diff options
author | Stephen Cprek <smcprek@us.ibm.com> | 2017-04-20 16:55:27 -0500 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-04-28 15:42:23 -0400 |
commit | e53a2e5cd5b152d6e565f56867f1f8cd435e7556 (patch) | |
tree | 9586a89a945da5b2f684688a9a421dadb494ee8b /src/usr/pnor/pnor_common.C | |
parent | f30075299ce2c078705192b1835b70eff4f08fc1 (diff) | |
download | talos-hostboot-e53a2e5cd5b152d6e565f56867f1f8cd435e7556.tar.gz talos-hostboot-e53a2e5cd5b152d6e565f56867f1f8cd435e7556.zip |
Implement Best Effort Secureboot Policy for Hostboot Runtime
Optimized getting the master proc id in rt_pnor
Change-Id: Iab5c194553dddfbb642cfc9dec6398a93ab56d4a
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/39520
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/pnor/pnor_common.C')
-rw-r--r-- | src/usr/pnor/pnor_common.C | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/usr/pnor/pnor_common.C b/src/usr/pnor/pnor_common.C index e6e7bd2a1..b3bc54c35 100644 --- a/src/usr/pnor/pnor_common.C +++ b/src/usr/pnor/pnor_common.C @@ -388,6 +388,7 @@ bool PNOR::isInhibitedSection(const uint32_t i_section) #endif } +// @TODO RTC:155374 Remove this in the future errlHndl_t PNOR::setSecure(const uint32_t i_secId, PNOR::SectionData_t* io_TOC) { @@ -407,9 +408,9 @@ errlHndl_t PNOR::setSecure(const uint32_t i_secId, // Apply best effort policy by checking if the section appears to have a // secure header size_t l_size = sizeof(ROM_MAGIC_NUMBER); - auto l_buf = new uint8_t[l_size](); + uint8_t l_buf[l_size] = {0}; auto l_target = TARGETING::MASTER_PROCESSOR_CHIP_TARGET_SENTINEL; - // Read first 8 bytes of section data from the PNOR DD + // Read first 4 bytes of section data from the PNOR DD // Note: Do not need to worry about ECC as the 9th byte is the first // ECC byte. l_errhdl = DeviceFW::deviceRead(l_target, l_buf, l_size, @@ -419,7 +420,7 @@ errlHndl_t PNOR::setSecure(const uint32_t i_secId, break; } - // Check if first 8 bytes match the Secureboot Magic Number + // Check if first 4 bytes match the Secureboot Magic Number io_TOC[i_secId].secure &= PNOR::cmpSecurebootMagicNumber(l_buf); } #endif |