diff options
author | Ilya Smirnov <ismirno@us.ibm.com> | 2018-12-06 15:22:10 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2019-01-18 16:44:58 -0600 |
commit | 868b68df85eb7aeed7eba3392303fa3be854e2a6 (patch) | |
tree | ea6ef1afe17ebc0c39baa4ad0e926be77f36e501 /src/usr/secureboot/trusted/base | |
parent | 6a5388bbc8b066a9547e1e1268e8c3a7e9f33291 (diff) | |
download | talos-hostboot-868b68df85eb7aeed7eba3392303fa3be854e2a6.tar.gz talos-hostboot-868b68df85eb7aeed7eba3392303fa3be854e2a6.zip |
Secureboot: Add New TPM Commands For Nodecomm
This commit adds four new TPM commands, and APIs thereto,
for enhanced secure multinode communication protocol. The
TPM commands are the base for the new protocol and will be
used as part of it.
Change-Id: I080ff87cd6001b5d2e13ae350a379cbc2c92bfcf
RTC: 202364
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/69725
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot/trusted/base')
-rw-r--r-- | src/usr/secureboot/trusted/base/trustedbootMsg.H | 48 | ||||
-rw-r--r-- | src/usr/secureboot/trusted/base/trustedboot_base.C | 212 |
2 files changed, 258 insertions, 2 deletions
diff --git a/src/usr/secureboot/trusted/base/trustedbootMsg.H b/src/usr/secureboot/trusted/base/trustedbootMsg.H index 95a52a6e4..9789c4fed 100644 --- a/src/usr/secureboot/trusted/base/trustedbootMsg.H +++ b/src/usr/secureboot/trusted/base/trustedbootMsg.H @@ -36,6 +36,7 @@ #include <errl/errlentry.H> #include <sys/msg.h> #include "../trustedTypes.H" +#include <secureboot/trustedbootif.H> namespace TRUSTEDBOOT { @@ -57,7 +58,11 @@ namespace TRUSTEDBOOT MSG_TYPE_SHUTDOWN, MSG_TYPE_INIT_BACKUP_TPM, MSG_TYPE_GETRANDOM, - MSG_TYPE_LAST = MSG_TYPE_GETRANDOM, + MSG_TYPE_CREATE_ATT_KEYS, + MSG_TYPE_READ_AK_CERT, + MSG_TYPE_GEN_QUOTE, + MSG_TYPE_FLUSH_CONTEXT, + MSG_TYPE_LAST = MSG_TYPE_FLUSH_CONTEXT, }; /// PCREXTEND message data @@ -80,6 +85,47 @@ namespace TRUSTEDBOOT uint8_t* o_randNum; // the random data is populated here }; + // Pure Target* cannot be sent as extra_data through a synchronous message + // because the act of deleting the sync mesage attempts to delete the ptr + // to the target as well, which causes hostboot crashes. This struct is + // a simple wrapper around the Target* for the messages requiring just the + // TPM target to be passed. + struct TpmTargetData + { + TpmTarget* tpm; + TpmTargetData(TpmTarget* i_tpm) : + tpm(i_tpm) + { + } + }; + + // The struct used to read the AK ceritificate from TPM's NVRAM + struct ReadAKCertData + { + TpmTarget* tpm; + AKCertificate_t* data; // The output of NVRAM read + ReadAKCertData(TpmTarget* i_tpm, AKCertificate_t* i_data) : + tpm(i_tpm), data(i_data) + { + } + }; + + // The struct used to generate TPM quote + struct GenQuoteData + { + TpmTarget* tpm; + MasterTpmNonce_t* masterNonce; // 32-byte nonce value + QuoteDataOut* data; // Output - the quote and signature fields + GenQuoteData(TpmTarget* i_tpm, + MasterTpmNonce_t* i_masterNonce, + QuoteDataOut* o_data) : + tpm(i_tpm), + masterNonce(i_masterNonce), + data(o_data) + { + } + }; + // Trustedboot message class class Message { diff --git a/src/usr/secureboot/trusted/base/trustedboot_base.C b/src/usr/secureboot/trusted/base/trustedboot_base.C index 090cac160..5c68e3c2f 100644 --- a/src/usr/secureboot/trusted/base/trustedboot_base.C +++ b/src/usr/secureboot/trusted/base/trustedboot_base.C @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2015,2018 */ +/* Contributors Listed Below - COPYRIGHT 2015,2019 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -850,4 +850,214 @@ errlHndl_t flushTpmQueue() return l_errl; } +errlHndl_t createAttestationKeys(TpmTarget* i_target) +{ + errlHndl_t l_errl = nullptr; +#ifdef CONFIG_TPMDD + Message* l_msg = nullptr; + + TpmTargetData* l_data = new TpmTargetData{i_target}; + + l_msg = Message::factory(MSG_TYPE_CREATE_ATT_KEYS, + sizeof(*l_data), + reinterpret_cast<uint8_t*>(l_data), + MSG_MODE_SYNC); + assert(l_msg != nullptr, "createAttestationKeys: l_msg is nullptr"); + l_data = nullptr; //l_msg now owns l_data + + int l_rc = msg_sendrecv(systemData.msgQ, l_msg->iv_msg); + if(l_rc) + { + /*@ + * @errortype ERRL_SEV_UNRECOVERABLE + * @moduleid MOD_CREATE_ATT_KEYS + * @reasoncode RC_SENDRECV_FAIL + * @userdata1 rc from msg_sendrecv + * @userdata2 TPM HUID + * @devdesc msg_sendrecv failed for createAttestationKeys + * @custdesc trustedboot failure + */ + l_errl = new ERRORLOG::ErrlEntry(ERRORLOG::ERRL_SEV_UNRECOVERABLE, + MOD_CREATE_ATT_KEYS, + RC_SENDRECV_FAIL, + l_rc, + TARGETING::get_huid(i_target), + ERRORLOG::ErrlEntry::ADD_SW_CALLOUT); + l_errl->collectTrace(SECURE_COMP_NAME); + l_errl->collectTrace(TRBOOT_COMP_NAME); + } + else + { + l_errl = l_msg->iv_errl; + l_msg->iv_errl = nullptr; + } + + if(l_msg) + { + delete l_msg; + l_msg = nullptr; + } + +#endif + return l_errl; +} + +errlHndl_t readAKCertificate(TpmTarget* i_target, AKCertificate_t* o_data) +{ + errlHndl_t l_errl = nullptr; +#ifdef CONFIG_TPMDD + Message* l_msg = nullptr; + + ReadAKCertData* l_data = new ReadAKCertData {i_target, o_data}; + + l_msg = Message::factory(MSG_TYPE_READ_AK_CERT, + sizeof(*l_data), + reinterpret_cast<uint8_t*>(l_data), + MSG_MODE_SYNC); + assert(l_msg != nullptr, "readAKCertificate: l_msg is nullptr"); + l_data = nullptr; // l_msg now owns l_data + + int l_rc = msg_sendrecv(systemData.msgQ, l_msg->iv_msg); + if(l_rc) + { + /*@ + * @errortype ERRL_SEV_UNRECOVERABLE + * @moduleid MOD_READ_AK_CERT + * @reasoncode RC_SENDRECV_FAIL + * @userdata1 rc from msg_sendrecv + * @userdata2 TPM HUID + * @devdesc msg_sendrecv failed for readAKCertificate + * @custdesc trustedboot failure + */ + l_errl = new ERRORLOG::ErrlEntry(ERRORLOG::ERRL_SEV_UNRECOVERABLE, + MOD_READ_AK_CERT, + RC_SENDRECV_FAIL, + l_rc, + TARGETING::get_huid(i_target), + ERRORLOG::ErrlEntry::ADD_SW_CALLOUT); + l_errl->collectTrace(SECURE_COMP_NAME); + l_errl->collectTrace(TRBOOT_COMP_NAME); + } + else + { + l_errl = l_msg->iv_errl; + l_msg->iv_errl = nullptr; + } + + if(l_msg) + { + delete l_msg; + l_msg = nullptr; + } + +#endif + return l_errl; +} + +errlHndl_t generateQuote(TpmTarget* i_target, + MasterTpmNonce_t* i_masterNonce, + QuoteDataOut* o_data) +{ + errlHndl_t l_errl = nullptr; +#ifdef CONFIG_TPMDD + Message* l_msg = nullptr; + + GenQuoteData* l_data = new GenQuoteData{i_target, i_masterNonce, o_data}; + + l_msg = Message::factory(MSG_TYPE_GEN_QUOTE, + sizeof(*l_data), + reinterpret_cast<uint8_t*>(l_data), + MSG_MODE_SYNC); + assert(l_msg != nullptr, "generateQuote: l_msg is nullptr"); + l_data = nullptr; //l_msg now owns l_data + + int l_rc = msg_sendrecv(systemData.msgQ, l_msg->iv_msg); + if(l_rc) + { + /*@ + * @errortype ERRL_SEV_UNRECOVERABLE + * @moduleid MOD_GEN_QUOTE + * @reasoncode RC_SENDRECV_FAIL + * @userdata1 rc from msg_sendrecv + * @userdata2 TPM HUID + * @devdesc msg_sendrecv failed for generateQuote + * @custdesc trustedboot failure + */ + l_errl = new ERRORLOG::ErrlEntry(ERRORLOG::ERRL_SEV_UNRECOVERABLE, + MOD_GEN_QUOTE, + RC_SENDRECV_FAIL, + l_rc, + TARGETING::get_huid(i_target), + ERRORLOG::ErrlEntry::ADD_SW_CALLOUT); + l_errl->collectTrace(SECURE_COMP_NAME); + l_errl->collectTrace(TRBOOT_COMP_NAME); + } + else + { + l_errl = l_msg->iv_errl; + l_msg->iv_errl = nullptr; + } + + if(l_msg) + { + delete l_msg; + l_msg = nullptr; + } + +#endif + return l_errl; +} + +errlHndl_t flushContext(TpmTarget* i_target) +{ + errlHndl_t l_errl = nullptr; +#ifdef CONFIG_TPMDD + Message* l_msg = nullptr; + + TpmTargetData* l_data = new TpmTargetData{i_target}; + + l_msg = Message::factory(MSG_TYPE_FLUSH_CONTEXT, + sizeof(*l_data), + reinterpret_cast<uint8_t*>(l_data), + MSG_MODE_SYNC); + assert(l_msg != nullptr, "flushContext: l_msg is nullptr"); + l_data = nullptr; + + int l_rc = msg_sendrecv(systemData.msgQ, l_msg->iv_msg); + if(l_rc) + { + /*@ + * @errortype ERRL_SEV_UNRECOVERABLE + * @moduleid MOD_FLUSH_CONTEXT + * @reasoncode RC_SENDRECV_FAIL + * @userdata1 rc from msg_sendrecv + * @userdata2 TPM HUID + * @devdesc msg_sendrecv failed for TPM2_FlushContext + * @custdesc trustedboot failure + */ + l_errl = new ERRORLOG::ErrlEntry(ERRORLOG::ERRL_SEV_UNRECOVERABLE, + MOD_FLUSH_CONTEXT, + RC_SENDRECV_FAIL, + l_rc, + TARGETING::get_huid(i_target), + ERRORLOG::ErrlEntry::ADD_SW_CALLOUT); + l_errl->collectTrace(SECURE_COMP_NAME); + l_errl->collectTrace(TRBOOT_COMP_NAME); + } + else + { + l_errl = l_msg->iv_errl; + l_msg->iv_errl = nullptr; + } + + if(l_msg) + { + delete l_msg; + l_msg = nullptr; + } + +#endif + return l_errl; +} + } // end TRUSTEDBOOT |