diff --git a/src/usr/secureboot/base/test/securerommgrtest.H b/src/usr/secureboot/base/test/securerommgrtest.H index a10bd853c51..a26b18b965d 100644 --- a/src/usr/secureboot/base/test/securerommgrtest.H +++ b/src/usr/secureboot/base/test/securerommgrtest.H @@ -360,6 +360,7 @@ class SecureRomManagerTest : public CxxTest::TestSuite // Calculate pnor vaddr and read original page so we can run test case // in both secure and unsecure mode. uint64_t l_pnorVaddr = VFS::VfsRp::getInstance().iv_pnor_vaddr + - VFS::VfsRp::getInstance().iv_unprotectedOffset + l_vaddr; memcpy(l_originPage, reinterpret_cast(l_pnorVaddr), PAGESIZE); diff --git a/src/usr/targeting/attrrp.C b/src/usr/targeting/attrrp.C index 28ffe8133f2..da1efdb1532 100755 --- a/src/usr/targeting/attrrp.C +++ b/src/usr/targeting/attrrp.C @@ -442,6 +442,17 @@ namespace TARGETING iv_sections[i].pnorAddress = l_pnorSectionInfo.vaddr + l_section->sectionOffset; + #ifdef CONFIG_SECUREBOOT + // RW targeting section is part of the unprotected payload + // so use the normal PNOR virtual address space + if( l_pnorSectionInfo.secure + && iv_sections[i].type == SECTION_TYPE_PNOR_RW) + { + iv_sections[i].pnorAddress -= + (VMM_VADDR_SPNOR_DELTA + VMM_VADDR_SPNOR_DELTA); + } + #endif + if(iv_isMpipl) { //For MPIPL we are reading from real memory, diff --git a/src/usr/vfs/vfsrp.C b/src/usr/vfs/vfsrp.C index 6284edd5a55..63f2a15e77e 100644 --- a/src/usr/vfs/vfsrp.C +++ b/src/usr/vfs/vfsrp.C @@ -182,6 +182,10 @@ errlHndl_t VfsRp::_init() iv_hashPageTableSize); // skip the hash page table iv_pnor_vaddr += iv_hashPageTableSize; + + // Compute offset to the unprotected payload virtual address range. + // This offset should be subtracted from the secure address + iv_unprotectedOffset = VMM_VADDR_SPNOR_DELTA+VMM_VADDR_SPNOR_DELTA; } #endif @@ -365,7 +369,8 @@ void VfsRp::msgHandler() } } #endif - memcpy((void *)paddr, (void *)(iv_pnor_vaddr+vaddr), + memcpy((void *)paddr, (void *)(iv_pnor_vaddr + -iv_unprotectedOffset+vaddr), PAGE_SIZE); mm_icache_invalidate((void*)paddr,PAGE_SIZE/8); msg->data[1] = 0; @@ -762,7 +767,7 @@ errlHndl_t VfsRp::verify_page(uint64_t i_vaddr, uint64_t i_baseOffset, uint64_t i_hashPageTableOffset) const { errlHndl_t l_errl = nullptr; - uint64_t l_pnorVaddr = iv_pnor_vaddr + i_vaddr; + uint64_t l_pnorVaddr = iv_pnor_vaddr-iv_unprotectedOffset+i_vaddr; // Get current hash page table entry TRACDCOMP(g_trac_vfs, "VfsRp::verify_page Current Page vaddr = 0x%llX, index = %d, bin file offset = 0x%llX", diff --git a/src/usr/vfs/vfsrp.H b/src/usr/vfs/vfsrp.H index 6c1feb7dbdc..ebf9c86fd59 100644 --- a/src/usr/vfs/vfsrp.H +++ b/src/usr/vfs/vfsrp.H @@ -95,7 +95,8 @@ namespace VFS */ VfsRp() : iv_msgQ(NULL), iv_msg(NULL), iv_pnor_vaddr(0), iv_hashPageTableOffset(0),iv_hashPageTableSize(0), - iv_protectedPayloadSize(0),iv_hbExtSecure(0) + iv_protectedPayloadSize(0),iv_hbExtSecure(0), + iv_unprotectedOffset(0) { mutex_init(&iv_mutex); } @@ -258,6 +259,8 @@ namespace VFS uint64_t iv_protectedPayloadSize; //!< size of entire protected payload of ext img //!< Includes Hash page table and VFS module table bool iv_hbExtSecure; //!< cache result if hostboot extended image is secure + uint64_t iv_unprotectedOffset; //!< Offset to unprotected payload + //!< (subtract from secure offset) typedef std::vector ModuleList_t;