diff options
| author | Nick Bofferding <bofferdn@us.ibm.com> | 2018-06-27 17:09:43 -0500 |
|---|---|---|
| committer | William G. Hoffa <wghoffa@us.ibm.com> | 2018-06-29 12:04:57 -0400 |
| commit | b37f41b2c08cf48413acbaef5f914ea43c89e427 (patch) | |
| tree | dbd8b3ff4934fe8e566a11f400f29ae7dac5d4b6 /src/usr/runtime | |
| parent | fc087d0b82682431317f199bdbcda0fa0ffb2aac (diff) | |
| download | talos-hostboot-b37f41b2c08cf48413acbaef5f914ea43c89e427.tar.gz talos-hostboot-b37f41b2c08cf48413acbaef5f914ea43c89e427.zip | |
Secure Boot: Copy PHyp secure header into standard reserved memory area
This change alters where Hostboot copies the Phyp secure header; instead
of placing it in front of PHYP (PHyp HRMOR-4k), it instead redirects it to the
standard reserved memory area. By doing this, we prevent it from
unintentionally ending up in mirrored memory.
Change-Id: I0b228b4a748310eba2b580efe2f191adca0d05e3
CQ: SW435712
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/61525
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
Diffstat (limited to 'src/usr/runtime')
| -rw-r--r-- | src/usr/runtime/populate_hbruntime.C | 5 | ||||
| -rw-r--r-- | src/usr/runtime/preverifiedlidmgr.C | 64 |
2 files changed, 43 insertions, 26 deletions
diff --git a/src/usr/runtime/populate_hbruntime.C b/src/usr/runtime/populate_hbruntime.C index 42f3fc50b..4d26bce26 100644 --- a/src/usr/runtime/populate_hbruntime.C +++ b/src/usr/runtime/populate_hbruntime.C @@ -92,9 +92,8 @@ const uint8_t BITS_PER_BYTE = 8; const uint8_t HDAT_INVALID_NODE = 0xFF; // The upper limit of the hostboot reserved memory. Only applies to PHYP. -// The lower limit is Hostboot HRMOR + 64MB; 4KB is the PHYP component's -// secure header. -const uint64_t HB_RES_MEM_UPPER_LIMIT = 256*MEGABYTE - 4*KILOBYTE; +// The lower limit is Hostboot HRMOR + 64MB; +const uint64_t HB_RES_MEM_UPPER_LIMIT = 256*MEGABYTE; // The lower limit of the hostboot reserved memory. Do not allow to reserve // any memory below this limit. diff --git a/src/usr/runtime/preverifiedlidmgr.C b/src/usr/runtime/preverifiedlidmgr.C index 2362e1fc0..95d122fee 100644 --- a/src/usr/runtime/preverifiedlidmgr.C +++ b/src/usr/runtime/preverifiedlidmgr.C @@ -39,6 +39,7 @@ #include <secureboot/containerheader.H> #include <runtime/common/runtime_utils.H> #include <runtime/runtime_reasoncodes.H> +#include <util/utilmclmgr.H> extern trace_desc_t *g_trac_runtime; @@ -81,17 +82,22 @@ errlHndl_t PreVerifiedLidMgr::loadFromPnor(const PNOR::SectionId i_sec, i_size); } -errlHndl_t PreVerifiedLidMgr::loadFromMCL(const uint32_t i_lidId, - const uint64_t i_addr, - const size_t i_size, - const bool i_isPhypComp, - uint64_t &o_resvMemAddr) +errlHndl_t PreVerifiedLidMgr::loadFromMCL( + const uint32_t i_lidId, + const uint64_t i_addr, + const size_t i_size, + const bool i_isPhypComp, + const bool i_firstLid, + uint64_t& o_resvMemAddr) { - return Singleton<PreVerifiedLidMgr>::instance()._loadFromMCL(i_lidId, - i_addr, - i_size, - i_isPhypComp, - o_resvMemAddr); + return Singleton<PreVerifiedLidMgr>::instance(). + _loadFromMCL( + i_lidId, + i_addr, + i_size, + i_isPhypComp, + i_firstLid, + o_resvMemAddr); } /******************** @@ -113,15 +119,15 @@ void PreVerifiedLidMgr::_initLock(const uint64_t i_prevAddr, // PHYP Reserved Memory Information cv_phypResvMemInfo.rangeId = i_rangeId; - // PHYP lids loaded at HRMOR - 4K (Header) + // PHYP lids loaded at HRMOR // Get Target Service, and the system target. TARGETING::Target* l_sys = nullptr; TARGETING::targetService().getTopLevelTarget(l_sys); assert(l_sys!=nullptr,"Top Level Target is nullptr"); cv_phypResvMemInfo.curAddr = (l_sys->getAttr<TARGETING::ATTR_PAYLOAD_BASE>() - * MEGABYTE) - PAGE_SIZE; + * MEGABYTE); - // PHYP should be placed starting exactly at HRMOR - 4K, so make prevSize 0 + // PHYP should be placed starting exactly at HRMOR, so make prevSize 0 cv_phypResvMemInfo.prevSize = 0; // Refer to default reserved memory @@ -342,11 +348,13 @@ errlHndl_t PreVerifiedLidMgr::_loadFromPnor(const PNOR::SectionId i_sec, return l_errl; } -errlHndl_t PreVerifiedLidMgr::_loadFromMCL(const uint32_t i_lidId, - const uint64_t i_addr, - const size_t i_size, - const bool i_isPhypComp, - uint64_t &o_resvMemAddr) +errlHndl_t PreVerifiedLidMgr::_loadFromMCL( + const uint32_t i_lidId, + const uint64_t i_addr, + const size_t i_size, + const bool i_isPhypComp, + const bool i_firstLid, + uint64_t& o_resvMemAddr) { mutex_lock(&cv_loadImageMutex); @@ -359,7 +367,8 @@ errlHndl_t PreVerifiedLidMgr::_loadFromMCL(const uint32_t i_lidId, errlHndl_t l_errl = nullptr; // Switch to Different Memory Info for PHYP component - if (i_isPhypComp) + // Exception: put the PHyp signature LID in the normal reserved memory area + if (i_isPhypComp && !i_firstLid) { cv_pResvMemInfo = &cv_phypResvMemInfo; } @@ -402,16 +411,25 @@ errlHndl_t PreVerifiedLidMgr::_loadFromMCL(const uint32_t i_lidId, // Phyp component has already been loaded and verified before MCL mgr // Simply update HB reserved prev size in Phyp component case - if (i_isPhypComp) + // Special case: If it's the PHyp signature LID, handle below + if (i_isPhypComp && !i_firstLid) { - // align previous size to page size to ensure starting addresses are - // page aligned. + // align previous size to page size to ensure starting addresses + // are page aligned. cv_pResvMemInfo->prevSize = ALIGN_PAGE(i_size); } else { // Load image into HB reserved memory - l_errl = loadImage(i_addr, i_size); + // Special case: If it's the PHyp signature LID, pull the + // data from the cached PHyp header, instead of the + // scratch area + uint64_t addr = (i_isPhypComp && i_firstLid) ? + reinterpret_cast<uint64_t>( + const_cast<uint8_t*>( + ::MCL::MasterContainerLidMgr::getPhypHeader())) + : i_addr; + l_errl = loadImage(addr, i_size); if(l_errl) { TRACFCOMP( g_trac_runtime, ERR_MRK"PreVerifiedLidMgr::_loadFromMCL - Load Image failed"); |
