Support DRTM RIT protection

- Added mailbox scratch register 7 definition
- Added DRTM functions
- Added set/clear security switch register functions
- Added additional security switch bit definitions
- Added secureboot extended library to host DRTM functions
- Inhibited TPM start command in DRTM flow
- Added new config options for DRTM and DRTM RIT protection
- Added new DRTM attribute to indicate if DRTM is active
- Added new DRTM attribute to hold DRTM payload address
- Added new DRTM attribute to initiate DRTM in lieu of loading payload
- Updated target service init to determine DRTM settings
- Updated host start payload step to initiate DRTM if conditions are met
- Updated host MPIPL service to verify DRTM payload and clean up DRTM HW state
- Updated host gard step to verify DRTM HW state
- Rerouted PCR extensions to PCR 17 in DRTM boot
- Use locality 2 for all PCR extensions in DRTM boot
- Inhibit extension logging (for now) in DRTM boot
- Only extend seperator to PCR 17 in DRTM boot

Change-Id: Id52c36c3a64ca002571396d605caa308d9dc0199
RTC: 157140
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35633
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>

2 files changed, 151 insertions, 0 deletions

diff --git a/src/usr/secureboot/base/service.C b/src/usr/secureboot/base/service.C
index a381c4fd2..54b7d7fb7 100644
--- a/src/usr/secureboot/base/service.C
+++ b/src/usr/secureboot/base/service.C
@@ -109,6 +109,22 @@ errlHndl_t getJumperState(SecureJumperState& o_state, TARGETING::Target* i_targ)
     return Singleton<Settings>::instance().getJumperState(o_state, i_targ);
 }
 
+errlHndl_t clearSecuritySwitchBits(
+    const std::vector<SECUREBOOT::ProcSecurity>& i_bits,
+          TARGETING::Target* const               i_pTarget)
+{
+    return Singleton<Settings>::instance().clearSecuritySwitchBits(
+        i_bits, i_pTarget);
+}
+
+errlHndl_t setSecuritySwitchBits(
+    const std::vector<SECUREBOOT::ProcSecurity>& i_bits,
+          TARGETING::Target* const               i_pTarget)
+{
+    return Singleton<Settings>::instance().setSecuritySwitchBits(
+        i_bits, i_pTarget);
+}
+
 void handleSecurebootFailure(errlHndl_t &io_err, bool i_waitForShutdown)
 {
     TRACFCOMP( g_trac_secure, ENTER_MRK"handleSecurebootFailure()");
diff --git a/src/usr/secureboot/base/settings.C b/src/usr/secureboot/base/settings.C
index bd8f129f0..83e5365e3 100644
--- a/src/usr/secureboot/base/settings.C
+++ b/src/usr/secureboot/base/settings.C
@@ -129,6 +129,141 @@ namespace SECUREBOOT
         return l_errl;
     }
 
+    errlHndl_t Settings::clearSecuritySwitchBits(
+        const std::vector<SECUREBOOT::ProcSecurity>& i_bits,
+              TARGETING::Target* const               i_pTarget) const
+    {
+        uint64_t bitsToClear = 0;
+        for(const auto &bit : i_bits)
+        {
+            bitsToClear |= static_cast<uint64_t>(bit);
+        }
+
+        auto pError = writeSecurityRegister(
+            i_pTarget,
+            static_cast<uint64_t>(ProcSecurity::SwitchRegisterClear),
+            bitsToClear);
+
+        if(pError)
+        {
+            SB_ERR("clearSecuritySwitchBits: writeSecurityRegister "
+                "(SwitchRegisterClear) failed. Target HUID = 0x%08X, data = "
+                "0x%016llX.",
+                get_huid(i_pTarget),bitsToClear);
+            SB_ERR("clearSecuritySwitchBits: plid=0x%08X, eid=0x%08X, "
+                "reason=0x%04X",
+                ERRL_GETPLID_SAFE(pError),
+                ERRL_GETEID_SAFE(pError),
+                ERRL_GETRC_SAFE(pError));
+        }
+
+        return pError;
+    }
+
+    errlHndl_t Settings::setSecuritySwitchBits(
+        const std::vector<SECUREBOOT::ProcSecurity>& i_bits,
+              TARGETING::Target* const               i_pTarget) const
+    {
+        uint64_t bitsToSet = 0;
+        for(const auto &bit : i_bits)
+        {
+            bitsToSet |= static_cast<uint64_t>(bit);
+        }
+
+        auto pError = writeSecurityRegister(
+            i_pTarget,
+            static_cast<uint64_t>(ProcSecurity::SwitchRegister),
+            bitsToSet);
+
+        if(pError)
+        {
+            SB_ERR("setSecuritySwitchBits: writeSecurityRegister "
+                "(SwitchRegister) failed. Target HUID = 0x%08X, data = "
+                "0x%016llX.",
+                get_huid(i_pTarget),bitsToSet);
+            SB_ERR("setSecuritySwitchBits: plid=0x%08X, eid=0x%08X, "
+                "reason=0x%04X",
+                ERRL_GETPLID_SAFE(pError),
+                ERRL_GETEID_SAFE(pError),
+                ERRL_GETRC_SAFE(pError));
+        }
+
+        return pError;
+    }
+
+    errlHndl_t Settings::writeSecurityRegister(
+              TARGETING::Target* const i_pTarget,
+        const uint64_t                 i_scomAddress,
+        const uint64_t                 i_data) const
+    {
+        errlHndl_t pError = nullptr;
+
+        do
+        {
+
+        // Target must be the sentinel or some other non-NULL proc value
+        if (   (i_pTarget != TARGETING::MASTER_PROCESSOR_CHIP_TARGET_SENTINEL)
+            && (   (i_pTarget == nullptr)
+                || (   (i_pTarget->getAttr<TARGETING::ATTR_TYPE>())
+                    != (TARGETING::TYPE_PROC) ) ) )
+        {
+            SB_ERR("writeSecurityRegister: Caller invoked API with bad target; "
+                "Target HUID = 0x%08X.",get_huid(i_pTarget));
+            /*@
+             * @errortype
+             * @severity   ERRL_SEV_UNRECOVERABLE
+             * @moduleid   SECUREBOOT::MOD_SECURE_WRITE_REG
+             * @reasoncode SECUREBOOT::RC_SECURE_BAD_TARGET
+             * @userdata1  Target pointer value
+             * @userdata2  Target's HUID or 0 if NULL target pointer
+             * @devdesc    Invalid target used to write security
+             *             register.
+             * @custdesc   Unexpected internal firmware error.
+             */
+            pError = new ERRORLOG::ErrlEntry(
+                ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+                SECUREBOOT::MOD_SECURE_WRITE_REG,
+                SECUREBOOT::RC_SECURE_BAD_TARGET,
+                reinterpret_cast<uint64_t>(i_pTarget),
+                TO_UINT64(get_huid(i_pTarget)),
+                true);
+            pError->collectTrace(SECURE_COMP_NAME, ERROR_TRACE_SIZE);
+            break;
+        }
+
+        // Write security switch settings to processor
+        const size_t expSize = sizeof(i_data);
+        size_t actSize = expSize;
+        pError = deviceWrite(
+            i_pTarget,
+            const_cast<uint64_t*>(&i_data), actSize,
+            DEVICE_SCOM_ADDRESS(i_scomAddress));
+        if (nullptr != pError)
+        {
+            SB_ERR("writeSecurityRegister: deviceWrite failed; target HUID = "
+                "0x%08X, SCOM addr = 0x%016llX, data = 0x%016llX.",
+                get_huid(i_pTarget),i_scomAddress,i_data);
+            break;
+        }
+
+        assert(actSize == expSize,
+            "writeSecurityRegister: BUG! size returned from device write (%d) "
+            "is not the expected size of %d",actSize,expSize);
+
+        } while(0);
+
+        if(pError)
+        {
+            SB_ERR("writeSecurityRegister: plid=0x%08X, eid=0x%08X, "
+                "reason=0x%04X",
+                ERRL_GETPLID_SAFE(pError),
+                ERRL_GETEID_SAFE(pError),
+                ERRL_GETRC_SAFE(pError));
+        }
+
+        return pError;
+    }
+
     errlHndl_t Settings::readSecurityRegister(Target* i_targ,
                                             const uint64_t i_scomAddress,
                                             uint64_t& o_regValue) const