diff options
author | spashabk-in <shakeebbk@in.ibm.com> | 2018-01-23 05:19:54 -0600 |
---|---|---|
committer | Sachin Gupta <sgupta2m@in.ibm.com> | 2018-03-06 10:38:27 -0500 |
commit | 8e9d92bf3c8fc86ad2885db215ac9e87dcb6dceb (patch) | |
tree | 3b57400140a90d1bb3a323bfbf8af7c462b7fcca /src/sbefw/core | |
parent | 160637c9e837f942480db4db7809123e91b2912a (diff) | |
download | talos-sbe-8e9d92bf3c8fc86ad2885db215ac9e87dcb6dceb.tar.gz talos-sbe-8e9d92bf3c8fc86ad2885db215ac9e87dcb6dceb.zip |
Check for disable scom filtering bit
Disable scom filtering if the scom filtering disable bit is set
Change-Id: I866275da3b05d340636e5e847eb63e14b3a67937
cmvc-prereq: 1046050
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/53854
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: RAJA DAS <rajadas2@in.ibm.com>
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/52428
Reviewed-by: Sachin Gupta <sgupta2m@in.ibm.com>
Diffstat (limited to 'src/sbefw/core')
-rw-r--r-- | src/sbefw/core/sbe_sp_intf.H | 1 | ||||
-rw-r--r-- | src/sbefw/core/sberegaccess.H | 19 | ||||
-rw-r--r-- | src/sbefw/core/sbeutil.H | 15 |
3 files changed, 30 insertions, 5 deletions
diff --git a/src/sbefw/core/sbe_sp_intf.H b/src/sbefw/core/sbe_sp_intf.H index 4b6c7704..76895ae3 100644 --- a/src/sbefw/core/sbe_sp_intf.H +++ b/src/sbefw/core/sbe_sp_intf.H @@ -221,6 +221,7 @@ enum sbeSecondaryResponse SBE_SEC_BLACKLISTED_CHIPOP_ACCESS = 0x20, SBE_SEC_DMT_TIMEOUT = 0x21, SBE_SEC_SYSTEM_CHECKSTOP = 0x22, + SBE_SEC_BLACKLISTED_REG_ACCESS_BLOCKED = 0x23, }; /** diff --git a/src/sbefw/core/sberegaccess.H b/src/sbefw/core/sberegaccess.H index cff354b3..62d07d41 100644 --- a/src/sbefw/core/sberegaccess.H +++ b/src/sbefw/core/sberegaccess.H @@ -35,6 +35,7 @@ #include <stdint.h> #include "sbestates.H" #include "sbeevents.H" +#include "fapi2.H" /** * @brief Utility singleton that SBEFW can use to read write various scratch @@ -257,6 +258,19 @@ class SbeRegAccess */ bool isSbeRegressionBit(); + /* + * @brief Get disable scom filtering bit + * + * @return scom filtering disable allowed + */ + bool disableScomFiltering() + { + fapi2::Target<fapi2::TARGET_TYPE_SYSTEM> FAPI_SYSTEM; + uint8_t readData; + FAPI_ATTR_GET(fapi2::ATTR_SECURITY_MODE, FAPI_SYSTEM, readData); + return (!readData && + iv_disableScomFiltering); + } private: /** @@ -275,9 +289,10 @@ class SbeRegAccess uint64_t iv_fspAttached : 1; uint64_t iv_collectFFDC : 1; uint64_t iv_sendFFDC : 1; - uint64_t iv_mbx3DontCare1 : 6; + uint64_t iv_mbx3DontCare1 : 5; + uint64_t iv_disableScomFiltering : 1; uint64_t iv_disableInvalidScomAddrCheck : 1; - uint64_t iv_mbx3DontCare : 19; + uint64_t iv_mbx3DontCare2 : 19; uint64_t iv_mbx3Unused : 32; }; uint64_t iv_mbx3; diff --git a/src/sbefw/core/sbeutil.H b/src/sbefw/core/sbeutil.H index 9528eabd..73850ff7 100644 --- a/src/sbefw/core/sbeutil.H +++ b/src/sbefw/core/sbeutil.H @@ -49,10 +49,19 @@ if ((l_rc) != SBE_SEC_OPERATION_SUCCESSFUL) \ #define CHECK_SBE_SECURITY_RC_AND_BREAK_IF_NOT_SUCCESS(addr, op, resp) \ if (!SBE_SECURITY::isAllowed(addr, op)) \ { \ - resp->setStatus(SBE_PRI_UNSECURE_ACCESS_DENIED, \ - SBE_SEC_BLACKLISTED_REG_ACCESS); \ /* TODO via RTC 180983:Enable this once the BL/WL registers are settled */ \ - /*break;*/ \ + if(SbeRegAccess::theSbeRegAccess().disableScomFiltering()) \ + { \ + /* security override possible && scom filtering disabled */ \ + resp->setStatus(SBE_PRI_UNSECURE_ACCESS_DENIED, \ + SBE_SEC_BLACKLISTED_REG_ACCESS); \ + } \ + else \ + { \ + resp->setStatus(SBE_PRI_UNSECURE_ACCESS_DENIED, \ + SBE_SEC_BLACKLISTED_REG_ACCESS_BLOCKED); \ + break; \ + } \ } #define mfdec() \ |