diff options
author | Stephen Cprek <smcprek@us.ibm.com> | 2017-11-29 15:44:23 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-12-12 17:06:11 -0500 |
commit | d527220c6ffe651548c3e002e0d473492c37ad27 (patch) | |
tree | 92f14865096743a03edaf2bb8575256d824d4bab /src/usr/secureboot | |
parent | ba9cad2c031bcf85fd34f8f3e8c477d38ed1db71 (diff) | |
download | talos-hostboot-d527220c6ffe651548c3e002e0d473492c37ad27.tar.gz talos-hostboot-d527220c6ffe651548c3e002e0d473492c37ad27.zip |
Add component ID check for Master Container Lid Processing
Change-Id: Ie6d99d6f67f09861f0d09c8432cf90abc27400b8
RTC: 181848
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/50156
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot')
-rw-r--r-- | src/usr/secureboot/base/securerommgr.C | 4 | ||||
-rw-r--r-- | src/usr/secureboot/base/test/securerommgrtest.H | 16 |
2 files changed, 10 insertions, 10 deletions
diff --git a/src/usr/secureboot/base/securerommgr.C b/src/usr/secureboot/base/securerommgr.C index 6f8e980a7..b894be4a9 100644 --- a/src/usr/secureboot/base/securerommgr.C +++ b/src/usr/secureboot/base/securerommgr.C @@ -87,7 +87,7 @@ errlHndl_t verifyContainer(void * i_container, const SHA512_t* i_hwKeyHash) return l_errl; } -errlHndl_t verifyComponent( +errlHndl_t verifyComponentId( const ContainerHeader& i_containerHeader, const char* const i_pComponentId) { @@ -105,7 +105,7 @@ errlHndl_t verifyComponent( i_pComponentId, sizeof(ROM_sw_header_raw::component_id)); - TRACFCOMP(g_trac_secure,ERR_MRK"SECUREROM::verifyComponent: " + TRACFCOMP(g_trac_secure,ERR_MRK"SECUREROM::verifyComponentId: " "Secure Boot verification failure; container's component ID of " "[%s] does not match expected component ID of [%s] (truncated " "from [%s]", diff --git a/src/usr/secureboot/base/test/securerommgrtest.H b/src/usr/secureboot/base/test/securerommgrtest.H index 590258ec0..115813d3d 100644 --- a/src/usr/secureboot/base/test/securerommgrtest.H +++ b/src/usr/secureboot/base/test/securerommgrtest.H @@ -414,7 +414,7 @@ class SecureRomManagerTest : public CxxTest::TestSuite TRACFCOMP(g_trac_secure,EXIT_MRK"SecureRomManagerTest::test_hash_page_table_verify"); } - void test_verifyComponent(void) + void test_verifyComponentId(void) { errlHndl_t pError = nullptr; @@ -426,14 +426,14 @@ class SecureRomManagerTest : public CxxTest::TestSuite do { - struct verifyComponentTest + struct verifyComponentIdTest { const char* pActualCompId; const char* pRefCompId; bool shouldPass; }; - const std::vector<verifyComponentTest> tests = + const std::vector<verifyComponentIdTest> tests = { {"ABCD1234","ABCD12345", true }, {"ABCD1234","ABCD1234" , true }, {"ABCD1234","ABCD123" , false}, @@ -455,7 +455,7 @@ class SecureRomManagerTest : public CxxTest::TestSuite if (pError) { - TS_FAIL("SecureRomManagerTest::test_verifyComponent: " + TS_FAIL("SecureRomManagerTest::test_verifyComponentId: " "loadSignedFile() Failed"); errlCommit(pError, SECURE_COMP_ID); break; @@ -488,7 +488,7 @@ class SecureRomManagerTest : public CxxTest::TestSuite } - pError = SECUREBOOT::verifyComponent( + pError = SECUREBOOT::verifyComponentId( containerHeader, test.pRefCompId); if(pError) @@ -496,7 +496,7 @@ class SecureRomManagerTest : public CxxTest::TestSuite if(test.shouldPass) { TS_FAIL("SecureRomManagerTest::test_verifyContainer: " - "Expected SECUREBOOT::verifyComponent to pass, but it " + "Expected SECUREBOOT::verifyComponentId to pass, but it " "failed. Actual component ID was [%s], reference " "component ID was [%s]", test.pActualCompId, @@ -512,7 +512,7 @@ class SecureRomManagerTest : public CxxTest::TestSuite != SECUREBOOT::MOD_SECURE_VERIFY_COMPONENT)) { TS_FAIL("SecureRomManagerTest::test_verifyContainer: " - "Expected SECUREBOOT::verifyComponent to fail with " + "Expected SECUREBOOT::verifyComponentId to fail with " "reason code of 0x%04X and module ID of 0x%02, but " "failed with reason code of 0x%04X and module ID " "of 0x%02X. Actual component ID was [%s], " @@ -535,7 +535,7 @@ class SecureRomManagerTest : public CxxTest::TestSuite else if(!test.shouldPass) { TS_FAIL("SecureRomManagerTest::test_verifyContainer: " - "Expected SECUREBOOT::verifyComponent to fail, but it " + "Expected SECUREBOOT::verifyComponentId to fail, but it " "passed. Actual component ID was [%s], reference " "component ID was [%s]", test.pActualCompId, |