diff options
-rw-r--r-- | src/include/usr/fapi2/hwpf_fapi2_reasoncodes.H | 5 | ||||
-rw-r--r-- | src/usr/fapi2/plat_attr_override_sync.C | 38 | ||||
-rwxr-xr-x | src/usr/targeting/common/xmltohb/attribute_types_hb.xml | 22 | ||||
-rw-r--r-- | src/usr/targeting/common/xmltohb/target_types_hb.xml | 3 |
4 files changed, 64 insertions, 4 deletions
diff --git a/src/include/usr/fapi2/hwpf_fapi2_reasoncodes.H b/src/include/usr/fapi2/hwpf_fapi2_reasoncodes.H index c8c61211d..9794a6aa1 100644 --- a/src/include/usr/fapi2/hwpf_fapi2_reasoncodes.H +++ b/src/include/usr/fapi2/hwpf_fapi2_reasoncodes.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2015,2018 */ +/* Contributors Listed Below - COPYRIGHT 2015,2019 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -66,6 +66,7 @@ namespace fapi2 MOD_FAPI2_GET_RING = 0x17, MOD_FAPI2_SET_ATTR_FREQ_MCA_MHZ = 0x18, MOD_FAPI2_PLAT_GET_PROC_TEST = 0x19, + MOD_FAPI2_MONITOR_FOR_FSP_MSGS = 0x1A, }; /** @@ -125,6 +126,7 @@ namespace fapi2 RC_DD_SUPPORT_CHECK_FAILED = FAPI2_COMP_ID | 0x3E, RC_SET_ATTR_NOT_VALID = FAPI2_COMP_ID | 0x3F, RC_FAILED_TO_GET_RING_LIST = FAPI2_COMP_ID | 0x40, + RC_ATTR_OVERRIDE_DISALLOWED = FAPI2_COMP_ID | 0x41, // HWP generated errors RC_HWP_GENERATED_ERROR = HWPF_COMP_ID | 0x0f, @@ -134,7 +136,6 @@ namespace fapi2 // PLL_BUCKET generated errors RC_NO_MATCHING_FREQ = HWPF_COMP_ID | 0x31, RC_FREQ_LIST_NOT_FOUND = HWPF_COMP_ID | 0x32, - }; /** diff --git a/src/usr/fapi2/plat_attr_override_sync.C b/src/usr/fapi2/plat_attr_override_sync.C index 47751806a..0d9da23b9 100644 --- a/src/usr/fapi2/plat_attr_override_sync.C +++ b/src/usr/fapi2/plat_attr_override_sync.C @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2015,2018 */ +/* Contributors Listed Below - COPYRIGHT 2015,2019 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -270,6 +270,13 @@ void AttrOverrideSync::monitorForFspMessages() msg_q_t l_pMsgQ = msg_q_create(); errlHndl_t l_pErr = MBOX::msgq_register(MBOX::HB_HWPF_ATTR_MSGQ, l_pMsgQ); + // Find out if attributes override has been attempted + TARGETING::Target* l_pSys = nullptr; + TARGETING::targetService().getTopLevelTarget(l_pSys); + // Assert that l_pSys is no longer nullptr + assert(l_pSys != nullptr, "AttrOverrideSync::monitorForFspMessages() " + "expected top level target, but got nullptr."); + if (l_pErr) { // In the unlikely event that registering fails, the code will commit an @@ -296,6 +303,33 @@ void AttrOverrideSync::monitorForFspMessages() "Message (0x%X) from FSP since attribute overrides " "are not allowed", l_pMsg->type); + + // Checking if OVERRIDES_ATTEMPTED_FLAG has not been set to 1. + // If so, then this is the first time attributes override is + // attempted in an FSP, while in secure mode; in this case, log + // an error stating that attributes override was attempted. + if (!l_pSys-> + getAttr<TARGETING::ATTR_OVERRIDES_ATTEMPTED_FLAG>()) + { + /*@ + * @errortype + * @reasoncode RC_ATTR_OVERRIDE_DISALLOWED + * @severity ERRORLOG::ERRL_SEV_INFORMATIONAL + * @moduleid MOD_FAPI2_MONITOR_FOR_FSP_MSGS + * @devdesc Attribute overrides were rejected + * because system is in secure mode + * @custdesc Action not allowed in secure mode + */ + l_pErr = new ERRORLOG::ErrlEntry( + ERRORLOG::ERRL_SEV_INFORMATIONAL, + MOD_FAPI2_MONITOR_FOR_FSP_MSGS, + RC_ATTR_OVERRIDE_DISALLOWED); + l_pErr->collectTrace(SECURE_COMP_NAME); + SECUREBOOT::addSecureUserDetailsToErrlog(l_pErr); + errlCommit(l_pErr, HWPF_COMP_ID); + l_pSys-> + setAttr<TARGETING::ATTR_OVERRIDES_ATTEMPTED_FLAG>(true); + } } else if (l_chunk.iv_pAttributes == NULL) { @@ -972,7 +1006,7 @@ void AttrOverrideSync::dynSetAttrOverrides() if (!SECUREBOOT::allowAttrOverrides()) { FAPI_INF("AttrOverrideSync::dynSetAttrOverrides: skipping since " - "attribute overrides are not allowed"); + "attribute overrides are not allowed"); return; } diff --git a/src/usr/targeting/common/xmltohb/attribute_types_hb.xml b/src/usr/targeting/common/xmltohb/attribute_types_hb.xml index 89fad2f17..99991eedb 100755 --- a/src/usr/targeting/common/xmltohb/attribute_types_hb.xml +++ b/src/usr/targeting/common/xmltohb/attribute_types_hb.xml @@ -946,6 +946,28 @@ </attribute> <attribute> + <description> + While in Secureboot, this value is set to 1 the first time attribute + override is attempted and error logged. + </description> + <id>OVERRIDES_ATTEMPTED_FLAG</id> + <persistency>volatile-zeroed</persistency> + <simpleType> + <uint8_t> + <default>0x00</default> + </uint8_t> + </simpleType> + <readable/> + <writeable/> + <range> + <min>0</min> + <max>1</max> + </range> + <no_export/> + <hbOnly/> + </attribute> + + <attribute> <id>PART_NUMBER</id> <description>The part number for a particular FRU target</description> <simpleType> diff --git a/src/usr/targeting/common/xmltohb/target_types_hb.xml b/src/usr/targeting/common/xmltohb/target_types_hb.xml index 713eb7aa9..c32bdfb8a 100644 --- a/src/usr/targeting/common/xmltohb/target_types_hb.xml +++ b/src/usr/targeting/common/xmltohb/target_types_hb.xml @@ -309,6 +309,9 @@ <attribute> <id>OCC_COMMON_AREA_PHYS_ADDR</id> </attribute> + <attribute> + <id>OVERRIDES_ATTEMPTED_FLAG</id> + </attribute> </targetTypeExtension> <targetTypeExtension> |