Skip to content

Commit

Permalink
Secure Boot: Log error when attribute override attempted in secure mode
Browse files Browse the repository at this point in the history 
While in secure boot, the first time an attribute override is
attempted, an error is logged to let the User know that the
override did not take. A flag was created in hb only
attributes which tracks if attribute override has been
attempted.

Change-Id: Ife99e0cfa17934a02abeb291dfd7e06fe86e75e2
RTC: 205071
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/72079
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Ilya Smirnov <ismirno@us.ibm.com>
Reviewed-by: Matthew Raybuck <matthew.raybuck@ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
  • Loading branch information
@LF-Luis @dcrowell77
LF-Luis authored and dcrowell77 committed Mar 6, 2019
1 parent d94e5b5 commit 9055269
Show file tree
Hide file tree
Showing 4 changed files with 64 additions and 4 deletions.
5 changes: 3 additions & 2 deletions src/include/usr/fapi2/hwpf_fapi2_reasoncodes.H
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2015,2018 */
/* Contributors Listed Below - COPYRIGHT 2015,2019 */
/* [+] International Business Machines Corp. */
/* */
/* */
Expand Down Expand Up @@ -66,6 +66,7 @@ namespace fapi2
MOD_FAPI2_GET_RING = 0x17,
MOD_FAPI2_SET_ATTR_FREQ_MCA_MHZ = 0x18,
MOD_FAPI2_PLAT_GET_PROC_TEST = 0x19,
MOD_FAPI2_MONITOR_FOR_FSP_MSGS = 0x1A,
};

/**
Expand Down Expand Up @@ -125,6 +126,7 @@ namespace fapi2
RC_DD_SUPPORT_CHECK_FAILED = FAPI2_COMP_ID | 0x3E,
RC_SET_ATTR_NOT_VALID = FAPI2_COMP_ID | 0x3F,
RC_FAILED_TO_GET_RING_LIST = FAPI2_COMP_ID | 0x40,
RC_ATTR_OVERRIDE_DISALLOWED = FAPI2_COMP_ID | 0x41,

// HWP generated errors
RC_HWP_GENERATED_ERROR = HWPF_COMP_ID | 0x0f,
Expand All @@ -134,7 +136,6 @@ namespace fapi2
// PLL_BUCKET generated errors
RC_NO_MATCHING_FREQ = HWPF_COMP_ID | 0x31,
RC_FREQ_LIST_NOT_FOUND = HWPF_COMP_ID | 0x32,

};

/**
Expand Down
38 changes: 36 additions & 2 deletions src/usr/fapi2/plat_attr_override_sync.C
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2015,2018 */
/* Contributors Listed Below - COPYRIGHT 2015,2019 */
/* [+] International Business Machines Corp. */
/* */
/* */
Expand Down Expand Up @@ -270,6 +270,13 @@ void AttrOverrideSync::monitorForFspMessages()
msg_q_t l_pMsgQ = msg_q_create();
errlHndl_t l_pErr = MBOX::msgq_register(MBOX::HB_HWPF_ATTR_MSGQ, l_pMsgQ);

// Find out if attributes override has been attempted
TARGETING::Target* l_pSys = nullptr;
TARGETING::targetService().getTopLevelTarget(l_pSys);
// Assert that l_pSys is no longer nullptr
assert(l_pSys != nullptr, "AttrOverrideSync::monitorForFspMessages() "
"expected top level target, but got nullptr.");

if (l_pErr)
{
// In the unlikely event that registering fails, the code will commit an
Expand All @@ -296,6 +303,33 @@ void AttrOverrideSync::monitorForFspMessages()
"Message (0x%X) from FSP since attribute overrides "
"are not allowed",
l_pMsg->type);

// Checking if OVERRIDES_ATTEMPTED_FLAG has not been set to 1.
// If so, then this is the first time attributes override is
// attempted in an FSP, while in secure mode; in this case, log
// an error stating that attributes override was attempted.
if (!l_pSys->
getAttr<TARGETING::ATTR_OVERRIDES_ATTEMPTED_FLAG>())
{
/*@
* @errortype
* @reasoncode RC_ATTR_OVERRIDE_DISALLOWED
* @severity ERRORLOG::ERRL_SEV_INFORMATIONAL
* @moduleid MOD_FAPI2_MONITOR_FOR_FSP_MSGS
* @devdesc Attribute overrides were rejected
* because system is in secure mode
* @custdesc Action not allowed in secure mode
*/
l_pErr = new ERRORLOG::ErrlEntry(
ERRORLOG::ERRL_SEV_INFORMATIONAL,
MOD_FAPI2_MONITOR_FOR_FSP_MSGS,
RC_ATTR_OVERRIDE_DISALLOWED);
l_pErr->collectTrace(SECURE_COMP_NAME);
SECUREBOOT::addSecureUserDetailsToErrlog(l_pErr);
errlCommit(l_pErr, HWPF_COMP_ID);
l_pSys->
setAttr<TARGETING::ATTR_OVERRIDES_ATTEMPTED_FLAG>(true);
}
}
else if (l_chunk.iv_pAttributes == NULL)
{
Expand Down Expand Up @@ -972,7 +1006,7 @@ void AttrOverrideSync::dynSetAttrOverrides()
if (!SECUREBOOT::allowAttrOverrides())
{
FAPI_INF("AttrOverrideSync::dynSetAttrOverrides: skipping since "
"attribute overrides are not allowed");
"attribute overrides are not allowed");
return;
}

Expand Down
22 changes: 22 additions & 0 deletions src/usr/targeting/common/xmltohb/attribute_types_hb.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -945,6 +945,28 @@
<hbOnly/>
</attribute>

<attribute>
<description>
While in Secureboot, this value is set to 1 the first time attribute
override is attempted and error logged.
</description>
<id>OVERRIDES_ATTEMPTED_FLAG</id>
<persistency>volatile-zeroed</persistency>
<simpleType>
<uint8_t>
<default>0x00</default>
</uint8_t>
</simpleType>
<readable/>
<writeable/>
<range>
<min>0</min>
<max>1</max>
</range>
<no_export/>
<hbOnly/>
</attribute>

<attribute>
<id>PART_NUMBER</id>
<description>The part number for a particular FRU target</description>
Expand Down
3 changes: 3 additions & 0 deletions src/usr/targeting/common/xmltohb/target_types_hb.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -309,6 +309,9 @@
<attribute>
<id>OCC_COMMON_AREA_PHYS_ADDR</id>
</attribute>
<attribute>
<id>OVERRIDES_ATTEMPTED_FLAG</id>
</attribute>
</targetTypeExtension>

<targetTypeExtension>
Expand Down

0 comments on commit 9055269

Please sign in to comment.