HRMOR relative addressing for PHyp SP ATTN area dump

This change adds absolute addresses to HDAT for the SP ATTN area that the PHyp team can now use for predictably locating PHyp debug information. In addition, Hostboot now populates attributes with its intended PHyp ATTN area start addresses for FSP to read. Change-Id: I21fbdf672c37462c87705236973b22f9d1d4eba4 CMVC-Prereq: 1059060 CMVC-Prereq: 1058912 CMVC-Prereq: 1059317 RTC:186439 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/59269 Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
open-power · Jun 21, 2018 · 24f3312 · 24f3312
1 parent ccf2f34
commit 24f3312
Show file tree

Hide file tree

Showing 6 changed files with 117 additions and 0 deletions.
diff --git a/src/include/usr/runtime/runtime.H b/src/include/usr/runtime/runtime.H
@@ -31,6 +31,7 @@
 #include <errl/errlentry.H>
 #include <hdat/hdat.H>
 #include "../../../src/usr/runtime/hdatstructs.H"
+#include <vmmconst.h>
 
 namespace RUNTIME
 {
@@ -237,6 +238,9 @@ enum SbeUnsecureMemoryRegions
     SP_HOST_UNTRUSTED_COMM_AREA_SIZE = 64*MEGABYTE,
     SP_HOST_UNTRUSTED_OPAL_TRACE_ADDR = 0x31000000,
     SP_HOST_UNTRUSTED_OPAL_TRACE_SIZE = 1*MEGABYTE,
+
+    SP_HOST_ATTN_SIZE_LIMIT = (SP_HOST_UNTRUSTED_COMM_AREA_SIZE
+                                                    - PHYP_ATTN_AREA_OFFSET),
 };
 
 /**

diff --git a/src/include/usr/runtime/runtime_reasoncodes.H b/src/include/usr/runtime/runtime_reasoncodes.H
@@ -65,6 +65,7 @@ namespace RUNTIME
         MOD_RT_ATTR_SYNC_REQUEST         = 0x25,  /**< rt_fwnotify.C */
         MOD_CHECK_HB_RES_MEM_LIMIT       = 0x26,  /**< populate_hbruntime.C */
         MOD_INIT_RT_RES_MEM_TRACE_BUF    = 0x27,  /**< rt_rsvdtracebuffer.C */
+        MOD_OPEN_UNTRUSTED_SP_AREAS      = 0x28,  /**< populate_hbruntime.C */
     };
 
     enum RuntimeReasonCode
@@ -135,6 +136,8 @@ namespace RUNTIME
         RC_HOST_TIMER_THREAD_FAIL      = RUNTIME_COMP_ID | 0x3F,
         RC_RT_RES_TRACE_BUF_DUMPED     = RUNTIME_COMP_ID | 0x40,
         RC_RT_RES_TRACE_BUF_INVALID    = RUNTIME_COMP_ID | 0x41,
+        RC_SP_ATTN_AREA_OVERFLOW       = RUNTIME_COMP_ID | 0x42,
+        RC_SP_ATTN_AREA1_SIZE_OVERFLOW = RUNTIME_COMP_ID | 0x43,
     };
 
     enum UserDetailsTypes

diff --git a/src/include/usr/secureboot/service.H b/src/include/usr/secureboot/service.H
@@ -32,6 +32,9 @@
 #include <cstdint>
 #include <securerom/sha512.H>
 #include <securerom/ROM.H>
+#include <vmmconst.h>
+#include <sys/misc.h>
+#include <kernel/vmmmgr.H>
 
 /*
  * @brief Used to capture the first 4 bytes of the hash for tracing purposes
@@ -363,6 +366,20 @@ namespace SECUREBOOT
      */
     errlHndl_t setSbeSecurityMode(uint8_t i_sbeSecurityMode);
 
+    /*
+     *  @brief Calculates the node's proposed start address for the system's
+     *         SP ATTN areas, which becomes the effective configuration if it's
+     *         elected as the master.
+     *
+     *  @return uint64_t Absolute start address for the intended SP ATTN areas
+     */
+    inline uint64_t calcSpAttnAreaStart()
+    {
+        auto hrmorVal = cpu_spr_value(CPU_SPR_HRMOR);
+        return  (hrmorVal - VMM_HRMOR_OFFSET + PHYP_ATTN_AREA_OFFSET)
+                                                  | VmmManager::FORCE_PHYS_ADDR;
+    }
+
 }
 
 #endif
diff --git a/src/include/usr/vmmconst.h b/src/include/usr/vmmconst.h
@@ -144,6 +144,11 @@ enum BlockPriority
 #define VMM_HRMOR_OFFSET (128*MEGABYTE)
 #define VMM_HB_RSV_MEM_SIZE (256*MEGABYTE)
 
+/** PHYP ATTN AREA OFFSET */
+/** This offset is relative to the lowest address in a given node */
+#define PHYP_ATTN_AREA_OFFSET (59*MEGABYTE)
+#define PHYP_ATTN_AREA_1_SIZE (1*KILOBYTE)
+
 /** Hardwired offsets from HRMOR to HOMER images in real mem */
 /** HOMER starts immediately after our HB memory */
 /**    <n0p0 HRMOR = 128MB> + <memory size = 64MB> = 192 MB */

diff --git a/src/usr/isteps/istep16/call_host_ipl_complete.C b/src/usr/isteps/istep16/call_host_ipl_complete.C
@@ -51,6 +51,10 @@
 #include    <ipmi/ipmisensor.H>
 #endif
 
+#include    <vmmconst.h>
+#include    <targeting/targplatutil.H>
+#include    <secureboot/service.H>
+
 using   namespace   ERRORLOG;
 using   namespace   TARGETING;
 using   namespace   ISTEP;
@@ -282,6 +286,22 @@ void* call_host_ipl_complete (void *io_pArgs)
             break;
         }
 
+        // populate PHYP ATTN Area Attributes with values
+        if ( INITSERVICE::spBaseServicesEnabled() && is_phyp_load())
+        {
+            // calculate absolute address for PHYP SP ATTN areas
+            auto l_abs = SECUREBOOT::calcSpAttnAreaStart();
+
+            auto spAttnArea1Addr = l_abs;
+            auto spAttnArea2Addr = l_abs + PHYP_ATTN_AREA_1_SIZE;
+
+            auto l_nodeTgt = TARGETING::UTIL::getCurrentNodeTarget();
+
+            l_nodeTgt->setAttr<ATTR_ATTN_AREA_1_ADDR>(spAttnArea1Addr);
+            l_nodeTgt->setAttr<ATTR_ATTN_AREA_2_ADDR>(spAttnArea2Addr);
+            TRACFCOMP( ISTEPS_TRACE::g_trac_isteps_trace, INFO_MRK"Set attributes for PHYP ATTN areas. ATTN Area 1: 0x%.16llX ATTN Area 2: 0x%.16llX", spAttnArea1Addr, spAttnArea2Addr);
+        }
+
         // Sync attributes to Fsp
         l_err = syncAllAttributesToFsp();
 

diff --git a/src/usr/runtime/populate_hbruntime.C b/src/usr/runtime/populate_hbruntime.C
@@ -3403,6 +3403,74 @@ errlHndl_t openUntrustedSpCommArea(const uint64_t i_commBase)
                l_spAttnStartAddr,
                l_spAttnCombinedSize);
 
+    // If in phyp mode and the master
+    if (TARGETING::is_phyp_load() && TARGETING::UTIL::isCurrentMasterNode())
+    {
+        // make sure ATTN area never grows beyond the SP/PHyp untrusted region
+        if (l_spAttnCombinedSize > SP_HOST_ATTN_SIZE_LIMIT)
+        {
+            TRACFCOMP( g_trac_runtime,
+                       ERR_MRK"openUntrustedSpCommArea(): Combined sizes of SP ATTN area 1 and area 2 are larger than 0x%.16llX. ATTN1 sz: 0x%.16llX, ATTN2 sz: 0x%.16llX",
+                       SP_HOST_ATTN_SIZE_LIMIT,
+                       l_pCpuCtrlInfo->spAttnArea1.size,
+                       l_pCpuCtrlInfo->spAttnArea2.size);
+
+            /*@
+             * @errortype
+             * @moduleid        RUNTIME::MOD_OPEN_UNTRUSTED_SP_AREAS
+             * @reasoncode      RUNTIME::RC_SP_ATTN_AREA_OVERFLOW
+             * @userdata1       SP ATTN Area total size
+             * @userdata2       SP ATTN Area start address
+             * @devdesc         SP ATTN Areas attempting to allocate past valid
+             *                  memory range.
+             * @custdesc        Failure in the security subsystem.
+             */
+            l_err = new ERRORLOG::ErrlEntry(
+                            ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+                            RUNTIME::MOD_OPEN_UNTRUSTED_SP_AREAS,
+                            RUNTIME::RC_SP_ATTN_AREA_OVERFLOW,
+                            l_spAttnCombinedSize,
+                            l_spAttnStartAddr,
+                            true);
+            l_err->collectTrace(RUNTIME_COMP_NAME);
+            break;
+        }
+        // Make sure our intended ATTN area 1 size is not smaller than the ATTN
+        // area 1 size reported in HDAT
+        if (PHYP_ATTN_AREA_1_SIZE < l_pCpuCtrlInfo->spAttnArea1.size)
+        {
+            TRACFCOMP( g_trac_runtime,
+                       ERR_MRK"openUntrustedSpCommArea(): Hostboot's proposed SP ATTN area 1 size is smaller than what is reported in HDAT. Proposed ATTN1 sz: 0x%.16llX, HDAT ATTN1 sz: 0x%.16llX",
+                       PHYP_ATTN_AREA_1_SIZE,
+                       l_pCpuCtrlInfo->spAttnArea1.size);
+
+            /*@
+             * @errortype
+             * @moduleid        RUNTIME::MOD_OPEN_UNTRUSTED_SP_AREAS
+             * @reasoncode      RUNTIME::RC_SP_ATTN_AREA1_SIZE_OVERFLOW
+             * @userdata1       SP ATTN Area 1 size proposed by hostboot
+             * @userdata2       SP ATTN Area 1 size reported in HDAT
+             * @devdesc         SP ATTN Area 1 size exceeds the maximum.
+             * @custdesc        Failure in the security subsystem.
+             */
+            l_err = new ERRORLOG::ErrlEntry(
+                            ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+                            RUNTIME::MOD_OPEN_UNTRUSTED_SP_AREAS,
+                            RUNTIME::RC_SP_ATTN_AREA1_SIZE_OVERFLOW,
+                            PHYP_ATTN_AREA_1_SIZE,
+                            l_pCpuCtrlInfo->spAttnArea1.size,
+                            true);
+            l_err->collectTrace(RUNTIME_COMP_NAME);
+            break;
+        }
+
+        // calculate absolute address for PHYP SP ATTN areas
+        auto l_abs = SECUREBOOT::calcSpAttnAreaStart();
+
+        l_pCpuCtrlInfo->spAttnArea1.address = l_abs;
+        l_pCpuCtrlInfo->spAttnArea2.address = l_abs + PHYP_ATTN_AREA_1_SIZE;
+    }
+
     // Open unsecure SBE memory regions
     // Loop through all functional Procs
     TARGETING::TargetHandleList l_procChips;