summaryrefslogtreecommitdiffstats
path: root/src/usr/isteps/istep10/call_host_update_redundant_tpm.C
Commit message (Collapse)AuthorAgeFilesLines
* Automatically include config.hDan Crowell2019-12-061-1/+0
| | | | | | | | | | | | | | | | | | Rather than having to remember to include config.h anywhere we reference a CONFIG variable (and usually forgetting), this adds it to the default compiler flags so that it gets included in every source file we build. Change-Id: I53622ab4d46c55d942e98cae6ec03049fd5b3d08 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/87475 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Zachary Clark <zach@ibm.com> Reviewed-by: Roland Veloz <rveloz@us.ibm.com> Reviewed-by: Christian R Geddes <crgeddes@us.ibm.com> Reviewed-by: Nicholas E Bofferding <bofferdn@us.ibm.com>
* Add Physical Presence Check and Window Open FeaturesMike Baiocchi2019-11-141-1/+23
| | | | | | | | | | | | | | | | | | | | | | | | This commit does the following: - Adds an interface to detect if physical presence has been asserted -- This happens in istep 6 -- If the window is open to detect this, it is then closed here - Adds an interface to possibly open the window to look for physical presence -- This happens in istep 10 -- It first checks to see if the window should be opened -- If the window is opened then the system shuts down to wait for physical presence to be asserted on the next power on - Adds the necessary attributes to support and test this functionality RTC:211220 Change-Id: I05a26ebad581875a4b9f2a51eb1ca3062f36c5fb Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/84656 Reviewed-by: Ilya Smirnov <ismirno@us.ibm.com> Reviewed-by: Christopher J Engel <cjengel@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E Bofferding <bofferdn@us.ibm.com>
* Secure Boot: Basic Support For Redundant TPMIlya Smirnov2018-05-021-2/+22
| | | | | | | | | | | | | | | | | | | This change implements the detection and initialization of the backup TPM in istep 10.14. The backup TPM is presence-detected and initialized; the logs of the primary TPM are extended into the secondary TPM in istep 10.14. After the initialization of the secondary TPM, all events are extended into both TPMs. A test was created to test whether the backup TPM is initialized correctly. Change-Id: I305500c9f680115e684ab153fc882b8d5364b0d4 RTC: 134912 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/57374 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Move SUL enforcement back to after SBE update stepJaymes Wilks2017-08-251-688/+0
| | | | | | | | | | | | | | | | | Through the course of adding to hostboot, the SUL enforcement step has slid later into istep 10. This commit moves the SUL enforcement back to immediately after the SBE update step for maximum security. Change-Id: I92d68a6328a834762b7b39eefb62161b9b1ad2c4 RTC:178471 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/44749 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Add Security Settings User Details to Error LogsStephen Cprek2017-07-101-5/+2
| | | | | | | | | | | | | Change-Id: Ife4a19ea7f94670143b701f740c80f991f924601 RTC:165693 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/41904 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Add in calls to p9_get_sbe_msg_register and handler functions (4/4)Elizabeth Liner2017-06-291-1/+1
| | | | | | | | | | | | | | | This commit adds in an additional hwp needed for the SBE conditions handling, p9_get_sbe_msg_register. This HWP pulls out the SBE register and determines if it got to runtime or not. From there there are handler functions that decide what to do next. Change-Id: I0e17b345bb983ed6373ec36ea2a6eb9b5e1bf3f1 RTC:173809 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/41503 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Verify the correct HW Key Hash is used in Customized SBE ImageMike Baiocchi2017-06-111-4/+4
| | | | | | | | | | | | | | | | | | This commit keeps track of what HW Key Hash is added to HBBL before customizing the SBE Image and then checks that this HW Key Hash is found in the customized SBE Image. It did this by updating getHwKeyHashFromSbeImage() to possibly read the HW Key Hash from system memory along with its default behavior of reading it from a SBE Seeprom. Change-Id: I0139fb959102de74b12874f30e7d2ec0bf918e3f RTC:175330 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/41453 Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Martin Gloff <mgloff@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Enforce synchronized processor security stateJaymes Wilks2017-05-101-17/+569
| | | | | | | | | | | | | | | Ensure the secure state is consistent across all processors. Change-Id: I671253b99d5d87509909681a2cec2380ca6918b0 RTC:167775 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/38764 Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Trace Processor Security Registers; add them to Secure Error LogsMike Baiocchi2017-03-151-2/+22
| | | | | | | | | | | | | | | | This commit adds a trace of the Security Switch and CBS Control/Status registers for all processors in the system. These registers are also captured for Security-specific error logs. Change-Id: I245815c720725a9aaf15a3cbad9a50b3288fc1f9 RTC:165205 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/37290 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Integrate p9_update_security_ctrl HWP into Istep 10.3Jaymes Wilks2017-03-031-4/+143
| | | | | | | | | | | | | | | | | | Add handling of TPM deconfig and SBE Secure Seeprom Lock by integrating the hardware procedure p9_update_security_ctrl into Istep 10.3 and retriggering the hardware procedure any time a TPM fails. Change-Id: I36f57dc7aef3de6661357736a525fe25a3828c6e RTC:153891 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/36189 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* istep10 HWP TODO CleanupLateef Quraishi2016-05-191-2/+2
| | | | | | | | | | | Change-Id: I713af753befa51001ddf967ec2762ed192c4d605 RTC: 134080 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/24731 Tested-by: Jenkins Server Tested-by: FSP CI Jenkins Reviewed-by: Andrew J. Geissler <andrewg@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* P9 Isteps: Created directory structure for istep 10 wrappersPrachi Gupta2015-12-111-0/+36
Change-Id: I6ae2116f19ec75641ee0f27c7295f774b4c71734 RTC:137652 Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/21461 Tested-by: Jenkins Server Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
OpenPOWER on IntegriCloud