summaryrefslogtreecommitdiffstats
path: root/src/usr/pnor/pnor_common.H
Commit message (Collapse)AuthorAgeFilesLines
* Remove Secure Boot workaroundsStephen Cprek2017-12-181-18/+0
| | | | | | | | | | | | | | | | | | | | | | | - Removing the magic number checks that would block sb functionality if things didn't appear secure - Remove Best Effort Policy and all of its related code - Remove the legacy PCR extension - Remove the non-secure header preservation path. - Always load HB base image header from the bl to hb data path vs settings unsecurely out of pnor Change-Id: Ie638384ac50ed47850985c959ea7a32e5757d64e RTC: 178520 RTC: 155374 RTC: 173489 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/49925 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Refactor SecureBoot Workarounds to better control leniencyStephen Cprek2017-08-251-3/+4
| | | | | | | | | | | | | | | | | | At this time we are trying to secure OpenPOWER in secure mode, but allow best effort policies in other scenarios Change-Id: I9ec2b5be49dbfcff678c4d30bb85f8762e448cb6 RTC: 170136 RTC: 155374 RTC: 168021 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/43640 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Fix up Event Types for PCR ExtendJaymes Wilks2017-05-251-4/+6
| | | | | | | | | | | | | | | | | | | Trusted Boot will now use correct event types when performing PCR extend for PNOR sections that are meant to establish a core root of trust. Change-Id: I3cb62e2899083c898e1af6a2031cc8a0a365015e RTC:172332 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/40601 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Timothy R. Block <block@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Support extending sections to PCRsNick Bofferding2017-02-021-1/+4
| | | | | | | | | | | | | | - Ported p8 secureboot PCR extension code Change-Id: I2bbf6ee6b2980c2fbe32dfb9cad25e9e2aba3285 RTC: 167581 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35632 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Send hash of pnor sections to TPMChris Engel2016-05-111-0/+13
| | | | | | | | | | | | | Replay log events to TPM after initialization Change-Id: Ibab5e28790324c28a7cd9fb2805041d7a896376a RTC:125290 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/23898 Tested-by: Jenkins Server Reviewed-by: Timothy R. Block <block@us.ibm.com> Tested-by: FSP CI Jenkins Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* FFS Support for Bootloadercrgeddes2016-03-031-78/+14
| | | | | | | | | | | | | | | | | This commit moves functionality out of pnor_common.C and puts it in a new file pnor_utils.C this file will be shared with bootloader and hostboot code. Quite a few files were pulled apart in order to make includes easier across modules. These are lpc_const.H and pnor_const.H. bl_pnorAccess leverages the new pnor_utils.C file that will help the bootloader parse pnor TOC Change-Id: I740f6f8a707760756a261535e62e2d0a849324f8 RTC:134064 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/696 Tested-by: Jenkins Server Reviewed-by: Martin Gloff <mgloff@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Report pnor side booted up on A/B to OPALBill Schwartz2015-02-281-1/+0
| | | | | | | | | | | | | | | This story will use the getPnorInfo and getSideInfo interfaces to fill in devtree entries informing Opal about the existence, location, and state of PNOR sides that we know about. We will pass up a list of TOCs associated with the active side and the inactive side. RTC: 109703 Change-Id: I740b086a9e22a0bc167141e3565bf813e50d9a00 Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/15727 Reviewed-by: PRACHI GUPTA <pragupta@us.ibm.com> Tested-by: Jenkins Server Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com> Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
* Added an interface to get PNOR side informationPrachi Gupta2015-02-241-0/+4
| | | | | | | | | | | RTC:120061 Change-Id: I6732160b2154bcb856e01a79307ee15caf5ec6e5 Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/15629 Tested-by: Jenkins Server Reviewed-by: STEPHEN M. CPREK <smcprek@us.ibm.com> Reviewed-by: Brian H. Horton <brianh@linux.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com> Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
* determine the toc locations in pnorrp and rt_pnor codePrachi Gupta2015-02-241-8/+50
| | | | | | | | | | RTC: 120733 Change-Id: I5372a102ce9761a514a6f7245ca206a2226f1f3b Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/15456 Tested-by: Jenkins Server Reviewed-by: STEPHEN M. CPREK <smcprek@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com> Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
* Support for Redundant Copy of HB code in PNORStephen Cprek2015-02-021-4/+15
| | | | | | | | | | | | | - 2 TOC's per side - side, sideless, preserved, and readOnly tags - Determine which SEEPROM side HB booted from - Modify gaurd code to not run when gaurd section DNE Change-Id: I62dd27c9aa79c3111d27e647f1b66a7c938ad6e8 RTC:109398 Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/14629 Tested-by: Jenkins Server Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
* hbrt interface for PNOR accessPrachi Gupta2015-01-161-0/+85
RTC:108836 Change-Id: I49e568e7f4fcad13fcd75dfdfa4aee8a263c5001 Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/14307 Reviewed-by: STEPHEN M. CPREK <smcprek@us.ibm.com> Tested-by: Jenkins Server Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
OpenPOWER on IntegriCloud