summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/include/runtime/interface.h1
-rwxr-xr-xsrc/include/usr/hdat/hdat.H3
-rw-r--r--src/include/usr/isteps/istep_reasoncodes.H2
-rw-r--r--src/include/usr/secureboot/smf.H4
-rw-r--r--src/include/usr/vmmconst.h4
-rw-r--r--src/usr/isteps/istep15/host_build_stop_image.C91
-rw-r--r--src/usr/isteps/pm/pm_common.C75
-rw-r--r--src/usr/isteps/pm/runtime/makefile2
-rw-r--r--src/usr/runtime/populate_hbruntime.C57
-rw-r--r--src/usr/targeting/common/xmltohb/hb_customized_attrs.xml6
10 files changed, 219 insertions, 26 deletions
diff --git a/src/include/runtime/interface.h b/src/include/runtime/interface.h
index 31f5eaddc..bd04e7774 100644
--- a/src/include/runtime/interface.h
+++ b/src/include/runtime/interface.h
@@ -159,6 +159,7 @@ enum MemoryError_t
#define HBRT_RSVD_MEM__SECUREBOOT "ibm,secure-crypt-algo-code"
#define HBRT_RSVD_MEM__DATA "ibm,hbrt-data"
#define HBRT_RSVD_MEM__ARCH_REG "ibm,arch-reg-data"
+#define HBRT_RSVD_MEM__UNSEC_HOMER "ibm,unsecure-homer"
/* Aligned reserved memory size for Opal */
#define HBRT_RSVD_MEM_OPAL_ALIGN 64*KILOBYTE
diff --git a/src/include/usr/hdat/hdat.H b/src/include/usr/hdat/hdat.H
index 0f750936c..01a196a41 100755
--- a/src/include/usr/hdat/hdat.H
+++ b/src/include/usr/hdat/hdat.H
@@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
-/* Contributors Listed Below - COPYRIGHT 2015,2017 */
+/* Contributors Listed Below - COPYRIGHT 2015,2019 */
/* [+] International Business Machines Corp. */
/* */
/* */
@@ -225,6 +225,7 @@ enum hdatMsVpdRhbAddrRangeType : uint8_t
RHB_TYPE_SECUREBOOT = 3,
RHB_TYPE_HOMER_OCC = 4,
RHB_TYPE_VERIFIED_PNOR = 5,
+ RHB_TYPE_UNSECURE_HOMER = 6,
RHB_TYPE_INVALID = 0xFF
};
diff --git a/src/include/usr/isteps/istep_reasoncodes.H b/src/include/usr/isteps/istep_reasoncodes.H
index 7aa3abc5e..5bd5fbf94 100644
--- a/src/include/usr/isteps/istep_reasoncodes.H
+++ b/src/include/usr/isteps/istep_reasoncodes.H
@@ -67,6 +67,7 @@ namespace ISTEP
MOD_GET_LANEMASK_FROM_HX_KEYWORD = 0x24,
MOD_MSS_SCRUB = 0x25,
MOD_CALL_UPDATE_UCD_FLASH = 0x26,
+ MOD_LOAD_HCODE = 0x27,
};
/**
@@ -140,6 +141,7 @@ namespace ISTEP
RC_PNOR_IPMI_NOT_ENABLED = ISTEP_COMP_ID | 0x4D,
RC_SLAVE_CORE_WAKEUP_ERROR = ISTEP_COMP_ID | 0x4E,
RC_UCD_IMG_NOT_IN_CONTAINER = ISTEP_COMP_ID | 0x4F,
+ RC_MM_UNMAP_FAILED = ISTEP_COMP_ID | 0x50,
};
};
diff --git a/src/include/usr/secureboot/smf.H b/src/include/usr/secureboot/smf.H
index 990bce09b..e062e56c9 100644
--- a/src/include/usr/secureboot/smf.H
+++ b/src/include/usr/secureboot/smf.H
@@ -27,6 +27,10 @@
#include <errl/errlentry.H>
#include <stdint.h>
+#include <limits.h>
+
+// The maximum size of the unsecure HOMER region in reserved memory
+#define MAX_UNSECURE_HOMER_SIZE (1 * PAGESIZE)
namespace SMF_TRACE
{
diff --git a/src/include/usr/vmmconst.h b/src/include/usr/vmmconst.h
index ee280c6c2..b6841eea4 100644
--- a/src/include/usr/vmmconst.h
+++ b/src/include/usr/vmmconst.h
@@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
-/* Contributors Listed Below - COPYRIGHT 2011,2018 */
+/* Contributors Listed Below - COPYRIGHT 2011,2019 */
/* [+] International Business Machines Corp. */
/* */
/* */
@@ -286,6 +286,4 @@ enum BlockPriority
#define PREVERLIDMGR_TEST_ADDR (512*MEGABYTE)
#define PREVERLIDMGR_TEST_SIZE (64*MEGABYTE)
-
-
#endif /* _VMMCONST_H */
diff --git a/src/usr/isteps/istep15/host_build_stop_image.C b/src/usr/isteps/istep15/host_build_stop_image.C
index dc40242ed..26e3677f4 100644
--- a/src/usr/isteps/istep15/host_build_stop_image.C
+++ b/src/usr/isteps/istep15/host_build_stop_image.C
@@ -70,7 +70,11 @@
#include <p9n2_quad_scom_addresses_fld.H>
#include <secureboot/smf_utils.H>
+#include <secureboot/smf.H>
#include <isteps/mem_utils.H>
+#include <util/align.H>
+
+#include <limits.h>
using namespace ERRORLOG;
using namespace ISTEP;
@@ -405,10 +409,10 @@ void* host_build_stop_image (void *io_pArgs)
TRACFCOMP( ISTEPS_TRACE::g_trac_isteps_trace, "host_build_stop_image entry" );
// allocate four temporary work buffers
- void* l_temp_buffer0 = malloc(HW_IMG_RING_SIZE);
- void* l_temp_buffer1 = malloc(MAX_RING_BUF_SIZE);
+ void* l_temp_buffer1 = malloc(HW_IMG_RING_SIZE);
void* l_temp_buffer2 = malloc(MAX_RING_BUF_SIZE);
void* l_temp_buffer3 = malloc(MAX_RING_BUF_SIZE);
+ void* l_temp_buffer4 = malloc(MAX_RING_BUF_SIZE);
do {
//Determine top-level system target
@@ -444,10 +448,11 @@ void* host_build_stop_image (void *io_pArgs)
l_memBase = get_top_homer_mem_addr();
assert (l_memBase != 0,
"host_build_stop_image: Top of memory was 0!");
+
l_memBase -= VMM_ALL_HOMER_OCC_MEMORY_SIZE;
}
TRACFCOMP( ISTEPS_TRACE::g_trac_isteps_trace,
- "HOMER base = %.16X", l_memBase);
+ "HOMER base = 0x%.16llX", l_memBase);
l_pRealMemBase = reinterpret_cast<void * const>(l_memBase );
//Convert the real memory pointer to a pointer in virtual memory
@@ -497,6 +502,9 @@ void* host_build_stop_image (void *io_pArgs)
"Found %d functional procs in system",
l_procChips.size() );
+ auto l_unsecureHomerSize =
+ l_sys->getAttr<TARGETING::ATTR_UNSECURE_HOMER_SIZE>();
+
for (const auto & l_procChip: l_procChips)
{
do {
@@ -555,6 +563,23 @@ void* host_build_stop_image (void *io_pArgs)
break;
}
+ if(SECUREBOOT::SMF::isSmfEnabled())
+ {
+ // In SMF mode, unsecure HOMER goes to the top of unsecure
+ // memory (2MB aligned); we need to subtract the size of the
+ // unsecure HOMER and align the resulting address to arrive
+ // at the correct location.
+ uint64_t l_unsecureHomerAddr = ALIGN_DOWN_X(
+ ISTEP::get_top_mem_addr()
+ - MAX_UNSECURE_HOMER_SIZE,
+ 2 * MEGABYTE);
+ l_procChip->setAttr<TARGETING::ATTR_UNSECURE_HOMER_ADDRESS>
+ (l_unsecureHomerAddr);
+ TRACFCOMP(ISTEPS_TRACE::g_trac_isteps_trace,
+ "host_build_stop_image: unsecure HOMER addr = 0x%.16llX",
+ l_unsecureHomerAddr);
+ }
+
//Call p9_hcode_image_build.C HWP
FAPI_INVOKE_HWP( l_errl,
p9_hcode_image_build,
@@ -564,13 +589,13 @@ void* host_build_stop_image (void *io_pArgs)
l_ringOverrides,
PHASE_IPL,
img_type,
- l_temp_buffer0,
- HW_IMG_RING_SIZE,
l_temp_buffer1,
- MAX_RING_BUF_SIZE,
+ HW_IMG_RING_SIZE,
l_temp_buffer2,
MAX_RING_BUF_SIZE,
l_temp_buffer3,
+ MAX_RING_BUF_SIZE,
+ l_temp_buffer4,
MAX_RING_BUF_SIZE);
if ( l_errl )
@@ -583,6 +608,58 @@ void* host_build_stop_image (void *io_pArgs)
break;
}
+ // We now need to copy the data that was put in l_temp_buffer2
+ // by the p9_hcode_image_build procedure into the unsecure
+ // HOMER memory
+ if(SECUREBOOT::SMF::isSmfEnabled())
+ {
+ auto l_unsecureHomerAddr = l_procChip->
+ getAttr<TARGETING::ATTR_UNSECURE_HOMER_ADDRESS>();
+
+
+ assert(l_unsecureHomerSize <= MAX_RING_BUF_SIZE,
+ "host_build_stop_image: unsecure HOMER is bigger than the output buffer");
+ assert(l_unsecureHomerSize <= MAX_UNSECURE_HOMER_SIZE,
+ "host_build_stop_image: the size of unsecure HOMER is more than 0x%x", MAX_UNSECURE_HOMER_SIZE);
+ assert(l_unsecureHomerAddr,
+ "host_build_stop_image: the unsecure HOMER addr is 0");
+
+ void* l_unsecureHomerVAddr = mm_block_map(
+ reinterpret_cast<void*>(l_unsecureHomerAddr),
+ l_unsecureHomerSize);
+ assert(l_unsecureHomerVAddr,
+ "host_build_stop_image: could not map unsecure HOMER phys addr");
+ memcpy(l_unsecureHomerVAddr,
+ l_temp_buffer2,
+ l_unsecureHomerSize);
+ int l_rc = mm_block_unmap(l_unsecureHomerVAddr);
+ if(l_rc)
+ {
+ /*@
+ * @errortype
+ * @reasoncode ISTEP::RC_MM_UNMAP_FAILED
+ * @severity ERRORLOG::ERRL_SEV_UNRECOVERABLE
+ * @moduleid ISTEP::MOD_BUILD_HCODE_IMAGES
+ * @userdata1 Unsecure HOMER addr
+ * @userdata2 RC from mm_block_unmap
+ * @devdesc Could not unmap unsecure HOMER's virtual
+ * address
+ * @custdesc A problem occurred during the IPL of the
+ * system
+ */
+ l_errl = new ERRORLOG::ErrlEntry(
+ ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+ ISTEP::MOD_BUILD_HCODE_IMAGES,
+ ISTEP::RC_MM_UNMAP_FAILED,
+ reinterpret_cast<uint64_t>(
+ l_unsecureHomerVAddr),
+ l_rc,
+ ERRORLOG::ErrlEntry::ADD_SW_CALLOUT);
+ l_errl->collectTrace(ISTEP_COMP_NAME);
+ break;
+ }
+ }
+
l_errl = applyHcodeGenCpuRegs( l_procChip,
l_pImageOut,
l_sizeImageOut );
@@ -654,10 +731,10 @@ void* host_build_stop_image (void *io_pArgs)
}
// delete working buffers
- if( l_temp_buffer0 ) { free(l_temp_buffer0); }
if( l_temp_buffer1 ) { free(l_temp_buffer1); }
if( l_temp_buffer2 ) { free(l_temp_buffer2); }
if( l_temp_buffer3 ) { free(l_temp_buffer3); }
+ if( l_temp_buffer4 ) { free(l_temp_buffer4); }
#ifdef CONFIG_SECUREBOOT
// securely unload HCODE PNOR section, if necessary
diff --git a/src/usr/isteps/pm/pm_common.C b/src/usr/isteps/pm/pm_common.C
index 45d566f75..376ec0278 100644
--- a/src/usr/isteps/pm/pm_common.C
+++ b/src/usr/isteps/pm/pm_common.C
@@ -63,6 +63,8 @@
#include <runtime/interface.h>
#include <secureboot/service.H>
+#include <secureboot/smf_utils.H>
+#include <secureboot/smf.H>
// Procedures
#include <p9_pm_pba_bar_config.H>
@@ -99,10 +101,12 @@
#define HBPM_UNMAP mm_block_unmap
#define HBPM_MAP mm_block_map
#define HBPM_PHYS_ADDR (reinterpret_cast<void*>(i_phys_addr))
+#define UNSEC_HOMER_PHYS_ADDR (reinterpret_cast<void*>(l_unsecureHomerAddr))
#else
#define HBPM_UNMAP g_hostInterfaces->unmap_phys_mem
#define HBPM_MAP g_hostInterfaces->map_phys_mem
#define HBPM_PHYS_ADDR i_phys_addr
+#define UNSEC_HOMER_PHYS_ADDR l_unsecureHomerAddr
#endif
@@ -264,10 +268,10 @@ namespace HBPM
const fapi2::Target<fapi2::TARGET_TYPE_PROC_CHIP>
l_fapiTarg(i_target);
- void *l_buffer0 = (void*)malloc(HW_IMG_RING_SIZE);
- void *l_buffer1 = (void*)malloc(MAX_RING_BUF_SIZE);
+ void *l_buffer1 = (void*)malloc(HW_IMG_RING_SIZE);
void *l_buffer2 = (void*)malloc(MAX_RING_BUF_SIZE);
void *l_buffer3 = (void*)malloc(MAX_RING_BUF_SIZE);
+ void *l_buffer4 = (void*)malloc(MAX_RING_BUF_SIZE);
do
{
@@ -355,13 +359,13 @@ namespace HBPM
(PM_LOAD == i_mode)
? PHASE_IPL : PHASE_REBUILD,
l_imgType,
- l_buffer0,
- HW_IMG_RING_SIZE,
l_buffer1,
- MAX_RING_BUF_SIZE,
+ HW_IMG_RING_SIZE,
l_buffer2,
MAX_RING_BUF_SIZE,
l_buffer3,
+ MAX_RING_BUF_SIZE,
+ l_buffer4,
MAX_RING_BUF_SIZE);
if (l_errl)
@@ -379,6 +383,65 @@ namespace HBPM
break;
}
+ // If SMF is enabled, need to copy the information contained within
+ // l_buffer2 into the unsecure HOMER memory area
+ if(SECUREBOOT::SMF::isSmfEnabled())
+ {
+ TARGETING::Target* l_sys = nullptr;
+ TARGETING::targetService().getTopLevelTarget(l_sys);
+ assert(l_sys, "Top level target is nullptr!");
+ auto l_unsecureHomerSize =
+ l_sys->getAttr<TARGETING::ATTR_UNSECURE_HOMER_SIZE>();
+ auto l_unsecureHomerAddr = i_target->
+ getAttr<TARGETING::ATTR_UNSECURE_HOMER_ADDRESS>();
+ TRACFCOMP(ISTEPS_TRACE::g_trac_isteps_trace,
+ "loadHcode: Unsecure HOMER addr: 0x%.16llx; unsecure HOMER size: 0x%x",
+ l_unsecureHomerAddr, l_unsecureHomerSize);
+
+ assert(l_unsecureHomerSize <= MAX_RING_BUF_SIZE,
+ "loadHcode: unsecure HOMER is bigger than the output buffer");
+ assert(l_unsecureHomerSize <= MAX_UNSECURE_HOMER_SIZE,
+ "loadHcode: the size of unsecure HOMER is more than 0x%x", MAX_UNSECURE_HOMER_SIZE);
+ assert(l_unsecureHomerAddr,
+ "loadHcode: the unsecure HOMER addr is 0");
+
+ void* l_unsecureHomerVAddr = HBPM_MAP(
+ UNSEC_HOMER_PHYS_ADDR,
+ l_unsecureHomerSize);
+ assert(l_unsecureHomerVAddr,
+ "loadHcode: could not map unsecure HOMER phys addr");
+ memcpy(l_unsecureHomerVAddr, l_buffer2, l_unsecureHomerSize);
+
+ int l_rc = HBPM_UNMAP(l_unsecureHomerVAddr);
+ if(l_rc)
+ {
+ /*@
+ * @errortype
+ * @reasoncode ISTEP::RC_MM_UNMAP_FAILED
+ * @severity ERRORLOG::ERRL_SEV_UNRECOVERABLE
+ * @moduleid ISTEP::MOD_LOAD_HCODE
+ * @userdata1 Unsecure HOMER addr
+ * @userdata2 RC from HBPM_UNMAP
+ * @devdesc Could not unmap unsecure HOMER's virtual
+ * address
+ * @custdesc A problem occurred during the IPL of the
+ * system
+ */
+ l_errl = new ERRORLOG::ErrlEntry(
+ ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+ ISTEP::MOD_LOAD_HCODE,
+ ISTEP::RC_MM_UNMAP_FAILED,
+ reinterpret_cast<uint64_t>(
+ l_unsecureHomerVAddr),
+ l_rc,
+ ERRORLOG::ErrlEntry::ADD_SW_CALLOUT);
+ l_errl->collectTrace(ISTEP_COMP_NAME);
+ break;
+ }
+
+ }
+
+
// Log some info about Homer
TRACFCOMP(ISTEPS_TRACE::g_trac_isteps_trace,
"pImageOut=%p",i_pImageOut);
@@ -455,10 +518,10 @@ namespace HBPM
} while(0);
- free(l_buffer0);
free(l_buffer1);
free(l_buffer2);
free(l_buffer3);
+ free(l_buffer4);
TRACFCOMP( ISTEPS_TRACE::g_trac_isteps_trace,
EXIT_MRK"loadHcode: RC=0x%X, PLID=0x%lX",
diff --git a/src/usr/isteps/pm/runtime/makefile b/src/usr/isteps/pm/runtime/makefile
index 287fe61a1..8a7bfe6bb 100644
--- a/src/usr/isteps/pm/runtime/makefile
+++ b/src/usr/isteps/pm/runtime/makefile
@@ -28,11 +28,13 @@ HOSTBOOT_RUNTIME = 1
ROOTPATH = ../../../../..
VPATH += ../
+VPATH += ${ROOTPATH}/src/usr/secureboot/smf
MODULE = pm_rt
## Objects unique to HBRT
OBJS += rt_pm.o
+OBJS += smf_utils.o
SUBDIRS += test.d
diff --git a/src/usr/runtime/populate_hbruntime.C b/src/usr/runtime/populate_hbruntime.C
index ea9530d7f..764404804 100644
--- a/src/usr/runtime/populate_hbruntime.C
+++ b/src/usr/runtime/populate_hbruntime.C
@@ -81,6 +81,8 @@
#include <vmmconst.h>
#include <runtime/customize_attrs_for_payload.H>
#include <isteps/mem_utils.H>
+#include <secureboot/smf_utils.H>
+#include <secureboot/smf.H>
namespace RUNTIME
{
@@ -1078,6 +1080,11 @@ errlHndl_t populate_HbRsvMem(uint64_t i_nodeId, bool i_master_node)
do
{
+ TARGETING::Target* l_sys = nullptr;
+ TARGETING::targetService().getTopLevelTarget(l_sys);
+ assert(l_sys != nullptr,
+ "populate_HbRsvMem: top level target nullptr" );
+
// Configure the ATTR_HBRT_HYP_ID attributes so that runtime code and
// whichever hypervisor is loaded can reference equivalent targets
// When populating hbRuntimeData, we make IPC calls if we are running
@@ -1128,11 +1135,6 @@ errlHndl_t populate_HbRsvMem(uint64_t i_nodeId, bool i_master_node)
// If mirroring enabled,
// change address start to be at its mirrored address equivalent
- TARGETING::Target* l_sys = nullptr;
- TARGETING::targetService().getTopLevelTarget(l_sys);
- assert( l_sys != nullptr,
- "populate_HbRsvMem: top level target nullptr" );
-
auto l_mirrored =
l_sys->getAttr<TARGETING::ATTR_PAYLOAD_IN_MIRROR_MEM>();
if (l_mirrored)
@@ -1257,8 +1259,10 @@ errlHndl_t populate_HbRsvMem(uint64_t i_nodeId, bool i_master_node)
////////////////////////////////////////////////////////////////////
// Set the Architected Reserve area in OPAL and pass it down to SBE
- uint64_t l_memBase = l_topMemAddr -
- VMM_ARCH_REG_DATA_SIZE_ALL_PROC - VMM_ALL_HOMER_OCC_MEMORY_SIZE;
+ uint64_t l_memBase = l_topMemAddr
+ - VMM_ALL_HOMER_OCC_MEMORY_SIZE
+ - VMM_ARCH_REG_DATA_SIZE_ALL_PROC;
+
l_elog = setNextHbRsvMemEntry(HDAT::RHB_TYPE_HBRT,
i_nodeId,
l_memBase,
@@ -1343,8 +1347,9 @@ errlHndl_t populate_HbRsvMem(uint64_t i_nodeId, bool i_master_node)
}
else if(TARGETING::is_sapphire_load())
{
- l_endAddr = l_topMemAddr -
- VMM_ALL_HOMER_OCC_MEMORY_SIZE - VMM_ARCH_REG_DATA_SIZE_ALL_PROC;
+ l_endAddr = l_topMemAddr
+ - VMM_ALL_HOMER_OCC_MEMORY_SIZE
+ - VMM_ARCH_REG_DATA_SIZE_ALL_PROC;
startAddressValid = false;
}
@@ -1691,6 +1696,40 @@ errlHndl_t populate_HbRsvMem(uint64_t i_nodeId, bool i_master_node)
break;
}
}
+
+ // Also add unsecure HOMER to the reserved mem if in SMF mode
+ if(SECUREBOOT::SMF::isSmfEnabled())
+ {
+ auto l_unsecureHomerSize = l_sys->
+ getAttr<TARGETING::ATTR_UNSECURE_HOMER_SIZE>();
+
+ // The address of unsecure HOMER is the same among all the
+ // procs, so we can just fetch it from the master proc.
+ TARGETING::Target* l_masterProc = nullptr;
+ l_elog = TARGETING::targetService()
+ .queryMasterProcChipTargetHandle(l_masterProc);
+ if(l_elog)
+ {
+ break;
+ }
+
+ auto l_unsecureHomerAddr = l_masterProc->
+ getAttr<TARGETING::ATTR_UNSECURE_HOMER_ADDRESS>();
+ assert(l_unsecureHomerAddr,
+ "populate_HbRsvMem: Unsecure HOMER address is 0");
+ assert(l_unsecureHomerSize <= MAX_UNSECURE_HOMER_SIZE,
+ "populate_HbRsvMem: Unsecure HOMER size is bigger than 0x%x", MAX_UNSECURE_HOMER_SIZE);
+
+ l_elog = setNextHbRsvMemEntry(HDAT::RHB_TYPE_UNSECURE_HOMER,
+ i_nodeId,
+ l_unsecureHomerAddr,
+ l_unsecureHomerSize,
+ HBRT_RSVD_MEM__UNSEC_HOMER);
+ if(l_elog)
+ {
+ break;
+ }
+ }
}
} while(0);
diff --git a/src/usr/targeting/common/xmltohb/hb_customized_attrs.xml b/src/usr/targeting/common/xmltohb/hb_customized_attrs.xml
index 3933114ad..bbbc47442 100644
--- a/src/usr/targeting/common/xmltohb/hb_customized_attrs.xml
+++ b/src/usr/targeting/common/xmltohb/hb_customized_attrs.xml
@@ -762,6 +762,12 @@
<id>ATTR_PROC_PCIE_IOP_SWAP</id>
<writeable/>
</attribute>
+
+ <attribute>
+ <id>ATTR_UNSECURE_HOMER_ADDRESS</id>
+ <writeable/>
+ <persistency>volatile-zeroed</persistency>
+ </attribute>
<!-- =====================================================================
End of customizations definitions
================================================================= -->
OpenPOWER on IntegriCloud