Generalize secure boot settings for all processors

Adds the ability to specify which processor target user code is
interested in when querying secure boot settings.

Change-Id: I0375af03ce8f4e33029736ff2e2d60416629a295
RTC:161916
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/32556
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>

4 files changed, 134 insertions, 34 deletions

diff --git a/src/usr/secureboot/base/makefile b/src/usr/secureboot/base/makefile
index e2b143978..a2de4cdb3 100644
--- a/src/usr/secureboot/base/makefile
+++ b/src/usr/secureboot/base/makefile
@@ -5,7 +5,7 @@
 #
 # OpenPOWER HostBoot Project
 #
-# Contributors Listed Below - COPYRIGHT 2013,2016
+# Contributors Listed Below - COPYRIGHT 2013,2017
 # [+] International Business Machines Corp.
 #
 #
@@ -36,6 +36,10 @@ OBJS += trustedboot_base.o
 OBJS += $(if $(CONFIG_TPMDD),trustedbootMsg.o,)
 OBJS += containerheader.o
 OBJS += ${SECUREBOOT_COMMON_OBJS}
+OBJS += targutilbase.o
+
+VPATH += $(ROOTPATH)/src/usr/targeting/common
+EXTRAINCDIR += $(ROOTPATH)/src/include/usr
 
 VPATH += ../common
 
diff --git a/src/usr/secureboot/base/securerom.C b/src/usr/secureboot/base/securerom.C
index 9a1bca5ae..dd1428f33 100644
--- a/src/usr/secureboot/base/securerom.C
+++ b/src/usr/secureboot/base/securerom.C
@@ -5,7 +5,7 @@
 /*                                                                        */
 /* OpenPOWER HostBoot Project                                             */
 /*                                                                        */
-/* Contributors Listed Below - COPYRIGHT 2013,2016                        */
+/* Contributors Listed Below - COPYRIGHT 2013,2017                        */
 /* [+] International Business Machines Corp.                              */
 /*                                                                        */
 /*                                                                        */
@@ -35,7 +35,7 @@
 #include "../common/securetrace.H"
 
 #include "securerom.H"
-#include "../settings.H"
+#include <secureboot/settings.H>
 
 // Quick change for unit testing
 //#define TRACUCOMP(args...)  TRACFCOMP(args)
diff --git a/src/usr/secureboot/base/service.C b/src/usr/secureboot/base/service.C
index 59750b786..beed71616 100644
--- a/src/usr/secureboot/base/service.C
+++ b/src/usr/secureboot/base/service.C
@@ -5,7 +5,7 @@
 /*                                                                        */
 /* OpenPOWER HostBoot Project                                             */
 /*                                                                        */
-/* Contributors Listed Below - COPYRIGHT 2013,2016                        */
+/* Contributors Listed Below - COPYRIGHT 2013,2017                        */
 /* [+] International Business Machines Corp.                              */
 /*                                                                        */
 /*                                                                        */
@@ -35,7 +35,7 @@
 #include <errl/errlmanager.H>
 #include <errl/errludtarget.H>
 #include <initservice/initserviceif.H>
-#include "settings.H"
+#include <secureboot/settings.H>
 #include <secureboot/header.H>
 #include "purge.H"
 #include <kernel/misc.H>
@@ -97,9 +97,14 @@ bool enabled()
     return Singleton<Settings>::instance().getEnabled();
 }
 
-bool getJumperState()
+errlHndl_t getSecuritySwitch(uint64_t& o_regValue, TARGETING::Target* i_targ)
 {
-    return Singleton<Settings>::instance().getJumperState();
+    return Singleton<Settings>::instance().getSecuritySwitch(o_regValue,i_targ);
+}
+
+errlHndl_t getJumperState(SecureJumperState& o_state, TARGETING::Target* i_targ)
+{
+    return Singleton<Settings>::instance().getJumperState(o_state, i_targ);
 }
 
 void handleSecurebootFailure(errlHndl_t &io_err, bool i_waitForShutdown)
diff --git a/src/usr/secureboot/base/settings.C b/src/usr/secureboot/base/settings.C
index 9f4377178..e06e179e3 100644
--- a/src/usr/secureboot/base/settings.C
+++ b/src/usr/secureboot/base/settings.C
@@ -5,7 +5,7 @@
 /*                                                                        */
 /* OpenPOWER HostBoot Project                                             */
 /*                                                                        */
-/* Contributors Listed Below - COPYRIGHT 2013,2016                        */
+/* Contributors Listed Below - COPYRIGHT 2013,2017                        */
 /* [+] International Business Machines Corp.                              */
 /*                                                                        */
 /*                                                                        */
@@ -26,7 +26,11 @@
 #include <errl/errlmanager.H>
 #include <devicefw/userif.H>
 #include <secureboot/service.H>
-#include "settings.H"
+#include <secureboot/secure_reasoncodes.H>
+#include <targeting/common/util.H>
+#include <targeting/common/target.H>
+#include <initservice/initserviceif.H>
+#include <secureboot/settings.H>
 
 // SECUREBOOT : General driver traces
 #include "../common/securetrace.H"
@@ -34,12 +38,38 @@
 namespace SECUREBOOT
 {
     using namespace TARGETING;
+    using namespace ERRORLOG;
+
+    // symbolic constant for the trace size
+    enum {
+        ERROR_TRACE_SIZE = 256,
+    };
 
     void Settings::_init()
     {
+        uint64_t l_regValue = 0;
+
+        // read security switch register
+        auto l_errl = getSecuritySwitch(l_regValue,
+                                        MASTER_PROCESSOR_CHIP_TARGET_SENTINEL);
+
+        if (NULL != l_errl)
+        {
+
+            // Grab errlog reason code before committing.
+            uint16_t l_rc = l_errl->reasonCode();
+
+            errlCommit(l_errl, SECURE_COMP_ID);
+            // we need to shutdown here because getSecuritySwitch does not
+            // return a fatal error log in some cases
+            INITSERVICE::doShutdown(l_rc);
+        }
+
         // cache only the enabled flag
-        iv_enabled = (0 != (getSecuritySwitch() &
-                                static_cast<uint64_t>(ProcSecurity::SabBit)));
+        iv_enabled = (0 != (l_regValue &
+                            static_cast<uint64_t>(ProcSecurity::SabBit)));
+
+        SB_INF("getEnabled() state:%i",iv_enabled);
     }
 
     bool Settings::getEnabled() const
@@ -47,46 +77,107 @@ namespace SECUREBOOT
         return iv_enabled;
     }
 
-    bool Settings::getJumperState() const
+    errlHndl_t Settings::getJumperState(SecureJumperState& o_state,
+                                        Target* i_targ) const
     {
-        auto l_regValue = readSecurityRegister(
-                        static_cast<uint64_t>(ProcCbsControl::StatusRegister));
+        uint64_t l_regValue = 0;
+        o_state = SecureJumperState::SECURITY_DEASSERTED;
 
-        return 0 != (l_regValue &
-                        static_cast<uint64_t>(ProcCbsControl::JumperStateBit));
+        errlHndl_t l_errl = nullptr;
+
+        do
+        {
+            // the supplied target input parameter is validated in one place
+            // inside the readSecurityRegister function
+            l_errl = readSecurityRegister(i_targ,
+                    static_cast<uint64_t>(ProcCbsControl::StatusRegister),
+                    l_regValue);
+
+            SB_DBG("getJumperState() err:%i reg:%.16llX huid:%.8X",
+                !!l_errl, l_regValue, get_huid(i_targ));
+
+            if (l_errl)
+            {
+                break;
+            }
+            o_state = (l_regValue &
+                static_cast<uint64_t>(ProcCbsControl::JumperStateBit)) ?
+                     SecureJumperState::SECURITY_ASSERTED :
+                     SecureJumperState::SECURITY_DEASSERTED;
+
+            SB_INF("getJumperState() state:%i huid:%.8X", o_state,
+                                                            get_huid(i_targ));
+
+        } while(0);
+
+        return l_errl;
     }
 
-    uint64_t Settings::getSecuritySwitch() const
+    errlHndl_t Settings::getSecuritySwitch(uint64_t& o_regValue,
+                                           Target* i_targ) const
     {
-        return readSecurityRegister(
-                        static_cast<uint64_t>(ProcSecurity::SwitchRegister));
+        auto l_errl = readSecurityRegister(i_targ,
+                    static_cast<uint64_t>(ProcSecurity::SwitchRegister),
+                    o_regValue);
+        SB_INF("getSecuritySwitch() err:%i reg:%.16llX huid:%.8X",
+            !!l_errl, o_regValue, get_huid(i_targ));
+
+        return l_errl;
     }
 
-    uint64_t Settings::readSecurityRegister(const uint64_t i_scomAddress) const
+    errlHndl_t Settings::readSecurityRegister(Target* i_targ,
+                                            const uint64_t i_scomAddress,
+                                            uint64_t& o_regValue) const
     {
         errlHndl_t l_errl = nullptr;
-        uint64_t l_regValue = 0;
-        size_t size = sizeof(l_regValue);
+        size_t size = sizeof(o_regValue);
 
-        // Read secure register setting from processor.
-        l_errl = deviceRead(MASTER_PROCESSOR_CHIP_TARGET_SENTINEL,
-                            &l_regValue, size,
+        do
+        {
+
+        // make sure we are not passed a null target pointer or the wrong
+        // target type (must be a processor target) or the sentinel
+        if ( i_targ != MASTER_PROCESSOR_CHIP_TARGET_SENTINEL &&
+            (i_targ == nullptr || i_targ->getAttr<ATTR_TYPE>() != TYPE_PROC)
+           )
+        {
+            /*@
+             * @errortype
+             * @moduleid         SECUREBOOT::MOD_SECURE_READ_REG
+             * @reasoncode       SECUREBOOT::RC_SECURE_BAD_TARGET
+             * @userdata1        Target pointer value
+             * @userdata2        Target's HUID or 0 if null
+             *                   target pointer.
+             * @devdesc          Invalid target used to read security
+             *                   switch register.
+             * @custdesc         Internal Firmware error.
+             */
+            l_errl = new ERRORLOG::ErrlEntry(ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+                                         SECUREBOOT::MOD_SECURE_READ_REG,
+                                         SECUREBOOT::RC_SECURE_BAD_TARGET,
+                                         reinterpret_cast<uint64_t>(i_targ),
+                                         TO_UINT64(get_huid(i_targ)),
+                                         true /* Add HB Software Callout */ );
+            l_errl->collectTrace(SECURE_COMP_NAME, ERROR_TRACE_SIZE);
+            break;
+        }
+
+        // Read security switch setting from processor.
+        l_errl = deviceRead(i_targ,
+                            &o_regValue, size,
                             DEVICE_SCOM_ADDRESS(i_scomAddress));
 
         if (nullptr != l_errl)
         {
-            errlCommit(l_errl, SECURE_COMP_ID);
-            // This assert is needed because the deviceRead returns an
-            // informational error log so the system would otherwise not be
-            // halted.
-            assert(false,"SECUREBOOT::Settings::readSecurityRegister() Unable"
-                        " to read security register");
+            break;
         }
-        assert(size == sizeof(l_regValue),
+        assert(size == sizeof(o_regValue),
             "size returned from device read is not the expected size of %i",
-                                                           sizeof(l_regValue));
+                                                           sizeof(o_regValue));
+
+        } while(0);
 
-        return l_regValue;
+        return l_errl;
     }
 
 }