/** @file This file contains various definitions for IHV HSTI implementation including error string definitions Copyright (c) 2017, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent **/ #ifndef __HSTI_FEATURE_BIT_H__ #define __HSTI_FEATURE_BIT_H__ #define HSTI_SECURITY_FEATURE_SIZE 3 #define HSTI_ERROR L"Error " #define HSTI_PLATFORM_SECURITY_SPECIFICATION L" Platform Security Specification" #define HSTI_BOOTGUARD_CONFIGURATION L" - Boot Guard Configuration - " #define HSTI_SPI_FLASH_CONFIGURATION L" - SPI Flash Configuration - " #define HSTI_PCH_SECURITY_CONFIGURATION L" - PCH Security Configuration - " #define HSTI_BIOS_GUARD_SECURITY_CONFIGURATION L" - BIOS Guard Security Configuration - " #define HSTI_MEASURED_BOOT_CONFIGURATION L" - Measured Boot Configuration - " #define HSTI_INTEGRATED_DEVICE_DMA_PROTECTION L" - Integrated Device DMA Protection - " #define HSTI_CPU_SECURITY_CONFIGURATION L" - CPU Security Configuration - " #define HSTI_SYSTEM_AGENT_SECURITY_CONFIGURATION L" - Secure System Agent Security Configuration - " #define HSTI_MEMORY_MAP_SECURITY_CONFIGURATION L" - Memory Map Security Configuration - " #define HSTI_PROCESSOR_GRAPHICS_SECURITY_CONFIGURATION L" - Processor Graphics Security Configuration - " #define HSTI_PROCESSOR_SPD_SECURITY_CONFIGURATION L" - SPD Security Configuration - " #define HSTI_BYTE0_HARDWARE_ROOTED_BOOT_INTEGRITY BIT0 #define HSTI_BYTE0_HARDWARE_ROOTED_BOOT_INTEGRITY_ERROR_CODE_1 L"0x00000001" #define HSTI_BYTE0_HARDWARE_ROOTED_BOOT_INTEGRITY_ERROR_STRING_1 L"Boot Guard configured without Verified Boot\r\n" #define HSTI_BYTE0_HARDWARE_ROOTED_BOOT_INTEGRITY_ERROR_CODE_2 L"0x00000002" #define HSTI_BYTE0_HARDWARE_ROOTED_BOOT_INTEGRITY_ERROR_STRING_2 L"Boot Guard disabled\r\n" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION BIT1 #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_CODE_1 L"0x00010001" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_STRING_1 L"SPI Flash not write protected\r\n" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_CODE_2 L"0x00010002" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_STRING_2 L"SPI Flash descriptor overridden\r\n" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_CODE_3 L"0x00010003" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_STRING_3 L"SPI Controller configuration unlocked\r\n" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_CODE_4 L"0x00010004" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_STRING_4 L"SPI Controller BIOS Interface unlocked\r\n" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_CODE_5 L"0x00010005" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_STRING_5 L"Top Swap enabled\r\n" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_CODE_6 L"0x00010006" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_STRING_6 L"SPI Vendor Specific Component Capabilities unlocked\r\n" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_CODE_7 L"0x00010007" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_STRING_7 L"SPI Controller GbE Interface unlocked\r\n" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_CODE_8 L"0x00010008" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_STRING_8 L"ME FW not in Normal Working State\r\n" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_CODE_9 L"0x00010009" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_STRING_9 L"Flash Descriptor Invalid\r\n" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_CODE_A L"0x0001000A" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_STRING_A L"SPI Region Access Rights Invalid\r\n" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_CODE_B L"0x0001000B" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_STRING_B L"SPI SW Sequencing OPCODEs insufficiently restrained\r\n" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_CODE_C L"0x0001000C" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_STRING_C L"Allowed SPI SW Sequencing OPCODE configuration incorrect\r\n" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_CODE_D L"0x0001000D" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_STRING_D L"Global SMI not enabled and locked\r\n" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_CODE_E L"0x0001000E" #define HSTI_BYTE0_BOOT_FIRMWARE_MEDIA_PROTECTION_ERROR_STRING_E L"TCO SMI not enabled and locked\r\n" #define HSTI_BYTE0_SIGNED_FIRMWARE_UPDATE BIT2 #define HSTI_BYTE0_SIGNED_FIRMWARE_UPDATE_ERROR_CODE_1 L"0x00020001" #define HSTI_BYTE0_SIGNED_FIRMWARE_UPDATE_ERROR_STRING_1 L"BIOS Guard unsupported\r\n" #define HSTI_BYTE0_SIGNED_FIRMWARE_UPDATE_ERROR_CODE_2 L"0x00020002" #define HSTI_BYTE0_SIGNED_FIRMWARE_UPDATE_ERROR_STRING_2 L"BIOS Guard configuration unlocked\r\n" #define HSTI_BYTE0_SIGNED_FIRMWARE_UPDATE_ERROR_CODE_3 L"0x00020001" #define HSTI_BYTE0_SIGNED_FIRMWARE_UPDATE_ERROR_STRING_3 L"BIOS Guard disabled\r\n" #define HSTI_BYTE0_MEASURED_BOOT_ENFORCEMENT BIT3 #define HSTI_BYTE0_MEASURED_BOOT_ENFORCEMENT_ERROR_CODE_1 L"0x00030001" #define HSTI_BYTE0_MEASURED_BOOT_ENFORCEMENT_ERROR_STRING_1 L"Chipset supports FW TPM, however no TPM enabled\r\n" #define HSTI_BYTE0_MEASURED_BOOT_ENFORCEMENT_ERROR_CODE_2 L"0x00030002" #define HSTI_BYTE0_MEASURED_BOOT_ENFORCEMENT_ERROR_STRING_2 L"PCR[7] is not initialized\r\n" #define HSTI_BYTE0_MEASURED_BOOT_ENFORCEMENT_ERROR_CODE_3 L"0x00030003" #define HSTI_BYTE0_MEASURED_BOOT_ENFORCEMENT_ERROR_STRING_3 L"Event Log is not published or invalid\r\n" #define HSTI_BYTE0_MEASURED_BOOT_ENFORCEMENT_ERROR_CODE_4 L"0x00030004" #define HSTI_BYTE0_MEASURED_BOOT_ENFORCEMENT_ERROR_STRING_4 L"Platform Auth accessible via 0x00000000\r\n" #define HSTI_BYTE0_INTEGRATED_DEVICE_DMA_PROTECTION BIT4 #define HSTI_BYTE0_INTEGRATED_DEVICE_DMA_PROTECTION_ERROR_CODE_1 L"0x00040001" #define HSTI_BYTE0_INTEGRATED_DEVICE_DMA_PROTECTION_ERROR_STRING_1 L"Bus Mastering Enabled for non-boot, integrated device\r\n" #define HSTI_BYTE0_DEBUG_MODE_DISABLED_VERIFICATION BIT5 #define HSTI_BYTE0_DEBUG_MODE_DISABLED_VERIFICATION_ERROR_CODE_1 L"0x00050001" #define HSTI_BYTE0_DEBUG_MODE_DISABLED_VERIFICATION_ERROR_STRING_1 L"Debug MSR enabled\r\n" #define HSTI_BYTE0_DEBUG_MODE_DISABLED_VERIFICATION_ERROR_CODE_2 L"0x00050002" #define HSTI_BYTE0_DEBUG_MODE_DISABLED_VERIFICATION_ERROR_STRING_2 L"Debug interface unlocked\r\n" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION BIT6 #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_CODE_1 L"0x00060001" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_STRING_1 L" Minimum uCode patch revision not met\r\n" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_CODE_2 L"0x00060002" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_STRING_2 L" Pre-production silicon in use\r\n" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_CODE_3 L"0x00060003" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_STRING_3 L"VMX & Senter feature configuration unlocked\r\n" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_CODE_4 L"0x00060004" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_STRING_4 L" SMM Code Fetch feature configuration unlocked\r\n" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_STRING_4A L" SMM Code Fetch outside SMRAM detection feature is disabled\r\n" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_CODE_5 L"0x00060005" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_STRING_5 L" AES-NI Feature configuration unlocked\r\n" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_CODE_6 L"0x00060006" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_STRING_6 L" FIT table not present\r\n" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_CODE_7 L"0x00060007" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_STRING_7 L" MicrocodeRangeRegisters improperly configured or unlocked\r\n" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_CODE_8 L"0x00060008" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_STRING_8 L" SMM COnfiguration Unlocked\r\n" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_CODE_9 L"0x00060009" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_STRING_9 L" TSEG not naturally aligned\r\n" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_CODE_A L"0x0006000A" #define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_STRING_A L" Improper SMRR configuration\r\n" #define HSTI_BYTE0_SECURE_SYSTEM_AGENT_CONFIGURATION BIT7 #define HSTI_BYTE0_SECURE_SYSTEM_AGENT_CONFIGURATION_ERROR_CODE_1 L"0x00070001" #define HSTI_BYTE0_SECURE_SYSTEM_AGENT_CONFIGURATION_ERROR_STRING_1 L"Intel TXT configuration unlocked\r\n" #define HSTI_BYTE0_SECURE_SYSTEM_AGENT_CONFIGURATION_ERROR_CODE_2 L"0x00070002" #define HSTI_BYTE0_SECURE_SYSTEM_AGENT_CONFIGURATION_ERROR_STRING_2 L"Memory Controller configuration unlocked\r\n" #define HSTI_BYTE0_SECURE_SYSTEM_AGENT_CONFIGURATION_ERROR_CODE_3 L"0x00070003" #define HSTI_BYTE0_SECURE_SYSTEM_AGENT_CONFIGURATION_ERROR_STRING_3 L"System Agent configuration unlocked\r\n" #define HSTI_BYTE0_SECURE_SYSTEM_AGENT_CONFIGURATION_ERROR_CODE_4 L"0x00070004" #define HSTI_BYTE0_SECURE_SYSTEM_AGENT_CONFIGURATION_ERROR_STRING_4 L"Graphics memory configuration unlocked\r\n" #define HSTI_BYTE0_SECURE_SYSTEM_AGENT_CONFIGURATION_ERROR_CODE_5 L"0x00070005" #define HSTI_BYTE0_SECURE_SYSTEM_AGENT_CONFIGURATION_ERROR_STRING_5 L"VT-d configuration unlocked\r\n" #define HSTI_BYTE0_SECURE_SYSTEM_AGENT_CONFIGURATION_ERROR_CODE_6 L"0x00070006" #define HSTI_BYTE0_SECURE_SYSTEM_AGENT_CONFIGURATION_ERROR_STRING_6 L"Power Plane 0 Current Config unlocked\r\n" #define HSTI_BYTE1_SECURE_MEMORY_MAP_CONFIGURATION BIT0 #define HSTI_BYTE1_SECURE_MEMORY_MAP_CONFIGURATION_ERROR_CODE_1 L"0x00080001" #define HSTI_BYTE1_SECURE_MEMORY_MAP_CONFIGURATION_ERROR_STRING_1 L" Memory BAR configuration unlocked\r\n" #define HSTI_BYTE1_SECURE_MEMORY_MAP_CONFIGURATION_ERROR_CODE_2 L"0x00080002" #define HSTI_BYTE1_SECURE_MEMORY_MAP_CONFIGURATION_ERROR_STRING_2 L" Fixed MMIO regions overlap\r\n" #define HSTI_BYTE1_SECURE_MEMORY_MAP_CONFIGURATION_ERROR_CODE_3 L"0x00080003" #define HSTI_BYTE1_SECURE_MEMORY_MAP_CONFIGURATION_ERROR_STRING_3 L" Non lockable MMIO ranges overlap other critical regions\r\n" #define HSTI_BYTE1_SECURE_MEMORY_MAP_CONFIGURATION_ERROR_CODE_4 L"0x00080004" #define HSTI_BYTE1_SECURE_MEMORY_MAP_CONFIGURATION_ERROR_STRING_4 L" SPD not write protected\r\n" #define HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION BIT1 #define HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_CODE_1 L"0x00090001" #define HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_STRING_1 L" Graphics configuration unlocked\r\n" #define HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_CODE_2 L"0x00090002" #define HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_STRING_2 L"Invalid Graphics Memory Alignment\r\n" #define HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_CODE_3 L"0x00090003" #define HSTI_BYTE1_SECURE_INTEGRATED_GRAPHICS_CONFIGURATION_ERROR_STRING_3 L" Reserved Check failed\r\n" #define HSTI_BYTE1_SECURE_PCH_CONFIGURATION BIT2 #define HSTI_BYTE1_SECURE_PCH_CONFIGURATION_ERROR_CODE_1 L"0x000A0001" #define HSTI_BYTE1_SECURE_PCH_CONFIGURATION_ERROR_STRING_1 L" Thermal Configuration unlocked\r\n" #define HSTI_BYTE1_SECURE_PCH_CONFIGURATION_ERROR_CODE_2 L"0x000A0002" #define HSTI_BYTE1_SECURE_PCH_CONFIGURATION_ERROR_STRING_2 L"BAR's unlocked\r\n" #define HSTI_BYTE1_SECURE_PCH_CONFIGURATION_ERROR_CODE_3 L"0x000A0003" #define HSTI_BYTE1_SECURE_PCH_CONFIGURATION_ERROR_STRING_3 L" Reserved Check failure\r\n" #endif