute syncing
from the FSP.
Change-Id: I941ab5083d3055bc29237839aaaf4b723a2b0e90
RTC:175071
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/42687
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/initservice/istepdispatcher')
| -rw-r--r-- | src/usr/initservice/istepdispatcher/istepdispatcher.C | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/src/usr/initservice/istepdispatcher/istepdispatcher.C b/src/usr/initservice/istepdispatcher/istepdispatcher.C index 5edf4f835..8c0db6bcb 100644 --- a/src/usr/initservice/istepdispatcher/istepdispatcher.C +++ b/src/usr/initservice/istepdispatcher/istepdispatcher.C @@ -331,7 +331,7 @@ void IStepDispatcher::init(errlHndl_t &io_rtaskRetErrl) l_attrOverridesExist = l_pTopLevelTarget-> getAttr<TARGETING::ATTR_PLCK_IPL_ATTR_OVERRIDES_EXIST>(); - if (l_attrOverridesExist) + if (l_attrOverridesExist && SECUREBOOT::allowAttrOverrides()) { fapi2::theAttrOverrideSync().getAttrOverridesFromFsp(); } @@ -343,7 +343,6 @@ void IStepDispatcher::init(errlHndl_t &io_rtaskRetErrl) } err = executeAllISteps(); - if(err) { TRACFCOMP(g_trac_initsvc, "ERROR: Failed executing all isteps," @@ -1744,7 +1743,7 @@ void IStepDispatcher::handleIStepRequestMsg(msg_t * & io_pMsg) uint8_t istep = ((io_pMsg->data[0] & 0x000000FF00000000) >> 32); uint8_t substep = (io_pMsg->data[0] & 0x00000000000000FF); - TRACFCOMP(g_trac_initsvc, ENTER_MRK"handleIstepRequestMsg: 0x%016x, istep: %d, substep: %d", + TRACFCOMP(g_trac_initsvc, ENTER_MRK"handleIStepRequestMsg: 0x%016x, istep: %d, substep: %d", io_pMsg->data[0], istep, substep); // Transfer ownership of the message pointer to iv_pIstepMsg because if the @@ -1813,7 +1812,7 @@ void IStepDispatcher::handleIStepRequestMsg(msg_t * & io_pMsg) // In istep mode we cannot do a reconfigure of any sort, so create // an error. - TRACFCOMP(g_trac_initsvc, ERR_MRK"handleIstepRequestMsg: IStep success and deconfigs, creating error"); + TRACFCOMP(g_trac_initsvc, ERR_MRK"handleIStepRequestMsg: IStep success and deconfigs, creating error"); err = failedDueToDeconfig(istep, substep, newIstep, newSubstep); } @@ -1840,14 +1839,14 @@ void IStepDispatcher::handleIStepRequestMsg(msg_t * & io_pMsg) if (io_pMsg == NULL) { // An IStep already responded to the message!! - TRACFCOMP(g_trac_initsvc, ERR_MRK"handleIstepRequestMsg: message response already sent!"); + TRACFCOMP(g_trac_initsvc, ERR_MRK"handleIStepRequestMsg: message response already sent!"); } else { if (msg_is_async(io_pMsg)) { // Unexpected - TRACFCOMP(g_trac_initsvc, ERR_MRK"handleIstepRequestMsg: async istep message!"); + TRACFCOMP(g_trac_initsvc, ERR_MRK"handleIStepRequestMsg: async istep message!"); } else { |
