diff options
| author | Ilya Smirnov <ismirno@us.ibm.com> | 2018-07-20 13:08:45 -0500 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2018-07-23 09:44:20 -0500 |
| commit | 2ff7bd1af1350387d76053325020ac1bf651901e (patch) | |
| tree | 19db683838a8478e273a9361ddb8e625a462109d /src/usr/secureboot/trusted | |
| parent | 78c7928126a9ece9cd466be1e0598bf3f082b977 (diff) | |
| download | talos-hostboot-2ff7bd1af1350387d76053325020ac1bf651901e.tar.gz talos-hostboot-2ff7bd1af1350387d76053325020ac1bf651901e.zip | |
Sync Attributes to FSP In TPM Required Path
System shut down due to no functional primary TPM doesn't
force attribute sync to FSP (which is a part of normal istep
shutdown process), so the TPM_UNUSABLE attribute used to
perform alignment check is never updated on FSP. This change
adds explicit attribute sync to FSP in the TPM required
execution path.
Change-Id: I0e232c114af9ac08c8207088b337fb5a8c8d4cb1
CQ: SW438909
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/63069
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot/trusted')
| -rw-r--r-- | src/usr/secureboot/trusted/trustedboot.C | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/src/usr/secureboot/trusted/trustedboot.C b/src/usr/secureboot/trusted/trustedboot.C index 594d4947c..884bb02c5 100644 --- a/src/usr/secureboot/trusted/trustedboot.C +++ b/src/usr/secureboot/trusted/trustedboot.C @@ -38,8 +38,10 @@ #include <errl/errlmanager.H> #include <errl/errludtarget.H> #include <errl/errludstring.H> +#include <targeting/attrsync.H> #include <targeting/targplatutil.H> #include <targeting/common/targetservice.H> +#include <targeting/common/commontargeting.H> #include <secureboot/service.H> #include <secureboot/trustedbootif.H> #include <secureboot/trustedboot_reasoncodes.H> @@ -66,7 +68,6 @@ #include <fapi2.H> #include <plat_hwp_invoker.H> #include <p9_update_security_ctrl.H> -#include <targeting/common/commontargeting.H> #include <algorithm> #include <util/misc.H> #include <hwas/common/hwasCommon.H> @@ -1276,6 +1277,22 @@ void tpmVerifyFunctionalPrimaryTpmExists( HWAS::GARD_NULL); } errlCommit(err, TRBOOT_COMP_ID); + + // Sync the attributes to FSP if applicable. + // This will allow for FSP to attempt to perform + // TPM alignment check. + if(INITSERVICE::spBaseServicesEnabled()) + { + err = TARGETING::syncAllAttributesToFsp(); + if(err) + { + TRACFCOMP(g_trac_trustedboot, ERR_MRK"Could not sync" + " attributes to FSP; errl EID 0x%08X", + err->eid()); + errlCommit(err, TRBOOT_COMP_ID); + } + } + // terminating the IPL with this fail // Terminate IPL immediately INITSERVICE::doShutdown(errPlid,isBackgroundShutdown); |
