diff options
author | Chris Engel <cjengel@us.ibm.com> | 2016-02-19 10:19:17 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2016-05-11 17:13:59 -0400 |
commit | 2846d635adc08c844d68d68f7a7e2ff885c4fad5 (patch) | |
tree | 326a64051d3868799c74df55affc252a6a9861f9 /src/usr/secureboot/trusted/base/trustedboot_base.C | |
parent | 483342c80d5431cd5866ee64464d62b32bf33b56 (diff) | |
download | talos-hostboot-2846d635adc08c844d68d68f7a7e2ff885c4fad5.tar.gz talos-hostboot-2846d635adc08c844d68d68f7a7e2ff885c4fad5.zip |
Send hash of pnor sections to TPM
Replay log events to TPM after initialization
Change-Id: Ibab5e28790324c28a7cd9fb2805041d7a896376a
RTC:125290
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/23898
Tested-by: Jenkins Server
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Tested-by: FSP CI Jenkins
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot/trusted/base/trustedboot_base.C')
-rw-r--r-- | src/usr/secureboot/trusted/base/trustedboot_base.C | 41 |
1 files changed, 20 insertions, 21 deletions
diff --git a/src/usr/secureboot/trusted/base/trustedboot_base.C b/src/usr/secureboot/trusted/base/trustedboot_base.C index dcd5a3191..ea17bc39b 100644 --- a/src/usr/secureboot/trusted/base/trustedboot_base.C +++ b/src/usr/secureboot/trusted/base/trustedboot_base.C @@ -88,8 +88,7 @@ errlHndl_t pcrExtend(TPM_Pcr i_pcr, size_t fullDigestSize = getDigestSize(algId); char logMsg[MAX_TPM_LOG_MSG]; - TRACDCOMP( g_trac_trustedboot, - ENTER_MRK"pcrExtend()" ); + TRACDCOMP( g_trac_trustedboot, ENTER_MRK"pcrExtend()" ); TRACUCOMP( g_trac_trustedboot, ENTER_MRK"pcrExtend() pcr=%d msg='%s' digest=%016llX", i_pcr, @@ -122,7 +121,6 @@ errlHndl_t pcrExtend(TPM_Pcr i_pcr, logMsg); } - // Lastly make sure we are in a state where we have a functional TPM err = tpmVerifyFunctionalTpmExists(); @@ -149,7 +147,6 @@ void pcrExtendSingleTpm(TpmTarget & io_target, do { - mutex_lock( &io_target.tpmMutex ); unlock = true; @@ -175,22 +172,9 @@ void pcrExtendSingleTpm(TpmTarget & io_target, io_target.initAttempted && !io_target.failed)) { - memset(&eventLog, 0, sizeof(eventLog)); - eventLog.pcrIndex = i_pcr; - eventLog.eventType = EV_ACTION; - - // Update digest information, we only use 1 entry - eventLog.digests.count = 1; - eventLog.digests.digests[0].algorithmId = i_algId; - memcpy(eventLog.digests.digests[0].digest.bytes, - i_digest, i_digestSize); - - // Event field data - eventLog.event.eventSize = strlen(i_logMsg); - assert(eventLog.event.eventSize <= MAX_TPM_LOG_MSG, - "TPM Log message too long"); - memcpy(eventLog.event.event, i_logMsg, strlen(i_logMsg)); - + // Fill in TCG_PCR_EVENT2 and add to log + eventLog = TpmLogMgr_genLogEventPcrExtend(i_pcr, i_algId, i_digest, + i_digestSize, i_logMsg); err = TpmLogMgr_addEvent(io_target.logMgr,&eventLog); if (NULL != err) { @@ -215,7 +199,6 @@ void pcrExtendSingleTpm(TpmTarget & io_target, break; } } - } while ( 0 ); if (NULL != err) @@ -289,6 +272,22 @@ errlHndl_t tpmVerifyFunctionalTpmExists() return err; } + +errlHndl_t tpmCreateErrorLog(const uint8_t i_modId, + const uint16_t i_reasonCode, + const uint64_t i_user1, + const uint64_t i_user2) +{ + errlHndl_t err = new ERRORLOG::ErrlEntry( ERRORLOG::ERRL_SEV_UNRECOVERABLE, + i_modId, + i_reasonCode, + i_user1, + i_user2, + true /*Add HB SW Callout*/ ); + err->collectTrace( SECURE_COMP_NAME ); + return err; +} + #endif } // end TRUSTEDBOOT |