diff options
| author | Chris Engel <cjengel@us.ibm.com> | 2017-01-23 14:00:25 -0600 |
|---|---|---|
| committer | William G. Hoffa <wghoffa@us.ibm.com> | 2017-01-27 16:41:57 -0500 |
| commit | 5784da25300866c71551f1f0411d469eb3a3c922 (patch) | |
| tree | 5916d1a64353257d72ac19371581aadad9f96bb3 /src/usr/secureboot/trusted/trustedboot.C | |
| parent | 0446c85a500a07e1e81fe49cf91af207b88a753f (diff) | |
| download | talos-hostboot-5784da25300866c71551f1f0411d469eb3a3c922.tar.gz talos-hostboot-5784da25300866c71551f1f0411d469eb3a3c922.zip | |
Add TPM4 locality support
Change-Id: I9f16fe77ee18f3d8839d0a06f9322ca1b1e47d93
RTC: 134415
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35271
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot/trusted/trustedboot.C')
| -rw-r--r-- | src/usr/secureboot/trusted/trustedboot.C | 28 |
1 files changed, 21 insertions, 7 deletions
diff --git a/src/usr/secureboot/trusted/trustedboot.C b/src/usr/secureboot/trusted/trustedboot.C index a8d1f8adf..7de63e1d7 100644 --- a/src/usr/secureboot/trusted/trustedboot.C +++ b/src/usr/secureboot/trusted/trustedboot.C @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2015,2016 */ +/* Contributors Listed Below - COPYRIGHT 2015,2017 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -48,6 +48,7 @@ #include <initservice/initserviceif.H> #include <ipmi/ipmisensor.H> #include <config.h> +#include <i2c/tpmddif.H> #include "trustedboot.H" #include "trustedTypes.H" #include "trustedbootCmds.H" @@ -203,7 +204,8 @@ void* host_update_master_tpm( void *io_pArgs ) { memset(&tpmData, 0, sizeof(tpmData)); errlHndl_t readErr = tpmReadAttributes(tpmList[tpmNum], - tpmData); + tpmData, + TPM_LOCALITY_0); if (NULL != readErr) { // We are just looking for configured TPMs here @@ -293,7 +295,8 @@ void* host_update_master_tpm( void *io_pArgs ) memset(&tpmInfo, 0, sizeof(tpmInfo)); errlHndl_t tmpErr = TPMDD::tpmReadAttributes( systemTpms.tpm[TPM_BACKUP_INDEX].tpmTarget, - tpmInfo); + tpmInfo, + TPM_LOCALITY_0); if (NULL != tmpErr || !tpmInfo.tpmEnabled) { TRACUCOMP( g_trac_trustedboot, @@ -372,11 +375,17 @@ void tpmInitialize(TRUSTEDBOOT::TpmTarget & io_target) io_target.initAttempted = true; io_target.failed = false; - // TPM_STARTUP - err = tpmCmdStartup(&io_target); - if (NULL != err) + bool drtm = false; + /// @todo #157140 Add ability to check for DRTM + // Don't run STARTUP during DRTM + if (!drtm) { - break; + // TPM_STARTUP + err = tpmCmdStartup(&io_target); + if (NULL != err) + { + break; + } } // TPM_GETCAPABILITY to read FW Version @@ -386,6 +395,11 @@ void tpmInitialize(TRUSTEDBOOT::TpmTarget & io_target) break; } + // For a DRTM we need to reset PCRs 17-22 + if (drtm) + { + /// @todo Implement PCR reset + } } while ( 0 ); |
