diff options
author | Ilya Smirnov <ismirno@us.ibm.com> | 2018-12-06 15:22:10 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2019-01-18 16:44:58 -0600 |
commit | 868b68df85eb7aeed7eba3392303fa3be854e2a6 (patch) | |
tree | ea6ef1afe17ebc0c39baa4ad0e926be77f36e501 /src/usr/secureboot/trusted/trustedbootCmds.H | |
parent | 6a5388bbc8b066a9547e1e1268e8c3a7e9f33291 (diff) | |
download | talos-hostboot-868b68df85eb7aeed7eba3392303fa3be854e2a6.tar.gz talos-hostboot-868b68df85eb7aeed7eba3392303fa3be854e2a6.zip |
Secureboot: Add New TPM Commands For Nodecomm
This commit adds four new TPM commands, and APIs thereto,
for enhanced secure multinode communication protocol. The
TPM commands are the base for the new protocol and will be
used as part of it.
Change-Id: I080ff87cd6001b5d2e13ae350a379cbc2c92bfcf
RTC: 202364
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/69725
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot/trusted/trustedbootCmds.H')
-rw-r--r-- | src/usr/secureboot/trusted/trustedbootCmds.H | 49 |
1 files changed, 42 insertions, 7 deletions
diff --git a/src/usr/secureboot/trusted/trustedbootCmds.H b/src/usr/secureboot/trusted/trustedbootCmds.H index 1c40bf80a..9b0e99aaa 100644 --- a/src/usr/secureboot/trusted/trustedbootCmds.H +++ b/src/usr/secureboot/trusted/trustedbootCmds.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2015,2017 */ +/* Contributors Listed Below - COPYRIGHT 2015,2019 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -50,12 +50,6 @@ namespace TRUSTEDBOOT { #endif -enum -{ - BUFSIZE = 256, - MAX_TRANSMIT_SIZE = 1024, ///< Maximum send/receive transmit size -}; - /** * @brief Transmit the command to the TPM and perform marshaling * @param[in/out] io_target Current TPM target structure @@ -181,6 +175,47 @@ errlHndl_t tpmCmdPcrRead(TpmTarget* io_target, uint8_t* o_digest, size_t i_digestSize); + +/** + * @brief Send the TPM_CC_Create to the TPM + * @param[in] i_target the target TPM (must not be nullptr) + * @return nullptr if successful; non-nullptr if error + * + */ +errlHndl_t tpmCmdCreateAttestationKeys(TpmTarget* i_target); + +/** + * @brief Send the TPM_CC_NV_Read command to the given TPM to read the AK + * certificate from its NVRAM + * @param[in] i_target the TPM target (must not be nullptr) + * @param[out] o_data the pointer to the data contained within NVRAM of the TPM + * @return nullptr on success; non-nullptr on error + */ +errlHndl_t tpmCmdReadAKCertificate(TpmTarget* i_target, + AKCertificate_t* o_data); + +/** + * @brief Send the TPM_CC_Quote command to the given TPM to generate quote + * and signature information (returned in o_data) + * @param[in] i_target the TPM target (must not be nullptr) + * @param[in] i_masterNonce the 32-byte master nonce + * @param[out] o_data a pointer to the data structure containing the size of + * the quote data from the TPM and the actual data + * @return nullptr on success; non-nullptr on error + */ +errlHndl_t tpmCmdGenerateQuote(TpmTarget* i_target, + MasterTpmNonce_t* i_masterNonce, + QuoteDataOut* o_data); + +/** + * @brief Send the TPM2_FlushContext command to the given TPM to remove + * transient objects + * @param[in] i_target the TPM target (must not be nullptr) + * @return nullptr on success; non-nullptr on error + */ +errlHndl_t tpmCmdFlushContext(TpmTarget* i_target); + + #ifdef __cplusplus } // end TRUSTEDBOOT namespace #endif |