diff options
author | Mike Baiocchi <mbaiocch@us.ibm.com> | 2017-03-13 08:46:46 -0500 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-03-21 09:45:24 -0400 |
commit | afd8387b9c5f1583046820aba9a632bb4acaf767 (patch) | |
tree | 032093e231cca8dd99bcc75df2cf2109c447c2f0 /src/usr/secureboot/base | |
parent | 5c40d7f2798087751e0f3c6a507107e540126b69 (diff) | |
download | talos-hostboot-afd8387b9c5f1583046820aba9a632bb4acaf767.tar.gz talos-hostboot-afd8387b9c5f1583046820aba9a632bb4acaf767.zip |
Trace HwKeyHash and Add Errorlog Parser Infrastructure to Secureboot
This commit traces the HwKeyHash to Secureboot-specific error logs. It also
adds the infrastucture necessary to parse secureboot-specific errorlog user
data sections. It includes 2 new custom sections: one which is used in this
commit, and another which will be used in a future commit.
Change-Id: Id5fb115ad1214f956e5256d3641236021e4642ab
RTC:165205
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/37901
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot/base')
-rw-r--r-- | src/usr/secureboot/base/service.C | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/src/usr/secureboot/base/service.C b/src/usr/secureboot/base/service.C index 075a7313c..673ec709e 100644 --- a/src/usr/secureboot/base/service.C +++ b/src/usr/secureboot/base/service.C @@ -45,6 +45,7 @@ #include <util/misc.H> #include "../common/securetrace.H" +#include "../common/errlud_secure.H" // Quick change for unit testing //#define TRACUCOMP(args...) TRACFCOMP(args) @@ -187,7 +188,16 @@ void handleSecurebootFailure(errlHndl_t &io_err, bool i_waitForShutdown) // Add security register values addSecurityRegistersToErrlog(io_err); - io_err->collectTrace(SECURE_COMP_NAME,ERROR_TRACE_SIZE); + + // Add HW Keys' Hash to trace and the error log + SHA512_t hash = {0}; + getHwKeyHash(hash); + + SB_INF_BIN("HwKeyHash", &hash, sizeof(hash)); + + UdSystemHwKeyHash( hash ).addToLog(io_err); + + io_err->collectTrace(SECURE_COMP_NAME,MAX_ERROR_TRACE_SIZE); errlCommit(io_err, SECURE_COMP_ID); |