diff options
| -rw-r--r-- | src/usr/hwas/hwasPlatDeconfigGard.C | 4 | ||||
| -rwxr-xr-x | src/usr/i2c/tpmdd.C | 8 | ||||
| -rw-r--r-- | src/usr/secureboot/trusted/trustedboot.C | 103 | ||||
| -rw-r--r-- | src/usr/secureboot/trusted/trustedbootUtils.H | 14 |
4 files changed, 97 insertions, 32 deletions
diff --git a/src/usr/hwas/hwasPlatDeconfigGard.C b/src/usr/hwas/hwasPlatDeconfigGard.C index a8aa334c5..920f69ef2 100644 --- a/src/usr/hwas/hwasPlatDeconfigGard.C +++ b/src/usr/hwas/hwasPlatDeconfigGard.C @@ -567,7 +567,9 @@ void DeconfigGard::platPostDeconfigureTarget( { HWAS_INF("platPostDeconfigureTarget: Deconfiguring TPM 0x%08X", get_huid(i_pTarget)); - (void)TRUSTEDBOOT::tpmMarkFailed(i_pTarget); + errlHndl_t pError = nullptr; // No error log with FFDC + (void)TRUSTEDBOOT::tpmMarkFailed(i_pTarget, + pError); } #endif // CONFIG_TPMDD #endif // #ifndef __HOSTBOOT_RUNTIME diff --git a/src/usr/i2c/tpmdd.C b/src/usr/i2c/tpmdd.C index a64b43154..11e60b50c 100755 --- a/src/usr/i2c/tpmdd.C +++ b/src/usr/i2c/tpmdd.C @@ -48,6 +48,7 @@ #include <i2c/i2creasoncodes.H> #include <i2c/tpmddreasoncodes.H> #include <i2c/i2cif.H> +#include <secureboot/service.H> #include "tpmdd.H" #include "errlud_i2c.H" @@ -297,12 +298,17 @@ errlHndl_t tpmPerformOp( DeviceFW::OperationType i_opType, } while( 0 ); + if ( err != nullptr ) + { + // Add Security Registers to the error log + SECUREBOOT::addSecurityRegistersToErrlog(err); + } + if( unlock ) { mutex_unlock( & g_tpmMutex ); } - TRACDCOMP( g_trac_tpmdd, EXIT_MRK"tpmPerformOp() - %s", ((NULL == err) ? "No Error" : "With Error") ); diff --git a/src/usr/secureboot/trusted/trustedboot.C b/src/usr/secureboot/trusted/trustedboot.C index 43ce1f330..88d1158d0 100644 --- a/src/usr/secureboot/trusted/trustedboot.C +++ b/src/usr/secureboot/trusted/trustedboot.C @@ -362,7 +362,7 @@ void* host_update_master_tpm( void *io_pArgs ) getBackupTpm(pBackupTpm); if(pBackupTpm == nullptr) { - TRACUCOMP( g_trac_trustedboot, + TRACFCOMP( g_trac_trustedboot, "host_update_master_tpm() " "Backup TPM unavailable " "since it's not in the system blueprint."); @@ -558,12 +558,11 @@ void tpmInitialize(TRUSTEDBOOT::TpmTarget* const i_pTpm) } while ( 0 ); - // If the TPM failed we will mark it not functional + // If the TPM failed we will mark it not functional and commit err if (nullptr != err) { - tpmMarkFailed(i_pTpm); - // Log this failure - errlCommit(err, TRBOOT_COMP_ID); + // err will be committed and set to nullptr + tpmMarkFailed(i_pTpm, err); } TRACDCOMP( g_trac_trustedboot, @@ -644,13 +643,12 @@ void tpmReplayLog(TRUSTEDBOOT::TpmTarget* const i_pTpm) } } } + // If the TPM failed we will mark it not functional and commit errl if (err) { - tpmMarkFailed(i_pTpm); - errlCommit(err, TRBOOT_COMP_ID); - delete err; - err = nullptr; + // err will be committed and set to nullptr + tpmMarkFailed(i_pTpm, err); } } @@ -855,10 +853,8 @@ void pcrExtendSingleTpm(TpmTarget* const i_pTpm, if (nullptr != err) { // We failed to extend to this TPM we can no longer use it - tpmMarkFailed(i_pTpm); - - // Log this failure - errlCommit(err, TRBOOT_COMP_ID); + // Mark TPM as not functional, commit err and set it to nullptr + tpmMarkFailed(i_pTpm, err); } if (unlock) @@ -977,7 +973,8 @@ void pcrExtendSeparator(TpmTarget* const i_pTpm) if (nullptr != err) { // We failed to extend to this TPM we can no longer use it - tpmMarkFailed(i_pTpm); + // Mark TPM as not functional, commit err and set it to nullptr + tpmMarkFailed(i_pTpm, err); // Log this failure errlCommit(err, TRBOOT_COMP_ID); @@ -990,7 +987,8 @@ void pcrExtendSeparator(TpmTarget* const i_pTpm) return; } -void tpmMarkFailed(TpmTarget* const i_pTpm) +void tpmMarkFailed(TpmTarget* const i_pTpm, + errlHndl_t& io_err) { assert(i_pTpm != nullptr,"tpmMarkFailed: BUG! i_pTpm was nullptr"); assert(i_pTpm->getAttr<TARGETING::ATTR_TYPE>() == TARGETING::TYPE_TPM, @@ -999,8 +997,9 @@ void tpmMarkFailed(TpmTarget* const i_pTpm) TRACFCOMP( g_trac_trustedboot, ENTER_MRK"tpmMarkFailed() Marking TPM as failed : " - "tgt=0x%08X", - TARGETING::get_huid(i_pTpm)); + "tgt=0x%08X; io_err rc=0x%04X, plid=0x%08X", + TARGETING::get_huid(i_pTpm), ERRL_GETRC_SAFE(io_err), + ERRL_GETPLID_SAFE(io_err)); auto hwasState = i_pTpm->getAttr< TARGETING::ATTR_HWAS_STATE>(); @@ -1086,18 +1085,44 @@ void tpmMarkFailed(TpmTarget* const i_pTpm) } while(0); + // If we got a local error log, link it to input error log and then + // commit it if (l_err) { - TRACFCOMP(g_trac_trustedboot, - ERR_MRK "Processor tgt=0x%08X TPM tgt=0x%08X. Deconfiguring " - "processor because future security cannot be guaranteed.", - TARGETING::get_huid(l_proc), - TARGETING::get_huid(l_tpm)); - - // save the plid from the error before commiting + // commit this error log first before creating the new one auto plid = l_err->plid(); + // If we have an input error log then link these all together + if (io_err) + { + TRACFCOMP(g_trac_trustedboot, + ERR_MRK "tpmMarkFailed(): Processor tgt=0x%08X TPM tgt=0x%08X. " + "Deconfiguring proc because future security cannot be " + "guaranteed. Linking new l_err rc=0x%04X eid=0x%08X to " + "io_err rc=0x%04X, plid=0x%08X", + TARGETING::get_huid(l_proc), + TARGETING::get_huid(l_tpm), + l_err->reasonCode(), l_err->eid(), + io_err->reasonCode(), io_err->plid()); + + // Use io_err's plid to link all errors together + plid = io_err->plid(); + l_err->plid(plid); + } + else + { + TRACFCOMP(g_trac_trustedboot, + ERR_MRK "tpmMarkFailed(): Processor tgt=0x%08X TPM tgt=0x%08X: " + "Deconfiguring proc because future security cannot be " + "guaranteed due to new l_err rc=0x%04X plid=0x%08X", + TARGETING::get_huid(l_proc), + TARGETING::get_huid(l_tpm), + l_err->reasonCode(), l_err->plid()); + } + ERRORLOG::ErrlUserDetailsTarget(l_proc).addToLog(l_err); + l_err->collectTrace(SECURE_COMP_NAME); + l_err->collectTrace(TRBOOT_COMP_NAME); // commit this error log first before creating the new one errlCommit(l_err, TRBOOT_COMP_ID); @@ -1120,6 +1145,16 @@ void tpmMarkFailed(TpmTarget* const i_pTpm) TARGETING::get_huid(l_proc), TARGETING::get_huid(l_tpm)); + // Pass on the plid to connect all previous error(s) + l_err->plid(plid); + + TRACFCOMP(g_trac_trustedboot, + ERR_MRK "tpmMarkFailed(): Processor tgt=0x%08X TPM tgt=0x%08X. " + "Deconfiguring proc errorlog is rc=0x%04X plid=0x%08X, eid=0x%08X", + TARGETING::get_huid(l_proc), + TARGETING::get_huid(l_tpm), + l_err->reasonCode(), l_err->plid(), l_err->eid()); + l_err->addHwCallout(l_proc, HWAS::SRCI_PRIORITY_LOW, HWAS::DELAYED_DECONFIG, @@ -1128,14 +1163,25 @@ void tpmMarkFailed(TpmTarget* const i_pTpm) l_err->collectTrace(SECURE_COMP_NAME); l_err->collectTrace(TRBOOT_COMP_NAME); - // pass on the plid from the previous error log to the new one - l_err->plid(plid); - ERRORLOG::ErrlUserDetailsTarget(l_proc).addToLog(l_err); ERRORLOG::errlCommit(l_err, TRBOOT_COMP_ID); } #endif + + // Commit input error log + if (io_err) + { + TRACFCOMP(g_trac_trustedboot, + ERR_MRK "Committing io_err rc=0x%04X plid=0x%08X, eid=0x%08X", + io_err->reasonCode(), io_err->plid(), io_err->eid()); + + io_err->collectTrace(SECURE_COMP_NAME); + io_err->collectTrace(TRBOOT_COMP_NAME); + + ERRORLOG::errlCommit(io_err, TRBOOT_COMP_ID); + } + } void tpmVerifyFunctionalTpmExists( @@ -1209,6 +1255,9 @@ void tpmVerifyFunctionalTpmExists( err->collectTrace( TPMDD_COMP_NAME ); uint32_t errPlid = err->plid(); + // Add Security Registers to the error log + SECUREBOOT::addSecurityRegistersToErrlog(err); + // HW callout TPMs TARGETING::TargetHandleList l_tpmList; TRUSTEDBOOT::getTPMs(l_tpmList, TPM_FILTER::ALL_IN_BLUEPRINT); diff --git a/src/usr/secureboot/trusted/trustedbootUtils.H b/src/usr/secureboot/trusted/trustedbootUtils.H index 1ebad2fef..887aaf70f 100644 --- a/src/usr/secureboot/trusted/trustedbootUtils.H +++ b/src/usr/secureboot/trusted/trustedbootUtils.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2015,2017 */ +/* Contributors Listed Below - COPYRIGHT 2015,2018 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -81,9 +81,17 @@ errlHndl_t tpmCreateErrorLog(const uint8_t i_modId, /** * @brief Mark the TPM as non-functional and take required steps * - * @param[in] i_pTpm Handle to TPM target + * @param[in] i_pTpm - Handle to TPM target + * + * @param[in] io_errLog - Handle to Error Log used to collect FFDC + * -- This log will be COMMITED in this function + * and the handle will be set to nullptr + * -- Any additional fails in marking the TPM as + * non-functional will be linked to this + * -- If nullptr, then the above actions are no-ops */ -void tpmMarkFailed(TpmTarget * i_pTpm); +void tpmMarkFailed(TpmTarget * i_pTpm, + errlHndl_t & io_errLog); #ifdef __cplusplus } // end TRUSTEDBOOT namespace |
