diff options
author | Nick Bofferding <bofferdn@us.ibm.com> | 2017-03-15 17:08:10 -0500 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-04-10 13:56:21 -0400 |
commit | 55b2bbc15289496db3c2315ac6d4f5f697095fca (patch) | |
tree | ea0dd71b31305f174e4c2fc5c70f12d6ad4581ed /src/include/usr/secureboot/trustedbootif.H | |
parent | ab70aa5b81d379bbab438fa9dbe09793bd6a5405 (diff) | |
download | talos-hostboot-55b2bbc15289496db3c2315ac6d4f5f697095fca.tar.gz talos-hostboot-55b2bbc15289496db3c2315ac6d4f5f697095fca.zip |
Converge shadow TPM object into targeting model
- Added TPM attributes
- Linked TPM attributes to XML models
- Updated TpmTarget as alias for TARGETING::Target
- Trace all states in TPM targeting target
Change-Id: Ic0e6cf974aa82f0273523bdada1081b625cb0ae4
RTC: 168781
CMVC-Coreq: 1021028
CMVC-Prereq: 1021177
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/38337
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/include/usr/secureboot/trustedbootif.H')
-rw-r--r-- | src/include/usr/secureboot/trustedbootif.H | 121 |
1 files changed, 78 insertions, 43 deletions
diff --git a/src/include/usr/secureboot/trustedbootif.H b/src/include/usr/secureboot/trustedbootif.H index 3a849aed2..6b54cadeb 100644 --- a/src/include/usr/secureboot/trustedbootif.H +++ b/src/include/usr/secureboot/trustedbootif.H @@ -39,33 +39,24 @@ #include <list> #include <pnor/pnorif.H> #include <secureboot/containerheader.H> +#include <targeting/common/commontargeting.H> +#include <targeting/common/utilFilter.H> namespace TRUSTEDBOOT { struct _TpmLogMgr; - /// Enumerations to select TPM - typedef enum - { - TPM_PRIMARY = 0, - TPM_BACKUP = 1, - LAST_CHIP_TYPE, - FIRST_CHIP_TYPE = TPM_PRIMARY - } TPM_role; + // Hostboot code just maps the TpmTarget type, which shared APIs use, as a + // targeting target + typedef TARGETING::Target TpmTarget; - - /// Track system TPM status - struct TpmTarget + /** + * @brief Enum used for the getTPMs API to specify scope of TPMs to return + */ + enum class TPM_FILTER : uint8_t { - TARGETING::Target* tpmTarget; ///< TPM target ptr - TPM_role role; ///< Pri vs Backup - uint8_t initAttempted:1;///< Has TPM init been run - uint8_t available:1; ///< Is TPM physically in system - uint8_t failed:1; ///< Is TPM currently failed - struct _TpmLogMgr* logMgr; ///< Event log manager for TPM - mutex_t tpmMutex; ///< TPM Mutex - - TpmTarget(); + ALL_FUNCTIONAL, ///< Return only functional (and present) TPMs + ALL_IN_BLUEPRINT, ///< Return any TPM in the blueprint }; /// TPM PCR designations @@ -128,39 +119,58 @@ namespace TRUSTEDBOOT errlHndl_t pcrExtendSeparator(bool i_sendAsync = true); /** - * @brief Return a set of information related to every unique - * functional TPM in the system + * @brief Returns list of TPMs in the system meeting the specified critera + * + * @param[out] o_tpmList Vector of TPM targeting target handles meeting the + * criteria specified by the i_filter parameter (functional targets or + * blueprint targets). By default, returns functional targets. * - * @param[out] o_info - list of TPM Information + * @param[in] i_filter Filter specifying scope of TPMs to return. * + * @warning Silently clears caller supplied vector before populating it */ - void getTPMs( std::list<TpmTarget>& o_info ); + void getTPMs( + TARGETING::TargetHandleList& o_tpmList, + TPM_FILTER i_filter = TPM_FILTER::ALL_FUNCTIONAL); /** - * @brief Retrieve TPM log device tree information - * @param[in] i_target TPM target information - * @param[in/out] io_logAddr TPM Log Address - * @param[out] o_allocationSize Total memory allocated for log - * @param[out] o_xscomAddr Chip Xscom Address - * @param[out] o_i2cMasterOffset I2c Master Offset - * @return errlHndl_t NULL if successful, otherwise a pointer to the + * @brief Retrieve TPM log device tree information + * + * @param[in] i_pTpm TPM targeting target handle. Function will assert if + * value is nullptr or is not of TPM type. + * + * @param[in/out] io_logAddr TPM Log Address + * + * @param[out] o_allocationSize Total memory allocated for log + * + * @param[out] o_xscomAddr Chip Xscom Address + * + * @param[out] o_i2cMasterOffset I2c Master Offset + * + * @return errlHndl_t NULL if successful, otherwise a pointer to the * error log. */ - errlHndl_t getTpmLogDevtreeInfo(TpmTarget & i_target, - uint64_t & io_logAddr, - size_t & o_allocationSize, - uint64_t & o_xscomAddr, - uint32_t & o_i2cMasterOffset); + errlHndl_t getTpmLogDevtreeInfo( + const TpmTarget* i_pTpm, + uint64_t& io_logAddr, + size_t& o_allocationSize, + uint64_t& o_xscomAddr, + uint32_t& o_i2cMasterOffset); /** - * @brief Store devtree node information for the TPM - * @param[in] i_target TPM target information - * @param[in] i_xscomAddr Chip Xscom Address - * @param[in] i_i2cMasterOffset i2c Master Offset + * @brief Store devtree node information for the TPM + * + * @param[in] i_pTpm TPM targeting target handle. Function will assert if + * value is nullptr or is not of TPM type. + * + * @param[in] i_xscomAddr Chip Xscom Address + * + * @param[in] i_i2cMasterOffset i2c Master Offset */ - void setTpmDevtreeInfo(TpmTarget & i_target, - uint64_t i_xscomAddr, - uint32_t i_i2cMasterOffset); + void setTpmDevtreeInfo( + const TpmTarget* i_pTpm, + uint64_t i_xscomAddr, + uint32_t i_i2cMasterOffset); /** * @brief Is trustedboot enabled and functional @@ -194,6 +204,31 @@ namespace TRUSTEDBOOT * */ errlHndl_t extendBaseImage(); + /** + * @brief Return the primary TPM, if any + * + * @param[out] o_pPrimaryTpm TPM targeting target handle of the primary + * TPM, or nullptr if none. + */ + void getPrimaryTpm(TARGETING::Target*& o_pPrimaryTpm); + + /** + * @brief Return the backup TPM, if any + * + * @param[out] o_pBackupTpm TPM targeting target handle of the backup + * TPM, or nullptr if none. + */ + void getBackupTpm(TARGETING::Target*& o_pBackupTpm); + + /** + * @brief Returns whether system requires a functional TPM to boot or not + * + * @return bool Whether system requires a functional TPM to boot or not. + * @retval true Functional TPM is required to boot + * @retval false Functional TPM is not required to boot + */ + bool isTpmRequired(); + } // end TRUSTEDBOOT namespace |