summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorspashabk-in <shakeebbk@in.ibm.com>2017-06-15 05:46:24 -0500
committerSachin Gupta <sgupta2m@in.ibm.com>2017-10-04 01:24:38 -0400
commit794dd51dcb8ee25822dac196200ae396c0c77225 (patch)
tree611c16aa7e8a6fdf0ef76e22e7a77ac4f55bae96
parent4b8ed3f80f35d4de9e913f1fee92a0a95e8f8834 (diff)
downloadtalos-sbe-794dd51dcb8ee25822dac196200ae396c0c77225.tar.gz
talos-sbe-794dd51dcb8ee25822dac196200ae396c0c77225.zip
[Whitelist/Blacklist] - Enable scom filter and testcase addition
Implemented whitelist/blacklist filtering on scom chip-ops Removed separate scom tetcases and included the same in security testcases Included security negative testcases for scom filtering Change-Id: I41e5aa1a059b7a60b83e8740c738de41dc30dd3f Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/41871 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Sachin Gupta <sgupta2m@in.ibm.com>
-rw-r--r--src/build/security/securityRegListGen.py60
-rw-r--r--src/sbefw/sbeSecurity.C43
-rw-r--r--src/sbefw/sbeSecurity.H5
-rw-r--r--src/sbefw/sbecmdscomaccess.C157
-rw-r--r--src/sbefw/sbefwfiles.mk1
-rw-r--r--src/sbefw/sbescom.C35
-rw-r--r--src/sbefw/sbescom.H7
-rw-r--r--src/sbefw/sbeutil.H8
-rwxr-xr-xsrc/test/testcases/test.xml3
-rwxr-xr-xsrc/test/testcases/testModifyScom.py98
-rwxr-xr-xsrc/test/testcases/testPutGetInScom.py83
-rw-r--r--[-rwxr-xr-x]src/test/testcases/testPutGetScom.py102
-rwxr-xr-xsrc/test/testcases/testPutScomUnderMask.py99
-rw-r--r--src/test/testcases/testSbeDump.py5
-rwxr-xr-xsrc/test/testcases/testScom.xml43
-rw-r--r--src/test/testcases/testScomUtil.py125
-rw-r--r--src/test/testcases/testSecurity.py43
-rwxr-xr-xsrc/tools/debug/simics-debug-framework.py4
18 files changed, 355 insertions, 566 deletions
diff --git a/src/build/security/securityRegListGen.py b/src/build/security/securityRegListGen.py
index 0b9fc591..c7d12db4 100644
--- a/src/build/security/securityRegListGen.py
+++ b/src/build/security/securityRegListGen.py
@@ -71,7 +71,7 @@ def exit(error, msg = ''):
else:
if(DEBUG):
print "unknown error:exiting"
- sys.exit()
+ sys.exit(1)
def remove_duplicates(xlist):
xlist = list(set(xlist))
@@ -95,6 +95,14 @@ def gen_file(whitelist_tables, blacklist_tables):
tables = (('WHITELIST', 'whitelist', whitelist_tables),
('BLACKLIST', 'blacklist', blacklist_tables))
body = ''
+ # table 1 range and running count type
+ table1_range_type = "uint8_t"
+ table1_index_type = "uint8_t"
+ # table 2 value and running count type
+ table2_value_type = "uint8_t"
+ table2_index_type = "uint8_t"
+ # table 3 value type
+ table3_value_type = "uint16_t"
for namespace, tablename, table in tables:
body += ("""
namespace """+namespace+"""
@@ -112,7 +120,7 @@ namespace """+namespace+"""
1 byte for running count - we are good with uint8_t till the
total paths are less than 256
*/
- map_t< range_t<uint8_t>, uint8_t > _t1[] = {
+ map_t< range_t<"""+table1_range_type+""">, """+table1_index_type+""" > _t1[] = {
// length of the table = """+s_list_len(table[0])+"""
"""+s_table1_gen(tablename, table[0])+"""
};
@@ -131,7 +139,7 @@ namespace """+namespace+"""
We are good with uint8_t,
till the number of paths to table 3 from each key is less than 256
*/
- map_t< uint8_t, uint8_t > _t2[] = {
+ map_t< """+table2_value_type+""", """+table2_index_type+""" > _t2[] = {
// length of the table = """+s_list_len(table[1])+"""
"""+s_table2_gen(tablename, table[1])+"""
};
@@ -139,22 +147,29 @@ namespace """+namespace+"""
table 3
values = 2 byte value bit 16-31 of the 32-bit address
*/
- uint16_t _t3[] = {
+ """+table3_value_type+""" _t3[] = {
// length of the table = """+s_list_len(table[2])+"""
"""+s_table3_gen(tablename, table[2])+"""
};
- table< map_t< range_t<uint16_t, uint8_t>, uint8_t > > t1 =
- {sizeof(_t1)/sizeof(uint8_t), 0xFF000000, _t1};
- table< map_t< uint8_t, uint8_t > > t2 =
- {sizeof(_t2)/sizeof(uint16_t), 0x00FF0000, _t2};
- table<uint16_t> t3 = {sizeof(_t3)/sizeof(uint16_t), 0x0000FFFF, _t3};
+ table< map_t< range_t<"""+table1_range_type+""">, """+table1_index_type+""" > > t1 =
+ {sizeof(_t1)/sizeof(map_t< range_t<"""+table1_range_type+""">, """+table1_index_type+""" >),
+ 0xFF000000,
+ _t1};
+ table< map_t< """+table2_value_type+""", """+table2_index_type+""" > > t2 =
+ {sizeof(_t2)/sizeof(map_t< """+table2_value_type+""", """+table2_index_type+""" >),
+ 0x00FF0000,
+ _t2};
+ table<"""+table3_value_type+"""> t3 =
+ {sizeof(_t3)/sizeof("""+table3_value_type+"""),
+ 0x0000FFFF,
+ _t3};
bool isPresent(uint32_t i_addr)
{
return SBE_SECURITY::_is_present
- < uint16_t, uint8_t, uint8_t,
- uint8_t, uint8_t,
- uint16_t>
+ < """+table1_range_type+""", """+table1_index_type+""",
+ """+table2_value_type+""", """+table2_index_type+""",
+ """+table3_value_type+""">
(t1, t2, t3, i_addr);
}
}""")
@@ -339,9 +354,9 @@ def get_tables(id, list):
# Eg: {0102 : [ABCDEF], 0405 : [ABCDEF, UVWXYZ], 1020 : [UVWXYZ]} #
# || #
# \/ #
- # {0102 : {AB : [CD, EF]}, #
- # 0405 : {AB : [CD, EF], UV : [WX, YZ]}, #
- # 1020 : {UV : [WX, YZ]}} #
+ # {0102 : {AB : [CDEF]}, #
+ # 0405 : {AB : [CDEF], UV : [WXYZ]}, #
+ # 1020 : {UV : [WXYZ]}} #
# -----------------------------------------------------------------#
table_range_to_key_to_base = []
for key, values in table_range_to_base.items():
@@ -536,9 +551,9 @@ def main(argv):
reader = csv.DictReader(f)
for idx, row in enumerate(reader):
try:
- if(version == 'unknown'):
+ if(version.lower() == 'unknown'):
version = row[TAG_VERSION]
- base_addr = row[TAG_BASE_ADDR]
+ base_addr = row[TAG_BASE_ADDR].lower().split('0x')[-1]
# Append 0s for numbers represented by less than 8 chars
base_addr = '0'*(8-len(base_addr))+base_addr
# Extract the least 32 bit number for base address
@@ -550,7 +565,12 @@ def main(argv):
# Empty range field considered as error
if(chiplet_range[0] == ''):
exit(PRINT_AND_EXIT, "Missing chiplet id range")
- if(chiplet_range[0] != '0x00'):
+ if(chiplet_range[0].lower() != '0x00'):
+ if(chiplet_range[0].lower() != '0x%02x' % (get_chiplet(base_addr))):
+ print "base_addr",hex(base_addr)
+ print "get_chiplet(base_addr)",hex(get_chiplet(base_addr))
+ print "chiplet_range[0]", chiplet_range[0]
+ exit(PRINT_AND_EXIT, "Base address is not consistent")
base_addr = base_addr & 0x00FFFFFF
chiplet_range = [int(ele, 16) for ele in chiplet_range]
# Expand base address with ranges
@@ -561,12 +581,12 @@ def main(argv):
expanded_line = get_effective_address(row[TAG_CHIPLET], expanded_line)
if(VERBOSE):
print s_list_hex("range:", expanded_range, 8)
- if(row[TAG_TYPE] == TAG_NAME_WHITELIST):
+ if(row[TAG_TYPE].lower() == TAG_NAME_WHITELIST):
whitelist_line = expanded_line
if(VERBOSE):
print s_list_hex("whitelist_line:", whitelist_line, 8)
whitelist += whitelist_line
- elif(row[TAG_TYPE] == TAG_NAME_BLACKLIST):
+ elif(row[TAG_TYPE].lower() == TAG_NAME_BLACKLIST):
blacklist_line = expanded_line
if(VERBOSE):
print s_list_hex("blacklist_line:", blacklist_line, 8)
diff --git a/src/sbefw/sbeSecurity.C b/src/sbefw/sbeSecurity.C
index 0085fc41..60cc3464 100644
--- a/src/sbefw/sbeSecurity.C
+++ b/src/sbefw/sbeSecurity.C
@@ -6,6 +6,7 @@
/* OpenPOWER sbe Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2017 */
+/* [+] International Business Machines Corp. */
/* */
/* */
/* Licensed under the Apache License, Version 2.0 (the "License"); */
@@ -23,6 +24,7 @@
/* IBM_PROLOG_END_TAG */
#include "sbeSecurity.H"
#include "sbetrace.H"
+#include "sbeglobals.H"
#include "sbeSecurityGen.H"
@@ -38,7 +40,7 @@ constexpr uint32_t get_shift_len(uint32_t mask, uint8_t shifts = 0)
template <typename Func>
map_t<bool, uint32_t> binary_search(
const uint32_t search_key,
- range_t<uint64_t, uint32_t> x_range,
+ range_t<uint32_t> x_range,
Func get_element)
{
map_t<bool, uint32_t> ret = {false, 0}; // found=false
@@ -77,15 +79,15 @@ bool _is_present(const table< map_t< range_t<M1_T>, M1_U > > &table1,
SBE_ENTER(SBE_FUNC);
for(size_t i = 0; i < table1.size; i++)
{
- M1_U key = (i_addr & table1.mask) >> get_shift_len(table1.mask);
- if((table1.table[i].key.start <= key) &&
- (table1.table[i].key.end >= key))
+ uint32_t search_key = (i_addr & table1.mask) >> get_shift_len(table1.mask);
+ if((table1.table[i].key.start <= search_key) &&
+ (table1.table[i].key.end >= search_key))
{
- SBE_DEBUG(SBE_FUNC" found key[0x%x] table index[%d]", key, i);
+ SBE_DEBUG(SBE_FUNC" table1:found key[0x%x] table index[%d]",
+ search_key, i);
// Found the range where key might belong to
- uint32_t search_key = (i_addr & table2.mask) >>
- get_shift_len(table2.mask);
- range_t<uint64_t, uint32_t> search_range = {};
+ search_key = (i_addr & table2.mask) >> get_shift_len(table2.mask);
+ range_t<uint32_t> search_range = {};
search_range.start = i ? table1.table[i-1].value : 0;
search_range.end = table1.table[i].value - 1;
map_t<bool, uint32_t> search_result =
@@ -97,6 +99,9 @@ bool _is_present(const table< map_t< range_t<M1_T>, M1_U > > &table1,
});
if(search_result.key == true)
{
+ SBE_DEBUG(SBE_FUNC" table2:found key[0x%x] table index[%d]",
+ search_key,
+ search_result.value);
// Found the key
search_range.start = (search_result.value ?
table2.table[search_result.value-1].value : 0);
@@ -112,6 +117,9 @@ bool _is_present(const table< map_t< range_t<M1_T>, M1_U > > &table1,
});
if(search_result.key == true)
{
+ SBE_DEBUG(SBE_FUNC" table3:found key[0x%x] table index[%d]",
+ search_key,
+ search_result.value);
// Found the number
return true;
}
@@ -125,15 +133,18 @@ bool _is_present(const table< map_t< range_t<M1_T>, M1_U > > &table1,
bool isAllowed(const uint32_t i_addr, accessType type)
{
- bool ret = false;
- if(type == WRITE)
- ret = WHITELIST::isPresent(i_addr);
- else if(type == READ)
- ret = !BLACKLIST::isPresent(i_addr);
- if(!ret)
+ bool ret = true;
+ if(SBE_GLOBAL->sbeFWSecurityEnabled)
{
- SBE_INFO("SBE_SECURITY access[%d] denied addr[0x%08x]",
- type, i_addr);
+ if(type == WRITE)
+ ret = WHITELIST::isPresent(i_addr);
+ else if(type == READ)
+ ret = !BLACKLIST::isPresent(i_addr);
+ if(!ret)
+ {
+ SBE_INFO("SBE_SECURITY access[%d] denied addr[0x%08x]",
+ type, i_addr);
+ }
}
return ret;
}
diff --git a/src/sbefw/sbeSecurity.H b/src/sbefw/sbeSecurity.H
index f115ffe3..cda2a732 100644
--- a/src/sbefw/sbeSecurity.H
+++ b/src/sbefw/sbeSecurity.H
@@ -6,6 +6,7 @@
/* OpenPOWER sbe Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2017 */
+/* [+] International Business Machines Corp. */
/* */
/* */
/* Licensed under the Apache License, Version 2.0 (the "License"); */
@@ -36,11 +37,11 @@ namespace SBE_SECURITY
// type to define a range
template <typename T>
- struct
+ struct range_t
{
T start;
T end;
- } range;
+ };
// key-value map used for the tables
template <typename T, typename U>
diff --git a/src/sbefw/sbecmdscomaccess.C b/src/sbefw/sbecmdscomaccess.C
index c74ed133..b3524a9a 100644
--- a/src/sbefw/sbecmdscomaccess.C
+++ b/src/sbefw/sbecmdscomaccess.C
@@ -49,12 +49,12 @@ uint32_t sbeGetScom (uint8_t *i_pArg)
uint32_t l_rc = SBE_SEC_OPERATION_SUCCESSFUL;
sbeGetScomReqMsg_t l_getScomReqMsg;
+ sbeRespGenHdr_t l_hdr;
+ l_hdr.init();
+ sbeResponseFfdc_t l_ffdc;
do
{
- uint16_t l_primStatus = SBE_GLOBAL->sbeCmdRespHdr.prim_status;
- uint16_t l_secStatus = SBE_GLOBAL->sbeCmdRespHdr.sec_status ;
-
// Will attempt to dequeue two entries for
// the scom addresses plus the expected
// EOT entry at the end
@@ -69,9 +69,6 @@ uint32_t sbeGetScom (uint8_t *i_pArg)
break;
}
- sbeRespGenHdr_t l_hdr;
- l_hdr.init();
- sbeResponseFfdc_t l_ffdc;
uint32_t l_len2enqueue = 0;
uint32_t l_sbeDownFifoRespBuf[2] = {0};
@@ -80,17 +77,16 @@ uint32_t sbeGetScom (uint8_t *i_pArg)
uint64_t l_scomData = 0;
SBE_DEBUG(SBE_FUNC"scomAddr[0x%08X%08X]",
l_getScomReqMsg.hiAddr, l_getScomReqMsg.lowAddr);
- l_rc = checkIndirectAndDoScom(true, l_addr,
- l_scomData,
- &l_ffdc);
+ checkIndirectAndDoScom(true, l_addr,
+ l_scomData, &l_hdr,
+ &l_ffdc);
- if (l_rc != SBE_SEC_OPERATION_SUCCESSFUL) // scom failed
+ if (l_hdr.secondaryStatus != SBE_SEC_OPERATION_SUCCESSFUL) // scom failed
{
SBE_ERROR(SBE_FUNC"getscom failed, "
"scomAddr[0x%08X%08X]",
l_getScomReqMsg.hiAddr, l_getScomReqMsg.lowAddr);
- l_primStatus = SBE_PRI_GENERIC_EXECUTION_FAILURE;
- l_secStatus = l_rc;
+ break;
}
else // successful scom
{
@@ -112,18 +108,15 @@ uint32_t sbeGetScom (uint8_t *i_pArg)
}
} // end successful scom
- // Build the response header packet
+ } while(false);
- l_hdr.setStatus(l_primStatus, l_secStatus);
+ if(l_rc == SBE_SEC_OPERATION_SUCCESSFUL)
+ {
+ // Build the response header packet
l_rc = sbeDsSendRespHdr(l_hdr, &l_ffdc);
- if (l_rc)
- {
- // will let command processor routine
- // handle the failure
- break;
- }
-
- } while(false);
+ // will let command processor routine
+ // handle the failure
+ }
SBE_EXIT(SBE_FUNC);
return l_rc;
@@ -139,12 +132,12 @@ uint32_t sbePutScom (uint8_t *i_pArg)
uint32_t l_rc = SBE_SEC_OPERATION_SUCCESSFUL;
sbePutScomReqMsg_t l_putScomReqMsg;
+ sbeRespGenHdr_t l_hdr;
+ l_hdr.init();
+ sbeResponseFfdc_t l_ffdc;
do
{
- uint16_t l_primStatus = SBE_GLOBAL->sbeCmdRespHdr.prim_status;
- uint16_t l_secStatus = SBE_GLOBAL->sbeCmdRespHdr.sec_status ;
-
// Will attempt to dequeue four entries for
// the scom address (two entries) and the
// corresponding data (two entries) plus
@@ -161,9 +154,6 @@ uint32_t sbePutScom (uint8_t *i_pArg)
}
uint64_t l_scomData = 0;
- sbeRespGenHdr_t l_hdr;
- l_hdr.init();
- sbeResponseFfdc_t l_ffdc;
// successfully dequeued two entries for
// scom address followed by the EOT entry
@@ -179,10 +169,10 @@ uint32_t sbePutScom (uint8_t *i_pArg)
l_putScomReqMsg.lowAddr;
SBE_DEBUG(SBE_FUNC"scomAddr[0x%08X%08X]",
l_putScomReqMsg.hiAddr, l_putScomReqMsg.lowAddr);
- l_rc = checkIndirectAndDoScom(false, l_addr,
- l_scomData, &l_ffdc);
+ checkIndirectAndDoScom(false, l_addr,
+ l_scomData, &l_hdr, &l_ffdc);
- if (l_rc != SBE_SEC_OPERATION_SUCCESSFUL) // scom failed
+ if (l_hdr.secondaryStatus != SBE_SEC_OPERATION_SUCCESSFUL) // scom failed
{
SBE_ERROR(SBE_FUNC"putscom failure data, "
"scomAddr[0x%08X%08X], "
@@ -191,22 +181,18 @@ uint32_t sbePutScom (uint8_t *i_pArg)
l_putScomReqMsg.lowAddr,
SBE::higher32BWord(l_scomData),
SBE::lower32BWord(l_scomData));
- l_primStatus = SBE_PRI_GENERIC_EXECUTION_FAILURE;
- l_secStatus = l_rc;
+ break;
}
- // Build the response header packet
+ } while(false);
- l_hdr.setStatus(l_primStatus, l_secStatus);
+ if(l_rc == SBE_SEC_OPERATION_SUCCESSFUL)
+ {
+ // Build the response header packet
l_rc = sbeDsSendRespHdr(l_hdr, &l_ffdc);
- if (l_rc)
- {
- // will let command processor routine
- // handle the failure
- break;
- }
-
- } while(false);
+ // will let command processor routine
+ // handle the failure
+ }
SBE_EXIT(SBE_FUNC);
return l_rc;
@@ -224,12 +210,12 @@ uint32_t sbeModifyScom (uint8_t *i_pArg)
uint32_t l_rc = SBE_SEC_OPERATION_SUCCESSFUL;
sbeModifyScomReqMsg_t l_modifyScomMsg;
+ sbeRespGenHdr_t l_hdr;
+ l_hdr.init();
+ sbeResponseFfdc_t l_ffdc;
do
{
- uint16_t l_primStatus = SBE_GLOBAL->sbeCmdRespHdr.prim_status;
- uint16_t l_secStatus = SBE_GLOBAL->sbeCmdRespHdr.sec_status ;
-
// Will attempt to dequeue the following entries:
// Entry 1 : Operation Mode
// Entry 2 : Scom Register Address (0..31)
@@ -248,10 +234,6 @@ uint32_t sbeModifyScom (uint8_t *i_pArg)
break;
}
- sbeRespGenHdr_t l_hdr;
- l_hdr.init();
- sbeResponseFfdc_t l_ffdc;
-
// Modifying Data
uint64_t l_modifyingData = l_modifyScomMsg.getModifyingData();
@@ -274,8 +256,8 @@ uint32_t sbeModifyScom (uint8_t *i_pArg)
{
// Invalid Data passed
SBE_ERROR(SBE_FUNC"Invalid OpMode");
- l_primStatus = SBE_PRI_INVALID_DATA;
- l_secStatus = SBE_SEC_GENERIC_FAILURE_IN_EXECUTION;
+ l_hdr.setStatus(SBE_PRI_INVALID_DATA,
+ SBE_SEC_GENERIC_FAILURE_IN_EXECUTION);
break;
}
@@ -284,16 +266,14 @@ uint32_t sbeModifyScom (uint8_t *i_pArg)
uint64_t l_scomData = 0;
SBE_DEBUG(SBE_FUNC"scomAddr[0x%08X%08X]",
l_modifyScomMsg.hiAddr, l_modifyScomMsg.lowAddr);
- l_rc = checkIndirectAndDoScom(true, l_addr,
- l_scomData, &l_ffdc);
+ checkIndirectAndDoScom(true, l_addr,
+ l_scomData, &l_hdr, &l_ffdc);
- if (l_rc != SBE_SEC_OPERATION_SUCCESSFUL) // scom failed
+ if (l_hdr.secondaryStatus != SBE_SEC_OPERATION_SUCCESSFUL) // scom failed
{
SBE_ERROR(SBE_FUNC"getscom failed,"
" ScomAddress[0x%08X %08X]",
l_modifyScomMsg.hiAddr, l_modifyScomMsg.lowAddr);
- l_primStatus = SBE_PRI_GENERIC_EXECUTION_FAILURE;
- l_secStatus = l_rc;
break;
}
@@ -311,10 +291,10 @@ uint32_t sbeModifyScom (uint8_t *i_pArg)
}
// Write the modified data
- l_rc = checkIndirectAndDoScom(false, l_addr,
- l_modifyingData, &l_ffdc);
+ checkIndirectAndDoScom(false, l_addr,
+ l_modifyingData, &l_hdr, &l_ffdc);
- if (l_rc != SBE_SEC_OPERATION_SUCCESSFUL) // scom failed
+ if (l_hdr.secondaryStatus != SBE_SEC_OPERATION_SUCCESSFUL) // scom failed
{
SBE_ERROR(SBE_FUNC"putscom failed,"
" ScomAddress[0x%08X%08X]",
@@ -322,21 +302,20 @@ uint32_t sbeModifyScom (uint8_t *i_pArg)
SBE_ERROR(SBE_FUNC"modifyingData[0x%08X%08X]",
SBE::higher32BWord(l_modifyingData),
SBE::lower32BWord(l_modifyingData));
- l_primStatus = SBE_PRI_GENERIC_EXECUTION_FAILURE;
- l_secStatus = l_rc;
break;
}
} while (false);
- // Build the response header packet
-
- l_hdr.setStatus(l_primStatus, l_secStatus);
- l_rc = sbeDsSendRespHdr(l_hdr, &l_ffdc);
- if (l_rc)
+ if(l_rc == SBE_SEC_OPERATION_SUCCESSFUL)
{
- // will let command processor routine
- // handle the failure
- break;
+ // Build the response header packet
+ l_rc = sbeDsSendRespHdr(l_hdr, &l_ffdc);
+ if (l_rc)
+ {
+ // will let command processor routine
+ // handle the failure
+ break;
+ }
}
} while(false);
@@ -355,12 +334,12 @@ uint32_t sbePutScomUnderMask (uint8_t *i_pArg)
uint32_t l_rc = SBE_SEC_OPERATION_SUCCESSFUL;
sbePutScomUnderMaskReqMsg_t l_putScomUmaskMsg;
+ sbeRespGenHdr_t l_hdr;
+ l_hdr.init();
+ sbeResponseFfdc_t l_ffdc;
do
{
- uint16_t l_primStatus = SBE_GLOBAL->sbeCmdRespHdr.prim_status;
- uint16_t l_secStatus = SBE_GLOBAL->sbeCmdRespHdr.sec_status ;
-
// Will attempt to dequeue the following entries:
// Entry 1 : Scom Register Address (0..31)
// Entry 2 : Scom Register Address (32..63)
@@ -381,10 +360,6 @@ uint32_t sbePutScomUnderMask (uint8_t *i_pArg)
break;
}
- sbeRespGenHdr_t l_hdr;
- l_hdr.init();
- sbeResponseFfdc_t l_ffdc;
-
SBE_DEBUG(SBE_FUNC"scomAddr[0x%08X%08X],"
"modifyingData[0x%08X%08X]",
l_putScomUmaskMsg.hiAddr,
@@ -404,19 +379,19 @@ uint32_t sbePutScomUnderMask (uint8_t *i_pArg)
uint64_t l_addr = ( (uint64_t) l_putScomUmaskMsg.hiAddr << 32) |
l_putScomUmaskMsg.lowAddr;
- l_rc = checkIndirectAndDoScom(true, l_addr,
- l_scomData, &l_ffdc);
+ checkIndirectAndDoScom(true, l_addr,
+ l_scomData, &l_hdr, &l_ffdc);
- if (l_rc == SBE_SEC_OPERATION_SUCCESSFUL) // scom success
+ if (l_hdr.secondaryStatus == SBE_SEC_OPERATION_SUCCESSFUL) // scom success
{
l_putScomUmaskMsg.getScomData(l_scomData);
// Write the modified data
- l_rc = checkIndirectAndDoScom(false, l_addr,
- l_scomData, &l_ffdc);
+ checkIndirectAndDoScom(false, l_addr,
+ l_scomData, &l_hdr, &l_ffdc);
}
- if (l_rc != SBE_SEC_OPERATION_SUCCESSFUL) // scom failed
+ if (l_hdr.secondaryStatus != SBE_SEC_OPERATION_SUCCESSFUL) // scom failed
{
SBE_ERROR(SBE_FUNC"scom failed, "
"ScomAddress[0x%08X%08X]",
@@ -429,22 +404,18 @@ uint32_t sbePutScomUnderMask (uint8_t *i_pArg)
l_putScomUmaskMsg.hiMaskData,
l_putScomUmaskMsg.lowMaskData);
- l_primStatus = SBE_PRI_GENERIC_EXECUTION_FAILURE;
- l_secStatus = l_rc;
break;
}
} while (false);
+ } while(false);
+ if(l_rc == SBE_SEC_OPERATION_SUCCESSFUL)
+ {
// Build the response header packet
- l_hdr.setStatus(l_primStatus, l_secStatus);
l_rc = sbeDsSendRespHdr(l_hdr, &l_ffdc);
- if (l_rc)
- {
- // will let command processor routine
- // handle the failure
- break;
- }
- } while(false);
+ // will let command processor routine
+ // handle the failure
+ }
SBE_EXIT(SBE_FUNC);
return l_rc;
diff --git a/src/sbefw/sbefwfiles.mk b/src/sbefw/sbefwfiles.mk
index 439c4bb6..dbfb7678 100644
--- a/src/sbefw/sbefwfiles.mk
+++ b/src/sbefw/sbefwfiles.mk
@@ -54,6 +54,7 @@ SBEFW-CPP-SOURCES += sbeSpMsg.C
SBEFW-CPP-SOURCES += sbeglobals.C
SBEFW-CPP-SOURCES += sbeMemAccessInterface.C
SBEFW-CPP-SOURCES += sbeSecureMemRegionManager.C
+SBEFW-CPP-SOURCES += sbeSecurity.C
SBEFW-C-SOURCES =
SBEFW-S-SOURCES =
diff --git a/src/sbefw/sbescom.C b/src/sbefw/sbescom.C
index 634c8868..c38827c8 100644
--- a/src/sbefw/sbescom.C
+++ b/src/sbefw/sbescom.C
@@ -5,7 +5,7 @@
/* */
/* OpenPOWER sbe Project */
/* */
-/* Contributors Listed Below - COPYRIGHT 2016 */
+/* Contributors Listed Below - COPYRIGHT 2016,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
@@ -29,6 +29,7 @@
#include "plat_hw_access.H"
#include "plat_target.H"
#include "sbescom.H"
+#include "sbeSecurity.H"
using namespace fapi2;
/**
@@ -66,14 +67,14 @@ enum sbeScomType
SBE_SCOM_TYPE_INDIRECT_2 = 2, // Indirect scom. New form
};
-uint32_t checkIndirectAndDoScom( const bool i_isRead,
- const uint64_t i_addr,
- uint64_t & io_data,
- sbeResponseFfdc_t *const o_ffdc)
+void checkIndirectAndDoScom( const bool i_isRead,
+ const uint64_t i_addr,
+ uint64_t & io_data,
+ sbeRespGenHdr_t *const o_hdr,
+ sbeResponseFfdc_t *const o_ffdc)
{
#define SBE_FUNC " checkIndirectAndDoScom "
- uint32_t l_rc = SBE_SEC_OPERATION_SUCCESSFUL;
uint32_t elapsedIndScomTimeNs = 0;
uint64_t tempBuffer = io_data;
sbeScomType scomType = SBE_SCOM_TYPE_DIRECT;
@@ -85,6 +86,11 @@ uint32_t checkIndirectAndDoScom( const bool i_isRead,
{
plat_target_handle_t l_hndl;
SBE_INFO(SBE_FUNC "Performing Direct scom.");
+ CHECK_SBE_SECURITY_RC_AND_BREAK_IF_NOT_SUCCESS(
+ static_cast<uint32_t>(i_addr),
+ (i_isRead ? SBE_SECURITY::READ : SBE_SECURITY::WRITE),
+ o_hdr->primaryStatus,
+ o_hdr->secondaryStatus)
if( i_isRead )
{
fapiRc = getscom_abs_wrap (&l_hndl, (uint32_t)i_addr,
@@ -106,7 +112,8 @@ uint32_t checkIndirectAndDoScom( const bool i_isRead,
{
// Not allowed write on new format.
SBE_ERROR(SBE_FUNC "Read not allowed in new form");
- l_rc = SBE_SEC_INVALID_ADDRESS_PASSED;
+ o_hdr->primaryStatus = SBE_PRI_GENERIC_EXECUTION_FAILURE;
+ o_hdr->secondaryStatus = SBE_SEC_INVALID_ADDRESS_PASSED;
break;
}
// Zero out the indirect address location.. leave the 52bits of data
@@ -134,6 +141,11 @@ uint32_t checkIndirectAndDoScom( const bool i_isRead,
// bit 48-63 - local addr
uint64_t tempAddr = i_addr & 0x000000007FFFFFFF;
plat_target_handle_t l_hndl;
+ CHECK_SBE_SECURITY_RC_AND_BREAK_IF_NOT_SUCCESS(
+ static_cast<uint32_t>(tempAddr),
+ (i_isRead ? SBE_SECURITY::READ : SBE_SECURITY::WRITE),
+ o_hdr->primaryStatus,
+ o_hdr->secondaryStatus)
// If we are doing a read. We need to do a write first..
if( i_isRead)
@@ -191,7 +203,8 @@ uint32_t checkIndirectAndDoScom( const bool i_isRead,
if( ! scomout.done)
{
SBE_ERROR(SBE_FUNC "Indirect scom timeout.");
- l_rc = SBE_SEC_HW_OP_TIMEOUT;
+ o_hdr->primaryStatus = SBE_PRI_GENERIC_EXECUTION_FAILURE;
+ o_hdr->secondaryStatus = SBE_SEC_HW_OP_TIMEOUT;
break;
}
@@ -199,11 +212,11 @@ uint32_t checkIndirectAndDoScom( const bool i_isRead,
if (fapiRc != FAPI2_RC_SUCCESS)
{
- l_rc = SBE_SEC_PCB_PIB_ERR;
+ o_hdr->primaryStatus = SBE_PRI_GENERIC_EXECUTION_FAILURE;
+ o_hdr->secondaryStatus = SBE_SEC_PCB_PIB_ERR;
if(o_ffdc) o_ffdc->setRc(fapiRc);
}
- SBE_DEBUG(SBE_FUNC "fapiRc:%u l_rc:0x%08X", fapiRc, l_rc);
- return l_rc;
+ SBE_DEBUG(SBE_FUNC "fapiRc:%u o_hdr->secondaryStatus:0x%08X", fapiRc, o_hdr->secondaryStatus);
}
diff --git a/src/sbefw/sbescom.H b/src/sbefw/sbescom.H
index 7241634f..86c16379 100644
--- a/src/sbefw/sbescom.H
+++ b/src/sbefw/sbescom.H
@@ -5,7 +5,7 @@
/* */
/* OpenPOWER sbe Project */
/* */
-/* Contributors Listed Below - COPYRIGHT 2016 */
+/* Contributors Listed Below - COPYRIGHT 2016,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
@@ -30,11 +30,12 @@
* @param[in] i_isRead True if read operation, false otherwise
* @param[in] i_addr scom addess
* @param[in] io_data data for scom operation. For read, it is output operand.
+ * @param[out] o_hdr response header object
* @param[out] o_ffdc ffdc object
*
- * @return seconday error code.
*/
-uint32_t checkIndirectAndDoScom( const bool i_isRead,
+void checkIndirectAndDoScom( const bool i_isRead,
const uint64_t i_addr,
uint64_t & io_data,
+ sbeRespGenHdr_t *const o_hdr,
sbeResponseFfdc_t *const o_ffdc);
diff --git a/src/sbefw/sbeutil.H b/src/sbefw/sbeutil.H
index 58614fb3..39a3e25c 100644
--- a/src/sbefw/sbeutil.H
+++ b/src/sbefw/sbeutil.H
@@ -46,6 +46,14 @@ if ((l_rc) != SBE_SEC_OPERATION_SUCCESSFUL) \
break; \
}
+#define CHECK_SBE_SECURITY_RC_AND_BREAK_IF_NOT_SUCCESS(addr, op, prim, sec) \
+if (!SBE_SECURITY::isAllowed(addr, op)) \
+{ \
+ prim = SBE_PRI_UNSECURE_ACCESS_DENIED; \
+ sec = SBE_SEC_BLACKLISTED_REG_ACCESS; \
+ break; \
+}
+
#define mfdec() \
({volatile uint32_t l_dec; \
asm volatile ("mfdec %0" : "=r" (l_dec)); \
diff --git a/src/test/testcases/test.xml b/src/test/testcases/test.xml
index a56da5de..6cbdcc17 100755
--- a/src/test/testcases/test.xml
+++ b/src/test/testcases/test.xml
@@ -33,7 +33,7 @@
<include>../simics/targets/p9_nimbus/sbeTest/testPSUSetStashPair.xml</include>
<include>../simics/targets/p9_nimbus/sbeTest/testIstep.xml</include>
<include>../simics/targets/p9_nimbus/sbeTest/testSuspendIO.xml</include>
- <include>../simics/targets/p9_nimbus/sbeTest/testScom.xml</include>
+ <include>../simics/targets/p9_nimbus/sbeTest/testSecurity.xml</include>
<include>../simics/targets/p9_nimbus/sbeTest/testGeneric.xml</include>
<!-- Memory access testcases -->
<include>../simics/targets/p9_nimbus/sbeTest/testUnsecureMemRegions.xml</include>
@@ -52,7 +52,6 @@
<include>../simics/targets/p9_nimbus/sbeTest/testExecutorPutRing.xml</include>
<include>../simics/targets/p9_nimbus/sbeTest/testFastAccess.xml</include>
<include>../simics/targets/p9_nimbus/sbeTest/testQuiesce.xml</include>
- <include>../simics/targets/p9_nimbus/sbeTest/testSecurity.xml</include>
<testcase>
<simcmd>sbe-trace 0</simcmd>
</testcase>
diff --git a/src/test/testcases/testModifyScom.py b/src/test/testcases/testModifyScom.py
deleted file mode 100755
index 487dae5b..00000000
--- a/src/test/testcases/testModifyScom.py
+++ /dev/null
@@ -1,98 +0,0 @@
-# IBM_PROLOG_BEGIN_TAG
-# This is an automatically generated prolog.
-#
-# $Source: src/test/testcases/testModifyScom.py $
-#
-# OpenPOWER sbe Project
-#
-# Contributors Listed Below - COPYRIGHT 2016
-# [+] International Business Machines Corp.
-#
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# permissions and limitations under the License.
-#
-# IBM_PROLOG_END_TAG
-import sys
-sys.path.append("targets/p9_nimbus/sbeTest" )
-import testUtil
-err = False
-#from testWrite import *
-
-
-PUTSCOM_TESTDATA = [0,0,0,6,
- 0,0,0xA2,0x02,
- 0,0,0x0,0x00,
- 0,0x05,0x00,0x3E, #scratch reg 7 (32-bit)
- 0x00,0xff,0x00,0xff,
- 0x00,0x00,0x00,0x00 ]
-
-PUTSCOM_EXPDATA = [0xc0,0xde,0xa2,0x02,
- 0x0,0x0,0x0,0x0,
- 0x00,0x0,0x0,0x03];
-
-
-MODIFYSCOM_TESTDATA = [0,0,0,7,
- 0,0,0xA2,0x03,
- 0,0,0x0,0x01,
- 0,0,0x0,0x00,
- 0,0x05,0x00,0x3E,
- 0xde,0x00,0xff,0x00,
- 0x00,0x00,0x00,0x00]
-
-MODIFYSCOM_EXPDATA = [0xc0,0xde,0xa2,0x03,
- 0x0,0x0,0x0,0x0,
- 0x00,0x0,0x0,0x03];
-
-GETSCOM4MODIFYSCOM_TESTDATA = [0,0,0,4,
- 0,0,0xA2,0x01,
- 0,0,0x0,0x00,
- 0,0x05,0x0,0x3E]
-
-GETSCOM4MODIFYSCOM_EXPDATA = [0xde,0xff,0xff,0xff,
- 0x00,0x00,0x00,0x00,
- 0xc0,0xde,0xa2,0x01,
- 0x0,0x0,0x0,0x0,
- 0x00,0x0,0x0,0x03];
-
-# MAIN Test Run Starts Here...
-#-------------------------------------------------
-def main( ):
- testUtil.runCycles( 10000000 )
-
- testUtil.writeUsFifo( PUTSCOM_TESTDATA )
- testUtil.writeEot( )
- testUtil.readDsFifo( PUTSCOM_EXPDATA )
- testUtil.readEot( )
-
- testUtil.writeUsFifo( MODIFYSCOM_TESTDATA )
- testUtil.writeEot( )
- testUtil.readDsFifo( MODIFYSCOM_EXPDATA )
- testUtil.readEot( )
-
- testUtil.writeUsFifo( GETSCOM4MODIFYSCOM_TESTDATA )
- testUtil.writeEot( )
- testUtil.readDsFifo( GETSCOM4MODIFYSCOM_EXPDATA )
- testUtil.readEot( )
-
-#-------------------------------------------------
-# Calling all test code
-#-------------------------------------------------
-main()
-
-if err:
- print ("\nTest Suite completed with error(s)")
- #sys.exit(1)
-else:
- print ("\nTest Suite completed with no errors")
- #sys.exit(0);
-
diff --git a/src/test/testcases/testPutGetInScom.py b/src/test/testcases/testPutGetInScom.py
deleted file mode 100755
index 2aecb0e6..00000000
--- a/src/test/testcases/testPutGetInScom.py
+++ /dev/null
@@ -1,83 +0,0 @@
-# IBM_PROLOG_BEGIN_TAG
-# This is an automatically generated prolog.
-#
-# $Source: src/test/testcases/testPutGetInScom.py $
-#
-# OpenPOWER sbe Project
-#
-# Contributors Listed Below - COPYRIGHT 2015,2016
-# [+] International Business Machines Corp.
-#
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# permissions and limitations under the License.
-#
-# IBM_PROLOG_END_TAG
-
-import sys
-sys.path.append("targets/p9_nimbus/sbeTest" )
-import testUtil
-err = False
-#from testWrite import *
-
-# @TODO via RTC : 141905
-# Modify the test sequence in such a way that
-# the test does not leave the Register value altered.
-
-# Indirect scom form 0 test case
-PUTSCOM_TESTDATA = [0,0,0,6,
- 0,0,0xA2,0x02,
- 0x80,0x0,0x0,0x83,
- 0x0D,0x01,0x0C,0x3F,
- 0xde,0xca,0xff,0xee,
- 0x00,0x00,0x12,0x34 ]
-
-PUTSCOM_EXPDATA = [0xc0,0xde,0xa2,0x02,
- 0x0,0x0,0x0,0x0,
- 0x00,0x0,0x0,0x03];
-
-GETSCOM_TESTDATA = [0,0,0,4,
- 0,0,0xA2,0x01,
- 0x80,0x0,0x0,0x83,
- 0x0D,0x01,0x0C,0x3F]
-
-GETSCOM_EXPDATA = [0x00,0x00,0x00,0x00,
- 0x00,0x00,0x12,0x34, # Only last 16 bits will be returned
- 0xc0,0xde,0xa2,0x01,
- 0x0,0x0,0x0,0x0,
- 0x00,0x0,0x0,0x03];
-
-# MAIN Test Run Starts Here...
-#-------------------------------------------------
-def main( ):
- testUtil.runCycles( 10000000 )
- testUtil.writeUsFifo( PUTSCOM_TESTDATA )
- testUtil.writeEot( )
- testUtil.readDsFifo( PUTSCOM_EXPDATA )
- testUtil.readEot( )
- testUtil.writeUsFifo( GETSCOM_TESTDATA )
- testUtil.writeEot( )
- testUtil.readDsFifo( GETSCOM_EXPDATA )
- testUtil.readEot( )
-
-#-------------------------------------------------
-# Calling all test code
-#-------------------------------------------------
-main()
-
-if err:
- print ("\nTest Suite completed with error(s)")
- #sys.exit(1)
-else:
- print ("\nTest Suite completed with no errors")
- #sys.exit(0);
-
diff --git a/src/test/testcases/testPutGetScom.py b/src/test/testcases/testPutGetScom.py
index 6378e114..8b5fe5ce 100755..100644
--- a/src/test/testcases/testPutGetScom.py
+++ b/src/test/testcases/testPutGetScom.py
@@ -5,7 +5,7 @@
#
# OpenPOWER sbe Project
#
-# Contributors Listed Below - COPYRIGHT 2015,2016
+# Contributors Listed Below - COPYRIGHT 2016,2017
# [+] International Business Machines Corp.
#
#
@@ -22,98 +22,12 @@
# permissions and limitations under the License.
#
# IBM_PROLOG_END_TAG
+import os
import sys
-sys.path.append("targets/p9_nimbus/sbeTest" )
-import testUtil
-err = False
-#from testWrite import *
-
-# @TODO via RTC : 141905
-# Modify the test sequence in such a way that
-# the test does not leave the Register value altered.
-
-PUTSCOM_TESTDATA = [0,0,0,6,
- 0,0,0xA2,0x02,
- 0,0,0x0,0x00,
- 0,0x05,0x00,0x3E, #scratch reg 7 (32-bit)
- 0xde,0xca,0xff,0xee,
- 0x00,0x00,0x00,0x00 ]
-
-PUTSCOM_TESTDATA_INVALID = [0,0,0,6,
- 0,0,0xA2,0x02,
- 0,0,0x0,0x00,
- # TODO via RTC 152952: This address is invalid for
- # Nimbus but not for Cumulus
- 0x0a,0x00,0x00,0x00,
- 0xde,0xca,0xff,0xee,
- 0x00,0x00,0x00,0x00 ]
-
-PUTSCOM_EXPDATA = [0xc0,0xde,0xa2,0x02,
- 0x0,0x0,0x0,0x0,
- 0x00,0x0,0x0,0x03];
-
-PUTSCOM_EXPDATA_INVALID = [0xc0,0xde,0xa2,0x02,
- 0x0,0xfe,0x0,0x11]
-GETSCOM_TESTDATA = [0,0,0,4,
- 0,0,0xA2,0x01,
- 0,0,0x0,0x00,
- 0,0x05,0x0,0x3E]
-
-GETSCOM_TESTDATA_INVALID = [0,0,0,4,
- 0,0,0xA2,0x01,
- 0,0,0x0,0x00,
- # TODO via RTC: 152952: This address is invalid for
- # Nimbus but not for Cumulus
- 0x0a,0x0,0x0,0x0]
-
-GETSCOM_EXPDATA = [0xde,0xca,0xff,0xee,
- 0x00,0x00,0x00,0x00,
- 0xc0,0xde,0xa2,0x01,
- 0x0,0x0,0x0,0x0,
- 0x00,0x0,0x0,0x03];
-
-GETSCOM_EXPDATA_INVALID = [0xc0,0xde,0xa2,0x01,
- 0x0,0xfe,0x0,0x11]
-# MAIN Test Run Starts Here...
-#-------------------------------------------------
-def main( ):
- testUtil.runCycles( 10000000 )
- print ("\nStarting putscom test")
- testUtil.writeUsFifo( PUTSCOM_TESTDATA )
- testUtil.writeEot( )
- testUtil.readDsFifo( PUTSCOM_EXPDATA )
- testUtil.readEot( )
- print ("\nStarting invalid putscom test")
- testUtil.writeUsFifo( PUTSCOM_TESTDATA_INVALID )
- testUtil.writeEot( )
- testUtil.readDsFifo( PUTSCOM_EXPDATA_INVALID )
- testUtil.extractHWPFFDC( )
- #flush out distance
- testUtil.readDsEntryReturnVal()
- testUtil.readEot( )
- print ("\nStarting getscom test")
- testUtil.writeUsFifo( GETSCOM_TESTDATA )
- testUtil.writeEot( )
- testUtil.readDsFifo( GETSCOM_EXPDATA )
- testUtil.readEot( )
- print ("\nStarting invalid getscom test")
- testUtil.writeUsFifo( GETSCOM_TESTDATA_INVALID )
- testUtil.writeEot( )
- testUtil.readDsFifo( GETSCOM_EXPDATA_INVALID )
- testUtil.extractHWPFFDC( )
- #flush out distance
- testUtil.readDsEntryReturnVal()
- testUtil.readEot( )
-
-#-------------------------------------------------
-# Calling all test code
-#-------------------------------------------------
-main()
-
-if err:
- print ("\nTest Suite completed with error(s)")
- #sys.exit(1)
-else:
- print ("\nTest Suite completed with no errors")
- #sys.exit(0);
+import struct
+import testScomUtil
+# getscom success
+testScomUtil.getscom(0x0204001A)
+# putscom success
+testScomUtil.putscom(0x000F001A, testScomUtil.getscom(0x000F001A))
diff --git a/src/test/testcases/testPutScomUnderMask.py b/src/test/testcases/testPutScomUnderMask.py
deleted file mode 100755
index 200c57a9..00000000
--- a/src/test/testcases/testPutScomUnderMask.py
+++ /dev/null
@@ -1,99 +0,0 @@
-# IBM_PROLOG_BEGIN_TAG
-# This is an automatically generated prolog.
-#
-# $Source: src/test/testcases/testPutScomUnderMask.py $
-#
-# OpenPOWER sbe Project
-#
-# Contributors Listed Below - COPYRIGHT 2016
-# [+] International Business Machines Corp.
-#
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# permissions and limitations under the License.
-#
-# IBM_PROLOG_END_TAG
-import sys
-sys.path.append("targets/p9_nimbus/sbeTest" )
-import testUtil
-err = False
-#from testWrite import *
-
-PUTSCOM_TESTDATA = [0,0,0,6,
- 0,0,0xA2,0x02,
- 0,0,0x0,0x00,
- 0,0x05,0x00,0x3E, #scratch reg 7 (32-bit)
- 0xff,0xff,0xff,0xff,
- 0x00,0x00,0x00,0x00 ]
-
-PUTSCOM_EXPDATA = [0xc0,0xde,0xa2,0x02,
- 0x0,0x0,0x0,0x0,
- 0x00,0x0,0x0,0x03];
-
-
-PUTSCOMUMASK_TESTDATA = [0,0,0,8,
- 0,0,0xA2,0x04,
- 0,0,0x0,0x00,
- 0,0x05,0x00,0x3E,
- 0xde,0xca,0xff,0xee,
- 0x00,0x00,0x00,0x00,
- 0xff,0x00,0xff,0x00,
- 0x00,0x00,0x00,0x00]
-
-
-PUTSCOMUMASK_EXPDATA = [0xc0,0xde,0xa2,0x04,
- 0x0,0x0,0x0,0x0,
- 0x00,0x0,0x0,0x03];
-
-GETSCOMUMASK_TESTDATA = [0,0,0,4,
- 0,0,0xA2,0x01,
- 0,0,0x0,0x00,
- 0,0x05,0x0,0x3E]
-
-GETSCOMUMASK_EXPDATA = [0xde, 0xff, 0xff, 0xff,
- 0x00, 0x00, 0x00, 0x00,
- 0xc0,0xde,0xa2,0x01,
- 0x0,0x0,0x0,0x0,
- 0x00,0x0,0x0,0x03];
-
-# MAIN Test Run Starts Here...
-#-------------------------------------------------
-def main( ):
- testUtil.runCycles( 10000000 )
-
- testUtil.writeUsFifo( PUTSCOM_TESTDATA )
- testUtil.writeEot( )
- testUtil.readDsFifo( PUTSCOM_EXPDATA )
- testUtil.readEot( )
-
- testUtil.writeUsFifo( PUTSCOMUMASK_TESTDATA )
- testUtil.writeEot( )
- testUtil.readDsFifo( PUTSCOMUMASK_EXPDATA )
- testUtil.readEot( )
-
- testUtil.writeUsFifo( GETSCOMUMASK_TESTDATA )
- testUtil.writeEot( )
- testUtil.readDsFifo( GETSCOMUMASK_EXPDATA )
- testUtil.readEot( )
-
-#-------------------------------------------------
-# Calling all test code
-#-------------------------------------------------
-main()
-
-if err:
- print ("\nTest Suite completed with error(s)")
- #sys.exit(1)
-else:
- print ("\nTest Suite completed with no errors")
- #sys.exit(0);
-
diff --git a/src/test/testcases/testSbeDump.py b/src/test/testcases/testSbeDump.py
index 01ae81a7..f4f472a2 100644
--- a/src/test/testcases/testSbeDump.py
+++ b/src/test/testcases/testSbeDump.py
@@ -26,6 +26,7 @@ import sys
sys.path.append("targets/p9_nimbus/sbeTest")
import testUtil
err = False
+import testScomUtil
#from testWrite import *
TESTDATA = [0, 0, 0, 2,
@@ -39,6 +40,10 @@ EXPDATA = [0xc0, 0xde, 0xa8, 0x01,
#-------------------------------------------------
def main():
testUtil.runCycles(10000000)
+
+ # Generate FSPI rc
+ testScomUtil.getscom(0x0A000000, [0x00, 0xFE, 0x00, 0x11], True)
+
testUtil.writeUsFifo(TESTDATA)
testUtil.writeEot()
diff --git a/src/test/testcases/testScom.xml b/src/test/testcases/testScom.xml
deleted file mode 100755
index 8b536031..00000000
--- a/src/test/testcases/testScom.xml
+++ /dev/null
@@ -1,43 +0,0 @@
-<!-- IBM_PROLOG_BEGIN_TAG -->
-<!-- This is an automatically generated prolog. -->
-<!-- -->
-<!-- $Source: src/test/testcases/testScom.xml $ -->
-<!-- -->
-<!-- OpenPOWER sbe Project -->
-<!-- -->
-<!-- Contributors Listed Below - COPYRIGHT 2015,2016 -->
-<!-- [+] International Business Machines Corp. -->
-<!-- -->
-<!-- -->
-<!-- Licensed under the Apache License, Version 2.0 (the "License"); -->
-<!-- you may not use this file except in compliance with the License. -->
-<!-- You may obtain a copy of the License at -->
-<!-- -->
-<!-- http://www.apache.org/licenses/LICENSE-2.0 -->
-<!-- -->
-<!-- Unless required by applicable law or agreed to in writing, software -->
-<!-- distributed under the License is distributed on an "AS IS" BASIS, -->
-<!-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -->
-<!-- implied. See the License for the specific language governing -->
-<!-- permissions and limitations under the License. -->
-<!-- -->
-<!-- IBM_PROLOG_END_TAG -->
-<?xml version="1.0" encoding="UTF-8"?>
-
- <testcase>
- <simcmd>run-python-file targets/p9_nimbus/sbeTest/testPutGetScom.py</simcmd>
- <exitonerror>yes</exitonerror>
- </testcase>
- <testcase>
- <simcmd>run-python-file targets/p9_nimbus/sbeTest/testPutScomUnderMask.py</simcmd>
- <exitonerror>yes</exitonerror>
- </testcase>
- <testcase>
- <simcmd>run-python-file targets/p9_nimbus/sbeTest/testModifyScom.py</simcmd>
- <exitonerror>yes</exitonerror>
- </testcase>
- <testcase>
- <simcmd>run-python-file targets/p9_nimbus/sbeTest/testPutGetInScom.py</simcmd>
- <exitonerror>yes</exitonerror>
- </testcase>
-
diff --git a/src/test/testcases/testScomUtil.py b/src/test/testcases/testScomUtil.py
new file mode 100644
index 00000000..23b20005
--- /dev/null
+++ b/src/test/testcases/testScomUtil.py
@@ -0,0 +1,125 @@
+# IBM_PROLOG_BEGIN_TAG
+# This is an automatically generated prolog.
+#
+# $Source: src/test/testcases/testScomUtil.py $
+#
+# OpenPOWER sbe Project
+#
+# Contributors Listed Below - COPYRIGHT 2017
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# permissions and limitations under the License.
+#
+# IBM_PROLOG_END_TAG
+import sys
+import os
+import struct
+sys.path.append("targets/p9_nimbus/sbeTest" )
+import testUtil
+err = False
+
+def getsingleword(dataInInt):
+ hex_string = '0'*(8-len(str(hex(dataInInt))[2:])) + str(hex(dataInInt))[2:]
+ return list(struct.unpack('<BBBB',hex_string.decode('hex')))
+def getdoubleword(dataInInt):
+ hex_string = '0'*(16-len(str(hex(dataInInt))[:18][2:])) + str(hex(dataInInt))[:18][2:]
+ return list(struct.unpack('<BBBBBBBB',hex_string.decode('hex')))
+
+def getscom(addr, expStatus = [0, 0, 0, 0], HWPffdc = False):
+ req = ([0, 0, 0, 4]
+ + [0,0,0xA2,0x01]
+ + getdoubleword(addr))
+
+ testUtil.writeUsFifo(req)
+ testUtil.writeEot( )
+
+ expData = ([0xc0,0xde,0xa2,0x01]
+ + expStatus)
+ success = False
+ if(expStatus == [0, 0, 0, 0]):
+ success = True
+
+ data = [0]*8
+ if(success):
+ data = testUtil.readDsEntryReturnVal()
+ data += testUtil.readDsEntryReturnVal()
+ testUtil.readDsFifo(expData)
+ if(not success and HWPffdc):
+ testUtil.extractHWPFFDC( )
+ #flush out distance
+ testUtil.readDsEntryReturnVal()
+ testUtil.readEot( )
+
+ val = 0
+ for i in range(0, 8):
+ val |= data[i] << ((7-i)*8)
+ return val
+
+def putscom(addr, data, expStatus = [0, 0, 0, 0]):
+ req = ([0,0,0,6,
+ 0,0,0xA2,0x02]
+ + getdoubleword(addr)
+ + getdoubleword(data))
+ testUtil.writeUsFifo(req)
+ testUtil.writeEot( )
+
+ expData = ([0xc0,0xde,0xa2,0x02]
+ + expStatus)
+
+ success = False
+ if(expStatus == [0, 0, 0, 0]):
+ success = True
+ testUtil.readDsFifo(expData)
+ #flush out distance
+ testUtil.readDsEntryReturnVal()
+ testUtil.readEot( )
+
+def putScomUnderMask(addr, data, mask, expStatus = [0, 0, 0, 0]):
+ req = ([0,0,0,8,
+ 0,0,0xA2,0x04]
+ + getdoubleword(addr)
+ + getdoubleword(data)
+ + getdoubleword(mask))
+ testUtil.writeUsFifo(req)
+ testUtil.writeEot( )
+
+ expData = ([0xc0,0xde,0xa2,0x04]
+ + expStatus)
+
+ success = False
+ if(expStatus == [0, 0, 0, 0]):
+ success = True
+ testUtil.readDsFifo(expData)
+ #flush out distance
+ testUtil.readDsEntryReturnVal()
+ testUtil.readEot( )
+
+def modifyScom(operation, addr, data, expStatus = [0, 0, 0, 0]):
+ req = ([0,0,0,7,
+ 0,0,0xA2,0x03]
+ + getsingleword(operation)
+ + getdoubleword(addr)
+ + getdoubleword(data))
+ testUtil.writeUsFifo(req)
+ testUtil.writeEot( )
+
+ expData = ([0xc0,0xde,0xa2,0x03]
+ + expStatus)
+
+ success = False
+ if(expStatus == [0, 0, 0, 0]):
+ success = True
+ testUtil.readDsFifo(expData)
+ #flush out distance
+ testUtil.readDsEntryReturnVal()
+ testUtil.readEot( )
diff --git a/src/test/testcases/testSecurity.py b/src/test/testcases/testSecurity.py
index 58c4e2d4..be352ca1 100644
--- a/src/test/testcases/testSecurity.py
+++ b/src/test/testcases/testSecurity.py
@@ -25,6 +25,7 @@
import os
import sys
import struct
+import testScomUtil
SECURITY_FILE = "../../src/import/chips/p9/security/p9_security_white_black_list.csv"
SECURITY_SCRIPT = "../../src/build/security/securityRegListGen.py"
@@ -78,11 +79,53 @@ def main():
whitelist_table1,
whitelist_table2,
whitelist_table3)
+ print "generated whitelist validation passed"
test_normal('blacklist',
blacklist,
blacklist_table1,
blacklist_table2,
blacklist_table3)
+ print "generated blacklist validation passed"
+
+ # getscom success
+ testScomUtil.getscom(0x0204001A)
+ print "getscom success testcase - passed"
+ # getscom failure
+ testScomUtil.getscom(eval(blacklist[0]), [0x00, 0x05, 0x00, 0x0B])
+ print "getscom failure testcase - passed"
+ # putscom success
+ testScomUtil.putscom(eval(whitelist[0]), testScomUtil.getscom(eval(whitelist[0])))
+ print "putscom success testcase - passed"
+ # putscom failure
+ while(True):
+ random_addr = struct.unpack('>L', os.urandom(4))[0]
+ if random_addr not in [eval(a) for a in whitelist]:
+ testScomUtil.putscom(random_addr, 0, [0x00, 0x05, 0x00, 0x0B])
+ break
+ print "putscom failure testcase - passed"
+ # modify scom success
+ dataWritten = testScomUtil.getscom(0x00040006)
+ testScomUtil.modifyScom(0x01, 0x00040006, 0x0)
+ dataRead = testScomUtil.getscom(0x00040006)
+ if(dataRead != dataWritten):
+ raise Exception('modify scom failed %x != %x' % (dataRead, dataWritten))
+ print "modify scom success testcase - passed"
+ # putscom under mask success
+ dataWritten = testScomUtil.getscom(0x00040006)
+ testScomUtil.putScomUnderMask(0x00040006, dataWritten, 0xFFFFFFFFFFFFFFFF)
+ dataRead = testScomUtil.getscom(0x00040006)
+ if(dataRead != dataWritten):
+ raise Exception('PutScom under mask failed %x != %x' % (dataRead, dataWritten))
+ print "putscom under mask success testcase - passed"
+ # indirect scom test
+ dataWritten = testScomUtil.getscom(0x8000000D06010C3F)
+ dataiActWritten = (dataWritten & 0x00000000FFFFFFFF) | (0xDECAFFEE00000000)
+ testScomUtil.putscom(0x8000000D06010C3F, dataiActWritten)
+ dataRead = testScomUtil.getscom(0x8000000D06010C3F)
+ if(dataRead != dataWritten):
+ raise Exception('indirect scom test failed %x != %x' % (dataRead, dataWritten))
+ print "Indirect scom success testcase - passed"
+
except Exception, error:
raise Exception(error)
diff --git a/src/tools/debug/simics-debug-framework.py b/src/tools/debug/simics-debug-framework.py
index 077ed850..8278d27f 100755
--- a/src/tools/debug/simics-debug-framework.py
+++ b/src/tools/debug/simics-debug-framework.py
@@ -50,9 +50,9 @@ def get_dd_level(procNr = 0):
with open('temp.map', 'r') as f:
map = f.read()
map = map.split()
- if map[map.index('p9Proc0.sbe.fi2c_bo:fi2cfsm')-1] == '0x80000000':
+ if map[map.index('p9Proc'+str(procNr)+'.sbe.fi2c_bo:fi2cfsm')-1] == '0x80000000':
ddlevel = "DD1"
- if map[map.index('p9Proc0.sbe.fi2c_bo:fi2cfsm')-1] == '0xff800000':
+ if map[map.index('p9Proc'+str(procNr)+'.sbe.fi2c_bo:fi2cfsm')-1] == '0xff800000':
ddlevel = "DD2"
print "running image - ["+ddlevel+"]"
return ddlevel
OpenPOWER on IntegriCloud