diff options
author | Stephen Cprek <smcprek@us.ibm.com> | 2017-11-20 16:56:44 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-12-18 17:27:59 -0500 |
commit | 9ae6e9595f9773d295b7e3ade47088f554c1ed48 (patch) | |
tree | f33427b681154991423fb9faad3476bf4aa17ff4 /src/usr/pnor/runtime | |
parent | 8392e4f606607e505bb99de2a8d229ae69be5efe (diff) | |
download | talos-hostboot-9ae6e9595f9773d295b7e3ade47088f554c1ed48.tar.gz talos-hostboot-9ae6e9595f9773d295b7e3ade47088f554c1ed48.zip |
Remove Secure Boot workarounds
- Removing the magic number checks that would block sb functionality
if things didn't appear secure
- Remove Best Effort Policy and all of its related code
- Remove the legacy PCR extension
- Remove the non-secure header preservation path.
- Always load HB base image header from the bl to hb data path
vs settings unsecurely out of pnor
Change-Id: Ie638384ac50ed47850985c959ea7a32e5757d64e
RTC: 178520
RTC: 155374
RTC: 173489
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/49925
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/pnor/runtime')
-rw-r--r-- | src/usr/pnor/runtime/rt_pnor.C | 20 | ||||
-rw-r--r-- | src/usr/pnor/runtime/rt_pnor.H | 17 |
2 files changed, 3 insertions, 34 deletions
diff --git a/src/usr/pnor/runtime/rt_pnor.C b/src/usr/pnor/runtime/rt_pnor.C index 16707f774..276691003 100644 --- a/src/usr/pnor/runtime/rt_pnor.C +++ b/src/usr/pnor/runtime/rt_pnor.C @@ -86,24 +86,6 @@ errlHndl_t PNOR::clearSection(PNOR::SectionId i_section) return Singleton<RtPnor>::instance().clearSection(i_section); } -// @TODO RTC 173489 -// Remove API once FSP fully supports signing of PNOR sections that did not -// previously have a sha512 header -errlHndl_t PNOR::readHeaderMagic( - const PNOR::SectionId i_secId, - const PNOR::SectionData_t& i_TOC, - const size_t i_size, - void* const o_pData) -{ - errlHndl_t pError = RtPnor::readFromDevice (RtPnor::iv_masterProcId, - i_secId, - 0, - i_size, - false, - o_pData); - return pError; -} - void PNOR::getPnorInfo( PnorInfo_t& o_pnorInfo ) { o_pnorInfo.mmioOffset = LPC_SFC_MMIO_OFFSET | LPC_FW_SPACE; @@ -409,7 +391,7 @@ errlHndl_t RtPnor::readFromDevice (uint64_t i_procId, uint64_t i_offset, size_t i_size, bool i_ecc, - void* o_data) + void* o_data) const { TRACFCOMP(g_trac_pnor, ENTER_MRK"RtPnor::readFromDevice: i_offset=0x%X, " "i_procId=%d sec=%d size=0x%X ecc=%d", i_offset, i_procId, i_section, diff --git a/src/usr/pnor/runtime/rt_pnor.H b/src/usr/pnor/runtime/rt_pnor.H index b2433a19f..ab612bebd 100644 --- a/src/usr/pnor/runtime/rt_pnor.H +++ b/src/usr/pnor/runtime/rt_pnor.H @@ -131,25 +131,12 @@ class RtPnor * * @return Error from device */ - // @TODO RTC 173489 - // Remove static once FSP fully supports signing of PNOR sections that - // did not previously have a sha512 header. Also add the const method - // qualifier back in - static errlHndl_t readFromDevice (uint64_t i_procId, + errlHndl_t readFromDevice (uint64_t i_procId, PNOR::SectionId i_section, uint64_t i_offset, size_t i_size, bool i_ecc, - void* o_data); - - // @TODO RTC 173489 - // Remove API once FSP fully supports signing of PNOR sections that did - // not previously have a sha512 header - friend errlHndl_t PNOR::readHeaderMagic( - PNOR::SectionId i_secId, - const PNOR::SectionData_t& i_TOC, - size_t i_size, - void* const o_pData); + void* o_data) const; /** * @brief Write data back to the PNOR device |