diff options
| author | Ilya Smirnov <ismirno@us.ibm.com> | 2018-08-10 08:55:32 -0500 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2018-08-16 14:34:33 -0500 |
| commit | f70518cf12dcb1ade112bfe5b6c36c6d9978794c (patch) | |
| tree | 026fef317d5139cd7d4a164d6684a4a4ce96a6a4 /src/usr/secureboot | |
| parent | e55c53fae43aa0ae5cb9fc633c86ffd0683c2212 (diff) | |
| download | talos-hostboot-f70518cf12dcb1ade112bfe5b6c36c6d9978794c.tar.gz talos-hostboot-f70518cf12dcb1ade112bfe5b6c36c6d9978794c.zip | |
Set TPM_UNUSABLE Only if TPM is Required
This change sets the attribure used for TPM alignment
check (TPM_UNUSABLE) only if the TPM Required policy
is on. This will prevent HWSV from failing the boot
due to no minimum HW when the policy is off.
Change-Id: Ia63475c7496e5a4deb73c0caeb0d070bd8eb95c3
CQ: SW441033
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/64553
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot')
| -rw-r--r-- | src/usr/secureboot/trusted/trustedboot.C | 24 |
1 files changed, 18 insertions, 6 deletions
diff --git a/src/usr/secureboot/trusted/trustedboot.C b/src/usr/secureboot/trusted/trustedboot.C index 884bb02c5..0ae7ff6b9 100644 --- a/src/usr/secureboot/trusted/trustedboot.C +++ b/src/usr/secureboot/trusted/trustedboot.C @@ -325,7 +325,10 @@ void* host_update_master_tpm( void *io_pArgs ) !primaryHwasState.present) { primaryTpmAvail = false; - pPrimaryTpm->setAttr<TARGETING::ATTR_TPM_UNUSABLE>(true); + if(isTpmRequired()) + { + pPrimaryTpm->setAttr<TARGETING::ATTR_TPM_UNUSABLE>(true); + } } } @@ -1008,8 +1011,11 @@ void tpmMarkFailed(TpmTarget* const i_pTpm, i_pTpm->setAttr< TARGETING::ATTR_HWAS_STATE>(hwasState); - // Mark the TPM as unusable so that FSP can perform alignment check - i_pTpm->setAttr<TARGETING::ATTR_TPM_UNUSABLE>(true); + if(isTpmRequired()) + { + // Mark the TPM as unusable so that FSP can perform alignment check + i_pTpm->setAttr<TARGETING::ATTR_TPM_UNUSABLE>(true); + } #ifdef CONFIG_SECUREBOOT TARGETING::Target* l_tpm = i_pTpm; @@ -1403,10 +1409,16 @@ void doInitBackupTpm() if(l_backupTpm) { l_backupTpm->setAttr<TARGETING::ATTR_HB_TPM_INIT_ATTEMPTED>(true); - auto l_backupHwasState = l_backupTpm->getAttr< + if(isTpmRequired()) + { + auto l_backupHwasState = l_backupTpm->getAttr< TARGETING::ATTR_HWAS_STATE>(); - l_backupTpm->setAttr<TARGETING::ATTR_TPM_UNUSABLE>( - !(l_backupHwasState.present && l_backupHwasState.functional)); + + if(!l_backupHwasState.present || !l_backupHwasState.functional) + { + l_backupTpm->setAttr<TARGETING::ATTR_TPM_UNUSABLE>(true); + } + } } } |
