From 75a82b734c4c5aaa274ed8e90401b00fa0e5df95 Mon Sep 17 00:00:00 2001 From: spashabk-in Date: Tue, 22 Aug 2017 06:35:07 -0500 Subject: SBE FW security switch Implement SBE firmware security switch based on ATTR_SECURITY_ENABLE Change-Id: I435aad38c59e80c81925bd1f4b109aafd1993b1c Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/44959 Tested-by: Jenkins Server Reviewed-by: Sachin Gupta --- src/sbefw/sbeSecureMemRegionManager.C | 49 ++++++++++++---------- src/sbefw/sbecmdiplcontrol.C | 6 ++- src/sbefw/sbeglobals.H | 5 ++- .../framework/etc/patches/standalone.simics.patch | 6 ++- 4 files changed, 40 insertions(+), 26 deletions(-) diff --git a/src/sbefw/sbeSecureMemRegionManager.C b/src/sbefw/sbeSecureMemRegionManager.C index 189ee56b..27bd0f66 100644 --- a/src/sbefw/sbeSecureMemRegionManager.C +++ b/src/sbefw/sbeSecureMemRegionManager.C @@ -6,6 +6,7 @@ /* OpenPOWER sbe Project */ /* */ /* Contributors Listed Below - COPYRIGHT 2017 */ +/* [+] International Business Machines Corp. */ /* */ /* */ /* Licensed under the Apache License, Version 2.0 (the "License"); */ @@ -24,6 +25,7 @@ #include "sbeSecureMemRegionManager.H" #include "sbetrace.H" #include "sbeutil.H" +#include "sbeglobals.H" #ifndef __SBEFW_SEEPROM__ @@ -154,30 +156,33 @@ sbeSecondaryResponse SBESecureMemRegionManager::isAccessAllowed( { #define SBE_FUNC "SBESecureMemRegionManager::isAccessAllowed" sbeSecondaryResponse rc = SBE_SEC_OPERATION_SUCCESSFUL; - while(i_region.size > 0) + if(SBE_GLOBAL->sbeFWSecurityEnabled) { - secureMemRegion_t foundregion = getPartialRegionSize(i_region); - // Check if the found region has allowable access level - // and that the region overlap is from the beginning itself - if((i_region.mode & foundregion.mode) && - (i_region.startAddress == foundregion.startAddress)) + while(i_region.size > 0) { - SBE_INFO(SBE_FUNC" foundRegion Mem[0x%08X%08X], size[0x%08X]", - SBE::higher32BWord(foundregion.startAddress), - SBE::lower32BWord(foundregion.startAddress), - foundregion.size); - i_region.size -= foundregion.size; - i_region.startAddress += foundregion.size; - } - else - { - SBE_ERROR(SBE_FUNC" Non secure access to memory blocked " - "Addr[0x%08X%08X] Size[0x%08X]", - SBE::higher32BWord(i_region.startAddress), - SBE::lower32BWord(i_region.startAddress), - i_region.size); - rc = SBE_SEC_BLACKLISTED_MEM_ACCESS; - break; + secureMemRegion_t foundregion = getPartialRegionSize(i_region); + // Check if the found region has allowable access level + // and that the region overlap is from the beginning itself + if((i_region.mode & foundregion.mode) && + (i_region.startAddress == foundregion.startAddress)) + { + SBE_INFO(SBE_FUNC" foundRegion Mem[0x%08X%08X], size[0x%08X]", + SBE::higher32BWord(foundregion.startAddress), + SBE::lower32BWord(foundregion.startAddress), + foundregion.size); + i_region.size -= foundregion.size; + i_region.startAddress += foundregion.size; + } + else + { + SBE_ERROR(SBE_FUNC" Non secure access to memory blocked " + "Addr[0x%08X%08X] Size[0x%08X]", + SBE::higher32BWord(i_region.startAddress), + SBE::lower32BWord(i_region.startAddress), + i_region.size); + rc = SBE_SEC_BLACKLISTED_MEM_ACCESS; + break; + } } } return rc; diff --git a/src/sbefw/sbecmdiplcontrol.C b/src/sbefw/sbecmdiplcontrol.C index e82713f1..28a705f3 100644 --- a/src/sbefw/sbecmdiplcontrol.C +++ b/src/sbefw/sbecmdiplcontrol.C @@ -39,7 +39,6 @@ #include "sbestates.H" #include "sbecmdcntrldmt.H" #include "sbeglobals.H" - // TODO Workaround #include "plat_target_parms.H" @@ -644,6 +643,11 @@ ReturnCode performAttrSetup( ) } // Apply the gard records rc = plat_ApplyGards(); + + // Fetch FW security status + FAPI_ATTR_GET(fapi2::ATTR_SECURITY_ENABLE, + fapi2::Target(), + SBE_GLOBAL->sbeFWSecurityEnabled); }while(0); SBE_EXIT(SBE_FUNC); return rc; diff --git a/src/sbefw/sbeglobals.H b/src/sbefw/sbeglobals.H index 25eac836..d7583d6f 100644 --- a/src/sbefw/sbeglobals.H +++ b/src/sbefw/sbeglobals.H @@ -82,6 +82,8 @@ class SBEGlobalsSingleton sbeHostAddr_t hostFFDCAddr; // Key Addr Pair sbeStashMemoryPair_t sbeKeyAddrPair; + // SBE FW security enabled; 0 - disabled; 1 - enabled + uint8_t sbeFWSecurityEnabled; //////////////////////////////////////////////////////////////// //// @brief PkThread structure for SBE Command Receiver thread @@ -109,7 +111,8 @@ class SBEGlobalsSingleton sbeSemCmdRecv(), sbeSemCmdProcess(), SBERole(SBE_ROLE_MASTER), - sbefreq(( 133 * 1000 * 1000)/SBE::SBE_TO_NEST_FREQ_FACTOR) + sbefreq(( 133 * 1000 * 1000)/SBE::SBE_TO_NEST_FREQ_FACTOR), + sbeFWSecurityEnabled(1) { } }; diff --git a/src/test/framework/etc/patches/standalone.simics.patch b/src/test/framework/etc/patches/standalone.simics.patch index 17e2de36..99e47749 100644 --- a/src/test/framework/etc/patches/standalone.simics.patch +++ b/src/test/framework/etc/patches/standalone.simics.patch @@ -1,6 +1,8 @@ -48c48 +63c63,65 < ($hb_masterproc).proc_chip.invoke parallel_store SCOM 0x5003A "00000000_00000000" 64 --- > ($hb_masterproc).proc_chip.invoke parallel_store SCOM 0x5003A "80000000_00000000" 64 -51a52 +> # Set security enabled bit +> ($hb_masterproc).proc_chip.invoke parallel_store SCOM 0x00050001 "0C000002_00000000" 64 +67a70 > ($hb_masterproc).proc_chip.invoke parallel_store FSIMBOX 0x08 "00080000" 32 -- cgit v1.2.1