diff options
author | Corey Swenson <cswenson@us.ibm.com> | 2019-04-17 15:57:46 -0500 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2019-05-11 19:44:57 -0500 |
commit | 06d0a08aa27fa9e28cc300fbd2814fd9b84d59cf (patch) | |
tree | 71c1ca09bb7b2896d1d01aeb65d0a91a0285f548 /src/include/usr/isteps | |
parent | fa1b266a6293e69f6a67d392d272f90623c28111 (diff) | |
download | talos-hostboot-06d0a08aa27fa9e28cc300fbd2814fd9b84d59cf.tar.gz talos-hostboot-06d0a08aa27fa9e28cc300fbd2814fd9b84d59cf.zip |
Add NVDIMM key attributes and generate keys
3 keys, 32 bytes each, random numbers generated by TPM hardware.
2 attributes for keys, 1 stored in FW 1 stored in anchor card.
1 attribute for enable/disable encryption.
Change-Id: Ie3c258f06204e68c2d65b8d5fea294da5264d597
RTC:208342
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/76126
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Matt Derksen <mderkse1@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/include/usr/isteps')
-rw-r--r-- | src/include/usr/isteps/nvdimm/nvdimm.H | 11 | ||||
-rw-r--r-- | src/include/usr/isteps/nvdimm/nvdimmreasoncodes.H | 5 |
2 files changed, 15 insertions, 1 deletions
diff --git a/src/include/usr/isteps/nvdimm/nvdimm.H b/src/include/usr/isteps/nvdimm/nvdimm.H index 567299925..864ef187f 100644 --- a/src/include/usr/isteps/nvdimm/nvdimm.H +++ b/src/include/usr/isteps/nvdimm/nvdimm.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2018 */ +/* Contributors Listed Below - COPYRIGHT 2018,2019 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -73,6 +73,15 @@ bool nvdimm_update(TARGETING::TargetHandleList &i_nvdimmList); /** + * @brief Entry function to NVDIMM generate keys + * Generate encryption keys if required and set the FW key attribute + * + * @param[in] i_nvdimmList - list of nvdimm targets + * + */ +void nvdimm_gen_keys(TARGETING::TargetHandleList &i_nvdimmList); + +/** * @brief This function erases image on the nvdimm target * * @param[in] i_nvdimm - nvdimm target with NV controller diff --git a/src/include/usr/isteps/nvdimm/nvdimmreasoncodes.H b/src/include/usr/isteps/nvdimm/nvdimmreasoncodes.H index 0b1680d92..f84581896 100644 --- a/src/include/usr/isteps/nvdimm/nvdimmreasoncodes.H +++ b/src/include/usr/isteps/nvdimm/nvdimmreasoncodes.H @@ -85,6 +85,8 @@ enum nvdimmModuleId VALIDATE_FW_IMAGE = 0x23, WAIT_FW_OPS_BLOCK_RECEIVED = 0x24, NVDIMM_IS_UPDATE_NEEDED = 0x25, + NVDIMM_RUN_UPDATE_USING_LID = 0x26, + NVDIMM_GEN_KEYS = 0x27, }; /** @@ -135,6 +137,9 @@ enum nvdimmReasonCode NVDIMM_BLOCK_NOT_RECEIVED = NVDIMM_COMP_ID | 0x25, // Block data not received NVDIMM_FW_OPS_NOT_SUCCESSFUL = NVDIMM_COMP_ID | 0x26, // Unsuccessful Firmware Operation NVDIMM_UPDATE_NOT_SUPPORTED = NVDIMM_COMP_ID | 0x27, // NV controller cannot be updated + NVDIMM_START_UPDATE = NVDIMM_COMP_ID | 0x28, // start update + NVDIMM_UPDATE_COMPLETE = NVDIMM_COMP_ID | 0x29, // update completed + NVDIMM_TPM_NOT_FOUND = NVDIMM_COMP_ID | 0x30, // TPM not found }; enum UserDetailsTypes |