diff options
author | Ilya Smirnov <ismirno@us.ibm.com> | 2018-04-02 16:39:21 -0500 |
---|---|---|
committer | Nicholas E. Bofferding <bofferdn@us.ibm.com> | 2018-04-12 16:20:04 -0400 |
commit | f5cd23d6c3be17356e0851ec5d5bb65cee48f15f (patch) | |
tree | ecdfb7de737d9b97649f4cd025b392d256b1e470 /src/usr/secureboot | |
parent | e84f5604125d704d098efbea74f8368060be593d (diff) | |
download | talos-hostboot-f5cd23d6c3be17356e0851ec5d5bb65cee48f15f.tar.gz talos-hostboot-f5cd23d6c3be17356e0851ec5d5bb65cee48f15f.zip |
Mark Read-Only Partitions as Such
Partitions marked with readOnly tag in the xml were treated
as WRITABLE in the code. This change modifies the permissions
to be READ_ONLY and adds unit tests to test the read only functionality.
Change-Id: I8c1f23fd7e30edc38ff882c59716ab63a4f310e6
CQ: SW423350
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/56771
CI-Ready: ILYA SMIRNOV <ismirno@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/57066
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot')
-rw-r--r-- | src/usr/secureboot/base/test/securerommgrtest.H | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/src/usr/secureboot/base/test/securerommgrtest.H b/src/usr/secureboot/base/test/securerommgrtest.H index 8ffa8375d..35e70f707 100644 --- a/src/usr/secureboot/base/test/securerommgrtest.H +++ b/src/usr/secureboot/base/test/securerommgrtest.H @@ -380,6 +380,16 @@ class SecureRomManagerTest : public CxxTest::TestSuite - VFS::VfsRp::getInstance().iv_unprotectedOffset + l_vaddr; memcpy(l_originPage, reinterpret_cast<uint8_t*>(l_pnorVaddr), PAGESIZE); + // Open the write permissions to allow the test to temporarily corrupt + // the partition. + int l_rc = mm_set_permission(reinterpret_cast<void*>(l_pnorVaddr), + 2*PAGESIZE, + WRITABLE); + if(l_rc) + { + TS_FAIL("mm_set_permission: Cannot set permissions to write"); + break; + } // Corrupt page uint8_t l_corruptByte = 0xFF; @@ -400,6 +410,16 @@ class SecureRomManagerTest : public CxxTest::TestSuite delete l_errl; l_errl = nullptr; + // Reset to read-only permissions. + l_rc = mm_set_permission(reinterpret_cast<void*>(l_pnorVaddr), + 2*PAGESIZE, + READ_ONLY); + if(l_rc) + { + TS_FAIL("mm_set_permission: Cannot reset permissions to read only"); + break; + } + } while(0); if ( signedFile_pageAddr != nullptr ) |