| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit introduces the logic to create the master node nodecomm
request to the slave nodes and logic to process the responses from
the slave nodes. The data from the slave nodes (the slave quote) is
hashed and extended into PCR1. The binary quote blob is also included
in the TPM log as a log message.
Additional changes: the logic to relocate the TPM log to increase
its size, and the logic to allow uint8_t* instead of char* as
the TPM log message.
Change-Id: Ide4465f0d4a91aec815c9db5d765cdbde231dcd3
RTC: 203644
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/71407
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit introduces the logic to create the slave response
for the new enhanced multinode comm protocol. The slave response
consists of an eye catcher, node ID, quote and signature data
from TPM, PCR contents of the slave node TPM, Attestation Key
Certificate, and the TPM log. All of the above data is packaged
into a binary blob to be sent back to the master node.
Change-Id: I927c6ca937e6c07af4185cf54c782697c5d822f6
RTC: 203643
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/70791
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds four new TPM commands, and APIs thereto,
for enhanced secure multinode communication protocol. The
TPM commands are the base for the new protocol and will be
used as part of it.
Change-Id: I080ff87cd6001b5d2e13ae350a379cbc2c92bfcf
RTC: 202364
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/69725
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New Secure Multinode Comm protocol calls for generation of
random number that is 32 bytes in size. This commit extends
the existing GetRandom API to be able to accept a size of
the random number to be generated by TPM.
Change-Id: Ic6fc1705594f51f121ff75aaa489d6d32fe41409
RTC: 202364
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/70116
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit flags the RC_TPM_NOFUNCTIONALTPM_FAIL reason code as a terminating
reason code to tell FSP that there is an expected boot failure without a
deconfiguration. Further, when this error occurs, it TIs with this error's
reason code instead of its PLID, so that FSP will balk to the alignment check to
failover and use the backup TPM, when possible.
Change-Id: I6809dd1de6f37ce50d6528ce1014c5ede115b0dd
CQ: SW442904
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/64973
Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a synchronous message handler to TPM daemon. This message
handler is used to make sure that all of the traces are flushed
before the daemon is shut down.
Change-Id: Ibb8ea2fd12d7ded9e43f284ff44c1791e61d8767
CQ:SW435287
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/55223
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new programming interface allows us to obtain random numbers
from the TPM more easily (i.e. in a more high-level way).
Change-Id: Ibd3d3b320411bea146d6eab4d1a59ca760bc726c
RTC:191000
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/57802
Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change implements the detection and initialization of the backup
TPM in istep 10.14. The backup TPM is presence-detected and initialized;
the logs of the primary TPM are extended into the secondary TPM in istep
10.14. After the initialization of the secondary TPM, all events are
extended into both TPMs. A test was created to test whether the backup
TPM is initialized correctly.
Change-Id: I305500c9f680115e684ab153fc882b8d5364b0d4
RTC: 134912
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/57374
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Error log trace never included "TRBOOT" trace
Change-Id: I0ff99d3d3cc78a7a25c576059d69d1644a2c802d
RTC: 181899
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/50077
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I137b6f6c81cbcd3c2379e4ef34ddff021c3cd576
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/42835
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add handling of TPM deconfig and SBE Secure Seeprom Lock by
integrating the hardware procedure p9_update_security_ctrl into
Istep 10.3 and retriggering the hardware procedure any time a
TPM fails.
Change-Id: I36f57dc7aef3de6661357736a525fe25a3828c6e
RTC:153891
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/36189
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
| |
Change-Id: I11736ebe4b44e54584febc05e1dea50dd5304fa4
RTC: 155301
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/30996
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Removed TPM log manager and required functions from HBB and replaced
with a simple message queue
Change-Id: I5f5a418b6ea8c0228229e8c45523385b488e2b6b
RTC: 155519
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/27133
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Change-Id: Ic2edee549d23669f046a6e78f0cfae838faaec2d
RTC: 125287
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/25470
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Tested-by: Jenkins Server
Tested-by: FSP CI Jenkins
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I33b8680fb89072311bb23730bfc1901e4ded9e21
RTC: 125289
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/22003
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/24669
Tested-by: Jenkins Server
Tested-by: FSP CI Jenkins
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Replay log events to TPM after initialization
Change-Id: Ibab5e28790324c28a7cd9fb2805041d7a896376a
RTC:125290
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/23898
Tested-by: Jenkins Server
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Tested-by: FSP CI Jenkins
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
cherry picked from commit 93cd77a2455e60f01b003f747368e69cfef1b844
RTC: 125287
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/701
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Change-Id: I37103173d417ce1f378ee3ce76646f1028339ee0
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/22496
Tested-by: Jenkins Server
Tested-by: FSP CI Jenkins
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I05614ef6c3e5d68e0b512ec6b69a0b6054a9d7b4
RTC: 125288
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/790
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/22366
Tested-by: Jenkins Server
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Tested-by: FSP CI Jenkins
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I4a8c2010421a63e44112666bdd424e2e5d010e7f
RTC: 125289
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/960
Tested-by: Jenkins Server
Tested-by: Jenkins OP Build CI
Tested-by: Jenkins OP HW
Tested-by: FSP CI Jenkins
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/22009
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I1e90a71f1027e0a801b96cbad6d59e432357f281
RTC: 125289
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/21318
Tested-by: Jenkins Server
Tested-by: Jenkins OP Build CI
Tested-by: Jenkins OP HW
Tested-by: FSP CI Jenkins
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/21809
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- getCap FW Version
- TPM Command marshal/unmarshal code
Change-Id: Ia9a90b1160c9c3b5d818318771bff21eb013bdf4
RTC: 125287
Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/20056
Tested-by: Jenkins Server
Tested-by: Jenkins OP Build CI
Reviewed-by: STEPHEN M. CPREK <smcprek@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
|
|
|
Support added for TPM DD2.0
Added call to host_update_master_tpm during host_discover_targets istep
host_update_master_tpm istep performs TPM_STARTUP on TPM
Change-Id: Ie9c232ed6ecf72da58c40df726fe1deaec5af053
RTC: 125287
Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/18075
Tested-by: Jenkins Server
Reviewed-by: STEPHEN M. CPREK <smcprek@us.ibm.com>
Tested-by: Jenkins OP Build CI
Tested-by: Jenkins OP HW
Tested-by: FSP CI Jenkins
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
|
