diff options
author | Mike Baiocchi <mbaiocch@us.ibm.com> | 2018-01-26 17:51:38 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2018-02-01 17:59:52 -0500 |
commit | 1d437c8dc54886f43ab77447f0456c49f5b69c04 (patch) | |
tree | d44fb64613a6b23e25c99f31daa6b0e2436c325e /src/usr/secureboot | |
parent | 4046ab053d85e0a531532f1a40894efb9361c83c (diff) | |
download | talos-hostboot-1d437c8dc54886f43ab77447f0456c49f5b69c04.tar.gz talos-hostboot-1d437c8dc54886f43ab77447f0456c49f5b69c04.zip |
Verify ComponentID and Extend PAYLOAD
While verifying the PAYLOAD in memory before moving it to its final
location, this commit parses the PAYLOAD's header and verifies that
it has the correct componentId. It also extends the PAYLOAD
information to the TPM.
Change-Id: Ie333d1ba5919b36919b207f25ad60806359ed710
RTC:168745
Backport: release-fips910
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/52837
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot')
-rw-r--r-- | src/usr/secureboot/base/securerommgr.C | 2 | ||||
-rw-r--r-- | src/usr/secureboot/trusted/tpmLogMgr.C | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/src/usr/secureboot/base/securerommgr.C b/src/usr/secureboot/base/securerommgr.C index 02eca6293..17becb6b6 100644 --- a/src/usr/secureboot/base/securerommgr.C +++ b/src/usr/secureboot/base/securerommgr.C @@ -104,7 +104,7 @@ errlHndl_t verifyComponentId( TRACFCOMP(g_trac_secure,ERR_MRK"SECUREROM::verifyComponentId: " "Secure Boot verification failure; container's component ID of " "[%s] does not match expected component ID of [%s] (truncated " - "from [%s]", + "from [%s])", i_containerHeader.componentId(), pTruncatedComponentId, i_pComponentId); diff --git a/src/usr/secureboot/trusted/tpmLogMgr.C b/src/usr/secureboot/trusted/tpmLogMgr.C index 625c6261a..855d02b5a 100644 --- a/src/usr/secureboot/trusted/tpmLogMgr.C +++ b/src/usr/secureboot/trusted/tpmLogMgr.C @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2015,2017 */ +/* Contributors Listed Below - COPYRIGHT 2015,2018 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -595,6 +595,7 @@ namespace TRUSTEDBOOT memset(i_val->eventLogInMem, 0, i_maxSize); memcpy(i_val->eventLogInMem, i_val->eventLog, i_val->logSize); i_val->newEventPtr = i_val->eventLogInMem + i_val->logSize; + i_val->logMaxSize = i_maxSize; mutex_unlock( &i_val->logMutex ); |