summaryrefslogtreecommitdiffstats
path: root/src/usr/secureboot/runtime
diff options
context:
space:
mode:
authorStephen Cprek <smcprek@us.ibm.com>2017-10-31 13:01:30 -0500
committerDaniel M. Crowell <dcrowell@us.ibm.com>2017-11-19 15:54:51 -0500
commit81279c1d146d8ee920494c7817cdd72f165dd373 (patch)
treed616d0914823c8c25592e8276e0610ba1c9d2a28 /src/usr/secureboot/runtime
parent63a026113332464fc3bcc73369ba35bfe8f62b6f (diff)
downloadtalos-hostboot-81279c1d146d8ee920494c7817cdd72f165dd373.tar.gz
talos-hostboot-81279c1d146d8ee920494c7817cdd72f165dd373.zip
Secure Boot: Fix lid load from HB reserved memory issues at runtime
- Force all PNOR sections we load from HB rserved memory to be secure Only exception is the RINGOVD section, in which we use a fake header - Add fake header when Secureboot compiled out or a section is never signed as there is no secure header preserved in virtual memory RTC: 171708 RTC: 180063 Change-Id: Ibbbd7be24ee7b199e73451c63b2c2d1f86a2c2d8 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/49020 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot/runtime')
-rw-r--r--src/usr/secureboot/runtime/test/testsecureboot_rt.H73
1 files changed, 33 insertions, 40 deletions
diff --git a/src/usr/secureboot/runtime/test/testsecureboot_rt.H b/src/usr/secureboot/runtime/test/testsecureboot_rt.H
index 33ca4cd48..f728357e2 100644
--- a/src/usr/secureboot/runtime/test/testsecureboot_rt.H
+++ b/src/usr/secureboot/runtime/test/testsecureboot_rt.H
@@ -44,6 +44,7 @@
#include <secureboot/settings.H>
#include <pnor/pnorif.H>
#include <pnor/pnor_reasoncodes.H>
+#include "../../../pnor/pnor_utils.H"
class SecurebootRtTestSuite: public CxxTest::TestSuite
{
@@ -163,70 +164,62 @@ class SecurebootRtTestSuite: public CxxTest::TestSuite
/**
* @brief Helper to test case that runs getSectionInfo scenarios and checks
* for desired results.
+ * If secure, should throw an error
+ * Otherwise no error
* @param[in] i_id, Pnor Section ID
- * @param[in] i_secure, Indicates if section is expected to be secure or not
*
* @return N/A
*/
- void runAccessSecurePnorTest(PNOR::SectionId i_id, bool i_secure)
+ void runAccessSecurePnorTest(PNOR::SectionId i_id)
{
errlHndl_t l_errl = nullptr;
+ bool l_secure = PNOR::isEnforcedSecureSection(i_id);
PNOR::SectionInfo_t l_info;
- l_errl = PNOR::getSectionInfo(i_id, l_info);
- if(l_errl)
- {
- TS_FAIL("testAccessSecurePnorSection: Failed for section %s",
- PNOR::SectionIdToString(i_id));
- errlCommit(l_errl, SECURE_COMP_ID);
- }
+ SB_ENTER("runAccessSecurePnorTest %s", PNOR::SectionIdToString(i_id));
- // TODO: RTC:180063 change this test case back to how it was before
- // having secure sections return vaddr = 0
- // previously in HB commit cefc4c
- // If we expect the section to be secure, make sure it returns secure
- // and a vaddr of 0
- if (i_secure)
+ l_errl = PNOR::getSectionInfo(i_id, l_info);
+ if(l_secure)
{
- if (l_info.secure != 1)
+ SB_INF("runAccessSecurePnorTest is secure");
+ if (l_errl &&
+ (l_errl->reasonCode() == PNOR::RC_RTPNOR_INVALID_SECTION))
{
- TS_FAIL("testAccessSecurePnorSection: Did not return %s as a secure section",
- PNOR::SectionIdToString(i_id));
+ SB_INF("runAccessSecurePnorTest caught correct error");
+ delete l_errl;
+ l_errl = nullptr;
}
- else if (l_info.vaddr != 0)
+ else
{
- TS_FAIL("testAccessSecurePnorSection: Did not return a vaddr of 0 for secure section %s",
- PNOR::SectionIdToString(i_id));
+ TS_FAIL("testAccessSecurePnorSection: unexpected reason code for Secure Section %s. Expected RC 0x%.4X Actual RC 0x%.4X",
+ PNOR::SectionIdToString(i_id),
+ PNOR::RC_RTPNOR_INVALID_SECTION,
+ l_errl->reasonCode());
+ errlCommit(l_errl, SECURE_COMP_ID);
}
}
- // If we expect the section to be secure, make sure it returns secure
- // and a vaddr of 0
- else
+ else if(l_errl)
{
- if (l_info.vaddr == 0)
- {
- TS_FAIL("testAccessSecurePnorSection: Did not return a vaddr of non-zero for a non-secure section %s",
- PNOR::SectionIdToString(i_id));
- }
+ TS_FAIL("testAccessSecurePnorSection: getSectionInfo failed for section %s",
+ PNOR::SectionIdToString(i_id));
+ errlCommit(l_errl, SECURE_COMP_ID);
}
+
+ SB_EXIT("runAccessSecurePnorTest");
}
- // TODO: RTC:180063 change this test case back to how it was before
- // having secure sections return vaddr = 0 previously
- // in HB commit cefc4c
void testAccessSecurePnorSection()
{
+#ifdef CONFIG_SECUREBOOT
SB_ENTER("testAccessSecurePnorSection");
+ // Should thow an error for trying to read a secure section
+ runAccessSecurePnorTest(PNOR::OCC);
+ runAccessSecurePnorTest(PNOR::HB_EXT_CODE);
- // Ensure we get a vaddr of 0 at Runtime
- runAccessSecurePnorTest(PNOR::OCC, true);
- runAccessSecurePnorTest(PNOR::HB_EXT_CODE, true);
-
- // Ensure we get a vaddr of at Runtime
- runAccessSecurePnorTest(PNOR::TEST, false);
-
- SB_EXIT("testAccessSecurePnorSection");
+ // No error for trying to read a secure section
+ runAccessSecurePnorTest(PNOR::TEST);
+#endif
}
OpenPOWER on IntegriCloud