summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/import/chips/p9/procedures/hwp/perv/p9_sbe_attr_setup.C58
1 files changed, 38 insertions, 20 deletions
diff --git a/src/import/chips/p9/procedures/hwp/perv/p9_sbe_attr_setup.C b/src/import/chips/p9/procedures/hwp/perv/p9_sbe_attr_setup.C
index 697978f1..b4f39831 100644
--- a/src/import/chips/p9/procedures/hwp/perv/p9_sbe_attr_setup.C
+++ b/src/import/chips/p9/procedures/hwp/perv/p9_sbe_attr_setup.C
@@ -124,41 +124,59 @@ fapi2::ReturnCode p9_sbe_attr_setup(const
//set_security_access
{
- fapi2::buffer<uint64_t> l_read_reg;
+ fapi2::buffer<uint64_t> read_cbs_reg;
BootloaderSecureSettings l_secure_settings;
l_secure_settings.data8 = 0;
FAPI_DBG("Reading ATTR_SECURITY_MODE");
FAPI_TRY(FAPI_ATTR_GET(fapi2::ATTR_SECURITY_MODE, FAPI_SYSTEM, l_read_1));
//Getting CBS_CS register value
- FAPI_TRY(fapi2::getScom(i_target_chip, PERV_CBS_CS_SCOM, l_read_reg));
-
- if ( (!l_read_1) // Security override possible
- && (l_read_scratch8.getBit<2>()) ) // scratch 3 is valid
+ FAPI_TRY(fapi2::getScom(i_target_chip, PERV_CBS_CS_SCOM, read_cbs_reg));
+
+ /*
+ ------------------------------------------------------------------------------------------------------------
+ Jumper val/SMD Value SBE Security override policy scratch reg 3 bit 6 Result
+ ------------------------------------------------------------------------------------------------------------
+ 1(request disable) x(don't care) x(don't care) Non-secure
+ 0(don't req disable) x(invalid scratch 3) x Secure
+ 0 1(don't check mbox) x Secure
+ 0 0(check mbox - dev only) 0(don't ask for disable) Secure
+ 0 0 1(ask for disable) Non-secure
+ ------------------------------------------------------------------------------------------------------------
+ */
+ if (read_cbs_reg.getBit<5>() == 0)
{
- FAPI_DBG("Reading mailbox scratch register 3 bit 6 to check "
- "for external security override request");
+ if ( (!l_read_1) // Security override possible
+ && (l_read_scratch8.getBit<2>()) ) // scratch 3 is valid
+ {
+ FAPI_DBG("Reading mailbox scratch register 3 bit 6 to check "
+ "for external security override request");
+
+ //Getting SCRATCH_REGISTER_3 register value
+ FAPI_TRY(fapi2::getScom(i_target_chip, PERV_SCRATCH_REGISTER_3_SCOM,
+ l_read_scratch_reg)); //l_read_scratch_reg = PIB.SCRATCH_REGISTER_3
+
+ read_cbs_reg.writeBit<4>(!l_read_scratch_reg.getBit<6>());
- //Getting SCRATCH_REGISTER_3 register value
- FAPI_TRY(fapi2::getScom(i_target_chip, PERV_SCRATCH_REGISTER_3_SCOM,
- l_read_scratch_reg)); //l_read_scratch_reg = PIB.SCRATCH_REGISTER_3
+ FAPI_DBG("Copying mailbox scratch register 3 bits 6,7 to "
+ "ATTR_SECURE_SETTINGS");
+ l_secure_settings.securityOverride = l_read_scratch_reg.getBit<6>();
+ l_secure_settings.allowAttrOverrides = l_read_scratch_reg.getBit<7>();
- if(l_read_scratch_reg.getBit<6>())
+ }
+ else
{
- FAPI_DBG("Clear Security Access Bit");
- l_read_reg.clearBit<4>(); //PIB.CBS_CS.CBS_CS_SECURE_ACCESS_BIT = 0
- FAPI_TRY(fapi2::putScom(i_target_chip, PERV_CBS_CS_SCOM, l_read_reg));
+ // Enable secure mode
+ read_cbs_reg.setBit<4>();
}
-
- FAPI_DBG("Copying mailbox scratch register 3 bits 6,7 to "
- "ATTR_SECURE_SETTINGS");
- l_secure_settings.securityOverride = l_read_scratch_reg.getBit<6>();
- l_secure_settings.allowAttrOverrides = l_read_scratch_reg.getBit<7>();
}
+ // Update CBS_CS register
+ FAPI_TRY(fapi2::putScom(i_target_chip, PERV_CBS_CS_SCOM, read_cbs_reg));
+
// Include the Secure Access Bit now, but will double check before
// setting bootloader data later
- l_secure_settings.secureAccessBit = l_read_reg.getBit<4>();
+ l_secure_settings.secureAccessBit = read_cbs_reg.getBit<4>();
FAPI_DBG("Setting up ATTR_SECURITY_SETTINGS");
FAPI_TRY(FAPI_ATTR_SET(fapi2::ATTR_SECURE_SETTINGS, FAPI_SYSTEM, l_secure_settings.data8));
}
OpenPOWER on IntegriCloud