2 files changed, 14 insertions, 2 deletions

diff --git a/src/include/usr/secureboot/trustedboot_reasoncodes.H b/src/include/usr/secureboot/trustedboot_reasoncodes.H
index bc2031080..134dea900 100644
--- a/src/include/usr/secureboot/trustedboot_reasoncodes.H
+++ b/src/include/usr/secureboot/trustedboot_reasoncodes.H
@@ -56,6 +56,7 @@ namespace TRUSTEDBOOT
         MOD_TPM_PCREXTEND               = 0x0A,
         MOD_TPM_TPMDAEMON               = 0x0B,
         MOD_TPM_SYNCRESPONSE            = 0x0C,
+        MOD_TPM_SEPARATOR               = 0x0D,
 
         MOD_TPMLOGMGR_INITIALIZE        = 0x10,
         MOD_TPMLOGMGR_ADDEVENT          = 0x11,
@@ -84,8 +85,8 @@ namespace TRUSTEDBOOT
         RC_TPM_COMMAND_FAIL             = SECURE_COMP_ID | 0xAE,
         RC_TPM_INVALID_ARGS             = SECURE_COMP_ID | 0xAF,
         RC_TPMLOGMGR_LOGWALKFAIL        = SECURE_COMP_ID | 0xB0,
-        RC_PCREXTEND_SENDRECV_FAIL      = SECURE_COMP_ID | 0xB1,
-        RC_PCREXTEND_SEND_FAIL          = SECURE_COMP_ID | 0xB2,
+        RC_SENDRECV_FAIL                = SECURE_COMP_ID | 0xB1,
+        RC_SEND_FAIL                    = SECURE_COMP_ID | 0xB2,
         RC_MSGRESPOND_FAIL              = SECURE_COMP_ID | 0xB3,
     };
 #ifdef __cplusplus
diff --git a/src/include/usr/secureboot/trustedbootif.H b/src/include/usr/secureboot/trustedbootif.H
index 21ab262a6..ae6d183af 100644
--- a/src/include/usr/secureboot/trustedbootif.H
+++ b/src/include/usr/secureboot/trustedbootif.H
@@ -71,9 +71,12 @@ namespace TRUSTEDBOOT
     {
         PCR_0     = 0,
         PCR_1     = 1,
+        PCR_2     = 2,
+        PCR_3     = 3,
         PCR_4     = 4,
         PCR_5     = 5,
         PCR_6     = 6,
+        PCR_7     = 7,
         PCR_DEBUG = 16,
         PLATFORM_PCR = 24, ///< The number of PCR required by the platform spec
         IMPLEMENTATION_PCR = 24, ///< The number of PCRs implemented by TPM
@@ -109,6 +112,14 @@ namespace TRUSTEDBOOT
                          bool i_sendAsync = true);
 
     /**
+     * @brief Extend a separator into the TPMs and log atomically
+     * @param[in] i_sendAsync Perform extension asynchronously, default true
+     * @return errlHndl_t NULL if successful, otherwise a pointer to the
+     *      error log.
+     */
+    errlHndl_t pcrExtendSeparator(bool i_sendAsync = true);
+
+    /**
      * @brief Return a set of information related to every unique
      *        functional TPM in the system
      *