diff options
author | Ilya Smirnov <ismirno@us.ibm.com> | 2018-02-27 13:22:03 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2018-03-12 14:27:28 -0400 |
commit | c82b626e6ea1d56c0d25cbd5954064e256135002 (patch) | |
tree | 7cc298f3a52c630881ff24398f993f1635035e36 /src/usr/pnor/pnor_utils.C | |
parent | e4a7de38d08d2ebb31dde21f3983791e2c2c4307 (diff) | |
download | talos-hostboot-c82b626e6ea1d56c0d25cbd5954064e256135002.tar.gz talos-hostboot-c82b626e6ea1d56c0d25cbd5954064e256135002.zip |
Check the Section Headers in Non-Secure Mode
When a PNOR section without a header is flashed onto a system that
doesn't have SECUREBOOT compiled in, no header checks are performed,
but the code still acts as if the header is present, and so the
virtual address of the section is set to point past the secure
header, which is 0x1000 into the section image, which causes all
kinds of issues. This change adds logic to check the headers even
when Secure Boot features are compiled out.
Change-Id: Ieece371014192f160273939a35cb175aef0ddb25
Resolves: #126
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/54831
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/pnor/pnor_utils.C')
-rw-r--r-- | src/usr/pnor/pnor_utils.C | 24 |
1 files changed, 1 insertions, 23 deletions
diff --git a/src/usr/pnor/pnor_utils.C b/src/usr/pnor/pnor_utils.C index 9e0753066..4fcad21c6 100644 --- a/src/usr/pnor/pnor_utils.C +++ b/src/usr/pnor/pnor_utils.C @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2011,2017 */ +/* Contributors Listed Below - COPYRIGHT 2011,2018 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -328,28 +328,6 @@ PNOR::parseEntries (ffs_hdr* i_ffs_hdr, #else io_TOC[secId].secure = false; #endif - - // If secureboot is compiled in, skip header if not a secure section - // Otherwise always skip header as the secure flag is always false and - // SpnorRp will not handle skipping the header if one is indicated in PNOR - if ( (io_TOC[secId].version & FFS_VERS_SHA512) - && !io_TOC[secId].secure) - { - //increment flash addr for sha header - if (io_TOC[secId].integrity == FFS_INTEG_ECC_PROTECT) - { - io_TOC[secId].flashAddr += PAGESIZE_PLUS_ECC ; - } - else - { - io_TOC[secId].flashAddr += PAGESIZE ; - } - - // now that we've skipped the header - // adjust the size to reflect that - io_TOC[secId].size -= PAGESIZE; - } - } // For TOC Entries #ifndef BOOTLOADER |