diff options
Diffstat (limited to 'src/include/usr/secureboot')
| -rw-r--r-- | src/include/usr/secureboot/drtm.H | 3 | ||||
| -rw-r--r-- | src/include/usr/secureboot/nodecommif.H | 3 | ||||
| -rw-r--r-- | src/include/usr/secureboot/phys_presence_if.H | 68 | ||||
| -rw-r--r-- | src/include/usr/secureboot/secure_reasoncodes.H | 19 | ||||
| -rw-r--r-- | src/include/usr/secureboot/service.H | 3 | ||||
| -rw-r--r-- | src/include/usr/secureboot/trustedbootif.H | 1 |
6 files changed, 88 insertions, 9 deletions
diff --git a/src/include/usr/secureboot/drtm.H b/src/include/usr/secureboot/drtm.H index e061502ae..345407f81 100644 --- a/src/include/usr/secureboot/drtm.H +++ b/src/include/usr/secureboot/drtm.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2013,2017 */ +/* Contributors Listed Below - COPYRIGHT 2013,2019 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -27,7 +27,6 @@ #define __SECUREBOOT_DRTM_H #include <initservice/mboxRegs.H> -#include <config.h> #include <errl/errlentry.H> #include <errl/errlmanager.H> #include <vector> diff --git a/src/include/usr/secureboot/nodecommif.H b/src/include/usr/secureboot/nodecommif.H index cd445d7c9..9dec0605c 100644 --- a/src/include/usr/secureboot/nodecommif.H +++ b/src/include/usr/secureboot/nodecommif.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2018 */ +/* Contributors Listed Below - COPYRIGHT 2018,2019 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -26,7 +26,6 @@ #define __NODECOMMIF_H #include <initservice/mboxRegs.H> -#include <config.h> #include <errl/errlentry.H> namespace SECUREBOOT diff --git a/src/include/usr/secureboot/phys_presence_if.H b/src/include/usr/secureboot/phys_presence_if.H new file mode 100644 index 000000000..a723e8726 --- /dev/null +++ b/src/include/usr/secureboot/phys_presence_if.H @@ -0,0 +1,68 @@ +/* IBM_PROLOG_BEGIN_TAG */ +/* This is an automatically generated prolog. */ +/* */ +/* $Source: src/include/usr/secureboot/phys_presence_if.H $ */ +/* */ +/* OpenPOWER HostBoot Project */ +/* */ +/* Contributors Listed Below - COPYRIGHT 2019 */ +/* [+] International Business Machines Corp. */ +/* */ +/* */ +/* Licensed under the Apache License, Version 2.0 (the "License"); */ +/* you may not use this file except in compliance with the License. */ +/* You may obtain a copy of the License at */ +/* */ +/* http://www.apache.org/licenses/LICENSE-2.0 */ +/* */ +/* Unless required by applicable law or agreed to in writing, software */ +/* distributed under the License is distributed on an "AS IS" BASIS, */ +/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */ +/* implied. See the License for the specific language governing */ +/* permissions and limitations under the License. */ +/* */ +/* IBM_PROLOG_END_TAG */ +/** + * @file phys_presence_if.H + * + * @brief Interfaces to Detect and Open Physical Presence Windows + * + */ +#ifndef __PHYS_PRESENCE_H +#define __PHYS_PRESENCE_H +// ----------------------------------------------- +// Includes +// ----------------------------------------------- + +#include <errl/errlentry.H> +#include <targeting/common/commontargeting.H> +#include <config.h> + +namespace SECUREBOOT +{ + /** + * @brief Checks if the Physical Presence Window was opened and if + * Physical Presence was asserted. + * + * @post Will ensure the window is closed at the end of the function + * + * @return errlHndl_t nullptr on success; non-nullptr on error. + */ + errlHndl_t detectPhysPresence(void); + + /** + * @brief Handle Physical Presence Window first checks to see if a physical + * presence window should be opened. Then, if necessary, it sets up + * the physical presence detect circuit and then shuts down the + * system. + * + * @post If successful, this function will shutdown the system + * + * @return errlHndl_t nullptr on success; non-nullptr on error. + */ + errlHndl_t handlePhysPresenceWindow(void); + +} // namespace SECUREBOOT + + +#endif // __PHYS_PRESENCE_H diff --git a/src/include/usr/secureboot/secure_reasoncodes.H b/src/include/usr/secureboot/secure_reasoncodes.H index d121fc7b9..9e0e52c6e 100644 --- a/src/include/usr/secureboot/secure_reasoncodes.H +++ b/src/include/usr/secureboot/secure_reasoncodes.H @@ -53,7 +53,7 @@ namespace SECUREBOOT MOD_CHECK_RISK_LEVEL_FOR_SMF = 0x13, MOD_SMF_SPLIT_SMF_MEM = 0x14, - // Use 0x20-0x2F range for Node Communications + // Use 0x20-0x3F range for Node Communications MOD_NCDD_CHECK_FOR_ERRORS = 0x20, MOD_NCDD_WAIT_FOR_CMD_COMP = 0x21, MOD_NC_XBUS_TEST = 0x22, @@ -70,7 +70,12 @@ namespace SECUREBOOT MOD_NC_PROCESS_SLAVE_QUOTE = 0x2D, MOD_NCT_SEND = 0x2E, MOD_NCT_RECEIVE = 0x2F, - }; + + // Use 0x40-0x4F range for Physical Presence Detection + MOD_PHYS_PRES_DETECT = 0x40, + MOD_PHYS_PRES_OPEN_WINDOW = 0x41, + + }; enum SECUREReasonCode { @@ -123,6 +128,16 @@ namespace SECUREBOOT RC_NCT_INITIATION_MISMATCH = SECURE_COMP_ID | 0x33, RC_NCEX_NO_FUNCTIONAL_PRIMARY_TPM = SECURE_COMP_ID | 0x34, + // Use 0x20-0x3F range for Node Communications + + // RC_PHYS_PRES_WINDOW_OPENED_SHUTDOWN Must have one unique use + // for Shutdown path since FSP relies on it. + // termination_rc + RC_PHYS_PRES_WINDOW_OPENED_SHUTDOWN = SECURE_COMP_ID | 0x40, + RC_PHYS_PRES_ATTR_NOT_FOUND = SECURE_COMP_ID | 0x41, + RC_PHYS_PRES_WINDOW_NOT_CLOSED = SECURE_COMP_ID | 0x42, + RC_PHYS_PRES_WINDOW_NOT_OPENED = SECURE_COMP_ID | 0x43, + // Reason codes 0xA0 - 0xEF reserved for trustedboot_reasoncodes.H }; diff --git a/src/include/usr/secureboot/service.H b/src/include/usr/secureboot/service.H index bb6ea1516..2a01cdd6b 100644 --- a/src/include/usr/secureboot/service.H +++ b/src/include/usr/secureboot/service.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2013,2018 */ +/* Contributors Listed Below - COPYRIGHT 2013,2019 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -26,7 +26,6 @@ #define __SECUREBOOT_SERVICE_H #include <errl/errlentry.H> -#include <config.h> #include <secureboot/settings.H> #include <utility> #include <cstdint> diff --git a/src/include/usr/secureboot/trustedbootif.H b/src/include/usr/secureboot/trustedbootif.H index 66d44852e..16da54c03 100644 --- a/src/include/usr/secureboot/trustedbootif.H +++ b/src/include/usr/secureboot/trustedbootif.H @@ -41,7 +41,6 @@ #include <secureboot/containerheader.H> #include <targeting/common/commontargeting.H> #include <targeting/common/utilFilter.H> -#include <config.h> namespace TRUSTEDBOOT { |
