diff options
| author | Chris Engel <cjengel@us.ibm.com> | 2015-08-28 10:46:52 -0500 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2016-03-25 16:24:45 -0400 |
| commit | 6c5ba7c0b4d3d1694a2cdf2d6c5365027534ef5a (patch) | |
| tree | 4638004ded3e64f47538d984c017b7add89565c3 /src/usr/secureboot/trusted/trustedboot.C | |
| parent | 13c26be99d54f5f51d537bd1f1296d8cd34624bd (diff) | |
| download | talos-hostboot-6c5ba7c0b4d3d1694a2cdf2d6c5365027534ef5a.tar.gz talos-hostboot-6c5ba7c0b4d3d1694a2cdf2d6c5365027534ef5a.zip | |
Trustedboot add support for PCR Extend
Change-Id: I05614ef6c3e5d68e0b512ec6b69a0b6054a9d7b4
RTC: 125288
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/790
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/22366
Tested-by: Jenkins Server
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Tested-by: FSP CI Jenkins
Diffstat (limited to 'src/usr/secureboot/trusted/trustedboot.C')
| -rw-r--r-- | src/usr/secureboot/trusted/trustedboot.C | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/src/usr/secureboot/trusted/trustedboot.C b/src/usr/secureboot/trusted/trustedboot.C index ad596648c..d51c9e031 100644 --- a/src/usr/secureboot/trusted/trustedboot.C +++ b/src/usr/secureboot/trusted/trustedboot.C @@ -112,6 +112,9 @@ void* host_update_master_tpm( void *io_pArgs ) } } + // Now we need to replay any existing entries in the log into the TPM + tpmReplayLog(systemTpms.tpm[TPM_MASTER_INDEX]); + if (systemTpms.tpm[TPM_MASTER_INDEX].failed || !systemTpms.tpm[TPM_MASTER_INDEX].available) { @@ -150,6 +153,15 @@ void* host_update_master_tpm( void *io_pArgs ) err = TPMDD::tpmReadAttributes(nodeTarget, tpmInfo); if (NULL != err) { + // We don't want to log this error we will just assume + // the backup doesn't exist + delete err; + err = NULL; + TRACUCOMP( g_trac_trustedboot, + "host_update_master_tpm() tgt=0x%X " + "Marking backup TPM unavailable due to attribute fail", + TARGETING::get_huid(nodeTarget)); + systemTpms.tpm[TPM_BACKUP_INDEX].available = false; break; } else if (!tpmInfo.tpmEnabled) @@ -228,7 +240,15 @@ void tpmInitialize(TRUSTEDBOOT::TpmTarget & io_target, TRACDCOMP( g_trac_trustedboot, EXIT_MRK"tpmInitialize()"); +} +void tpmReplayLog(TRUSTEDBOOT::TpmTarget & io_target) +{ + ///@todo RTC:125288 Implement replay + // Function will walk existing entries in the TPM log and call + // tpmCmdPcrExtend as required + // This function must commit any errors and call tpmMarkFailed if errors + // are found } |
