From db9ded1e83f4aa6309e8b8cfabdf02ab4e2ad405 Mon Sep 17 00:00:00 2001
From: Nick Bofferding <bofferdn@us.ibm.com>
Date: Tue, 3 Apr 2018 01:13:23 -0500
Subject: Secure Boot: Introduce key transition state node attribute

Key transitioning on FSP-based systems is problematic because the key transition
process quiesces both SBEs then TIs, which prevents the FSP TI handler from
being able to determine the TI reason when secure mode is enabled.  This change
introduces a new key transition state node attribute and enum which later
commits will will use to inform FSP of status in the key transition flow

Change-Id: I9f40a2b8aa2c797fffd437f20615fedf82ca3f99
CQ: SW418697
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/56676
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
---
 .../targeting/common/xmltohb/attribute_types.xml   | 57 ++++++++++++++++++++++
 src/usr/targeting/common/xmltohb/target_types.xml  |  3 ++
 2 files changed, 60 insertions(+)

diff --git a/src/usr/targeting/common/xmltohb/attribute_types.xml b/src/usr/targeting/common/xmltohb/attribute_types.xml
index 90fb7b3db..95a4588a7 100755
--- a/src/usr/targeting/common/xmltohb/attribute_types.xml
+++ b/src/usr/targeting/common/xmltohb/attribute_types.xml
@@ -6294,6 +6294,63 @@
     </enumerator>
 </enumerationType>
 
+<enumerationType>
+    <id>KEY_TRANSITION_STATE</id>
+    <description>
+        Enum indicating the current Secure Boot key transition state for the
+        node.
+    </description>
+    <enumerator>
+        <description>
+            Secure Boot key transition not yet requested for the node
+        </description>
+        <name>KEY_TRANSITION_NOT_REQUESTED</name>
+        <value>0</value>
+    </enumerator>
+    <enumerator>
+        <description>
+            About to write new system Secure Boot key to first SBE SEEPROM
+            side in the node
+        </description>
+        <name>KEY_TRANSITION_STARTED</name>
+        <value>1</value>
+    </enumerator>
+    <enumerator>
+        <description>
+            Failed to apply new system Secure Boot key to one or more functional
+            SBE SEEPROM sides in the node
+        </description>
+        <name>KEY_TRANSITION_FAILED</name>
+        <value>2</value>
+    </enumerator>
+    <enumerator>
+        <description>
+            Successfully applied new system Secure Boot key to every functional
+            SBE SEEPROM side in the node
+        </description>
+        <name>KEY_TRANSITION_SUCCEEDED</name>
+        <value>3</value>
+    </enumerator>
+</enumerationType>
+
+<attribute>
+  <description>
+    Attribute indicating the status of the Secure Boot key transition for
+    the node
+  </description>
+  <hasStringConversion></hasStringConversion>
+  <id>KEY_TRANSITION_STATE</id>
+  <persistency>volatile-zeroed</persistency>
+  <readable/>
+  <writeable/>
+  <simpleType>
+    <enumeration>
+      <id>KEY_TRANSITION_STATE</id>
+      <default>KEY_TRANSITION_NOT_REQUESTED</default>
+    </enumeration>
+  </simpleType>
+</attribute>
+
 <attribute>
     <id>FUSED_CORE_MODE_HB</id>
     <description>
diff --git a/src/usr/targeting/common/xmltohb/target_types.xml b/src/usr/targeting/common/xmltohb/target_types.xml
index a1ec6dcd2..04808b837 100644
--- a/src/usr/targeting/common/xmltohb/target_types.xml
+++ b/src/usr/targeting/common/xmltohb/target_types.xml
@@ -996,6 +996,9 @@
   <attribute>
     <id>FRU_ID</id>
   </attribute>
+  <attribute>
+    <id>KEY_TRANSITION_STATE</id>
+  </attribute>
   <attribute>
     <id>EEPROM_VPD_PRIMARY_INFO</id>
   </attribute>
-- 
cgit v1.2.3