diff options
author | Chris Engel <cjengel@us.ibm.com> | 2015-08-28 10:46:52 -0500 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2016-03-25 16:24:45 -0400 |
commit | 6c5ba7c0b4d3d1694a2cdf2d6c5365027534ef5a (patch) | |
tree | 4638004ded3e64f47538d984c017b7add89565c3 /src/usr/secureboot/trusted/base | |
parent | 13c26be99d54f5f51d537bd1f1296d8cd34624bd (diff) | |
download | talos-hostboot-6c5ba7c0b4d3d1694a2cdf2d6c5365027534ef5a.tar.gz talos-hostboot-6c5ba7c0b4d3d1694a2cdf2d6c5365027534ef5a.zip |
Trustedboot add support for PCR Extend
Change-Id: I05614ef6c3e5d68e0b512ec6b69a0b6054a9d7b4
RTC: 125288
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/790
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/22366
Tested-by: Jenkins Server
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Tested-by: FSP CI Jenkins
Diffstat (limited to 'src/usr/secureboot/trusted/base')
-rw-r--r-- | src/usr/secureboot/trusted/base/trustedboot_base.C | 33 |
1 files changed, 20 insertions, 13 deletions
diff --git a/src/usr/secureboot/trusted/base/trustedboot_base.C b/src/usr/secureboot/trusted/base/trustedboot_base.C index e9f20db59..dcd5a3191 100644 --- a/src/usr/secureboot/trusted/base/trustedboot_base.C +++ b/src/usr/secureboot/trusted/base/trustedboot_base.C @@ -43,6 +43,7 @@ #include <secureboot/trustedboot_reasoncodes.H> #include "trustedboot_base.H" #include "../trustedboot.H" +#include "../trustedbootCmds.H" #include "../trustedbootUtils.H" #include "tpmLogMgr.H" @@ -165,19 +166,7 @@ void pcrExtendSingleTpm(TpmTarget & io_target, } } - - - // If the TPM init has occurred and it is currently - // functional we will do our extension - if (io_target.available && - io_target.initAttempted && - !io_target.failed) - { - - /// @todo RTC:125288 Add call to extend the PCR - } - - // Now we log the event, we will do this in two scenarios + // Log the event, we will do this in two scenarios // - !initAttempted - prior to IPL of the TPM we log for replay // - initAttempted && !failed - TPM is functional so we log if ((io_target.available && @@ -209,6 +198,24 @@ void pcrExtendSingleTpm(TpmTarget & io_target, } } + // If the TPM init has occurred and it is currently + // functional we will do our extension + if (io_target.available && + io_target.initAttempted && + !io_target.failed) + { + + err = tpmCmdPcrExtend(&io_target, + i_pcr, + i_algId, + i_digest, + i_digestSize); + if (NULL != err) + { + break; + } + } + } while ( 0 ); if (NULL != err) |