diff options
| author | Ilya Smirnov <ismirno@us.ibm.com> | 2019-01-29 09:54:24 -0600 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2019-02-20 11:38:57 -0600 |
| commit | 3a6180ba355940c952f332ebd514c8eb15ef7c7a (patch) | |
| tree | c89a5c02d65ab739065ef0b2369b69c5c3f814e9 /src/usr/util | |
| parent | 7c42c4cac7170fec81761a8ae35a1e110a38dcc2 (diff) | |
| download | talos-hostboot-3a6180ba355940c952f332ebd514c8eb15ef7c7a.tar.gz talos-hostboot-3a6180ba355940c952f332ebd514c8eb15ef7c7a.zip | |
Secureboot: Enhanced Multinode Comm: Master Node
This commit introduces the logic to create the master node nodecomm
request to the slave nodes and logic to process the responses from
the slave nodes. The data from the slave nodes (the slave quote) is
hashed and extended into PCR1. The binary quote blob is also included
in the TPM log as a log message.
Additional changes: the logic to relocate the TPM log to increase
its size, and the logic to allow uint8_t* instead of char* as
the TPM log message.
Change-Id: Ide4465f0d4a91aec815c9db5d765cdbde231dcd3
RTC: 203644
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/71407
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/util')
| -rw-r--r-- | src/usr/util/utilmclmgr.C | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/src/usr/util/utilmclmgr.C b/src/usr/util/utilmclmgr.C index 472bb65ae..89392baf7 100644 --- a/src/usr/util/utilmclmgr.C +++ b/src/usr/util/utilmclmgr.C @@ -755,15 +755,17 @@ errlHndl_t MasterContainerLidMgr::tpmExtend(const ComponentID& i_compId, errlHndl_t l_errl = nullptr; // PCR 4 Message <Component ID> - char pcr4Msg[sizeof(ComponentID)+1]; + uint8_t pcr4Msg[sizeof(ComponentID)+1]; memset(pcr4Msg, 0, sizeof(pcr4Msg)); memcpy(pcr4Msg, &i_compId, sizeof(ComponentID)); // PCR 5 Message <Component ID FW KEY HASH> - char pcr5Msg[sizeof(ComponentID)+strlen(TRUSTEDBOOT::FW_KEY_HASH_EXT)+1]; + uint8_t pcr5Msg[sizeof(ComponentID)+strlen(TRUSTEDBOOT::FW_KEY_HASH_EXT)+1]; memset(pcr5Msg, 0, sizeof(pcr5Msg)); - strcat(pcr5Msg,pcr4Msg); - strcat(pcr5Msg,TRUSTEDBOOT::FW_KEY_HASH_EXT); + memcpy(pcr5Msg,pcr4Msg, sizeof(pcr4Msg)); + memcpy(pcr5Msg+sizeof(pcr4Msg), + TRUSTEDBOOT::FW_KEY_HASH_EXT, + sizeof(TRUSTEDBOOT::FW_KEY_HASH_EXT)); do { @@ -772,7 +774,8 @@ errlHndl_t MasterContainerLidMgr::tpmExtend(const ComponentID& i_compId, TRUSTEDBOOT::EV_COMPACT_HASH, reinterpret_cast<const uint8_t*>(i_conHdr.payloadTextHash()), sizeof(SHA512_t), - pcr4Msg); + pcr4Msg, + sizeof(pcr4Msg)); if (l_errl) { UTIL_FT(ERR_MRK "MasterContainerLidMgr::tpmExtend - pcrExtend() (payload text hash) failed for component %s", @@ -785,7 +788,8 @@ errlHndl_t MasterContainerLidMgr::tpmExtend(const ComponentID& i_compId, TRUSTEDBOOT::EV_COMPACT_HASH, reinterpret_cast<const uint8_t*>(i_conHdr.swKeyHash()), sizeof(SHA512_t), - pcr5Msg); + pcr5Msg, + sizeof(pcr5Msg)); if (l_errl) { UTIL_FT(ERR_MRK "MasterContainerLidMgr::tpmExtend - pcrExtend() (FW key hash) failed for component %s", |
