diff options
author | Chris Engel <cjengel@us.ibm.com> | 2015-09-18 09:17:23 -0500 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2016-06-08 22:45:27 -0400 |
commit | c4119b881e8a6e3746ac4553dee024351d97226f (patch) | |
tree | aa1148f790629526cb2367dff0c5ce162e4b051d /src/include/usr/secureboot | |
parent | 02db181b01ad44a7c18d929f9541336d050dbae2 (diff) | |
download | talos-hostboot-c4119b881e8a6e3746ac4553dee024351d97226f.tar.gz talos-hostboot-c4119b881e8a6e3746ac4553dee024351d97226f.zip |
Trustedboot add TPM and associated i2c master to the devtree
Change-Id: Ic2edee549d23669f046a6e78f0cfae838faaec2d
RTC: 125287
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/25470
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Tested-by: Jenkins Server
Tested-by: FSP CI Jenkins
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/include/usr/secureboot')
-rw-r--r-- | src/include/usr/secureboot/service.H | 15 | ||||
-rw-r--r-- | src/include/usr/secureboot/trustedboot_reasoncodes.H | 1 | ||||
-rw-r--r-- | src/include/usr/secureboot/trustedbootif.H | 42 |
3 files changed, 57 insertions, 1 deletions
diff --git a/src/include/usr/secureboot/service.H b/src/include/usr/secureboot/service.H index 8878bad09..1cc518007 100644 --- a/src/include/usr/secureboot/service.H +++ b/src/include/usr/secureboot/service.H @@ -5,7 +5,9 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* COPYRIGHT International Business Machines Corp. 2013,2014 */ +/* Contributors Listed Below - COPYRIGHT 2013,2016 */ +/* [+] International Business Machines Corp. */ +/* */ /* */ /* Licensed under the Apache License, Version 2.0 (the "License"); */ /* you may not use this file except in compliance with the License. */ @@ -26,6 +28,10 @@ #include <errl/errlentry.H> typedef uint8_t SHA512_t[64]; +/* From sha512.h: */ +#define SHA512_DIGEST_LENGTH 64 +typedef uint8_t __attribute__((aligned(8))) sha2_hash_t[ \ + SHA512_DIGEST_LENGTH / sizeof(uint8_t) ]; namespace SECUREBOOT { @@ -71,6 +77,13 @@ namespace SECUREBOOT */ errlHndl_t hashBlob(void * i_blob, size_t i_size, SHA512_t o_buf); + /** + * @brief Retrieve the internal hardware hash key from secure ROM + * object. + * @param[out] o_hash Reference to the sha2_hash_t array to copy the + * hash to. + */ + void getHwHashKeys(sha2_hash_t o_hash); } #endif diff --git a/src/include/usr/secureboot/trustedboot_reasoncodes.H b/src/include/usr/secureboot/trustedboot_reasoncodes.H index 2c634887c..902b1cb26 100644 --- a/src/include/usr/secureboot/trustedboot_reasoncodes.H +++ b/src/include/usr/secureboot/trustedboot_reasoncodes.H @@ -57,6 +57,7 @@ namespace TRUSTEDBOOT MOD_TPMLOGMGR_INITIALIZE = 0x10, MOD_TPMLOGMGR_ADDEVENT = 0x11, MOD_TPMLOGMGR_INITIALIZEEXISTLOG = 0x012, + MOD_TPMLOGMGR_GETDEVTREEINFO = 0x13, }; enum TRUSTEDReasonCode diff --git a/src/include/usr/secureboot/trustedbootif.H b/src/include/usr/secureboot/trustedbootif.H index 9a5c05d93..437227d36 100644 --- a/src/include/usr/secureboot/trustedbootif.H +++ b/src/include/usr/secureboot/trustedbootif.H @@ -36,6 +36,7 @@ #include <targeting/common/targetservice.H> #include <i2c/tpmddif.H> #include <errl/errlentry.H> +#include <list> namespace TRUSTEDBOOT { @@ -95,6 +96,47 @@ namespace TRUSTEDBOOT size_t i_digestSize, const char* i_logMsg); + /** + * @brief Return a set of information related to every unique + * functional TPM in the system + * + * @param[out] o_info - list of TPM Information + * + */ + void getTPMs( std::list<TpmTarget>& o_info ); + + /** + * @brief Retrieve TPM log device tree information + * @param[in] i_target TPM target information + * @param[in/out] io_logAddr TPM Log Address + * @param[out] o_allocationSize Total memory allocated for log + * @param[out] o_xscomAddr Chip Xscom Address + * @param[out] o_i2cMasterOffset I2c Master Offset + * @return errlHndl_t NULL if successful, otherwise a pointer to the + * error log. + */ + errlHndl_t getTpmLogDevtreeInfo(TpmTarget & i_target, + uint64_t & io_logAddr, + size_t & o_allocationSize, + uint64_t & o_xscomAddr, + uint32_t & o_i2cMasterOffset); + + /** + * @brief Store devtree node information for the TPM + * @param[in] i_target TPM target information + * @param[in] i_xscomAddr Chip Xscom Address + * @param[in] i_i2cMasterOffset i2c Master Offset + */ + void setTpmDevtreeInfo(TpmTarget & i_target, + uint64_t i_xscomAddr, + uint32_t i_i2cMasterOffset); + + /** + * @brief Is trustedboot enabled and functional + * @retval true if trustboot enabled and functional TPM's are available + */ + bool enabled(); + } // end TRUSTEDBOOT namespace |