diff options
| author | Mike Baiocchi <mbaiocch@us.ibm.com> | 2018-01-26 17:51:38 -0600 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2018-02-01 17:59:52 -0500 |
| commit | 1d437c8dc54886f43ab77447f0456c49f5b69c04 (patch) | |
| tree | d44fb64613a6b23e25c99f31daa6b0e2436c325e /src/include/usr | |
| parent | 4046ab053d85e0a531532f1a40894efb9361c83c (diff) | |
| download | talos-hostboot-1d437c8dc54886f43ab77447f0456c49f5b69c04.tar.gz talos-hostboot-1d437c8dc54886f43ab77447f0456c49f5b69c04.zip | |
Verify ComponentID and Extend PAYLOAD
While verifying the PAYLOAD in memory before moving it to its final
location, this commit parses the PAYLOAD's header and verifies that
it has the correct componentId. It also extends the PAYLOAD
information to the TPM.
Change-Id: Ie333d1ba5919b36919b207f25ad60806359ed710
RTC:168745
Backport: release-fips910
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/52837
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/include/usr')
| -rw-r--r-- | src/include/usr/util/utilmclmgr.H | 25 |
1 files changed, 13 insertions, 12 deletions
diff --git a/src/include/usr/util/utilmclmgr.H b/src/include/usr/util/utilmclmgr.H index 1d47523b4..82ef6f2ed 100644 --- a/src/include/usr/util/utilmclmgr.H +++ b/src/include/usr/util/utilmclmgr.H @@ -48,6 +48,7 @@ typedef char CompIdString[17]; // Constants to simplify checking for the MCL and POWERVM comp ids extern const ComponentID g_MclCompId; extern const ComponentID g_PowervmCompId; +extern const ComponentID g_OpalCompId; // @enum Permission Types for MCL Component enum class CompFlags : uint16_t @@ -255,6 +256,17 @@ class MasterContainerLidMgr */ errlHndl_t processComponents(); + /** + * @brief TPM extend information for secure components + * + * @param[in] i_compId - Component Id + * @param[in] i_conHdr - Container header with information to extend + * + * @return Error handle if error + */ + static errlHndl_t tpmExtend(const ComponentID& i_compId, + const SECUREBOOT::ContainerHeader& i_conHdr); + protected: /** @@ -358,17 +370,6 @@ class MasterContainerLidMgr errlHndl_t verifyExtend(const ComponentID& i_compId, CompInfo& io_compInfo); - /** - * @brief TPM extend information for secure components - * - * @param[in] i_compId - Component Id - * @param[in] i_conHdr - Container header with information to extend - * - * @return Error handle if error - */ - errlHndl_t tpmExtend(const ComponentID& i_compId, - const SECUREBOOT::ContainerHeader& i_conHdr) const; - // Physical addresses reserved for the MCL itself uint64_t iv_mclAddr; @@ -408,4 +409,4 @@ class MasterContainerLidMgr } // end namespace MCL -#endif
\ No newline at end of file +#endif |
