diff options
author | Nick Bofferding <bofferdn@us.ibm.com> | 2018-04-03 01:13:23 -0500 |
---|---|---|
committer | William G. Hoffa <wghoffa@us.ibm.com> | 2018-04-05 09:10:05 -0400 |
commit | db9ded1e83f4aa6309e8b8cfabdf02ab4e2ad405 (patch) | |
tree | 8904e4ef69b00a1dc7f5cf96d849ec80bd4178eb /src/usr/targeting/common/xmltohb/attribute_types.xml | |
parent | fef105cbd664203857cb4ff11585202a6cee29b1 (diff) | |
download | talos-hostboot-db9ded1e83f4aa6309e8b8cfabdf02ab4e2ad405.tar.gz talos-hostboot-db9ded1e83f4aa6309e8b8cfabdf02ab4e2ad405.zip |
Secure Boot: Introduce key transition state node attribute
Key transitioning on FSP-based systems is problematic because the key transition
process quiesces both SBEs then TIs, which prevents the FSP TI handler from
being able to determine the TI reason when secure mode is enabled. This change
introduces a new key transition state node attribute and enum which later
commits will will use to inform FSP of status in the key transition flow
Change-Id: I9f40a2b8aa2c797fffd437f20615fedf82ca3f99
CQ: SW418697
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/56676
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
Diffstat (limited to 'src/usr/targeting/common/xmltohb/attribute_types.xml')
-rwxr-xr-x | src/usr/targeting/common/xmltohb/attribute_types.xml | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/src/usr/targeting/common/xmltohb/attribute_types.xml b/src/usr/targeting/common/xmltohb/attribute_types.xml index 90fb7b3db..95a4588a7 100755 --- a/src/usr/targeting/common/xmltohb/attribute_types.xml +++ b/src/usr/targeting/common/xmltohb/attribute_types.xml @@ -6294,6 +6294,63 @@ </enumerator> </enumerationType> +<enumerationType> + <id>KEY_TRANSITION_STATE</id> + <description> + Enum indicating the current Secure Boot key transition state for the + node. + </description> + <enumerator> + <description> + Secure Boot key transition not yet requested for the node + </description> + <name>KEY_TRANSITION_NOT_REQUESTED</name> + <value>0</value> + </enumerator> + <enumerator> + <description> + About to write new system Secure Boot key to first SBE SEEPROM + side in the node + </description> + <name>KEY_TRANSITION_STARTED</name> + <value>1</value> + </enumerator> + <enumerator> + <description> + Failed to apply new system Secure Boot key to one or more functional + SBE SEEPROM sides in the node + </description> + <name>KEY_TRANSITION_FAILED</name> + <value>2</value> + </enumerator> + <enumerator> + <description> + Successfully applied new system Secure Boot key to every functional + SBE SEEPROM side in the node + </description> + <name>KEY_TRANSITION_SUCCEEDED</name> + <value>3</value> + </enumerator> +</enumerationType> + +<attribute> + <description> + Attribute indicating the status of the Secure Boot key transition for + the node + </description> + <hasStringConversion></hasStringConversion> + <id>KEY_TRANSITION_STATE</id> + <persistency>volatile-zeroed</persistency> + <readable/> + <writeable/> + <simpleType> + <enumeration> + <id>KEY_TRANSITION_STATE</id> + <default>KEY_TRANSITION_NOT_REQUESTED</default> + </enumeration> + </simpleType> +</attribute> + <attribute> <id>FUSED_CORE_MODE_HB</id> <description> |