summaryrefslogtreecommitdiffstats
path: root/src/usr/secureboot/base/securerom.C
Commit message (Collapse)AuthorAgeFilesLines
* Rename SecureROM to SecureRomManagerStephen Cprek2017-03-081-610/+0
| | | | | | | | | | | Change-Id: I839daf3fc44e3459a9c6c147703fd671c5ec79a8 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/36971 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Support extending sections to PCRsNick Bofferding2017-02-021-18/+48
| | | | | | | | | | | | | | - Ported p8 secureboot PCR extension code Change-Id: I2bbf6ee6b2980c2fbe32dfb9cad25e9e2aba3285 RTC: 167581 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35632 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Generalize secure boot settings for all processorsJaymes Wilks2017-01-301-2/+2
| | | | | | | | | | | | | | | Adds the ability to specify which processor target user code is interested in when querying secure boot settings. Change-Id: I0375af03ce8f4e33029736ff2e2d60416629a295 RTC:161916 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/32556 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* port p8 secureboot settings code to p9Jaymes Wilks2017-01-051-2/+3
| | | | | | | | | | | | | | | | Update the p9 branch to handle the secure settings states as per p8 code but with the new updated p9 constant values. Remove caching of register values. Change-Id: I0a29ce0103a8f9b60b421a4bb625f12adcd916f8 RTC:161916 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/32490 Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Secure PNOR Resource Provider port from p8Jaymes Wilks2016-11-141-6/+13
| | | | | | | | | | | | | | Adds a Secure PNOR Resource Provider (SPNORRP) layer on top of the original PNORRP to handle verification of secured PNOR sections. Change-Id: Iff25abf599f3c850197c6e6d23ff03e5edf945bb RTC:163078 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/31588 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Trustedboot add TPM and associated i2c master to the devtreeChris Engel2016-06-081-0/+16
| | | | | | | | | | | Change-Id: Ic2edee549d23669f046a6e78f0cfae838faaec2d RTC: 125287 ForwardPort: yes Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/25470 Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com> Tested-by: Jenkins Server Tested-by: FSP CI Jenkins Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Change securerom test to use current hw hash keyStephen Cprek2016-05-181-4/+15
| | | | | | | | | | | | | | | Change-Id: Icb596e6c69fadd2f7b8109876a92db04763f206f RTC: 68883 ForwardPort: yes Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/23066 Tested-by: Jenkins Server Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Tested-by: FSP CI Jenkins Reviewed-by: Christian R. Geddes <crgeddes@us.ibm.com> Reviewed-by: Matthew A. Ploetz <maploetz@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com> Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/23070
* Send hash of pnor sections to TPMChris Engel2016-05-111-9/+31
| | | | | | | | | | | | | Replay log events to TPM after initialization Change-Id: Ibab5e28790324c28a7cd9fb2805041d7a896376a RTC:125290 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/23898 Tested-by: Jenkins Server Reviewed-by: Timothy R. Block <block@us.ibm.com> Tested-by: FSP CI Jenkins Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Base kernel changes for Nimbus/CumulusCorey Swenson2015-12-111-1/+2
| | | | | | | | | Change-Id: Ic5dfde1e975453d760631335bab674919e1109e7 RTC: 126637 Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/18321 Tested-by: Jenkins Server Reviewed-by: Christian Geddes <crgeddes@us.ibm.com> Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
* Fix spelling mistakes using codespell.Patrick Williams2015-01-151-2/+4
| | | | | | | | | | | | - See https://github.com/lucasdemarchi/codespell Change-Id: I03e102d1ebb9473b6226fa9b6edb684fa0218a2f Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/15031 Tested-by: Jenkins Server Reviewed-by: STEPHEN M. CPREK <smcprek@us.ibm.com> Reviewed-by: Zane Shelley <zshelle@us.ibm.com> Reviewed-by: Brian Silver <bsilver@us.ibm.com> Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
* Add customer error descriptions to error log headers.Doug Gilbert2014-06-231-0/+4
| | | | | | | | | | Change-Id: Ibb2f1219b6f2ff27e9b09fea4d36c2616fb7ddf9 RTC: 110397 Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/11079 Tested-by: Jenkins Server Reviewed-by: Andrew J. Geissler <andrewg@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com> Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
* Change copyright prolog for all files to Apache.Patrick Williams2014-05-211-10/+10
| | | | | | | Change-Id: I5664587b4f889099290ef50d50fa9ce5e580e1eb Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/11167 Tested-by: Jenkins Server Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
* Remove leftover fixme/todo and update error calloutsDan Crowell2014-01-101-10/+16
| | | | | | | | | | | | | | | | Remove all untagged fixme/todo comments Adde new parm to error log constructor to avoid extra code in common software error case Update error callouts Add strncpy Change-Id: I8bd8f48193a96b79db91ed35c4fd485e6da38dba RTC: 67921 Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/7921 Tested-by: Jenkins Server Reviewed-by: Michael Baiocchi <baiocchi@us.ibm.com> Reviewed-by: Brian H. Horton <brianh@linux.ibm.com> Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
* Fix SecureROM Cleanup FunctionMike Baiocchi2013-07-101-1/+1
| | | | | | | | | | | The SecureROM::_cleanup() function was not putting all of the memory reserved for the secure rom device back into the proper state. Change-Id: I9b11736d7e3cae8f5e21872ad740aef67ac4298e Reviewed-on: http://gfw160.austin.ibm.com:8080/gerrit/5365 Tested-by: Jenkins Server Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
* Base Support for Secure ROM verificationMike Baiocchi2013-07-081-0/+510
This change adds the basic structure needed to call and implement a verifcation of a signed container via the loaded/initliaized Secure ROM device. Change-Id: Ieada4eb0b557fc556cd12647a698bbfa16aba278 RTC:64764 Reviewed-on: http://gfw160.austin.ibm.com:8080/gerrit/4958 Tested-by: Jenkins Server Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
OpenPOWER on IntegriCloud