diff options
| author | Ilya Smirnov <ismirno@us.ibm.com> | 2018-04-10 17:37:13 -0500 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2018-05-02 16:03:48 -0400 |
| commit | b013c352cce4f0f7da2a59020b782a67732e5259 (patch) | |
| tree | 22174144e2db1f47a5667f049b4d0936b58e954a /src/include/usr/secureboot/trustedbootif.H | |
| parent | 18cd3bf4c1eb67ddf2ebef3bcba88761c7618c9e (diff) | |
| download | talos-hostboot-b013c352cce4f0f7da2a59020b782a67732e5259.tar.gz talos-hostboot-b013c352cce4f0f7da2a59020b782a67732e5259.zip | |
Secure Boot: Basic Support For Redundant TPM
This change implements the detection and initialization of the backup
TPM in istep 10.14. The backup TPM is presence-detected and initialized;
the logs of the primary TPM are extended into the secondary TPM in istep
10.14. After the initialization of the secondary TPM, all events are
extended into both TPMs. A test was created to test whether the backup
TPM is initialized correctly.
Change-Id: I305500c9f680115e684ab153fc882b8d5364b0d4
RTC: 134912
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/57374
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/include/usr/secureboot/trustedbootif.H')
| -rw-r--r-- | src/include/usr/secureboot/trustedbootif.H | 33 |
1 files changed, 32 insertions, 1 deletions
diff --git a/src/include/usr/secureboot/trustedbootif.H b/src/include/usr/secureboot/trustedbootif.H index 41ba6ece9..45321be6c 100644 --- a/src/include/usr/secureboot/trustedbootif.H +++ b/src/include/usr/secureboot/trustedbootif.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2015,2017 */ +/* Contributors Listed Below - COPYRIGHT 2015,2018 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -109,6 +109,19 @@ namespace TRUSTEDBOOT EV_INVALID ///< Used for error checking } EventTypes; + // Indicate the points in the code where the backup TPM test failed. + // TODO RTC:191761 + // remove once the Cxx test is created. + typedef enum : uint8_t + { + TPM_TEST_NO_ERROR = 0x00, + TPM_TEST_LOGS_NOT_INITIALIZED = 0x01, + TPM_TEST_LOG_SIZE_MISMATCH = 0x02, + TPM_TEST_UNMARSHAL_ERROR = 0x03, + TPM_TEST_LOG_MISMATCH = 0x04, + TPM_TEST_DIGEST_MISMATCH = 0x05, + } BackupTpmTestFailures; + /** * @brief Initialize trusted boot/TPM components for the master TPM @@ -149,6 +162,24 @@ namespace TRUSTEDBOOT errlHndl_t pcrExtendSeparator(bool i_sendAsync = true); /** + * @brief Attempt to initialize the backup TPM by sending a synchronous + * MSG_TYPE_INIT_BACKUP_TPM to TPM daemon. Any error will be + * committed internally. + */ + void initBackupTpm(); + + /** + * @brief A testcase to make sure the backup TPM's logs and PCR registers + * look exactly as the primary's. + * @return errlHndl_t NULL if test ran successfully; otherwise a pointer to + * the error log. + */ + errlHndl_t testCmpPrimaryAndBackupTpm(); //TODO RTC:191761 + // make this a Cxx standalone + // test when the simics model has + // support for both boot chips. + + /** * @brief Returns list of TPMs in the system meeting the specified critera * * @param[out] o_tpmList Vector of TPM targeting target handles meeting the |
