diff options
author | Ilya Smirnov <ismirno@us.ibm.com> | 2018-02-27 13:22:03 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2018-03-12 14:27:28 -0400 |
commit | c82b626e6ea1d56c0d25cbd5954064e256135002 (patch) | |
tree | 7cc298f3a52c630881ff24398f993f1635035e36 /src/usr/pnor/runtime/rt_pnor.C | |
parent | e4a7de38d08d2ebb31dde21f3983791e2c2c4307 (diff) | |
download | talos-hostboot-c82b626e6ea1d56c0d25cbd5954064e256135002.tar.gz talos-hostboot-c82b626e6ea1d56c0d25cbd5954064e256135002.zip |
Check the Section Headers in Non-Secure Mode
When a PNOR section without a header is flashed onto a system that
doesn't have SECUREBOOT compiled in, no header checks are performed,
but the code still acts as if the header is present, and so the
virtual address of the section is set to point past the secure
header, which is 0x1000 into the section image, which causes all
kinds of issues. This change adds logic to check the headers even
when Secure Boot features are compiled out.
Change-Id: Ieece371014192f160273939a35cb175aef0ddb25
Resolves: #126
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/54831
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/pnor/runtime/rt_pnor.C')
-rw-r--r-- | src/usr/pnor/runtime/rt_pnor.C | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/usr/pnor/runtime/rt_pnor.C b/src/usr/pnor/runtime/rt_pnor.C index 47accc8d0..9d61e304e 100644 --- a/src/usr/pnor/runtime/rt_pnor.C +++ b/src/usr/pnor/runtime/rt_pnor.C @@ -261,6 +261,13 @@ errlHndl_t RtPnor::getSectionInfo(PNOR::SectionId i_section, o_info.sha512perEC = (iv_TOC[i_section].version & FFS_VERS_SHA512_PER_EC) ? true : false; o_info.secure = iv_TOC[i_section].secure; +#ifndef CONFIG_SECUREBOOT + if(iv_TOC[i_section].version & FFS_VERS_SHA512) + { + o_info.size -= PAGESIZE; + o_info.vaddr += PAGESIZE; + } +#endif } while (0); TRACFCOMP(g_trac_pnor, EXIT_MRK"RtPnor::getSectionInfo %d", i_section); |