diff options
| author | Stephen Cprek <smcprek@us.ibm.com> | 2017-03-28 11:29:51 -0500 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-04-10 17:54:17 -0400 |
| commit | b35084be0a0315dfedeeebab55eaf37345e637f1 (patch) | |
| tree | ad10299c4f29704a70a033a3265b4ce0c3bc0a74 /src/usr/pnor | |
| parent | a7bf050d4ddba121d7502939fc0c4ce517ef8e42 (diff) | |
| download | talos-hostboot-b35084be0a0315dfedeeebab55eaf37345e637f1.tar.gz talos-hostboot-b35084be0a0315dfedeeebab55eaf37345e637f1.zip | |
Port SBKT signing and secure loading
Change-Id: I3817cbf8eb25bc83d538d9eb6ea4c5e801603f74
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/38543
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/pnor')
| -rw-r--r-- | src/usr/pnor/spnorrp.C | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/src/usr/pnor/spnorrp.C b/src/usr/pnor/spnorrp.C index c17d493ef..cd59cf26d 100644 --- a/src/usr/pnor/spnorrp.C +++ b/src/usr/pnor/spnorrp.C @@ -376,7 +376,6 @@ uint64_t SPnorRP::verifySections(SectionId i_id, LoadRecord* o_rec) failedVerify = true; break; } - l_errhdl = miscSectionVerification(l_tempAddr, i_id); if (l_errhdl) { @@ -711,7 +710,8 @@ errlHndl_t PNOR::loadSecureSection(const SectionId i_section) msg->data[0] = static_cast<uint64_t>(i_section); int rc = msg_sendrecv(spnorQ, msg); - TRACFCOMP(g_trac_pnor, "loadSecureSection i_section = %i",i_section); + TRACFCOMP(g_trac_pnor, "loadSecureSection i_section = %i (%s)", + i_section,PNOR::SectionIdToString(i_section)); // TODO securebootp9 - Need to be able to receive an error from the // message handler. Also, message handler should police whether the request @@ -772,26 +772,28 @@ errlHndl_t SPnorRP::miscSectionVerification(const uint8_t *i_vaddr, errlHndl_t l_errl = NULL; assert(i_vaddr != NULL); - TRACFCOMP(g_trac_pnor, "SPnorRP::miscSectionVerification section=%d", i_secId); + TRACFCOMP(g_trac_pnor, "SPnorRP::miscSectionVerification section=%d (%s)", + i_secId,PNOR::SectionIdToString(i_secId)); -// TODO securebootp9 - remove the following #if 0 and address issues -#if 0 // Do any additional verification needed for a specific PNOR section switch (i_secId) { + // TODO securebootp9 - remove the following #if 0 and address issues + #if 0 case HB_EXT_CODE: // Compare HBB and HBI versions. Pass the vaddr of HBI's hash page // table by skipping past the container header. l_errl = baseExtVersCheck((i_vaddr + PAGESIZE)); break; + #endif case SBKT: - // Ensure the outer container of the SBKT partition has a valid key - // transition container + // Ensure the nested container of the SBKT partition has a valid key + // transition container and that the outer containers' key + // transition bit is set l_errl = keyTransitionCheck((i_vaddr)); break; default: break; } -#endif return l_errl; } |
