Secure Boot: Support API to fence off all node processors' secure mailboxes

This change imlpements the logic to lock down the Abus
secure mailboxes prior to starting PHyp. The lock down
is perormed as part of secure node communication in istep 18

Change-Id: I4bc678ce7844290a7229b605406d5d3c689a0c6c
RTC: 191005
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/59692
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>

1 files changed, 105 insertions, 0 deletions

diff --git a/src/usr/secureboot/ext/service_ext.C b/src/usr/secureboot/ext/service_ext.C
new file mode 100644
index 000000000..1f8595a71
--- /dev/null
+++ b/src/usr/secureboot/ext/service_ext.C
@@ -0,0 +1,105 @@
+/* IBM_PROLOG_BEGIN_TAG                                                   */
+/* This is an automatically generated prolog.                             */
+/*                                                                        */
+/* $Source: src/usr/secureboot/ext/service_ext.C $                        */
+/*                                                                        */
+/* OpenPOWER HostBoot Project                                             */
+/*                                                                        */
+/* Contributors Listed Below - COPYRIGHT 2018                             */
+/* [+] International Business Machines Corp.                              */
+/*                                                                        */
+/*                                                                        */
+/* Licensed under the Apache License, Version 2.0 (the "License");        */
+/* you may not use this file except in compliance with the License.       */
+/* You may obtain a copy of the License at                                */
+/*                                                                        */
+/*     http://www.apache.org/licenses/LICENSE-2.0                         */
+/*                                                                        */
+/* Unless required by applicable law or agreed to in writing, software    */
+/* distributed under the License is distributed on an "AS IS" BASIS,      */
+/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or        */
+/* implied. See the License for the specific language governing           */
+/* permissions and limitations under the License.                         */
+/*                                                                        */
+/* IBM_PROLOG_END_TAG                                                     */
+#include <secureboot/service_ext.H>
+#include <targeting/common/util.H>
+#include <targeting/common/target.H>
+#include <errl/errlentry.H>
+#include <errl/errlmanager.H>
+#include <errl/errludtarget.H>
+#include <secureboot/secure_reasoncodes.H>
+
+#include "../common/securetrace.H"
+
+#include <fapi2.H>
+#include <fapi2/plat_hwp_invoker.H>
+
+#include <p9_update_security_ctrl.H>
+#include <config.h>
+
+namespace SECUREBOOT
+{
+
+void lockAbusSecMailboxes()
+{
+#ifdef CONFIG_TPMDD
+    errlHndl_t l_errl = nullptr;
+    TARGETING::TargetHandleList l_procs;
+    getAllChips(l_procs, TARGETING::TYPE_PROC, true);
+
+    auto l_pProc = l_procs.begin();
+    while(l_pProc != l_procs.end())
+    {
+        const fapi2::Target<fapi2::TARGET_TYPE_PROC_CHIP>l_fapiProc(*l_pProc);
+        FAPI_INVOKE_HWP(l_errl,
+                        p9_update_security_ctrl,
+                        l_fapiProc,
+                        false, // do not force security
+                        true); // lock down Abus mailboxes
+
+        if(l_errl)
+        {
+            SB_ERR("lockAbusSecMailboxes: p9_update_security_ctrl failed for"
+                   " proc 0x%X!. Deconfiguring the proc.",
+                   TARGETING::get_huid(*l_pProc));
+
+            auto l_plid = l_errl->plid();
+
+            ERRORLOG::ErrlUserDetailsTarget(*l_pProc).addToLog(l_errl);
+            ERRORLOG::errlCommit(l_errl, SECURE_COMP_ID);
+
+            /*
+             * @errortype
+             * @reasoncode RC_LOCK_MAILBOXES_FAILED
+             * @moduleid   MOD_LOCK_ABUS_SEC_MAILBOXES
+             * @userdata1  Target HUID
+             * @devdesc    Failed to lock Abus secure mailboxes
+             *             on target processor.
+             * @custdesc   Secure Boot failure
+             */
+            l_errl = new ERRORLOG::ErrlEntry(ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+                            SECUREBOOT::MOD_LOCK_ABUS_SEC_MAILBOXES,
+                            SECUREBOOT::RC_LOCK_MAILBOXES_FAILED,
+                            TARGETING::get_huid(*l_pProc),
+                            0,
+                            true);
+            l_errl->addHwCallout(*l_pProc,
+                                 HWAS::SRCI_PRIORITY_LOW,
+                                 HWAS::DELAYED_DECONFIG,
+                                 HWAS::GARD_NULL);
+            l_errl->collectTrace(SECURE_COMP_NAME);
+            l_errl->collectTrace(FAPI_TRACE_NAME);
+            l_errl->plid(l_plid);
+            ERRORLOG::ErrlUserDetailsTarget(*l_pProc).addToLog(l_errl);
+
+            ERRORLOG::errlCommit(l_errl, SECURE_COMP_ID);
+        }
+
+        ++l_pProc;
+
+    } // while
+#endif
+}
+
+} // namespace SECUREBOOT