Secure Boot: Set trusted boot enabled in HDAT considering all nodes

This change implements reporting of trusted boot status
to HDAT considering all nodes of the system. To avoid
inter-node communication, the check is done after the
HDAT TPM info is populated for all nodes. The logic goes
through all TPM Info HDAT records (for each node) and checks
whether the master TPM on each node is present and functional.
The result is aggregated into the trusted boot enabled bit on
the master node. The check is done after the separators have
been extended into TPM; this allows each primary TPM more
chances to fail before we say that it's functional.

Trusted boot enabled bit is reported as 1 if ALL primary
TPMs on ALL booting nodes are present and functional. It is
reported as 0 if at least one primary is not present or
not functional.

Change-Id: I926532efe85b33e95e50d84b0b5e4554852f0601
RTC: 191194
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/59279
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>

1 files changed, 1 insertions, 0 deletions

diff --git a/src/usr/runtime/hdatservice.C b/src/usr/runtime/hdatservice.C
index 47f7a500c..f77165d8d 100644
--- a/src/usr/runtime/hdatservice.C
+++ b/src/usr/runtime/hdatservice.C
@@ -1450,6 +1450,7 @@ errlHndl_t hdatService::getInstanceCount(const SectionId i_section,
     switch(i_section)
     {
         case RUNTIME::PCRD:
+        case RUNTIME::NODE_TPM_RELATED:
         {
             hdat5Tuple_t* tuple = nullptr;
             errhdl = getAndCheckTuple(i_section, tuple);