From patchwork Wed May 8 05:12:21 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sam Mendoza-Jonas X-Patchwork-Id: 1096664 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 44zPkk6PNGz9s3q for ; Wed, 8 May 2019 15:13:18 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=mendozajonas.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=mendozajonas.com header.i=@mendozajonas.com header.b="Ksr57wDp"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="EjeFkihi"; dkim-atps=neutral Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 44zPkk0Yg9zDqKy for ; Wed, 8 May 2019 15:13:18 +1000 (AEST) X-Original-To: skiboot-stable@lists.ozlabs.org Delivered-To: skiboot-stable@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=mendozajonas.com (client-ip=66.111.4.25; helo=out1-smtp.messagingengine.com; envelope-from=sam@mendozajonas.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=mendozajonas.com Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=mendozajonas.com header.i=@mendozajonas.com header.b="Ksr57wDp"; dkim=pass (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="EjeFkihi"; dkim-atps=neutral Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 44zPk52gkfzDqKy; Wed, 8 May 2019 15:12:44 +1000 (AEST) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 3EBE821F85; Wed, 8 May 2019 01:12:41 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Wed, 08 May 2019 01:12:41 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= mendozajonas.com; h=from:to:cc:subject:date:message-id :mime-version:content-transfer-encoding; s=fm2; bh=J6fTnJ0FNraRu ktLfYjY8ZLMSNR2TWRhwgiAcRQoetA=; b=Ksr57wDpzqVvyb94uayh6NsTh95kE pyCMxdX0XAFETp8/bLKiP/+iYdPda1p4Ni3wJooe1qgRImehdk5da/FttmhjA4E8 6A1fe4+/j/SXtBI0nLGLq56hE+WSDd+TA2BC4WFueu1MErNeruiIusAnsU/6sacQ nBgPX89AHYgiXIEPHMCLUY9DW6VbjwZnZCS6Y55vpQVTRJJNvbQpT6EQWgprkjEn Z0ITNRZnHYv0RECwN27fXACtYTxvmEfcHC5RA0PwNFZpW/MI962lTmbvNi4LXHd0 2ThwOyXdffi7ogNsxYu/KyTShPg15kko1zLD4bjdcpGtjMNGbivlc8oEA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :message-id:mime-version:subject:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=J6fTnJ0FNraRuktLf YjY8ZLMSNR2TWRhwgiAcRQoetA=; b=EjeFkihiFnayxQ/8xL9URHC/+o0gDb3Bt m+uN0C1g1aJot14YvOhPZ1fYWhK0PBGX3zxH+zTeHUyH3Qs8wO+BwvJzl5ktwp/v 5Vgm0++0EWTQ04YnTfbiWDKKkQrTnTjk7HpxucmV7BDvYqFwylm401iSS5zrUF2/ WE4wwTrn06lIFPuYbchahQ8ucFmRFaU1BUjniRZIfa4hS+ms/Zqc2ZT2jAvSFZxK uVil9AO7ZZl7e1TnTN1fXTgU2ldbF+RubyjS3cOFmUgUoCFzfP5G7T8tQqEAOq/J 8bqNZsb+WnSWQjhHT1Hw3t81QhBrnoQsGxaeGZwB6fZHT1CUnC+Cg== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduuddrkedugdelvdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhephffvufffkffoggfgsedtkeertdertd dtnecuhfhrohhmpefurghmuhgvlhcuofgvnhguohiirgdqlfhonhgrshcuoehsrghmsehm vghnughoiigrjhhonhgrshdrtghomheqnecukfhppeduvddvrdelledrkedvrddutdenuc frrghrrghmpehmrghilhhfrhhomhepshgrmhesmhgvnhguohiirghjohhnrghsrdgtohhm necuvehluhhsthgvrhfuihiivgeptd X-ME-Proxy: Received: from v4.ozlabs.ibm.com (unknown [122.99.82.10]) by mail.messagingengine.com (Postfix) with ESMTPA id 730858005A; Wed, 8 May 2019 01:12:37 -0400 (EDT) From: Samuel Mendoza-Jonas To: skiboot@lists.ozlabs.org Date: Wed, 8 May 2019 15:12:21 +1000 Message-Id: <20190508051223.14982-1-sam@mendozajonas.com> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 Subject: [Skiboot-stable] [PATCH v6 1/3] include/ipmi: Fix incorrect chassis commands X-BeenThere: skiboot-stable@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Patches, review, and discussion for stable releases of skiboot" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: skiboot-stable@lists.ozlabs.org Errors-To: skiboot-stable-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot-stable" These commands are listed in the order they appear in the IPMI specification but with the wrong values - correct them! Signed-off-by: Samuel Mendoza-Jonas Reviewed-by: Andrew Jeffery --- include/ipmi.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/include/ipmi.h b/include/ipmi.h index 4999bb5a..da85c4b0 100644 --- a/include/ipmi.h +++ b/include/ipmi.h @@ -47,13 +47,13 @@ #define IPMI_CHASSIS_CONTROL_CMD 0x02 #define IPMI_CHASSIS_RESET_CMD 0x03 #define IPMI_CHASSIS_IDENTIFY_CMD 0x04 -#define IPMI_CHASSIS_SET_PANEL_BUTTON_EN_CMD 0x05 -#define IPMI_CHASSIS_SET_CAP_CMD 0x06 -#define IPMI_CHASSIS_SET_PWR_RESTORE_CMD 0x07 -#define IPMI_CHASSIS_SET_PWR_CYCLE_CMD 0x08 -#define IPMI_CHASSIS_GET_SYS_RESTART_CAUSE_CMD 0x09 -#define IPMI_CHASSIS_SET_SYS_BOOT_OPT_CMD 0x0a -#define IPMI_CHASSIS_GET_SYS_BOOT_OPT_CMD 0x0b +#define IPMI_CHASSIS_SET_PANEL_BUTTON_EN_CMD 0x0a +#define IPMI_CHASSIS_SET_CAP_CMD 0x05 +#define IPMI_CHASSIS_SET_PWR_RESTORE_CMD 0x06 +#define IPMI_CHASSIS_SET_PWR_CYCLE_CMD 0x0b +#define IPMI_CHASSIS_GET_SYS_RESTART_CAUSE_CMD 0x07 +#define IPMI_CHASSIS_SET_SYS_BOOT_OPT_CMD 0x08 +#define IPMI_CHASSIS_GET_SYS_BOOT_OPT_CMD 0x09 #define IPMI_CHASSIS_GET_POH_COUNTER_CMD 0x0f From patchwork Wed May 8 05:12:22 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sam Mendoza-Jonas X-Patchwork-Id: 1096662 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 44zPkD6K9Pz9s3q for ; Wed, 8 May 2019 15:12:52 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=mendozajonas.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=mendozajonas.com header.i=@mendozajonas.com header.b="aBUiJR4x"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="jVlYj/nz"; dkim-atps=neutral Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 44zPkD4HVpzDqM5 for ; Wed, 8 May 2019 15:12:52 +1000 (AEST) X-Original-To: skiboot-stable@lists.ozlabs.org Delivered-To: skiboot-stable@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=mendozajonas.com (client-ip=66.111.4.25; helo=out1-smtp.messagingengine.com; envelope-from=sam@mendozajonas.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=mendozajonas.com Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=mendozajonas.com header.i=@mendozajonas.com header.b="aBUiJR4x"; dkim=pass (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="jVlYj/nz"; dkim-atps=neutral Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 44zPk52l1VzDqL0; Wed, 8 May 2019 15:12:45 +1000 (AEST) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id DA83621ED6; Wed, 8 May 2019 01:12:42 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Wed, 08 May 2019 01:12:42 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= mendozajonas.com; h=from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; s=fm2; bh=Ra6LKEHwZiGtNli6rdVpHqlWeaysvGseJruXAgkDhes=; b=aBUiJ R4xNqJKSOiroWrkiSltfq64yTkT4JUJ3typ+3UrjLsqijegk5PyQjt9IUOv5O4Ag OCgeSTuDue1RaxO8lcDufCyFfVTuIYzmmmMyUMyDjbqTY0KhANSYJC5ZvTEXvhES JMDCZEJFDLtlSlqkyI6K5Z9a1hZwJnMz1TM5Jj5nBGKFPWGdwxGt2GqtwQYWRIn2 3VCiohsLfj4d1dI5gpez1RURFShJu4lw7h/xSC3B3D12urbxj3o7Ivc/WjHxSI8E s1t67b8jFTIRugo5mQ870YR0nS41aUXUK2Pq7zEv2mU5pvAJ5GfalZ7E7UTZhA5o 8odpu0pOrcCYRDTxQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=Ra6LKEHwZiGtNli6rdVpHqlWeaysvGseJruXAgkDhes=; b=jVlYj/nz 3PnLR5Kxumm+2r3SydTWr/NXoDzJn01FauthFQrCBil7ikIY7A+vaeotRnTeklUj 0eJlaYGRoIped/KtBsnHLMry7fbbEdltS2ylC9RgapnxWieOcdbhrB5DCyWhGJFG HVtPJFECjKr+LdNb9qY3FPGhapnaMqDwa9bR6q3LDKXlsT1Wmkfl+4VKAEZ8ryIP 7go8OxHu0LOU5m9XkQ52/SX9hgPZQF1ir/89xwWEuBSkjpsVITikI2n6UI0Dwkhk 5W9IqXp/CteNtBL7REiwDtrW5QaemghAlw5GGG9OI48VBk2GRNcpxhU/qUqssVix ZZLhkSXHNzN2qw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduuddrkedugdelvdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhephffvufffkffojghfggfgsedtkeertd ertddtnecuhfhrohhmpefurghmuhgvlhcuofgvnhguohiirgdqlfhonhgrshcuoehsrghm sehmvghnughoiigrjhhonhgrshdrtghomheqnecukfhppeduvddvrdelledrkedvrddutd enucfrrghrrghmpehmrghilhhfrhhomhepshgrmhesmhgvnhguohiirghjohhnrghsrdgt ohhmnecuvehluhhsthgvrhfuihiivgeptd X-ME-Proxy: Received: from v4.ozlabs.ibm.com (unknown [122.99.82.10]) by mail.messagingengine.com (Postfix) with ESMTPA id 2CAC980060; Wed, 8 May 2019 01:12:39 -0400 (EDT) From: Samuel Mendoza-Jonas To: skiboot@lists.ozlabs.org Date: Wed, 8 May 2019 15:12:22 +1000 Message-Id: <20190508051223.14982-2-sam@mendozajonas.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190508051223.14982-1-sam@mendozajonas.com> References: <20190508051223.14982-1-sam@mendozajonas.com> MIME-Version: 1.0 Subject: [Skiboot-stable] [PATCH v6 2/3] platforms/astbmc: Check for SBE validation step X-BeenThere: skiboot-stable@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Patches, review, and discussion for stable releases of skiboot" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: skiboot-stable@lists.ozlabs.org Errors-To: skiboot-stable-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot-stable" On some POWER8 astbmc systems an update to the SBE requires pausing at runtime to ensure integrity of the SBE. If this is required the BMC will set a chassis boot option IPMI flag using the OEM parameter 0x62. If Skiboot sees this flag is set it waits until the SBE update is complete and the flag is cleared. Unfortunately the mystery operation that validates the SBE also leaves it in a bad state and unable to be used for timer operations. To workaround this the flag is checked as soon as possible (ie. when IPMI and the console are set up), and once complete the system is rebooted. Signed-off-by: Samuel Mendoza-Jonas --- v6: Improve some error paths in ipmi-info, check for ipmi errors in common.c and warn the user if things are taking too long v5: Check resp_size in ipmi-info and check the SBE flag less frequently v4: As explained above and in doc/bmc the operation breaks the SBE and gets the SLW timer stuck. Move the check as early as possible and reboot once complete to fix things. v3: Check location moved to just before kernel booting; otherwise the kernel image appears to be malformed somehow and we immediately reboot. v2: IPMI response format updated. This reflects functionality that will appear in new versions of AMI's and SMC's BMC implementations. The format of the IPMI response has been confirmed and testing is ongoing with both parties to verify the behaviour. core/init.c | 8 +++ hw/ipmi/ipmi-info.c | 106 +++++++++++++++++++++++++++++++++++- include/ipmi.h | 7 +++ include/platform.h | 5 ++ platforms/astbmc/astbmc.h | 1 + platforms/astbmc/common.c | 64 ++++++++++++++++++++++ platforms/astbmc/garrison.c | 1 + platforms/astbmc/habanero.c | 1 + platforms/astbmc/p8dnu.c | 1 + platforms/astbmc/p8dtu.c | 2 + 10 files changed, 193 insertions(+), 3 deletions(-) diff --git a/core/init.c b/core/init.c index 955d299d..bca12dfc 100644 --- a/core/init.c +++ b/core/init.c @@ -1190,6 +1190,14 @@ void __noreturn __nomcount main_cpu_entry(const void *fdt) /* Install the OPAL Console handlers */ init_opal_console(); + /* + * Some platforms set a flag to wait for SBE validation to be + * performed by the BMC. If this occurs it leaves the SBE in a + * bad state and the system will reboot at this point. + */ + if (platform.seeprom_update) + platform.seeprom_update(); + /* Init SLW related stuff, including fastsleep */ slw_init(); diff --git a/hw/ipmi/ipmi-info.c b/hw/ipmi/ipmi-info.c index 56370037..38d8445a 100644 --- a/hw/ipmi/ipmi-info.c +++ b/hw/ipmi/ipmi-info.c @@ -23,7 +23,7 @@ #include /* - * Respones data from IPMI Get device ID command (As defined in + * Response data from IPMI Get device ID command (As defined in * Section 20.1 Get Device ID Command - IPMI standard spec). */ struct ipmi_dev_id { @@ -39,9 +39,27 @@ struct ipmi_dev_id { }; static struct ipmi_dev_id *ipmi_dev_id; +/* + * Response data from IPMI Chassis Get System Boot Option (As defined in + * Section 28.13 Get System Boot Options Command - IPMI standard spec). + */ +struct ipmi_sys_boot_opt { + uint8_t param_version; + uint8_t param_valid; + /* + * Fields for OEM parameter 0x62. This parameter does not follow + * the normal layout and just has a single byte to signal if it + * is active or not. + */ + uint8_t flag_set; +}; +static struct ipmi_sys_boot_opt *ipmi_sys_boot_opt; + /* Got response from BMC? */ static bool bmc_info_waiting = false; static bool bmc_info_valid = false; +static bool bmc_boot_opt_waiting = false; +static bool bmc_boot_opt_valid = false; /* This will free ipmi_dev_id structure */ void ipmi_dt_add_bmc_info(void) @@ -79,8 +97,14 @@ static void ipmi_get_bmc_info_resp(struct ipmi_msg *msg) return; } - bmc_info_valid = true; - memcpy(ipmi_dev_id, msg->data, msg->resp_size); + /* ipmi_dev_id has optional fields */ + if (msg->resp_size <= sizeof(struct ipmi_dev_id)) { + bmc_info_valid = true; + memcpy(ipmi_dev_id, msg->data, msg->resp_size); + } else { + prlog(PR_WARNING, "IPMI: IPMI_BMC_GET_DEVICE_ID unexpected response size\n"); + } + ipmi_free_msg(msg); } @@ -110,3 +134,79 @@ int ipmi_get_bmc_info_request(void) bmc_info_waiting = true; return rc; } + +/* This will free ipmi_sys_boot_opt structure */ +int ipmi_chassis_check_sbe_validation(void) +{ + int rc = -1; + + while (bmc_boot_opt_waiting) + time_wait_ms(10); + + if (!bmc_boot_opt_valid) + goto out; + + if ((ipmi_sys_boot_opt->param_valid & 0x8) != 0) + goto out; + if (ipmi_sys_boot_opt->param_valid != 0x62) + goto out; + + rc = ipmi_sys_boot_opt->flag_set; + +out: + free(ipmi_sys_boot_opt); + return rc; +} + +static void ipmi_get_chassis_boot_opt_resp(struct ipmi_msg *msg) +{ + bmc_boot_opt_waiting = false; + + if (msg->cc != IPMI_CC_NO_ERROR) { + prlog(PR_INFO, "IPMI: IPMI_CHASSIS_GET_BOOT_OPT cmd returned error" + " [rc : 0x%x]\n", msg->data[0]); + ipmi_free_msg(msg); + return; + } + + if (msg->resp_size == sizeof(struct ipmi_sys_boot_opt)) { + bmc_boot_opt_valid = true; + memcpy(ipmi_sys_boot_opt, msg->data, msg->resp_size); + } else { + prlog(PR_WARNING, "IPMI: IPMI_CHASSIS_GET_BOOT_OPT unexpected response size\n"); + } + + ipmi_free_msg(msg); +} + +int ipmi_get_chassis_boot_opt_request(void) +{ + int rc; + struct ipmi_msg *msg; + uint8_t req[] = { + 0x62, /* OEM parameter (SBE Validation on astbmc) */ + 0x00, /* no set selector */ + 0x00, /* no block selector */ + }; + + ipmi_sys_boot_opt = zalloc(sizeof(struct ipmi_sys_boot_opt)); + assert(ipmi_sys_boot_opt); + + msg = ipmi_mkmsg(IPMI_DEFAULT_INTERFACE, IPMI_CHASSIS_GET_BOOT_OPT, + ipmi_get_chassis_boot_opt_resp, NULL, req, + sizeof(req), sizeof(struct ipmi_sys_boot_opt)); + if (!msg) + return OPAL_NO_MEM; + + msg->error = ipmi_get_chassis_boot_opt_resp; + prlog(PR_INFO, "IPMI: Requesting IPMI_CHASSIS_GET_BOOT_OPT\n"); + rc = ipmi_queue_msg(msg); + if (rc) { + prlog(PR_ERR, "IPMI: Failed to queue IPMI_CHASSIS_GET_BOOT_OPT\n"); + ipmi_free_msg(msg); + return rc; + } + + bmc_boot_opt_waiting = true; + return rc; +} diff --git a/include/ipmi.h b/include/ipmi.h index da85c4b0..ec9f3c49 100644 --- a/include/ipmi.h +++ b/include/ipmi.h @@ -109,6 +109,7 @@ #define IPMI_GET_SEL_TIME IPMI_CODE(IPMI_NETFN_STORAGE, 0x48) #define IPMI_SET_SEL_TIME IPMI_CODE(IPMI_NETFN_STORAGE, 0x49) #define IPMI_CHASSIS_CONTROL IPMI_CODE(IPMI_NETFN_CHASSIS, 0x02) +#define IPMI_CHASSIS_GET_BOOT_OPT IPMI_CODE(IPMI_NETFN_CHASSIS, 0x09) #define IPMI_BMC_GET_DEVICE_ID IPMI_CODE(IPMI_NETFN_APP, 0x01) #define IPMI_SET_POWER_STATE IPMI_CODE(IPMI_NETFN_APP, 0x06) #define IPMI_GET_POWER_STATE IPMI_CODE(IPMI_NETFN_APP, 0x07) @@ -291,4 +292,10 @@ extern int ipmi_get_bmc_info_request(void); /* Add BMC firmware info to device tree */ extern void ipmi_dt_add_bmc_info(void); +/* Get BMC Boot Options info (specifically OEM param 0x62) */ +int ipmi_get_chassis_boot_opt_request(void); + +/* Get OEM Boot Option 0x62 for SBE validation flag */ +int ipmi_chassis_check_sbe_validation(void); + #endif diff --git a/include/platform.h b/include/platform.h index f63c24a3..4f8627a3 100644 --- a/include/platform.h +++ b/include/platform.h @@ -232,6 +232,11 @@ struct platform { * OPAL terminate */ void __attribute__((noreturn)) (*terminate)(const char *msg); + + /* + * SEEPROM update routine + */ + void (*seeprom_update)(void); }; extern struct platform __platforms_start; diff --git a/platforms/astbmc/astbmc.h b/platforms/astbmc/astbmc.h index fe358b74..c302b607 100644 --- a/platforms/astbmc/astbmc.h +++ b/platforms/astbmc/astbmc.h @@ -103,6 +103,7 @@ extern void astbmc_ext_irq_serirq_cpld(unsigned int chip_id); extern int pnor_init(void); extern void check_all_slot_table(void); extern void astbmc_exit(void); +extern void astbmc_seeprom_update(void); extern void slot_table_init(const struct slot_table_entry *top_table); extern void slot_table_get_slot_info(struct phb *phb, struct pci_device * pd); diff --git a/platforms/astbmc/common.c b/platforms/astbmc/common.c index faa73e2f..76fa25f8 100644 --- a/platforms/astbmc/common.c +++ b/platforms/astbmc/common.c @@ -26,6 +26,7 @@ #include #include #include +#include #include "astbmc.h" @@ -168,6 +169,69 @@ int64_t astbmc_ipmi_reboot(void) return ipmi_chassis_control(IPMI_CHASSIS_HARD_RESET); } +void astbmc_seeprom_update(void) +{ + int flag_set, counter, rc; + + rc = ipmi_get_chassis_boot_opt_request(); + + if (rc) { + prlog(PR_WARNING, "Failed to check SBE validation flag\n"); + return; + } + + flag_set = ipmi_chassis_check_sbe_validation(); + + if (flag_set <= 0) { + prlog(PR_DEBUG, "SBE validation flag unset or invalid\n"); + return; + } + + /* + * Flag is set, wait until SBE validation is complete and the flag + * has been reset. + */ + prlog(PR_WARNING, "SBE validation required, waiting for completion\n"); + prlog(PR_WARNING, "System will be powered off if validation fails\n"); + counter = 0; + + while (flag_set > 0) { + time_wait_ms(10000); + if (++counter % 3 == 0) { + /* Let the user know we're alive every 30s */ + prlog(PR_WARNING, "waiting for completion...\n"); + } + if (counter == 180) { + /* This is longer than expected and we have no way of + * checking if it's still running. Apologies if you + * ever see this message. + */ + prlog(PR_WARNING, "30 minutes has elapsed, this is longer than expected for verification\n"); + prlog(PR_WARNING, "If no progress is made a power reset of the BMC and Host may be required\n"); + counter = 0; + } + + /* As above, loop anyway if we fail to check the flag */ + rc = ipmi_get_chassis_boot_opt_request(); + if (rc == 0) + flag_set = ipmi_chassis_check_sbe_validation(); + else + prlog(PR_WARNING, "Failed to check SBE validation flag\n"); + } + + /* + * The SBE validation can (will) leave the SBE in a bad state, + * preventing timers from working properly. Reboot so that we + * can boot normally with everything intact. + */ + prlog(PR_WARNING, "SBE validation complete, rebooting\n"); + if (platform.cec_reboot) + platform.cec_reboot(); + else + abort(); + while(true); +} + static void astbmc_fixup_dt_system_id(void) { /* Make sure we don't already have one */ diff --git a/platforms/astbmc/garrison.c b/platforms/astbmc/garrison.c index 5cbe64b5..ddd33721 100644 --- a/platforms/astbmc/garrison.c +++ b/platforms/astbmc/garrison.c @@ -305,4 +305,5 @@ DECLARE_PLATFORM(garrison) = { .resource_loaded = flash_resource_loaded, .exit = ipmi_wdt_final_reset, .terminate = ipmi_terminate, + .seeprom_update = astbmc_seeprom_update, }; diff --git a/platforms/astbmc/habanero.c b/platforms/astbmc/habanero.c index 8e11b81e..ab010278 100644 --- a/platforms/astbmc/habanero.c +++ b/platforms/astbmc/habanero.c @@ -149,4 +149,5 @@ DECLARE_PLATFORM(habanero) = { .resource_loaded = flash_resource_loaded, .exit = ipmi_wdt_final_reset, .terminate = ipmi_terminate, + .seeprom_update = astbmc_seeprom_update, }; diff --git a/platforms/astbmc/p8dnu.c b/platforms/astbmc/p8dnu.c index 9d42fc43..391aa7a8 100644 --- a/platforms/astbmc/p8dnu.c +++ b/platforms/astbmc/p8dnu.c @@ -361,4 +361,5 @@ DECLARE_PLATFORM(p8dnu) = { .resource_loaded = flash_resource_loaded, .exit = ipmi_wdt_final_reset, .terminate = ipmi_terminate, + .seeprom_update = astbmc_seeprom_update, }; diff --git a/platforms/astbmc/p8dtu.c b/platforms/astbmc/p8dtu.c index 69500ea2..6f66dc22 100644 --- a/platforms/astbmc/p8dtu.c +++ b/platforms/astbmc/p8dtu.c @@ -262,6 +262,7 @@ DECLARE_PLATFORM(p8dtu1u) = { .resource_loaded = flash_resource_loaded, .exit = ipmi_wdt_final_reset, .terminate = ipmi_terminate, + .seeprom_update = astbmc_seeprom_update, }; DECLARE_PLATFORM(p8dtu2u) = { @@ -279,5 +280,6 @@ DECLARE_PLATFORM(p8dtu2u) = { .resource_loaded = flash_resource_loaded, .exit = ipmi_wdt_final_reset, .terminate = ipmi_terminate, + .seeprom_update = astbmc_seeprom_update, }; From patchwork Wed May 8 05:12:23 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sam Mendoza-Jonas X-Patchwork-Id: 1096666 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 44zPlD0Js1z9s4Y for ; Wed, 8 May 2019 15:13:44 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=mendozajonas.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=mendozajonas.com header.i=@mendozajonas.com header.b="xAt8VgB/"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="U/KxFyYt"; dkim-atps=neutral Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 44zPlC2xChzDqKy for ; Wed, 8 May 2019 15:13:43 +1000 (AEST) X-Original-To: skiboot-stable@lists.ozlabs.org Delivered-To: skiboot-stable@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=mendozajonas.com (client-ip=66.111.4.25; helo=out1-smtp.messagingengine.com; envelope-from=sam@mendozajonas.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=mendozajonas.com Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=mendozajonas.com header.i=@mendozajonas.com header.b="xAt8VgB/"; dkim=pass (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="U/KxFyYt"; dkim-atps=neutral Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 44zPk76nFjzDqLT; Wed, 8 May 2019 15:12:47 +1000 (AEST) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 5189F2106A; Wed, 8 May 2019 01:12:45 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Wed, 08 May 2019 01:12:45 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= mendozajonas.com; h=from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; s=fm2; bh=hf9LzIhj4CmcViXhA1qPbZ/oTm9eO0gFn3+v1+ugcP0=; b=xAt8V gB/bW/o6HpWV9XoV99YCmKd4eKHcraUxU/sAmIXjOD+huZ5JYhxZt2kmLq9UWnKO xllxWIGor1fBBsAT6YrbVgP3hm2o9Bv7Y4pSRxzsnSgMpCC1OOcvZJU1xPkKBWdU L93X7YnMGkvo4ViYMig3xHhcB3BCRcyljS1nokMtzs6zCJLyERDGOsURJQEhFgmF dMhB8ctvdILthsizu6hciFlXLWSBbskM3AF78Qks91p3onXU25qS4danuwDV5YYT u76tHQS4UctRLqg0hq2j40XNylsG4hfeFs4VdySXzI/Hc1OHHi1Dg6IMjeTpWBG3 cNug2VRjPxzIRx5tQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=hf9LzIhj4CmcViXhA1qPbZ/oTm9eO0gFn3+v1+ugcP0=; b=U/KxFyYt ZNDsgW8hrH7iTxxj0rH2fgG1z7ykWjYLCC1Vfl14Vnax6Wg6wGdtoc0vK77wNz4v 1WNw1JwTxDPGUOhCnH2EFrnHg2mgr34IGir8tPw2HvjLbwh1XvmdkPVpZKQXmKQY IYRzBraL3QpPQQknyEV+WFnhgzyjEE/eVTYhSEdyYpdnFY1l6zRTrq067N6DR3UT I6f+aBPPNTkSi/BwQZdZ3y3WzS+hltmNIU6oOlyl01TilAh5chTpUIykDZ3ykg1/ LnR7QV+FsWnl9i23bCoT2vGkqGy/+A7opi1rUUPVTIJDwx0GUBPY4fX30WTbcbc1 Xt+M05vFo26gCQ== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduuddrkedugdelvdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhephffvufffkffojghfggfgsedtkeertd ertddtnecuhfhrohhmpefurghmuhgvlhcuofgvnhguohiirgdqlfhonhgrshcuoehsrghm sehmvghnughoiigrjhhonhgrshdrtghomheqnecukfhppeduvddvrdelledrkedvrddutd enucfrrghrrghmpehmrghilhhfrhhomhepshgrmhesmhgvnhguohiirghjohhnrghsrdgt ohhmnecuvehluhhsthgvrhfuihiivgepud X-ME-Proxy: Received: from v4.ozlabs.ibm.com (unknown [122.99.82.10]) by mail.messagingengine.com (Postfix) with ESMTPA id 02ABB80060; Wed, 8 May 2019 01:12:42 -0400 (EDT) From: Samuel Mendoza-Jonas To: skiboot@lists.ozlabs.org Date: Wed, 8 May 2019 15:12:23 +1000 Message-Id: <20190508051223.14982-3-sam@mendozajonas.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190508051223.14982-1-sam@mendozajonas.com> References: <20190508051223.14982-1-sam@mendozajonas.com> MIME-Version: 1.0 Subject: [Skiboot-stable] [PATCH v6 3/3] doc/bmc: Document SBE validation on P8 platforms X-BeenThere: skiboot-stable@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Patches, review, and discussion for stable releases of skiboot" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: skiboot-stable@lists.ozlabs.org Errors-To: skiboot-stable-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot-stable" Signed-off-by: Samuel Mendoza-Jonas Reviewed-by: Andrew Jeffery --- v4: Describe why we're rebooting now doc/bmc.rst | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/doc/bmc.rst b/doc/bmc.rst index bbb390a7..46ae863e 100644 --- a/doc/bmc.rst +++ b/doc/bmc.rst @@ -53,3 +53,30 @@ Real-time clock On platforms where a real-time-clock is not available, skiboot may use the IPMI SEL Time as a real-time-clock device. + +SBE validation +-------------- + +On some P8 platforms with an AMI or SMC BMC (ie. astbmc) SBE validation is done +by a tool on the BMC. This is done to inspect the SBE and detect if a malicious +host has written to the SBE, especially in multi-tenant +"Bare-Metal-As-A-Service" scenarios. + +To complicate this the SBE validation occurs at host-runtime and reads the SBE +SEEPROM over I2C using the FSI master which will conflict with anything the +host may be doing at the same time. To avoid this Skiboot will pause boot until +the validation is complete. +If SBE validation is required the BMC will communicate this to Skiboot by +setting an IPMI System Boot Option with OEM parameter 0x62. When this flag is +set Skiboot will pause and wait for the validation to complete and the flag to +be cleared. This ensures the validation completes before the execution is passed +to Petitboot and the host operating system and any conflicts could occur. During +this process Skiboot will print + SBE validation required, waiting for completion + System will be powered off if validation fails +to the console with an update every minute until complete. + +Unfortunately the validation performed by the BMC leaves the SBE in a bad +state. Once the validation is complete Skiboot will reboot to reset everything +to a good state and normal booting can resume. No such reboot is required if +the flag is not set and validation doesn't occur.