summaryrefslogtreecommitdiffstats
path: root/src/usr/secureboot
Commit message (Collapse)AuthorAgeFilesLines
* Add page tables to read only partitionsChen Du2019-05-092-2/+3
| | | | | | | | | | | | | | | | | | Changed partitions (WOFDATA, MEMD) to be signed with a hash page table bit. This generates a hash page table in the protected payload which will be used to validate pages in the unprotected payload Change-Id: I9be4b1f6e65b9a52a8b6ba23affdacc4d89f5295 RTC: 179519 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/72776 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* HB Improvements: Compiler Issues with Different Config FilesLuis Fernandez2019-04-051-1/+1
| | | | | | | | | | | | | | | Fixed compiler issues with Witherspoon, Romulus, Zaius, Boston. Change-Id: Ic4046323eb391be6ec311bc408ef9d858ceff8cd RTC: 202716 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/75552 Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Ilya Smirnov <ismirno@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Initialize backup TPM in MPIPLNick Bofferding2019-04-012-48/+53
| | | | | | | | | | | | | | | | | | Update the boot flow to call the istep to initialize the backup TPM during an MPIPL and carry over the backup present/functional state as they were from runtime, prior to the MPIPL. Change-Id: Ic402e37cf2f465686770ff22d4f2296332b0f3f7 CQ: SW456951 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/75163 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Ilya Smirnov <ismirno@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Matthew Raybuck <matthew.raybuck@ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Secureboot: Enhanced Nomdecomm: Quote FixIlya Smirnov2019-03-261-1/+1
| | | | | | | | | | | | | | | | PCR8 was erroneously being included in the quote response from the TPM. We don't actually want to read out PCR8 in hostboot firmware. This change excludes PCR8 from the quote process. Change-Id: Ib2ace53b157b64b6a5dac392b0304b31765d7afb Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/74895 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Secureboot: Enhance Error Callouts For New Multinode Trustedboot TransferMike Baiocchi2019-03-055-70/+317
| | | | | | | | | | | | | | | | | This commit adds many checks to callout potential issues with the new multinode trustedboot transfer protocol. It also improves some TPM-related traces. Change-Id: Ice3f8be0668cc63321eeb2562bb8ffe610284b6a RTC:203642 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/72363 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Ilya Smirnov <ismirno@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* SMF: Memory Distribution Logic ImprovementsIlya Smirnov2019-03-012-27/+53
| | | | | | | | | | | | | | | | | | An improvement to the memory distribution logic was suggested in which the variable that keeps track of doubling the amount of memory per pass could be removed. This commit removes the variable and introduces a couple of other small changes. Change-Id: I35cae2d6c2beac2ce91d94f439fd0dec1f782afc Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/68859 Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Matthew Raybuck <mraybuc@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Unit Tests For SMF Secure Mem DistributionIlya Smirnov2019-03-015-155/+592
| | | | | | | | | | | | | | | | This change introduces the unit tests (and helper functions) to test the SMF memory distribution algorithm. Change-Id: I0084f869d582e96354f06ec76c3de416c9838701 RTC: 192411 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/68679 Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Secureboot: Enhanced Multinode Comm: TPM_POISONEDIlya Smirnov2019-03-012-6/+9
| | | | | | | | | | | | | | | | | | | This commit introduces a new attribute TPM_POISONED used to indicate that a certain TPM was poisoned during the boot. This attribute is also used to adjust the trustedboot flag in HDAT: if the primary TPM was poisoned during the IPL, the trustedboot setting is turned off in HDAT. Change-Id: I32ff6e79ebba0e38c0e8b4b9bd4aa0f52a250d9a RTC: 203645 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/72129 Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* OpenPOWER support for native and compatibility mode for DD2.3Matt Derksen2019-02-282-2/+2
| | | | | | | | | | | | | | | | | | | | | | | Witherspoon (OpenPOWER) will run in native mode, which means all the processors have to be at the same level (all DD2.2 or all DD2.3). Other systems (ZZ) we support running in a mixed configuration where DD2.3 processors will be run in 2.2 compatibility mode. We also need to support arbitrary OP systems that might want to run in compatibility mode even without mixed parts. See src/usr/hwas/common/README.md for the rules and resulting mode. Change-Id: I80fb98e2687b945ba506f2d75b1533884443e10b RTC:201485 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/72214 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Christian R. Geddes <crgeddes@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Secureboot: Enhanced Multinode Comm: Add size of quote & signature to slv quoteIlya Smirnov2019-02-261-0/+4
| | | | | | | | | | | | | | | | | | This commit adds the size of the quote and signature fields returned from the TPM as part of enhanced multinode comm to the generated slave quote. This will make it easier to process the slave quote for remote attestation. Change-Id: Iab0d66bf5c34f49441fec346c6964458c58cff1f RTC: 203645 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/72357 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Secureboot: Enable New Multinode Trustedboot TransferMike Baiocchi2019-02-223-54/+215
| | | | | | | | | | | | | | | | | | This commit adds a new exchange of data between the master and slave nodes to further enhance our Trustedboot IPL. It builds upon updates to the transfer mechanism between the nodes and new TPM commands on the nodes. Change-Id: I18bd152e4bd3aeb9b79eb9ec774fc80871874155 RTC:203642 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/71903 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Ilya Smirnov <ismirno@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Secureboot: Enhanced Multinode Comm: Quote Size FixIlya Smirnov2019-02-222-1/+5
| | | | | | | | | | | | | | | | | | It was discovered that the quote and signature data returned from TPM as part of the new multinode comm contained an extra uint32 size field that should not be inlcuded into the slave quote blob. This commit removes that size field from the quote. Change-Id: Ia40eeee67567d08b1c1982f964dab1db411ff81b RTC: 203645 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/72216 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Secureboot: Enhanced Multinode Comm: Master NodeIlya Smirnov2019-02-2014-99/+561
| | | | | | | | | | | | | | | | | | | | | | | | This commit introduces the logic to create the master node nodecomm request to the slave nodes and logic to process the responses from the slave nodes. The data from the slave nodes (the slave quote) is hashed and extended into PCR1. The binary quote blob is also included in the TPM log as a log message. Additional changes: the logic to relocate the TPM log to increase its size, and the logic to allow uint8_t* instead of char* as the TPM log message. Change-Id: Ide4465f0d4a91aec815c9db5d765cdbde231dcd3 RTC: 203644 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/71407 Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Secureboot: Enhanced Multinode Comm: Slave NodeIlya Smirnov2019-02-1910-42/+554
| | | | | | | | | | | | | | | | | | | | | | This commit introduces the logic to create the slave response for the new enhanced multinode comm protocol. The slave response consists of an eye catcher, node ID, quote and signature data from TPM, PCR contents of the slave node TPM, Attestation Key Certificate, and the TPM log. All of the above data is packaged into a binary blob to be sent back to the master node. Change-Id: I927c6ca937e6c07af4185cf54c782697c5d822f6 RTC: 203643 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/70791 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com> Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Add Node Communications Transfer ProtocolMike Baiocchi2019-02-138-213/+738
| | | | | | | | | | | | | | | | | | This commit adds a more flexible Node-to-Node Transfer Protocol that will be used for the secureboot/trustedboot algorithm in multi-node configurations. The original message transfer has been updated to use this new transfer protocol. Change-Id: I12704e8d71d8c0aac52c286160322f9b845a5026 RTC:203641 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/71317 Reviewed-by: Ilya Smirnov <ismirno@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Secureboot: Add New TPM Commands For NodecommIlya Smirnov2019-01-188-23/+889
| | | | | | | | | | | | | | | | | | This commit adds four new TPM commands, and APIs thereto, for enhanced secure multinode communication protocol. The TPM commands are the base for the new protocol and will be used as part of it. Change-Id: I080ff87cd6001b5d2e13ae350a379cbc2c92bfcf RTC: 202364 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/69725 Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Add additional FFDC to better debug TPM related errorsNick Bofferding2019-01-141-28/+84
| | | | | | | | | | | | | | | - Added additional trace to master TPM init step to diagnose TPM related errors Change-Id: Iec93d92d26872f6c54811b77803e93c80799e445 CQ: SW452193 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/70293 Reviewed-by: Ilya Smirnov <ismirno@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Trustedboot: GetRandom API ChangesIlya Smirnov2019-01-104-19/+72
| | | | | | | | | | | | | | | | | | New Secure Multinode Comm protocol calls for generation of random number that is 32 bytes in size. This commit extends the existing GetRandom API to be able to accept a size of the random number to be generated by TPM. Change-Id: Ic6fc1705594f51f121ff75aaa489d6d32fe41409 RTC: 202364 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/70116 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* SMF: NVRAM Reading and Mem Distribution end-to-end ChangesIlya Smirnov2019-01-101-3/+3
| | | | | | | | | | | | | | | | | This commit introduces the changes to read out the SMF secure memory amount value from NVRAM and to distribute the secure memory amount based on the value read. strtou64 was copied from runtime code to convert the value read from NVRAM (as a string) to uint64_t. Change-Id: I83e41f0aaff9b4035d20a517cf866f348acedd59 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/69728 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Unit Tests For Adjusting SMF HOMER BARIlya Smirnov2019-01-094-0/+535
| | | | | | | | | | | | | | | This change introduces the unit tests for testing the helper functions of the SMF functionality to move the HOMER BAR to secure memory. Change-Id: I771240a554dbcef120fc476c26846f75d56592a0 RTC: 198825 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/68356 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* SMF: Distribute Secure Memory Among ProcsIlya Smirnov2018-11-273-0/+345
| | | | | | | | | | | | | | | | | | | Logic for distributing the requested amount of SMF memory between the procs with memory on the system. The algorithm attempts to allocate the memory in power-of-two increments of 256MB (such is the HW limitation) under each proc until the requested amount is satisfied or until we run out of procs with memory. Change-Id: Ica3e1706bdb731762a3daf07c11d889fc7b6367f RTC: 192411 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/68128 Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Roland Veloz <rveloz@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Move HOMER BAR to Secure Memory in SMF ModeIlya Smirnov2018-11-134-1/+145
| | | | | | | | | | | | | | | | | This commits enables HOMER BAR to point to the top of the secure memory on SMF-enabled systems. Consequently, the HOMER image and hostboot reserved memory will be moved to the secure memory if SMF is enabled. Change-Id: I37c7527b06688a41e57f14b4107ff53a507ffae8 RTC: 198825 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/66702 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Serialize all attribute synchronization callsNick Bofferding2018-10-171-1/+2
| | | | | | | | | | | | | | | Forces all FSP attribute synchronizations down to FSP to serialize in the attribute resource provider attribute synchronization daemon thread to avoid concurrenty problems. Change-Id: Ifb355ba6f42872465ea3d6f0d9009cfd6f768d7a CQ: SW448280 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/67450 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Revert "Delete non-terminating TPM error in fabric integration step"Nicholas E. Bofferding2018-10-021-10/+1
| | | | | | | | | | | | | | This reverts commit bdb1634e8e6a385884025f49cadbd4262962dd3e. Change-Id: Idbe1edff3d3a241ff2002cf053b59095ea3cb524 CQ: SW446799 CMVC-Prereq: 1069262 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/65708 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Add consistent enter-exit traces for all runtime interfacesDan Crowell2018-10-021-1/+5
| | | | | | | | | | | | | | | | | | Created a new 'HBRT' trace buffer that is exclusively used to bound the external calls into our runtime image. Modified the return code values to be the reasoncode of the error log we commit instead of a generic '-1' value that is not very helpful. Change-Id: Id41288ea1903bf6d11e967fcb10a8184153943c8 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/64871 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Brian J. Stegmiller <bjs@us.ibm.com> Reviewed-by: Matt Derksen <mderkse1@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Additional tracing for shutdown eventsMatt Derksen2018-09-121-1/+2
| | | | | | | | | | | | | | | | | Hit an issue where a shutdown was called but all that is traced is a msgQ pointer. These traces should help associate the msgQ pointer to an actual task being shutdown. Change-Id: Ic22fdde1a146eec90f26d557e8af1ddec3c85c4e CQ:SW443508 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/65464 Reviewed-by: Christian R. Geddes <crgeddes@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Corey V. Swenson <cswenson@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Delete non-terminating TPM error in fabric integration stepNick Bofferding2018-09-041-1/+10
| | | | | | | | | | | | | | | | Deletes a non-terminating TPM error in the fabric integration step to avoid setting up a race condition on FSP that results in FSP not waking Hostboot up from winkle properly. That issue will be pervasively addressed by SW444320. Change-Id: I1f43f704a53ec77593d082021cc545e2365d499a CQ: SW443597 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/65594 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
* Trusted Boot: Report Primary TPM required reason code as terminatingNick Bofferding2018-08-241-2/+2
| | | | | | | | | | | | | | | | | | | | This commit flags the RC_TPM_NOFUNCTIONALTPM_FAIL reason code as a terminating reason code to tell FSP that there is an expected boot failure without a deconfiguration. Further, when this error occurs, it TIs with this error's reason code instead of its PLID, so that FSP will balk to the alignment check to failover and use the backup TPM, when possible. Change-Id: I6809dd1de6f37ce50d6528ce1014c5ede115b0dd CQ: SW442904 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/64973 Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Set TPM_UNUSABLE Only if TPM is RequiredIlya Smirnov2018-08-161-6/+18
| | | | | | | | | | | | | | | | This change sets the attribure used for TPM alignment check (TPM_UNUSABLE) only if the TPM Required policy is on. This will prevent HWSV from failing the boot due to no minimum HW when the policy is off. Change-Id: Ia63475c7496e5a4deb73c0caeb0d070bd8eb95c3 CQ: SW441033 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/64553 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Node Communications: use addHwCallout() to deconfigureMike Baiocchi2018-08-021-0/+15
| | | | | | | | | | | | | | | | | This commit adds the appropriate addHwCallout() after addBusCallout() to ensure that the appropriate item (either XBUS or SMPGROUP) gets deconfigured. Change-Id: Iff2cea9d41b6d86b79024a5f682675d4938f20a3 RTC:184518 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/63727 Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Minor Error Log ImprovementsMike Baiocchi2018-07-301-1/+0
| | | | | | | | | | | | | | | | | This commit adds the error log severity to the trace saying that a new error log is being created. It also cleans up an unused variable in some error log parsing logic. Change-Id: Iff196993bdabf80ad65006fca195f0785221257f Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/63476 Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Sync Attributes to FSP In TPM Required PathIlya Smirnov2018-07-231-1/+18
| | | | | | | | | | | | | | | | | | System shut down due to no functional primary TPM doesn't force attribute sync to FSP (which is a part of normal istep shutdown process), so the TPM_UNUSABLE attribute used to perform alignment check is never updated on FSP. This change adds explicit attribute sync to FSP in the TPM required execution path. Change-Id: I0e232c114af9ac08c8207088b337fb5a8c8d4cb1 CQ: SW438909 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/63069 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* ABUS Node Communication is operational, so commit all errorsMike Baiocchi2018-07-181-1/+1
| | | | | | | | | | | | | | | | The ABUS Node Communications procedure is operational and its error handling works. So this commit updates the code such that any errors during this procedure are now committed so that they can be properly handled. Change-Id: I0c97b74bca83a3bc001426aa01beb0c81cd7a717 RTC:184518 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/62753 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Send errors from previous boots as callhome type eSELsNick Bofferding2018-07-171-0/+9
| | | | | | | | | | | | | | | | | | During early boot, Hostboot attempts to resend unacknowledged error logs from prior boots as eSELS, without correponding SELs. BMCs typically require both in order to expose a given error log to a customer. This change morphs errors from prior boots into callhome type logs, so that a simple eSEL will be enough to get the error propagated. Change-Id: If499defe8a39b9254f08392b264d72047b7e5f7c CQ: SW426731 RTC: 193265 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/62079 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* ABUS Node Communication: Add Support for Redundant LinksMike Baiocchi2018-07-133-43/+257
| | | | | | | | | | | | | | | This commit adds redundancy to the ABUS Node Communication procedure by using the best possible link per connection rather than the default secure link. Change-Id: I051d316eacb05d59889d3f45fcb387e29877e1fe RTC:184518 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/62133 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Display Secure Mode Console Trace During BootIlya Smirnov2018-07-121-2/+8
| | | | | | | | | | | | | | This change adds a trace to explicitly state the status of secure mode on the system. A message indicating the state of secure mode will be displayed on console early in the boot. Change-Id: Ie36249695a56838879d47a9de300ad58cd7b8feb CQ: SW424336 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/62305 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Add error callouts and other improvements for Node CommunicationsMike Baiocchi2018-07-035-331/+610
| | | | | | | | | | | | | | | This code adds bus, hw, code, etc callouts to the appropriate errors. It also cleans up other TODOs, refactors some functions, and applies somes fixes found in testing. Change-Id: I462cdb2c4e313c277a3e0542f740e82ede3313f3 RTC:184518 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/61813 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Add Support for TPM Message Queue FlushingIlya Smirnov2018-07-013-3/+56
| | | | | | | | | | | | | | | Add a synchronous message handler to TPM daemon. This message handler is used to make sure that all of the traces are flushed before the daemon is shut down. Change-Id: Ibb8ea2fd12d7ded9e43f284ff44c1791e61d8767 CQ:SW435287 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/55223 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Trusted Boot: Provide appropriate callout when TPM not provisionedNick Bofferding2018-06-273-40/+68
| | | | | | | | | | | | | | Adds high priority TPM callout and low priority HB procedure callout when the TPM is detected not to be provisoned correctly Change-Id: Ia6fc3e4d5baf80f5a899e0b576d9fe07f4a1570c CQ: SW435398 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/61429 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Good-Path Fixes for Secure Node CommunicationsMike Baiocchi2018-06-262-22/+51
| | | | | | | | | | | | | | | This commit applies all of the known fixes to make the 'good-path' work for Secure Node-to-Node Communications. It also cleans up some trace messages and removes some TODOs. Change-Id: I2ffa63f2579f2a0075b188d67c56f45bed576a0f RTC:184518 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/61305 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Post informational error log for planar jumper settingsNick Bofferding2018-06-261-0/+20
| | | | | | | | | | | | Change-Id: Iebdc09d10a62abab4e71b53fa88a4b21c89822e4 CQ: SW432936 Forwardport: yes Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/61318 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Add TPM Calls to Node Communication ABUS Exchange ProcedureMike Baiocchi2018-06-214-74/+497
| | | | | | | | | | | | | | | | | | This commit adds the TPM calls to generate a random number and log ('extend') the nonces passed between the nodes via the ABUSes. It also cleans up some other TODOs and traces. Change-Id: I1389af2d809351421f3c2b3b954b3eaf6b0506aa RTC:184518 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/60962 Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Add procedure for istep 18's Node Communication ABUS ExchangeMike Baiocchi2018-06-195-6/+761
| | | | | | | | | | | | | | | | | | | | | This commit creates a new interface that will be called in istep 18 to facilitate the exchanging of Link Mailboxes messages between nodes acros the ABUS interface. It also does the basic procedure without all of the final FFDC and RAS implementation that will come in subsequent commits. All error logs are deleted to not kill any IPLs until full functionality is tested. Change-Id: I7391deaa37e49629cd01cfad212b64fecb9529bd RTC:184518 CMVC-Prereq:1058895 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/60793 Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Secure Boot: Support API to fence off all node processors' secure mailboxesIlya Smirnov2018-06-192-1/+122
| | | | | | | | | | | | | | | | This change imlpements the logic to lock down the Abus secure mailboxes prior to starting PHyp. The lock down is perormed as part of secure node communication in istep 18 Change-Id: I4bc678ce7844290a7229b605406d5d3c689a0c6c RTC: 191005 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/59692 Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Secure Boot: Enabled final Secure Boot settings for ZeppelinNick Bofferding2018-06-041-2/+2
| | | | | | | | | | | | | | | | - Force TPM_REQUIRED to 1 in various XML models (by not overriding default) - Remove old reference to SECUREBOOT_BEST_EFFORT policy in HBConfig - Double initial TPM log size Change-Id: Ibc9a2075ec5e490a876415d5743da40984f172f7 RTC: 187292 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/59776 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Add Mutex and Error Recovery for Node CommunicationsMike Baiocchi2018-05-314-18/+172
| | | | | | | | | | | | | | | | | | | | This commit adds the attributes needed for a mutex XBUS and ABUS lock and then uses them in the Node Communications Device Driver. It also adds some additional error recovery to the Node Comm DD. Plus, it adds some additional SCOMs to the Read and Write Node Comm DD operations. Change-Id: I27b94f29a6e3c2e3e2ba98fec48cc000c39add47 RTC:191008 Depends-on:I19510888c0922e5bb857cffc9426399e79e113ba Depends-on:I11893af06b7a097b43106117d648e9a431c4f3ea Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/59292 Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Improve FFDC for new Node Comm Device DriverMike Baiocchi2018-05-249-10/+362
| | | | | | | | | | | | | | | | | This commit adds a new custom Node Comm Device Driver error log user details section and its parser code. It also adds a function to add the target and important HW registers to an error log. Change-Id: I11893af06b7a097b43106117d648e9a431c4f3ea RTC:191008 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/59079 Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Establish Base Support For Sending Mailbox Messages Across XBUS/ABUSMike Baiocchi2018-05-247-1/+1514
| | | | | | | | | | | | | | | | | | | | This commit establishes base support for Secure Node Communications. It creates a new device driver to operate the XBUS and ABUS Link Mailboxes and adds base support for using these device drivers to send and receive messages. It also adds a test to perform a 2-chip XBUS Link Mailbox operation. Change-Id: I19510888c0922e5bb857cffc9426399e79e113ba RTC:191008 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/58376 Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com> Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Support TPM PCR PoisoningJaymes Wilks2018-05-234-96/+325
| | | | | | | | | | | | | | | | | | | To support Fleetwood secure inter-node communication, we need to “poison” the PCRs of all still functional non-master node TPMs just prior to transferring control to PHyp, and report that poisoned state to HDAT. Change-Id: Ic104ef2e44fc98895b9b435fdf8ba4c5e4972818 RTC:191001 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/58244 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Marked Failed TPMs Unusable For Alignment CheckIlya Smirnov2018-05-221-6/+18
| | | | | | | | | | | | | | | | | | | Set the TPM_UNUSABLE attribute for TPMs that failed. This attribute will be used by FSP during alignment check, so it is important to reflect the current TPM availability situation. Note that backup TPM is marked as unusable in istep 6.8, and then re-checked in istep 10.14. Change-Id: I32347c542cb4cd09c04bea7f8a9275881d204dfb RTC: 191163 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/58529 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
OpenPOWER on IntegriCloud