diff options
| author | Nick Bofferding <bofferdn@us.ibm.com> | 2018-01-16 22:10:15 -0600 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2018-01-19 11:40:03 -0500 |
| commit | 7a5fdcbd0c459808c1fc8a5c181c131fa7c8e3b5 (patch) | |
| tree | 8621ffa49b45747b8becae079874932e16207631 /src/usr/secureboot/trusted/trustedboot.C | |
| parent | 038d61af461195db89b0f742f6813bf1947bc044 (diff) | |
| download | talos-hostboot-7a5fdcbd0c459808c1fc8a5c181c131fa7c8e3b5.tar.gz talos-hostboot-7a5fdcbd0c459808c1fc8a5c181c131fa7c8e3b5.zip | |
Secure Boot: Remove cyclic dependency in TPM daemon shutdown path
Change-Id: Id2bd6597e930015dfad0ae4196aa326948bdee8e
Backport: release-fips910
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/52095
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot/trusted/trustedboot.C')
| -rw-r--r-- | src/usr/secureboot/trusted/trustedboot.C | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/src/usr/secureboot/trusted/trustedboot.C b/src/usr/secureboot/trusted/trustedboot.C index 8c9f7fff3..4a4120a8b 100644 --- a/src/usr/secureboot/trusted/trustedboot.C +++ b/src/usr/secureboot/trusted/trustedboot.C @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2015,2017 */ +/* Contributors Listed Below - COPYRIGHT 2015,2018 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -1110,10 +1110,13 @@ void tpmMarkFailed(TpmTarget* const i_pTpm) #endif } -void tpmVerifyFunctionalTpmExists() +void tpmVerifyFunctionalTpmExists( + const NoTpmShutdownPolicy i_noTpmShutdownPolicy) { errlHndl_t err = nullptr; bool foundFunctional = enabled(); + const bool isBackgroundShutdown = + (i_noTpmShutdownPolicy == NoTpmShutdownPolicy::BACKGROUND_SHUTDOWN); if (!foundFunctional && !systemData.failedTpmsPosted) { @@ -1132,7 +1135,7 @@ void tpmVerifyFunctionalTpmExists() auto errPlid = err->plid(); // we should not continue if we could not read the jumper state - INITSERVICE::doShutdown(errPlid); + INITSERVICE::doShutdown(errPlid,isBackgroundShutdown); } else if (l_state == SECUREBOOT::SecureJumperState::SECURITY_ASSERTED) { @@ -1173,7 +1176,7 @@ void tpmVerifyFunctionalTpmExists() errlCommit(err, TRBOOT_COMP_ID); // terminating the IPL with this fail // Terminate IPL immediately - INITSERVICE::doShutdown(errPlid); + INITSERVICE::doShutdown(errPlid,isBackgroundShutdown); } else { @@ -1261,7 +1264,8 @@ void* tpmDaemon(void* unused) // Lastly make sure we are in a state // where we have a functional TPM - TRUSTEDBOOT::tpmVerifyFunctionalTpmExists(); + TRUSTEDBOOT::tpmVerifyFunctionalTpmExists( + NoTpmShutdownPolicy::BACKGROUND_SHUTDOWN); } break; case TRUSTEDBOOT::MSG_TYPE_SEPARATOR: @@ -1281,7 +1285,8 @@ void* tpmDaemon(void* unused) // Lastly make sure we are in a state // where we have a functional TPM - TRUSTEDBOOT::tpmVerifyFunctionalTpmExists(); + TRUSTEDBOOT::tpmVerifyFunctionalTpmExists( + NoTpmShutdownPolicy::BACKGROUND_SHUTDOWN); } break; |
