diff options
author | Jaymes Wilks <mjwilks@us.ibm.com> | 2018-05-01 15:33:32 -0500 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2018-05-23 17:55:09 -0400 |
commit | e9eacec8bad1e2dade70ebed0fc3d00b5ab59232 (patch) | |
tree | bc1a5a5e462e4816159338930f994538adb1f9da /src/usr/runtime | |
parent | 11b5f7d2b616da7ba3ac2cacb52bd2b762872b9c (diff) | |
download | talos-hostboot-e9eacec8bad1e2dade70ebed0fc3d00b5ab59232.tar.gz talos-hostboot-e9eacec8bad1e2dade70ebed0fc3d00b5ab59232.zip |
Support TPM PCR Poisoning
To support Fleetwood secure inter-node communication, we need to
“poison” the PCRs of all still functional non-master node TPMs
just prior to transferring control to PHyp, and report that
poisoned state to HDAT.
Change-Id: Ic104ef2e44fc98895b9b435fdf8ba4c5e4972818
RTC:191001
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/58244
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/runtime')
-rw-r--r-- | src/usr/runtime/populate_hbruntime.C | 44 |
1 files changed, 43 insertions, 1 deletions
diff --git a/src/usr/runtime/populate_hbruntime.C b/src/usr/runtime/populate_hbruntime.C index 11adb3892..db26d87be 100644 --- a/src/usr/runtime/populate_hbruntime.C +++ b/src/usr/runtime/populate_hbruntime.C @@ -1732,6 +1732,43 @@ errlHndl_t populate_TpmInfoByNode(const uint64_t i_instance) // fill in the values for each Secure Boot TPM Instance Info in the array for (auto pTpm : tpmList) { + uint8_t poisonedFlag = 0; + #ifdef CONFIG_TPMDD + if (!TARGETING::UTIL::isCurrentMasterNode()) // if not master node TPM + { + + auto l_tpmHwasState = pTpm->getAttr<TARGETING::ATTR_HWAS_STATE>(); + if (l_tpmHwasState.functional) + { + + // poison the TPM's PCRs + l_elog = TRUSTEDBOOT::poisonTpm(pTpm); + if (l_elog) + { + l_tpmHwasState = pTpm->getAttr<TARGETING::ATTR_HWAS_STATE>(); + if (l_tpmHwasState.functional) + { + // The TPM was still functional, we have a software bug + // on our hands. We need to break out of here and quit. + break; + } + else + { + // There was a hardware problem with the TPM. It was + // marked failed and deconfigured, so we commit the + // error log and move on as though it were not + // functional to begin with + ERRORLOG::errlCommit(l_elog, RUNTIME_COMP_ID); + } + } + else + { + poisonedFlag = 1; + } + } + } + #endif // CONFIG_TPMDD + auto l_tpmInstInfo = reinterpret_cast<HDAT::hdatSbTpmInstInfo_t*> (l_baseAddr + l_currOffset); @@ -1806,7 +1843,7 @@ errlHndl_t populate_TpmInfoByNode(const uint64_t i_instance) } // Set TPM configuration flag - l_tpmInstInfo->hdatTpmConfigFlags.pcrPoisonedFlag = 0; + l_tpmInstInfo->hdatTpmConfigFlags.pcrPoisonedFlag = poisonedFlag; // advance the current offset to account for this tpm instance info l_currOffset += sizeof(*l_tpmInstInfo); @@ -1816,6 +1853,11 @@ errlHndl_t populate_TpmInfoByNode(const uint64_t i_instance) } + if (l_elog) + { + break; + } + for (auto tpmInstPair : fixList) { const auto pTpm = tpmInstPair.first; |