Handle NVDIMM encryption errors

Update ATTR_NVDIMM_ARMED and ATTR_NV_STATUS_FLAG Update notifyNvdimmProtectionChange() Set encryption error and check before arm/disarm Change-Id: I1edf738af3460684ee93b02f06ff417c3e72d4e3 RTC:210689 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/78828 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
author: Corey Swenson <cswenson@us.ibm.com> 2019-06-12 11:59:56 -0500
committer: Daniel M. Crowell <dcrowell@us.ibm.com> 2019-06-18 17:13:24 -0500
commit: 7508722e0908dae7096a98d502dbef9917f5857a (patch)
tree: b8905b5414b81098fa2f905f990318838b812635 /src/usr/util
parent: 0c4e786e0e95cce19fa878c47f3399c0be463f69 (diff)
download: talos-hostboot-7508722e0908dae7096a98d502dbef9917f5857a.tar.gz
talos-hostboot-7508722e0908dae7096a98d502dbef9917f5857a.zip
2 files changed, 44 insertions, 10 deletions
diff --git a/src/usr/util/runtime/rt_cmds.C b/src/usr/util/runtime/rt_cmds.C
index c015215b5..fa50b0684 100644
--- a/src/usr/util/runtime/rt_cmds.C
+++ b/src/usr/util/runtime/rt_cmds.C
@@ -1162,25 +1162,48 @@ void cmd_nvdimm_protection_msg( char* &o_output, uint32_t i_huid,
 {
     errlHndl_t l_err = nullptr;
     o_output = new char[500];
-    uint8_t l_notifyType = NVDIMM::NOT_PROTECTED;
+    uint8_t l_notifyType = 0;
 
     TARGETING::Target* l_targ{};
     l_targ = getTargetFromHUID(i_huid);
     if (l_targ != NULL)
     {
-      if (protection == 1)
+      if (protection == NVDIMM::NVDIMM_ARMED)
       {
-          l_notifyType = NVDIMM::PROTECTED;
-          l_err = notifyNvdimmProtectionChange(l_targ, NVDIMM::PROTECTED);
+          l_notifyType = NVDIMM::NVDIMM_ARMED;
+          l_err = notifyNvdimmProtectionChange(l_targ, NVDIMM::NVDIMM_ARMED);
       }
-      else if (protection == 2)
+      else if (protection == NVDIMM::NVDIMM_DISARMED)
       {
-          l_notifyType = NVDIMM::UNPROTECTED_BECAUSE_ERROR;
-          l_err = notifyNvdimmProtectionChange(l_targ, NVDIMM::UNPROTECTED_BECAUSE_ERROR);
+          l_notifyType = NVDIMM::NVDIMM_DISARMED;
+          l_err = notifyNvdimmProtectionChange(l_targ, NVDIMM::NVDIMM_DISARMED);
+      }
+      else if (protection == NVDIMM::OCC_ACTIVE)
+      {
+          l_notifyType = NVDIMM::OCC_ACTIVE;
+          l_err = notifyNvdimmProtectionChange(l_targ, NVDIMM::OCC_ACTIVE);
+      }
+      else if (protection == NVDIMM::OCC_INACTIVE)
+      {
+          l_notifyType = NVDIMM::OCC_INACTIVE;
+          l_err = notifyNvdimmProtectionChange(l_targ, NVDIMM::OCC_INACTIVE);
+      }
+      else if (protection == NVDIMM::NVDIMM_FATAL_HW_ERROR)
+      {
+          l_notifyType = NVDIMM::NVDIMM_FATAL_HW_ERROR;
+          l_err = notifyNvdimmProtectionChange(l_targ, NVDIMM::NVDIMM_FATAL_HW_ERROR);
+      }
+      else if (protection == NVDIMM::NVDIMM_RISKY_HW_ERROR)
+      {
+          l_notifyType = NVDIMM::NVDIMM_RISKY_HW_ERROR;
+          l_err = notifyNvdimmProtectionChange(l_targ, NVDIMM::NVDIMM_RISKY_HW_ERROR);
       }
       else
       {
-          l_err = notifyNvdimmProtectionChange(l_targ, NVDIMM::NOT_PROTECTED);
+            sprintf( o_output,
+                "cmd_nvdimm_protection_msg: HUID 0x%.8X "
+                "unknown protection type 0x%.2X",
+                i_huid, protection );
       }
       if (l_err)
       {
diff --git a/src/usr/util/runtime/rt_fwnotify.C b/src/usr/util/runtime/rt_fwnotify.C
index 44a5a7dba..589f8d72f 100644
--- a/src/usr/util/runtime/rt_fwnotify.C
+++ b/src/usr/util/runtime/rt_fwnotify.C
@@ -263,12 +263,12 @@ void occActiveNotification( void * i_data )
         if (*l_active)
         {
             l_err = NVDIMM::notifyNvdimmProtectionChange(l_proc,
-                                                         NVDIMM::PROTECTED);
+                                                         NVDIMM::OCC_ACTIVE);
         }
         else
         {
             l_err = NVDIMM::notifyNvdimmProtectionChange(l_proc,
-                                                         NVDIMM::NOT_PROTECTED);
+                                                         NVDIMM::OCC_INACTIVE);
         }
 
         // commit error if it exists
@@ -479,6 +479,17 @@ void doNvDimmOperation(const hostInterfaces::nvdimm_operation_t& nvDimmOp)
         // Enable encryption on the NVDIMM
         if (nvDimmOp.opType & hostInterfaces::HBRT_FW_NVDIMM_ENABLE_ENCRYPTION)
         {
+            // Set the encryption enable attribute
+            Target* l_sys = nullptr;
+            targetService().getTopLevelTarget( l_sys );
+            assert(l_sys, "doNvDimmOperation: no TopLevelTarget");
+            if (!l_sys->getAttr<ATTR_NVDIMM_ENCRYPTION_ENABLE>())
+            {
+                l_sys->setAttr<ATTR_NVDIMM_ENCRYPTION_ENABLE>(0x1);
+
+                // TODO RTC 210692 Update HWSV with enable attribute value
+            }
+
             // Make call to generate keys before enabling encryption
             if(!nvdimm_gen_keys())
             {
author	Corey Swenson <cswenson@us.ibm.com>	2019-06-12 11:59:56 -0500
committer	Daniel M. Crowell <dcrowell@us.ibm.com>	2019-06-18 17:13:24 -0500
commit	7508722e0908dae7096a98d502dbef9917f5857a (patch)
tree	b8905b5414b81098fa2f905f990318838b812635 /src/usr/util
parent	0c4e786e0e95cce19fa878c47f3399c0be463f69 (diff)
download	talos-hostboot-7508722e0908dae7096a98d502dbef9917f5857a.tar.gz talos-hostboot-7508722e0908dae7096a98d502dbef9917f5857a.zip