summaryrefslogtreecommitdiffstats
path: root/src/usr/pnor/spnorrp.C
diff options
context:
space:
mode:
authorNick Bofferding <bofferdn@us.ibm.com>2017-10-20 21:13:34 -0500
committerWilliam G. Hoffa <wghoffa@us.ibm.com>2017-11-03 09:45:20 -0400
commit07d75753d59419ea6ba9ee3bd930e0aa8e7e7fd5 (patch)
tree78633da60312ff8cfd54807f787219036e976621 /src/usr/pnor/spnorrp.C
parent47f275a6bd3b2104a82d9786122afd6fe25f05de (diff)
downloadtalos-hostboot-07d75753d59419ea6ba9ee3bd930e0aa8e7e7fd5.tar.gz
talos-hostboot-07d75753d59419ea6ba9ee3bd930e0aa8e7e7fd5.zip
Secure Boot: Enforce PNOR section component IDs
- In secure mode, bootloader will enforce that HBB component ID is set - In secure mode, Hostboot will enforce that PNOR component IDs are set Change-Id: I04f3bbc45417b3229003c56e1083e1fc31c01cd7 RTC: 179422 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/48711 Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
Diffstat (limited to 'src/usr/pnor/spnorrp.C')
-rw-r--r--src/usr/pnor/spnorrp.C11
1 files changed, 11 insertions, 0 deletions
diff --git a/src/usr/pnor/spnorrp.C b/src/usr/pnor/spnorrp.C
index 78453f59c..1643215fd 100644
--- a/src/usr/pnor/spnorrp.C
+++ b/src/usr/pnor/spnorrp.C
@@ -465,6 +465,17 @@ uint64_t SPnorRP::verifySections(SectionId i_id,
failedVerify = true;
break;
}
+
+ auto const * const pPnorString = PNOR::SectionIdToString(i_id);
+ l_errhdl = SECUREBOOT::verifyComponent(l_conHdr,pPnorString);
+ if(l_errhdl)
+ {
+ TRACFCOMP(g_trac_pnor, ERR_MRK"SPnorrRP::verifySections: "
+ "Failed in call to SECUREBOOT::verifyComponent");
+ failedVerify = true;
+ break;
+ }
+
l_errhdl = miscSectionVerification(l_tempAddr, i_id);
if (l_errhdl)
{
OpenPOWER on IntegriCloud