Fix developer and customer descriptions for TPM required policy

Adds more useful information to the developer and customer descriptions of error logs that are created when the TPM required policy is broken. Change-Id: Ib2c42c85cb5689b5a791ab96709dc40f4bbd85d4 CQ:SW415447 Backport:release-fips910 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/52848 Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
author: Jaymes Wilks <mjwilks@us.ibm.com> 2018-01-29 12:41:13 -0600
committer: Daniel M. Crowell <dcrowell@us.ibm.com> 2018-02-10 12:26:10 -0500
commit: 24252f0e54b00714d4665377696069532e724e63 (patch)
tree: f19a15b93547237571dfcf931316bb6f7b4a13db /src
parent: e770e96a5d6713b5608c1ecc5032939e6f2f4f93 (diff)
download: talos-hostboot-24252f0e54b00714d4665377696069532e724e63.tar.gz
talos-hostboot-24252f0e54b00714d4665377696069532e724e63.zip
1 files changed, 20 insertions, 1 deletions
diff --git a/src/usr/secureboot/trusted/trustedboot.C b/src/usr/secureboot/trusted/trustedboot.C
index 4a4120a8b..7f1417e1f 100644
--- a/src/usr/secureboot/trusted/trustedboot.C
+++ b/src/usr/secureboot/trusted/trustedboot.C
@@ -1148,7 +1148,26 @@ void tpmVerifyFunctionalTpmExists(
                  * @moduleid       MOD_TPM_VERIFYFUNCTIONAL
                  * @userdata1      0
                  * @userdata2      0
-                 * @devdesc        No functional TPMs exist in the system
+                 * @devdesc        The system is configured in the hardware
+                 *                 (via processor secure jumpers) to enable
+                 *                 Secure Boot, and the system's "TPM required"
+                 *                 policy is configured to require at least one
+                 *                 functional TPM in order to boot with Secure
+                 *                 Boot enabled. Therefore, the system will
+                 *                 terminate due to lack of functional TPMs.
+                 * @custdesc       The system is configured for Secure Boot and
+                 *                 trusted platform module required mode; at
+                 *                 least one functional trusted platform module
+                 *                 is required to boot the system, but none are
+                 *                 available.  Therefore, the system will
+                 *                 terminate.
+                 *                 Trusted platform module required mode may be
+                 *                 disabled via the appropriate systems
+                 *                 management interface to allow platform boot
+                 *                 without the remote trusted attestation
+                 *                 capability. Look for other errors which call
+                 *                 out the trusted platform module and follow
+                 *                 the repair actions for these errors.
                  */
                 err = new ERRORLOG::ErrlEntry(ERRORLOG::ERRL_SEV_UNRECOVERABLE,
                                               MOD_TPM_VERIFYFUNCTIONAL,
author	Jaymes Wilks <mjwilks@us.ibm.com>	2018-01-29 12:41:13 -0600
committer	Daniel M. Crowell <dcrowell@us.ibm.com>	2018-02-10 12:26:10 -0500
commit	24252f0e54b00714d4665377696069532e724e63 (patch)
tree	f19a15b93547237571dfcf931316bb6f7b4a13db /src
parent	e770e96a5d6713b5608c1ecc5032939e6f2f4f93 (diff)
download	talos-hostboot-24252f0e54b00714d4665377696069532e724e63.tar.gz talos-hostboot-24252f0e54b00714d4665377696069532e724e63.zip