Talos™ II hostboot sources https://git.raptorcs.com/git/talos-hostboot/atom?h=master 2018-05-11T01:49:40+00:00 2018-05-11T01:49:40+00:00 Jaymes Wilks mjwilks@us.ibm.com 2018-04-24T15:01:59+00:00 urn:sha1:98bee5bbab00b1fcb8c6b6255ac07e62e2800b60 A new programming interface allows us to obtain random numbers from the TPM more easily (i.e. in a more high-level way). Change-Id: Ibd3d3b320411bea146d6eab4d1a59ca760bc726c RTC:191000 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/57802 Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com> 2018-05-03T20:02:25+00:00 Ilya Smirnov ismirno@us.ibm.com 2018-04-25T18:18:24+00:00 urn:sha1:43c4502d3b0b87020665a65ad2843e0ddc319063 Change the "TPM Required" policy to "Primary TPM Required," wherein only the presence and functionality of the primary TPM (attached to the acting master proc) will be considered when evaluating the TPM required condition. The presence and functionality of the backup TPM will not play a role in this policy. Change-Id: Id968123d0fc399c531da7429fdb8efabfa66c53c Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/57843 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com> 2018-05-02T20:03:48+00:00 Ilya Smirnov ismirno@us.ibm.com 2018-04-10T22:37:13+00:00 urn:sha1:b013c352cce4f0f7da2a59020b782a67732e5259 This change implements the detection and initialization of the backup TPM in istep 10.14. The backup TPM is presence-detected and initialized; the logs of the primary TPM are extended into the secondary TPM in istep 10.14. After the initialization of the secondary TPM, all events are extended into both TPMs. A test was created to test whether the backup TPM is initialized correctly. Change-Id: I305500c9f680115e684ab153fc882b8d5364b0d4 RTC: 134912 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/57374 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com> 2018-04-09T20:29:14+00:00 Ilya Smirnov ismirno@us.ibm.com 2018-03-19T22:12:32+00:00 urn:sha1:da8911ce095aa7d18231c9d344dc978dae7cf984 PHYP needs a way to know if SBE security backdoor is enabled for debug purposes. This change creates a flag in TPM instance data structure to indicate whether the backdoor is enabled. This flag is passed by SBE to the hb bootloader; also added the flag to indicate whether PCR is poisoned (default of 0). The population of this flag will be implemented on Fleetwood. Change-Id: I22305dbc9651134ba7dfe3b0bd3c760fe53c2c85 RTC: 188961 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/56045 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> CI-Ready: Daniel M. Crowell <dcrowell@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com> 2018-03-12T18:20:57+00:00 Nick Bofferding bofferdn@us.ibm.com 2018-03-06T05:58:01+00:00 urn:sha1:0b02cc8314bebe97354a57614fa5464ec931363e When reading a secure header, the container header object can overrun a buffer when number of ECIDs or software keys specified is greater than the supported amount. This change implements hard enforcement to ensure that this is no longer possible. Change-Id: Ife9194763f858b37e2de6f12fa01d74da1145df3 CQ: SW419735 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/55088 CI-Ready: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com> 2018-01-31T16:09:11+00:00 Stephen Cprek smcprek@us.ibm.com 2018-01-23T20:27:17+00:00 urn:sha1:8443a65a3599f433bd47c2ea03e863240db28b89 Collect both the UTIL and RUNTIME component traces on a ROM verify failure Added a new Errlog User Details sections "Verify Info" containing the component name, ID(s), measured, and expected hashes Change-Id: I0d0408128e05807bb906be5ee365d56d1416693f CQ:SW413889 Backport:release-fips910 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/52593 Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com> 2018-01-22T15:21:03+00:00 Nick Bofferding bofferdn@us.ibm.com 2018-01-19T07:21:24+00:00 urn:sha1:d52d893e3aa25f405713200f372e53057382f2d1 Change-Id: Idf86fd583eb325581b704c67f17551fc8d686895 Backport: release-fips910 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/52227 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com> 2017-12-20T18:54:35+00:00 Stephen Cprek smcprek@us.ibm.com 2017-12-15T16:24:02+00:00 urn:sha1:34dbdc49d0d14933c317be2815302d0d558c5924 Change-Id: Idd15e39cc6be44c0865f13503bfa4482d77fcf0d RTC:181899 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/51042 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Martin Gloff <mgloff@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com> 2017-12-18T22:27:59+00:00 Stephen Cprek smcprek@us.ibm.com 2017-11-20T22:56:44+00:00 urn:sha1:9ae6e9595f9773d295b7e3ade47088f554c1ed48 - Removing the magic number checks that would block sb functionality if things didn't appear secure - Remove Best Effort Policy and all of its related code - Remove the legacy PCR extension - Remove the non-secure header preservation path. - Always load HB base image header from the bl to hb data path vs settings unsecurely out of pnor Change-Id: Ie638384ac50ed47850985c959ea7a32e5757d64e RTC: 178520 RTC: 155374 RTC: 173489 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/49925 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com> 2017-12-12T22:16:19+00:00 Stephen Cprek smcprek@us.ibm.com 2017-12-05T22:46:54+00:00 urn:sha1:82f341573515e1dd39c622a955e08d3ab669b458 Sections that do not have Secure Headers and need one injected were not passing in the correct size to preverifiedlidmgr. e.g. RINGOVD section or when SB is compiled out Change-Id: I6e8c775a9a1d3f89473c55af6efc8109fb378c99 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/50545 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>