diff options
author | Nick Bofferding <bofferdn@us.ibm.com> | 2018-01-16 22:10:15 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2018-01-19 11:40:03 -0500 |
commit | 7a5fdcbd0c459808c1fc8a5c181c131fa7c8e3b5 (patch) | |
tree | 8621ffa49b45747b8becae079874932e16207631 /src/usr/secureboot | |
parent | 038d61af461195db89b0f742f6813bf1947bc044 (diff) | |
download | talos-hostboot-7a5fdcbd0c459808c1fc8a5c181c131fa7c8e3b5.tar.gz talos-hostboot-7a5fdcbd0c459808c1fc8a5c181c131fa7c8e3b5.zip |
Secure Boot: Remove cyclic dependency in TPM daemon shutdown path
Change-Id: Id2bd6597e930015dfad0ae4196aa326948bdee8e
Backport: release-fips910
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/52095
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot')
-rw-r--r-- | src/usr/secureboot/trusted/trustedboot.C | 17 | ||||
-rw-r--r-- | src/usr/secureboot/trusted/trustedboot.H | 21 |
2 files changed, 30 insertions, 8 deletions
diff --git a/src/usr/secureboot/trusted/trustedboot.C b/src/usr/secureboot/trusted/trustedboot.C index 8c9f7fff3..4a4120a8b 100644 --- a/src/usr/secureboot/trusted/trustedboot.C +++ b/src/usr/secureboot/trusted/trustedboot.C @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2015,2017 */ +/* Contributors Listed Below - COPYRIGHT 2015,2018 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -1110,10 +1110,13 @@ void tpmMarkFailed(TpmTarget* const i_pTpm) #endif } -void tpmVerifyFunctionalTpmExists() +void tpmVerifyFunctionalTpmExists( + const NoTpmShutdownPolicy i_noTpmShutdownPolicy) { errlHndl_t err = nullptr; bool foundFunctional = enabled(); + const bool isBackgroundShutdown = + (i_noTpmShutdownPolicy == NoTpmShutdownPolicy::BACKGROUND_SHUTDOWN); if (!foundFunctional && !systemData.failedTpmsPosted) { @@ -1132,7 +1135,7 @@ void tpmVerifyFunctionalTpmExists() auto errPlid = err->plid(); // we should not continue if we could not read the jumper state - INITSERVICE::doShutdown(errPlid); + INITSERVICE::doShutdown(errPlid,isBackgroundShutdown); } else if (l_state == SECUREBOOT::SecureJumperState::SECURITY_ASSERTED) { @@ -1173,7 +1176,7 @@ void tpmVerifyFunctionalTpmExists() errlCommit(err, TRBOOT_COMP_ID); // terminating the IPL with this fail // Terminate IPL immediately - INITSERVICE::doShutdown(errPlid); + INITSERVICE::doShutdown(errPlid,isBackgroundShutdown); } else { @@ -1261,7 +1264,8 @@ void* tpmDaemon(void* unused) // Lastly make sure we are in a state // where we have a functional TPM - TRUSTEDBOOT::tpmVerifyFunctionalTpmExists(); + TRUSTEDBOOT::tpmVerifyFunctionalTpmExists( + NoTpmShutdownPolicy::BACKGROUND_SHUTDOWN); } break; case TRUSTEDBOOT::MSG_TYPE_SEPARATOR: @@ -1281,7 +1285,8 @@ void* tpmDaemon(void* unused) // Lastly make sure we are in a state // where we have a functional TPM - TRUSTEDBOOT::tpmVerifyFunctionalTpmExists(); + TRUSTEDBOOT::tpmVerifyFunctionalTpmExists( + NoTpmShutdownPolicy::BACKGROUND_SHUTDOWN); } break; diff --git a/src/usr/secureboot/trusted/trustedboot.H b/src/usr/secureboot/trusted/trustedboot.H index 660bf92de..220f9f599 100644 --- a/src/usr/secureboot/trusted/trustedboot.H +++ b/src/usr/secureboot/trusted/trustedboot.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2015,2017 */ +/* Contributors Listed Below - COPYRIGHT 2015,2018 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -87,6 +87,17 @@ public: */ void tpmInitialize(TRUSTEDBOOT::TpmTarget* i_pTpm); + + +/** + * @brief Shutdown policy to invoke when system has no usable TPMs + */ +enum class NoTpmShutdownPolicy +{ + BACKGROUND_SHUTDOWN, // Shutdown Hostboot in background + SYNC_SHUTDOWN, // Block waiting for Hostboot to shutdown +}; + /** * @brief Verify a functional TPM still exists in the system * @@ -94,8 +105,14 @@ void tpmInitialize(TRUSTEDBOOT::TpmTarget* i_pTpm); * If the system is running in secure mode an error log will be committed * and if the TPMRequired attribute is true a system shutdown will be * initiated + * + * @param[in] i_noTpmShutdownPolicy Shutdown policy to invoke if a functional + * TPM is required to boot the system (TPM required policy is "required") + * -and- no functional TPMs are available (or other critical error occurred) */ -void tpmVerifyFunctionalTpmExists(); +void tpmVerifyFunctionalTpmExists( + NoTpmShutdownPolicy i_noTpmShutdownPolicy = + NoTpmShutdownPolicy::SYNC_SHUTDOWN); /** * @brief Replay the entries that exist in the log into the TPM as needed |