diff options
| author | Ilya Smirnov <ismirno@us.ibm.com> | 2018-03-21 09:27:16 -0500 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2018-03-30 17:02:21 -0400 |
| commit | 713f7f024c4545362d304914f7979e0c5128f0b2 (patch) | |
| tree | f60be11976a8f8565fdfe6fa010cc534c6f8ca9f /src/usr/pnor | |
| parent | 711723bcb25f9462da10d70564826d78b61fcc3f (diff) | |
| download | talos-hostboot-713f7f024c4545362d304914f7979e0c5128f0b2.tar.gz talos-hostboot-713f7f024c4545362d304914f7979e0c5128f0b2.zip | |
Secure Boot: Close SBE Security Backdoor
During a key transition process from dev to prod keys the
lab override bit does not get unset and does not get customized
into SBE at the time of the transition. Only when the system
reaches istep 10.2 with prod keys does the bit get reset. This
change customizes the bit at the time of the transition, which
ensures the system is secure all the way through IPL with prod
keys.
Change-Id: I1343d2dd95aa4549b92e46ebcb9df142303c1f0b
RTC: 188958
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/56127
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/pnor')
| -rw-r--r-- | src/usr/pnor/spnorrp.C | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/usr/pnor/spnorrp.C b/src/usr/pnor/spnorrp.C index b55e3877d..dc32e06d6 100644 --- a/src/usr/pnor/spnorrp.C +++ b/src/usr/pnor/spnorrp.C @@ -1283,7 +1283,7 @@ errlHndl_t SPnorRP::processLabOverride( break; } - TRACFCOMP(g_trac_pnor,INFO_MRK "Set lab security override policy to %s.", + TRACFCOMP(g_trac_pnor,INFO_MRK "Set lab security override policy to \"%s\"", securityMode ? "*NO* override" : "override if requested"); } while(0); |
