diff options
| author | spashabk-in <shakeebbk@in.ibm.com> | 2017-07-31 07:10:40 -0500 |
|---|---|---|
| committer | Sachin Gupta <sgupta2m@in.ibm.com> | 2017-09-06 04:38:28 -0400 |
| commit | 708be51a63b378eb92a85e30661f77cbaf0d8807 (patch) | |
| tree | 028b9ebc9998cd0f8373c1515e6d6ba23f5c0f91 /src/sbefw | |
| parent | 736117bd18a6cd612ce052ff79dee895e8415d02 (diff) | |
| download | talos-sbe-708be51a63b378eb92a85e30661f77cbaf0d8807.tar.gz talos-sbe-708be51a63b378eb92a85e30661f77cbaf0d8807.zip | |
Secure Memory Manager implementation
Support to update and manage the memory window list
Opening of HB Dump window in istep 5.1
Enabled memory filtering in mem access chip-ops
Change-Id: I72b68ac099371babe47a64689fa38927934625b7
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/43929
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: AMIT J. TENDOLKAR <amit.tendolkar@in.ibm.com>
Reviewed-by: RAJA DAS <rajadas2@in.ibm.com>
Reviewed-by: Sachin Gupta <sgupta2m@in.ibm.com>
Diffstat (limited to 'src/sbefw')
| -rw-r--r-- | src/sbefw/sbeSecureMemRegionManager.C | 186 | ||||
| -rw-r--r-- | src/sbefw/sbeSecureMemRegionManager.H | 113 | ||||
| -rw-r--r-- | src/sbefw/sbecmdiplcontrol.C | 56 | ||||
| -rw-r--r-- | src/sbefw/sbecmdmemaccess.C | 291 | ||||
| -rw-r--r-- | src/sbefw/sbefwfiles.mk | 1 | ||||
| -rw-r--r-- | src/sbefw/sbefwseepromfiles.mk | 2 |
6 files changed, 527 insertions, 122 deletions
diff --git a/src/sbefw/sbeSecureMemRegionManager.C b/src/sbefw/sbeSecureMemRegionManager.C new file mode 100644 index 00000000..189ee56b --- /dev/null +++ b/src/sbefw/sbeSecureMemRegionManager.C @@ -0,0 +1,186 @@ +/* IBM_PROLOG_BEGIN_TAG */ +/* This is an automatically generated prolog. */ +/* */ +/* $Source: src/sbefw/sbeSecureMemRegionManager.C $ */ +/* */ +/* OpenPOWER sbe Project */ +/* */ +/* Contributors Listed Below - COPYRIGHT 2017 */ +/* */ +/* */ +/* Licensed under the Apache License, Version 2.0 (the "License"); */ +/* you may not use this file except in compliance with the License. */ +/* You may obtain a copy of the License at */ +/* */ +/* http://www.apache.org/licenses/LICENSE-2.0 */ +/* */ +/* Unless required by applicable law or agreed to in writing, software */ +/* distributed under the License is distributed on an "AS IS" BASIS, */ +/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */ +/* implied. See the License for the specific language governing */ +/* permissions and limitations under the License. */ +/* */ +/* IBM_PROLOG_END_TAG */ +#include "sbeSecureMemRegionManager.H" +#include "sbetrace.H" +#include "sbeutil.H" + +#ifndef __SBEFW_SEEPROM__ + +SBESecureMemRegionManager* SBESecMemRegionManager = + &SBESecureMemRegionManager::getInstance(); + +SBESecureMemRegionManager& SBESecureMemRegionManager::getInstance() +{ + static SBESecureMemRegionManager iv_instance; + return iv_instance; +} + +secureMemRegion_t SBESecureMemRegionManager::getPartialRegionSize( + const secureMemRegion_t i_region) +{ + secureMemRegion_t ret = {}; + for(size_t i = 0; i < iv_regionsOpenCnt; i++) + { + uint64_t minStartAddr = i_region.startAddress < iv_memRegions[i].startAddress ? + i_region.startAddress : iv_memRegions[i].startAddress; + uint64_t iRegionEndAddress = i_region.startAddress + i_region.size - 1; + uint64_t existingRegionEndAddress = iv_memRegions[i].startAddress + iv_memRegions[i].size - 1; + uint64_t maxEndAddr = iRegionEndAddress >= existingRegionEndAddress ? + iRegionEndAddress : existingRegionEndAddress; + + // detect overlap + if((maxEndAddr - minStartAddr + 1) < (i_region.size + iv_memRegions[i].size)) + { + ret = iv_memRegions[i]; + // Give preference to first region + if(i_region.startAddress >= iv_memRegions[i].startAddress && + i_region.startAddress < (iv_memRegions[i].startAddress + + iv_memRegions[i].size)) + { + // Return the existing window to the extent of input window + ret.startAddress = i_region.startAddress; + ret.size = iv_memRegions[i].startAddress + iv_memRegions[i].size + - i_region.startAddress; + if(ret.size > i_region.size) + ret.size = i_region.size; + break; + } + } + } + return ret; +} + +#endif //__SBEFW_SEEPROM__ +#ifdef __SBEFW_SEEPROM__ + +// Public functions +sbeSecondaryResponse SBESecureMemRegionManager::add(const uint64_t i_startAddr, + const uint32_t i_size, + const uint8_t i_mode) +{ + #define SBE_FUNC "SBESecureMemRegionManager::add" + sbeSecondaryResponse rc = SBE_SEC_OPERATION_SUCCESSFUL; + do + { + if(getPartialRegionSize({i_startAddr, i_size, i_mode}).mode) + { + SBE_ERROR(SBE_FUNC" SBE_SEC_MEM_REGION_AMEND_ATTEMPTED"); + rc = SBE_SEC_MEM_REGION_AMEND_ATTEMPTED; + break; + } + if(iv_regionsOpenCnt >= MAX_NONSECURE_MEM_REGIONS) + { + SBE_ERROR(SBE_FUNC" SBE_SEC_MAXIMUM_MEM_REGION_EXCEEDED"); + rc = SBE_SEC_MAXIMUM_MEM_REGION_EXCEEDED; + break; + } + SBE_INFO(SBE_FUNC" Adding region Mem[0x%08X%08X], size[0x%08X]", + SBE::higher32BWord(i_startAddr), + SBE::lower32BWord(i_startAddr), + i_size); + iv_memRegions[iv_regionsOpenCnt++] = {i_startAddr, i_size, i_mode}; + SBE_INFO(SBE_FUNC" after addition iv_regionsOpenCnt [%d]", + iv_regionsOpenCnt); + } while(0); + return rc; + #undef SBE_FUNC +} + +sbeSecondaryResponse SBESecureMemRegionManager::remove(const uint64_t i_startAddr) +{ + #define SBE_FUNC "SBESecureMemRegionManager::remove"; + size_t i = 0; + sbeSecondaryResponse rc = SBE_SEC_OPERATION_SUCCESSFUL; + for(; i < iv_regionsOpenCnt; i++) + { + if(i_startAddr == iv_memRegions[i].startAddress) + { + break; + } + } + if(i < iv_regionsOpenCnt) + { + SBE_INFO(SBE_FUNC" Deleting region i[%d], Mem[0x%08X%08X], size[0x%08X]", + i, + SBE::higher32BWord(iv_memRegions[i].startAddress), + SBE::lower32BWord(iv_memRegions[i].startAddress), + iv_memRegions[i].size); + // Remove the empty slot and maintain contiguous list + for(size_t j = i; j < iv_regionsOpenCnt-1; j++) + { + iv_memRegions[j].startAddress = iv_memRegions[j+1].startAddress; + iv_memRegions[j].size = iv_memRegions[j+1].size; + iv_memRegions[j].mode = iv_memRegions[j+1].mode; + } + + iv_regionsOpenCnt--; + SBE_INFO(SBE_FUNC" After deletion : iv_regionsOpenCnt[%d]", iv_regionsOpenCnt); + } + else + { + SBE_ERROR(SBE_FUNC" SBE_SEC_MEM_REGION_NOT_FOUND"); + rc = SBE_SEC_MEM_REGION_NOT_FOUND; + } + return rc; + #undef SBE_FUNC +} + +#endif //__SBEFW_SEEPROM__ +#ifndef __SBEFW_SEEPROM__ + +sbeSecondaryResponse SBESecureMemRegionManager::isAccessAllowed( + secureMemRegion_t i_region) +{ + #define SBE_FUNC "SBESecureMemRegionManager::isAccessAllowed" + sbeSecondaryResponse rc = SBE_SEC_OPERATION_SUCCESSFUL; + while(i_region.size > 0) + { + secureMemRegion_t foundregion = getPartialRegionSize(i_region); + // Check if the found region has allowable access level + // and that the region overlap is from the beginning itself + if((i_region.mode & foundregion.mode) && + (i_region.startAddress == foundregion.startAddress)) + { + SBE_INFO(SBE_FUNC" foundRegion Mem[0x%08X%08X], size[0x%08X]", + SBE::higher32BWord(foundregion.startAddress), + SBE::lower32BWord(foundregion.startAddress), + foundregion.size); + i_region.size -= foundregion.size; + i_region.startAddress += foundregion.size; + } + else + { + SBE_ERROR(SBE_FUNC" Non secure access to memory blocked " + "Addr[0x%08X%08X] Size[0x%08X]", + SBE::higher32BWord(i_region.startAddress), + SBE::lower32BWord(i_region.startAddress), + i_region.size); + rc = SBE_SEC_BLACKLISTED_MEM_ACCESS; + break; + } + } + return rc; + #undef SBE_FUNC +} +#endif //__SBEFW_SEEPROM__ diff --git a/src/sbefw/sbeSecureMemRegionManager.H b/src/sbefw/sbeSecureMemRegionManager.H new file mode 100644 index 00000000..c1127643 --- /dev/null +++ b/src/sbefw/sbeSecureMemRegionManager.H @@ -0,0 +1,113 @@ +/* IBM_PROLOG_BEGIN_TAG */ +/* This is an automatically generated prolog. */ +/* */ +/* $Source: src/sbefw/sbeSecureMemRegionManager.H $ */ +/* */ +/* OpenPOWER sbe Project */ +/* */ +/* Contributors Listed Below - COPYRIGHT 2017 */ +/* */ +/* */ +/* Licensed under the Apache License, Version 2.0 (the "License"); */ +/* you may not use this file except in compliance with the License. */ +/* You may obtain a copy of the License at */ +/* */ +/* http://www.apache.org/licenses/LICENSE-2.0 */ +/* */ +/* Unless required by applicable law or agreed to in writing, software */ +/* distributed under the License is distributed on an "AS IS" BASIS, */ +/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */ +/* implied. See the License for the specific language governing */ +/* permissions and limitations under the License. */ +/* */ +/* IBM_PROLOG_END_TAG */ +#pragma once + +#include <stdint.h> +#include <stddef.h> +#include "sbe_sp_intf.H" + +enum class memRegionMode:uint8_t +{ + READ = 0x01, + WRITE = 0x02, +}; + +// Structure to define a mem region +typedef struct +{ + uint64_t startAddress; + uint32_t size; + uint32_t mode; +} secureMemRegion_t; + +constexpr size_t MAX_NONSECURE_MEM_REGIONS = 8; + +class SBESecureMemRegionManager +{ + secureMemRegion_t iv_memRegions[MAX_NONSECURE_MEM_REGIONS]; + size_t iv_regionsOpenCnt; + + SBESecureMemRegionManager():iv_memRegions{0} + { + } + + /* + * @brief getPartialRegionSize - get the overlapping region + * if it exists. + * Also if the overlap is from the beginning, + * first region is returned + * + * + * @param[in] i_region region to check for overlap + * + * @return overlapping region + */ + secureMemRegion_t getPartialRegionSize(const secureMemRegion_t i_region); + + public: + // Disable copy constructors + SBESecureMemRegionManager(const SBESecureMemRegionManager&) = delete; + SBESecureMemRegionManager& operator=(const SBESecureMemRegionManager&) = delete; + + static SBESecureMemRegionManager& getInstance(); + + /* + * @brief add - Open a new memory region + * + * @param[in] i_startAddr Start address of the memory region + * @param[in] i_size Size of the memory region + * @param[in] i_mode Bit mapped access mode of the memory region + * + * @return SBE secondary RC + */ + sbeSecondaryResponse add(const uint64_t i_startAddr, + const uint32_t i_size, + const uint8_t i_mode); + /* + * @brief remove - Close a memory region + * + * @param[in] i_startAddr Start address of the memory region + * + * @return SBE secondary RC + */ + sbeSecondaryResponse remove(const uint64_t i_startAddr); + /* + * @brief isAccessAllowed - Check if the access is allowed + * + * @param[in] i_region region to check the access for + * + * @return SBE secondary RC + */ + sbeSecondaryResponse isAccessAllowed(secureMemRegion_t i_region); + + /* + * @brief closeAllRegions - close all non-secure regions + */ + void closeAllRegions() + { + iv_regionsOpenCnt = 0; + } +}; + +extern SBESecureMemRegionManager* SBESecMemRegionManager; diff --git a/src/sbefw/sbecmdiplcontrol.C b/src/sbefw/sbecmdiplcontrol.C index bc87e92f..e82713f1 100644 --- a/src/sbefw/sbecmdiplcontrol.C +++ b/src/sbefw/sbecmdiplcontrol.C @@ -109,6 +109,9 @@ #include "sbeXipUtils.H" // For getting hbbl offset #include "sbeutil.H" // For getting SBE_TO_NEST_FREQ_FACTOR + +#include "p9_fbc_utils.H" +#include "sbeSecureMemRegionManager.H" // Forward declaration using namespace fapi2; @@ -828,6 +831,7 @@ ReturnCode istepWithCoreConditional( sbeIstepHwp_t i_hwp) } //---------------------------------------------------------------------------- +constexpr uint32_t HB_MEM_WINDOW_SIZE = 32*1024*1024; //32 MB ReturnCode istepLoadBootLoader( sbeIstepHwp_t i_hwp) { ReturnCode rc = FAPI2_RC_SUCCESS; @@ -842,12 +846,50 @@ ReturnCode istepLoadBootLoader( sbeIstepHwp_t i_hwp) P9XipHeader *hdr = getXipHdr(); P9XipSection *hbblSection = &(hdr->iv_section[P9_XIP_SECTION_SBE_HBBL]); - // Update the ATTR_SBE_ADDR_KEY_STASH_ADDR before calling the bootloader, - // since it is going to access these data from inside. - uint64_t addr = SBE_GLOBAL->sbeKeyAddrPair.fetchStashAddrAttribute(); - FAPI_ATTR_SET(fapi2::ATTR_SBE_ADDR_KEY_STASH_ADDR, sysTgt, addr); - SBE_EXEC_HWP(rc, p9_sbe_load_bootloader, proc, exTgt, hbblSection->iv_size, - getSectionAddr(hbblSection)) + uint64_t drawer_base_address_nm0, drawer_base_address_nm1; + uint64_t drawer_base_address_m; + uint64_t drawer_base_address_mmio; + uint64_t l_hostboot_hrmor_offset; + do + { + // Update the ATTR_SBE_ADDR_KEY_STASH_ADDR before calling the bootloader, + // since it is going to access these data from inside. + uint64_t addr = SBE_GLOBAL->sbeKeyAddrPair.fetchStashAddrAttribute(); + FAPI_ATTR_SET(fapi2::ATTR_SBE_ADDR_KEY_STASH_ADDR, sysTgt, addr); + SBE_EXEC_HWP(rc, p9_sbe_load_bootloader, proc, exTgt, hbblSection->iv_size, + getSectionAddr(hbblSection)) + if(rc != FAPI2_RC_SUCCESS) + { + SBE_ERROR(" p9_sbe_load_bootloader failed"); + break; + } + + // Open HB Dump memory Region + fapi2::Target<fapi2::TARGET_TYPE_SYSTEM> FAPI_SYSTEM; + FAPI_ATTR_GET(fapi2::ATTR_HOSTBOOT_HRMOR_OFFSET, + FAPI_SYSTEM, + l_hostboot_hrmor_offset); + rc = p9_fbc_utils_get_chip_base_address( + proc, + ABS_FBC_GRP_ID_ONLY, + drawer_base_address_nm0, + drawer_base_address_nm1, + drawer_base_address_m, + drawer_base_address_mmio); + if(rc != FAPI2_RC_SUCCESS) + { + SBE_ERROR(" p9_fbc_utils_get_chip_base_address failed"); + break; + } + drawer_base_address_nm0 += l_hostboot_hrmor_offset; + SBE_INFO("istep 5.1 HB Dump mem Region [0x%08X%08X]", + SBE::higher32BWord(drawer_base_address_nm0), + SBE::lower32BWord(drawer_base_address_nm0)); + SBESecMemRegionManager->add(drawer_base_address_nm0, + HB_MEM_WINDOW_SIZE, + static_cast<uint8_t>(memRegionMode::READ)); + + } while(0); return rc; } @@ -1172,6 +1214,8 @@ ReturnCode istepStartMpipl( sbeIstepHwp_t i_hwp) SBE_ENTER_MPIPL_EVENT); // Set MPIPL mode bit in Scratch Reg 3 (void)SbeRegAccess::theSbeRegAccess().setMpIplMode(true); + // Close all non-secure memory regions + SBESecMemRegionManager->closeAllRegions(); do { diff --git a/src/sbefw/sbecmdmemaccess.C b/src/sbefw/sbecmdmemaccess.C index 911f9c4d..a62b4de6 100644 --- a/src/sbefw/sbecmdmemaccess.C +++ b/src/sbefw/sbecmdmemaccess.C @@ -37,6 +37,7 @@ #include "sbeutil.H" #include "sbeHostUtils.H" #include "sbeglobals.H" +#include "sbeSecureMemRegionManager.H" #include "fapi2.H" @@ -57,6 +58,7 @@ constexpr uint32_t PBA_SIZE_MULTIPLIER_FOR_LEN_ALIGNMENT = 32; */ constexpr uint32_t SBE_ADU_LOCK_TRIES = 3; +#ifndef __SBEFW_SEEPROM__ /////////////////////////////////////////////////////////////////////// // @brief align4ByteWordLength - Internal Method to this file // Align the length passed and return number of words @@ -132,15 +134,15 @@ inline uint32_t sbeAduLenInUpStreamFifo(uint32_t i_numGranules, // @brief flushUpstreamFifo - Internal Method to this file, to flush // out the upstream fifo // -// @param [in] i_fapiRc, Fapi RC +// @param [in] i_primaryStatus, Fapi RC // // @return RC from the underlying FIFO utility /////////////////////////////////////////////////////////////////////// -inline uint32_t flushUpstreamFifo (const uint32_t &i_fapiRc) +inline uint32_t flushUpstreamFifo (const uint32_t &i_primaryStatus) { uint32_t l_len2dequeue = 0; uint32_t l_rc = SBE_SEC_OPERATION_SUCCESSFUL; - if ( i_fapiRc != FAPI2_RC_SUCCESS ) + if ( i_primaryStatus != SBE_PRI_OPERATION_SUCCESSFUL) { l_rc = sbeUpFifoDeq_mult(l_len2dequeue, NULL, true, true); @@ -178,133 +180,147 @@ uint32_t processPbaRequest(const sbeMemAccessReqMsgHdr_t &i_hdr, // Default for PBA uint32_t l_granuleSize = sbeMemAccessInterface::PBA_GRAN_SIZE_BYTES; uint64_t l_addr = 0; + // Keeps track of number of granules sent to HWP + uint64_t l_granulesCompleted = 0; + // Input Data length in alignment with PBA (128 Bytes) + uint64_t l_lenCacheAligned = 0; - // If not Host Pass through command, simply set the addr from the command - if(!i_hdr.isPbaHostPassThroughModeSet()) - { - l_addr = i_hdr.getAddr(); - } - // If it is Host Pass through command, set the address using the Host pass - // through address already set in the global and using the addr here in the - // command as index to that address - else + do { - l_addr = SBE_GLOBAL->hostPassThroughCmdAddr.addr + i_hdr.getAddr(); - // Check if the size pass in the command is less than the size mentioned - // in the Host Pass Through globals - if((i_hdr.getAddr() + i_hdr.len) > SBE_GLOBAL->hostPassThroughCmdAddr.size) + // If not Host Pass through command, simply set the addr from the command + if(!i_hdr.isPbaHostPassThroughModeSet()) { - // Break out, Invalid Size - SBE_ERROR("User size[0x%08X] exceeds the Host Pass Through Mode " - "size[0x%08X] Start Index[0x%08X %08X]", - i_hdr.len, SBE_GLOBAL->hostPassThroughCmdAddr.size, - SBE::higher32BWord(i_hdr.getAddr()), - SBE::lower32BWord(i_hdr.getAddr())); - l_respHdr.setStatus( SBE_PRI_INVALID_DATA, - SBE_SEC_GENERIC_FAILURE_IN_EXECUTION ); + l_addr = i_hdr.getAddr(); + // Check if the access to the address is allowed + l_respHdr.secondaryStatus = SBESecMemRegionManager->isAccessAllowed( + {l_addr, + i_hdr.len, + (i_isFlagRead ? static_cast<uint8_t>(memRegionMode::READ): + static_cast<uint8_t>(memRegionMode::WRITE))}); + if(l_respHdr.secondaryStatus != SBE_SEC_OPERATION_SUCCESSFUL) + { + l_respHdr.primaryStatus = SBE_PRI_UNSECURE_ACCESS_DENIED; + break; + } + } + // If it is Host Pass through command, set the address using the Host pass + // through address already set in the global and using the addr here in the + // command as index to that address + else + { + l_addr = SBE_GLOBAL->hostPassThroughCmdAddr.addr + i_hdr.getAddr(); + // Check if the size pass in the command is less than the size mentioned + // in the Host Pass Through globals + if((i_hdr.getAddr() + i_hdr.len) > SBE_GLOBAL->hostPassThroughCmdAddr.size) + { + // Break out, Invalid Size + SBE_ERROR("User size[0x%08X] exceeds the Host Pass Through Mode " + "size[0x%08X] Start Index[0x%08X %08X]", + i_hdr.len, SBE_GLOBAL->hostPassThroughCmdAddr.size, + SBE::higher32BWord(i_hdr.getAddr()), + SBE::lower32BWord(i_hdr.getAddr())); + l_respHdr.setStatus( SBE_PRI_INVALID_DATA, + SBE_SEC_GENERIC_FAILURE_IN_EXECUTION ); + } } - } - - // Default EX Target Init..Not changing it for the time being - Target<TARGET_TYPE_EX> l_ex( - plat_getTargetHandleByChipletNumber<TARGET_TYPE_EX>( - sbeMemAccessInterface::PBA_DEFAULT_EX_CHIPLET_ID)); - - p9_PBA_oper_flag l_myPbaFlag; - // Determine the access flags - // Fast mode flag - if(i_hdr.isFastModeSet()) - { - l_myPbaFlag.setFastMode(true); - SBE_INFO(SBE_FUNC "Fast Mode is set"); - } - - // inject mode flag - if(i_hdr.isPbaInjectModeSet()) - { - l_myPbaFlag.setOperationType(p9_PBA_oper_flag::INJ); // Inject operation - SBE_INFO(SBE_FUNC "inject Mode is set"); - } - - // By default, ex_chipletId printed below won't be used unless accompanied - // by LCO_mode (LCO Mode for PBA-Put) - if(i_hdr.isPbaLcoModeSet()) - { - SBE_INFO(SBE_INFO "LCO Mode is set with Ex ChipletId[%d]", - (i_hdr.coreChipletId)/2); - //Derive the EX target from the input Core Chiplet Id - //Core0/1 -> EX0, Core2/3 -> EX1, Core4/5 -> EX2, Core6/7 -> EX3 - //..so on - l_ex = plat_getTargetHandleByChipletNumber<fapi2::TARGET_TYPE_EX> - (i_hdr.coreChipletId); - l_myPbaFlag.setOperationType(p9_PBA_oper_flag::LCO); // LCO operation - } - // Keeps track of number of granules sent to HWP - uint64_t l_granulesCompleted = 0; + // Default EX Target Init..Not changing it for the time being + Target<TARGET_TYPE_EX> l_ex( + plat_getTargetHandleByChipletNumber<TARGET_TYPE_EX>( + sbeMemAccessInterface::PBA_DEFAULT_EX_CHIPLET_ID)); - // Input Data length in alignment with PBA (128 Bytes) - uint64_t l_lenCacheAligned = i_hdr.getDataLenCacheAlign(); - SBE_DEBUG(SBE_FUNC "Data Aligned Len / Number of data granules = %d", - l_lenCacheAligned); - - sbeMemAccessInterface l_PBAInterface(SBE_MEM_ACCESS_PBA, - l_addr, - &l_myPbaFlag, - (i_isFlagRead ? - SBE_MEM_ACCESS_READ: - SBE_MEM_ACCESS_WRITE), - l_granuleSize, - l_ex); - - while (l_granulesCompleted < l_lenCacheAligned) - { - // Breaking out here if invalid size - if(l_respHdr.primaryStatus != SBE_PRI_OPERATION_SUCCESSFUL) + p9_PBA_oper_flag l_myPbaFlag; + // Determine the access flags + // Fast mode flag + if(i_hdr.isFastModeSet()) { - break; + l_myPbaFlag.setFastMode(true); + SBE_INFO(SBE_FUNC "Fast Mode is set"); } - // If this is putmem request, read input data from the upstream FIFO - if (!i_isFlagRead) + // inject mode flag + if(i_hdr.isPbaInjectModeSet()) { - // l_sizeMultiplier * 4B Upstream FIFO = Granule size 128B - uint32_t l_len2dequeue = sbeMemAccessInterface::PBA_GRAN_SIZE_BYTES - / sizeof(uint32_t); - l_rc = sbeUpFifoDeq_mult (l_len2dequeue, - (uint32_t *)l_PBAInterface.getBuffer(), - false); - CHECK_SBE_RC_AND_BREAK_IF_NOT_SUCCESS(l_rc); + l_myPbaFlag.setOperationType(p9_PBA_oper_flag::INJ); // Inject operation + SBE_INFO(SBE_FUNC "inject Mode is set"); } - // Call the PBA HWP - l_fapiRc = l_PBAInterface.accessGranule( - l_granulesCompleted==(l_lenCacheAligned-1)); - // if error - if(l_fapiRc != FAPI2_RC_SUCCESS) + // By default, ex_chipletId printed below won't be used unless accompanied + // by LCO_mode (LCO Mode for PBA-Put) + if(i_hdr.isPbaLcoModeSet()) { - // Respond with HWP FFDC - l_respHdr.setStatus( SBE_PRI_GENERIC_EXECUTION_FAILURE, - SBE_SEC_GENERIC_FAILURE_IN_EXECUTION ); - l_ffdc.setRc(l_fapiRc); - break; + SBE_INFO(SBE_INFO "LCO Mode is set with Ex ChipletId[%d]", + (i_hdr.coreChipletId)/2); + //Derive the EX target from the input Core Chiplet Id + //Core0/1 -> EX0, Core2/3 -> EX1, Core4/5 -> EX2, Core6/7 -> EX3 + //..so on + l_ex = plat_getTargetHandleByChipletNumber<fapi2::TARGET_TYPE_EX> + (i_hdr.coreChipletId); + l_myPbaFlag.setOperationType(p9_PBA_oper_flag::LCO); // LCO operation } - // If this is a getmem request, - // need to push the data into the downstream FIFO - if (i_isFlagRead) + l_lenCacheAligned = i_hdr.getDataLenCacheAlign(); + SBE_DEBUG(SBE_FUNC "Data Aligned Len / Number of data granules = %d", + l_lenCacheAligned); + + sbeMemAccessInterface l_PBAInterface(SBE_MEM_ACCESS_PBA, + l_addr, + &l_myPbaFlag, + (i_isFlagRead ? + SBE_MEM_ACCESS_READ: + SBE_MEM_ACCESS_WRITE), + l_granuleSize, + l_ex); + + while (l_granulesCompleted < l_lenCacheAligned) { - // Number of 4Bytes to put, to align with Granule Size - // l_len*4 = Granule Size - uint32_t l_len = sbeMemAccessInterface::PBA_GRAN_SIZE_BYTES - / sizeof(uint32_t); - l_rc = sbeDownFifoEnq_mult (l_len, - (uint32_t *)l_PBAInterface.getBuffer()); - CHECK_SBE_RC_AND_BREAK_IF_NOT_SUCCESS(l_rc); - } + // Breaking out here if invalid size + if(l_respHdr.primaryStatus != SBE_PRI_OPERATION_SUCCESSFUL) + { + break; + } + + // If this is putmem request, read input data from the upstream FIFO + if (!i_isFlagRead) + { + // l_sizeMultiplier * 4B Upstream FIFO = Granule size 128B + uint32_t l_len2dequeue = sbeMemAccessInterface::PBA_GRAN_SIZE_BYTES + / sizeof(uint32_t); + l_rc = sbeUpFifoDeq_mult (l_len2dequeue, + (uint32_t *)l_PBAInterface.getBuffer(), + false); + CHECK_SBE_RC_AND_BREAK_IF_NOT_SUCCESS(l_rc); + } + + // Call the PBA HWP + l_fapiRc = l_PBAInterface.accessGranule( + l_granulesCompleted==(l_lenCacheAligned-1)); + // if error + if(l_fapiRc != FAPI2_RC_SUCCESS) + { + // Respond with HWP FFDC + l_respHdr.setStatus( SBE_PRI_GENERIC_EXECUTION_FAILURE, + SBE_SEC_GENERIC_FAILURE_IN_EXECUTION ); + l_ffdc.setRc(l_fapiRc); + break; + } + + // If this is a getmem request, + // need to push the data into the downstream FIFO + if (i_isFlagRead) + { + // Number of 4Bytes to put, to align with Granule Size + // l_len*4 = Granule Size + uint32_t l_len = sbeMemAccessInterface::PBA_GRAN_SIZE_BYTES + / sizeof(uint32_t); + l_rc = sbeDownFifoEnq_mult (l_len, + (uint32_t *)l_PBAInterface.getBuffer()); + CHECK_SBE_RC_AND_BREAK_IF_NOT_SUCCESS(l_rc); + } - l_granulesCompleted++; - } // End..while (l_granulesCompleted < l_lenCacheAligned); + l_granulesCompleted++; + } // End..while (l_granulesCompleted < l_lenCacheAligned); + } while(0); // Now build and enqueue response into downstream FIFO do @@ -316,7 +332,7 @@ uint32_t processPbaRequest(const sbeMemAccessReqMsgHdr_t &i_hdr, // need to Flush out upstream FIFO, until EOT arrives if (!i_isFlagRead) { - l_rc = flushUpstreamFifo(l_fapiRc); + l_rc = flushUpstreamFifo(l_respHdr.primaryStatus); CHECK_SBE_RC_AND_BREAK_IF_NOT_SUCCESS(l_rc); } @@ -452,6 +468,17 @@ uint32_t processAduRequest(const sbeMemAccessReqMsgHdr_t &i_hdr, SBE_MEM_ACCESS_READ : SBE_MEM_ACCESS_WRITE), sbeMemAccessInterface::ADU_GRAN_SIZE_BYTES); + // Check if the access to the address is allowed + l_respHdr.secondaryStatus = SBESecMemRegionManager->isAccessAllowed( + {l_addr, + i_hdr.len, + (i_isFlagRead ? static_cast<uint8_t>(memRegionMode::READ): + static_cast<uint8_t>(memRegionMode::WRITE))}); + if(l_respHdr.secondaryStatus != SBE_SEC_OPERATION_SUCCESSFUL) + { + l_respHdr.primaryStatus = SBE_PRI_UNSECURE_ACCESS_DENIED; + break; + } // 8Byte granule for ADU access uint64_t l_dataFifo[MAX_ADU_BUFFER] = {0}; while (l_granulesCompleted < l_lenCacheAligned) @@ -610,7 +637,7 @@ uint32_t processAduRequest(const sbeMemAccessReqMsgHdr_t &i_hdr, // need to Flush out upstream FIFO, until EOT arrives if (!i_isFlagRead) { - l_rc = flushUpstreamFifo(l_fapiRc); + l_rc = flushUpstreamFifo(l_respHdr.primaryStatus); CHECK_SBE_RC_AND_BREAK_IF_NOT_SUCCESS(l_rc); } @@ -703,12 +730,14 @@ uint32_t sbeGetMem (uint8_t *i_pArg) { return sbeMemAccess_Wrap (true); } +#endif //not __SBEFW_SEEPROM__ +#ifdef __SBEFW_SEEPROM__ uint32_t sbeUpdateMemAccessRegion (uint8_t *i_pArg) { #define SBE_FUNC "sbeManageMemAccessRegion" SBE_ENTER(SBE_FUNC); - uint32_t rc = SBE_SEC_OPERATION_SUCCESSFUL; + uint32_t rc = SBE_SEC_GENERIC_FAILURE_IN_EXECUTION; uint32_t fapiRc = FAPI2_RC_SUCCESS; sbeMemRegionReq_t req = {}; @@ -730,6 +759,35 @@ uint32_t sbeUpdateMemAccessRegion (uint8_t *i_pArg) SBE::lower32BWord(req.startAddress), req.size, SBE_GLOBAL->sbePsu2SbeCmdReqHdr.flags); + + uint16_t mode = SBE_GLOBAL->sbePsu2SbeCmdReqHdr.flags & 0x00FF; + if(mode == SBE_MEM_REGION_CLOSE) + { + SBE_GLOBAL->sbeSbe2PsuRespHdr.secStatus = + SBESecMemRegionManager->remove(req.startAddress); + } + else + { + uint8_t memMode = 0; + if(mode == SBE_MEM_REGION_OPEN_RO) + { + memMode = static_cast<uint8_t>(memRegionMode::READ); + } + else if(mode == SBE_MEM_REGION_OPEN_RW) + { + memMode = static_cast<uint8_t>(memRegionMode::READ) | + static_cast<uint8_t>(memRegionMode::WRITE); + } + SBE_GLOBAL->sbeSbe2PsuRespHdr.secStatus = + SBESecMemRegionManager->add(req.startAddress, + req.size, + memMode); + } + if(SBE_GLOBAL->sbeSbe2PsuRespHdr.secStatus != + SBE_SEC_OPERATION_SUCCESSFUL) + { + SBE_GLOBAL->sbeSbe2PsuRespHdr.primStatus = SBE_PRI_USER_ERROR; + } } while(false); // Send the response @@ -739,3 +797,4 @@ uint32_t sbeUpdateMemAccessRegion (uint8_t *i_pArg) return rc; #undef SBE_FUNC } +#endif //__SBEFW_SEEPROM__ diff --git a/src/sbefw/sbefwfiles.mk b/src/sbefw/sbefwfiles.mk index 6d8978ae..439c4bb6 100644 --- a/src/sbefw/sbefwfiles.mk +++ b/src/sbefw/sbefwfiles.mk @@ -53,6 +53,7 @@ SBEFW-CPP-SOURCES += sbeHostMsg.C SBEFW-CPP-SOURCES += sbeSpMsg.C SBEFW-CPP-SOURCES += sbeglobals.C SBEFW-CPP-SOURCES += sbeMemAccessInterface.C +SBEFW-CPP-SOURCES += sbeSecureMemRegionManager.C SBEFW-C-SOURCES = SBEFW-S-SOURCES = diff --git a/src/sbefw/sbefwseepromfiles.mk b/src/sbefw/sbefwseepromfiles.mk index 24a1a1d6..24f92393 100644 --- a/src/sbefw/sbefwseepromfiles.mk +++ b/src/sbefw/sbefwseepromfiles.mk @@ -24,6 +24,8 @@ # IBM_PROLOG_END_TAG SBEFWSEEPROM-CPP-SOURCES = sbecmdgeneric.C SBEFWSEEPROM-CPP-SOURCES += sbecmdmpipl.C +SBEFWSEEPROM-CPP-SOURCES += sbecmdmemaccess.C +SBEFWSEEPROM-CPP-SOURCES += sbeSecureMemRegionManager.C SBEFWSEEPROM-C-SOURCES = SBEFWSEEPROM-S-SOURCES = |
