diff options
| author | Nick Bofferding <bofferdn@us.ibm.com> | 2018-03-19 23:26:08 -0500 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2018-05-08 09:44:28 -0400 |
| commit | 2fe71f4ddc13e3c730fbb7e1fcfe0d319eddc333 (patch) | |
| tree | 6717b134419978a4b0836382364f98f620d1630c /src/usr/targeting | |
| parent | 3c2b4bf2adc3e076d7dc9e2876b64b813a799260 (diff) | |
| download | talos-hostboot-2fe71f4ddc13e3c730fbb7e1fcfe0d319eddc333.tar.gz talos-hostboot-2fe71f4ddc13e3c730fbb7e1fcfe0d319eddc333.zip | |
Secure Boot: Implement Centaur SCOM cache
This change implements a Centaur SCOM cache for sensitive SCOM registers. The
cache is initialized and enabled before the first Centaur SCOM, and disabled
just prior to locking down the Centaur configuration. Once the Centaur has been
locked down, the real register values are compared to the cache entries, and the
Centaur is deconfigured (not garded) on any mismatch in assumptions.
RTC: 187288
Change-Id: I7b13bfd7eb6b427aba115d6944958bf55e171008
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/57532
Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/targeting')
| -rwxr-xr-x | src/usr/targeting/common/xmltohb/attribute_types_hb.xml | 13 | ||||
| -rw-r--r-- | src/usr/targeting/common/xmltohb/target_types_hb.xml | 1 | ||||
| -rwxr-xr-x | src/usr/targeting/common/xmltohb/xmltohb.pl | 4 |
3 files changed, 16 insertions, 2 deletions
diff --git a/src/usr/targeting/common/xmltohb/attribute_types_hb.xml b/src/usr/targeting/common/xmltohb/attribute_types_hb.xml index 972c2f01e..e1cebe965 100755 --- a/src/usr/targeting/common/xmltohb/attribute_types_hb.xml +++ b/src/usr/targeting/common/xmltohb/attribute_types_hb.xml @@ -1128,4 +1128,17 @@ <writeable/> </attribute> +<attribute> + <id>CENTAUR_REGISTER_CACHE_PTR</id> + <description> + Pointer to Secure Boot Centaur SCOM register cache + </description> + <simpleType> + <uint64_t></uint64_t> + </simpleType> + <persistency>volatile-zeroed</persistency> + <readable/> + <writeable/> +</attribute> + </attributes> diff --git a/src/usr/targeting/common/xmltohb/target_types_hb.xml b/src/usr/targeting/common/xmltohb/target_types_hb.xml index 5f43f0a7a..46c145c75 100644 --- a/src/usr/targeting/common/xmltohb/target_types_hb.xml +++ b/src/usr/targeting/common/xmltohb/target_types_hb.xml @@ -186,6 +186,7 @@ <attribute> <id>HBRT_HYP_ID</id> </attribute> + <attribute><id>CENTAUR_REGISTER_CACHE_PTR</id></attribute> </targetTypeExtension> <targetTypeExtension> diff --git a/src/usr/targeting/common/xmltohb/xmltohb.pl b/src/usr/targeting/common/xmltohb/xmltohb.pl index 8d8ac765b..78b28e227 100755 --- a/src/usr/targeting/common/xmltohb/xmltohb.pl +++ b/src/usr/targeting/common/xmltohb/xmltohb.pl @@ -4366,8 +4366,8 @@ sub getAttributeIdEnumeration { # attribute_types_hb.xml or attributes_types_fsp. else { - croak("Error: AttributeId $attribute->{id} " - . "defined multiple times"); + croak("Error: AttributeId $attribute->{id} " + . "defined multiple times"); } } else |
