diff options
| author | Stephen Cprek <smcprek@us.ibm.com> | 2017-04-19 15:20:50 -0500 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-04-28 14:15:32 -0400 |
| commit | 246654c69f0b76642662a20c374792ea21e2076f (patch) | |
| tree | 9c90f44ccc3ed9ff63a3d15e3d8f4213fac8f575 /src | |
| parent | 2a1c0da1e1766caab280528cfa4c74433718c081 (diff) | |
| download | talos-hostboot-246654c69f0b76642662a20c374792ea21e2076f.tar.gz talos-hostboot-246654c69f0b76642662a20c374792ea21e2076f.zip | |
Sign and Verify the payload partition (port from p8)
Change-Id: I1925f347448accc2c85f57fe63726b2589929881
RTC:171706
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/39659
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src')
| -rwxr-xr-x | src/build/buildpnor/genPnorImages.pl | 2 | ||||
| -rw-r--r-- | src/usr/isteps/istep20/call_host_load_payload.C | 23 |
2 files changed, 20 insertions, 5 deletions
diff --git a/src/build/buildpnor/genPnorImages.pl b/src/build/buildpnor/genPnorImages.pl index 54f1c82ba..a9052c972 100755 --- a/src/build/buildpnor/genPnorImages.pl +++ b/src/build/buildpnor/genPnorImages.pl @@ -509,7 +509,7 @@ sub manipulateImages my $isNormalSecure = ($eyeCatch eq "SBE"); #$isNormalSecure ||= ($eyeCatch eq "HBRT"); #$isNormalSecure ||= ($eyeCatch eq "SBEC"); - #$isNormalSecure ||= ($eyeCatch eq "PAYLOAD"); + $isNormalSecure ||= ($eyeCatch eq "PAYLOAD"); #$isNormalSecure ||= ($eyeCatch eq "OCC"); #$isNormalSecure ||= ($eyeCatch eq "CAPP"); #$isNormalSecure ||= ($eyeCatch eq "BOOTKERNEL"); diff --git a/src/usr/isteps/istep20/call_host_load_payload.C b/src/usr/isteps/istep20/call_host_load_payload.C index c89004e56..6251eaf80 100644 --- a/src/usr/isteps/istep20/call_host_load_payload.C +++ b/src/usr/isteps/istep20/call_host_load_payload.C @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2016 */ +/* Contributors Listed Below - COPYRIGHT 2016,2017 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -38,6 +38,7 @@ #include <arch/ppc.H> #include <kernel/console.H> #include <xz/xz.h> +#include <config.h> using namespace ERRORLOG; using namespace ISTEP; @@ -136,11 +137,25 @@ void* call_host_load_payload (void *io_pArgs) static errlHndl_t load_pnor_section(PNOR::SectionId i_section, uint64_t i_physAddr) { + TRACFCOMP(ISTEPS_TRACE::g_trac_isteps_trace,ENTER_MRK"load_pnor_section()"); + errlHndl_t err = nullptr; + +#ifdef CONFIG_SECUREBOOT + // Securely load section + TRACFCOMP(ISTEPS_TRACE::g_trac_isteps_trace,"load_pnor_section: secure section load of secId=0x%X (%s)", + i_section, PNOR::SectionIdToString(i_section)); + err = PNOR::loadSecureSection(i_section); + if (err) + { + return err; + } + // Do not need to unload since we have plenty of memory at this point. +#endif + // Get the section info from PNOR. PNOR::SectionInfo_t pnorSectionInfo; - errlHndl_t err = PNOR::getSectionInfo( i_section, - pnorSectionInfo ); - if( err != NULL ) + err = PNOR::getSectionInfo( i_section, pnorSectionInfo ); + if( err != nullptr ) { TRACFCOMP(ISTEPS_TRACE::g_trac_isteps_trace, "load_pnor_section: Could not get section info from %x", |
