From 417661853e849b75d40eb0238a8fed1cce15c47e Mon Sep 17 00:00:00 2001
From: Jaymes Wilks <mjwilks@us.ibm.com>
Date: Tue, 22 Aug 2017 10:53:58 -0500
Subject: [PATCH] Default SBE security mode setting correctly

Defaulted SBE security mode not to check for security disable
request.

Change-Id: I096c17513941d773c4b89d2bea6ba628ac037041
RTC:178643
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/44971
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
---
 src/usr/secureboot/base/service.C | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/usr/secureboot/base/service.C b/src/usr/secureboot/base/service.C
index d0e3b8f8981..97e482aaf1e 100644
--- a/src/usr/secureboot/base/service.C
+++ b/src/usr/secureboot/base/service.C
@@ -83,7 +83,7 @@ struct SecureRegisterValues
  *     default to 0b1 and rely on SBE signing header to configure the final
  *     value.
  */
-uint8_t g_sbeSecurityMode = 0;
+uint8_t g_sbeSecurityMode = 1;
 
 /**
  *  @brief Retrieve values of Security Registers of the processors in the system