diff options
| author | Ilya Smirnov <ismirno@us.ibm.com> | 2019-07-22 14:21:12 -0500 |
|---|---|---|
| committer | Daniel M Crowell <dcrowell@us.ibm.com> | 2019-07-30 15:17:31 -0500 |
| commit | 3ab493b6935dd508c27e9fcce2dd03826e26f14e (patch) | |
| tree | fc4018998a7b6eb24a061f7893eb6370484854a6 /src | |
| parent | 0e26522ec1dbeecf284f4b50707f0519aa20b7e7 (diff) | |
| download | talos-hostboot-3ab493b6935dd508c27e9fcce2dd03826e26f14e.tar.gz talos-hostboot-3ab493b6935dd508c27e9fcce2dd03826e26f14e.zip | |
Account For TPM Not Required in Node Comm
When the TPM required policy is off, node comm path should
not commit any errors as to not confuse the testers/customers.
This commit silences the errors from the node comm protocol
when TPM is not required. In addition, when TPM is required,
we want to fail the boot if node comm is unsuccessful. Logic
has been added to pass the error info up to FSP in case
of any error in istep18 (when node comm runs).
Change-Id: I76d48780790b6fee759b3ccc60a858f0a8835dee
CQ: SW466658
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/80937
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Glenn Miles <milesg@ibm.com>
Reviewed-by: Daniel M Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/usr/isteps/istep18/establish_system_smp.C | 4 | ||||
| -rw-r--r-- | src/usr/secureboot/node_comm/node_comm_exchange.C | 116 |
2 files changed, 80 insertions, 40 deletions
diff --git a/src/usr/isteps/istep18/establish_system_smp.C b/src/usr/isteps/istep18/establish_system_smp.C index 2a59046d1..f7d20a9a4 100644 --- a/src/usr/isteps/istep18/establish_system_smp.C +++ b/src/usr/isteps/istep18/establish_system_smp.C @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2012,2018 */ +/* Contributors Listed Below - COPYRIGHT 2012,2019 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -674,6 +674,8 @@ void *host_sys_fab_iovalid_processing(void* io_ptr ) "returned err: plid=0x%X. Deleting err and continuing", err->plid()); err->collectTrace("ISTEPS_TRACE"); + // Let the caller know that an error occurred + io_pMsg->data[0] = err->plid(); errlCommit(err, SECURE_COMP_ID); } diff --git a/src/usr/secureboot/node_comm/node_comm_exchange.C b/src/usr/secureboot/node_comm/node_comm_exchange.C index ff8ff8a31..c721f22a6 100644 --- a/src/usr/secureboot/node_comm/node_comm_exchange.C +++ b/src/usr/secureboot/node_comm/node_comm_exchange.C @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2018 */ +/* Contributors Listed Below - COPYRIGHT 2018,2019 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -133,6 +133,7 @@ errlHndl_t nodeCommAbusGetRandom(uint64_t & o_nonce) { errlHndl_t err = nullptr; o_nonce = NODE_COMM_DEFAULT_NONCE; +#ifdef CONFIG_TPMDD Target* tpm_tgt = nullptr; TRACUCOMP(g_trac_nc,ENTER_MRK"nodeCommAbusGetRandom:"); @@ -144,9 +145,7 @@ errlHndl_t nodeCommAbusGetRandom(uint64_t & o_nonce) // This function call requires the CONFIG check for compilation purposes, // but no extra error handling is needed as it should not have gotten this // far if CONFIG_TPMDD wasn't set -#ifdef CONFIG_TPMDD TRUSTEDBOOT::getPrimaryTpm(tpm_tgt); -#endif HwasState hwasState{}; if(tpm_tgt) { @@ -192,11 +191,9 @@ errlHndl_t nodeCommAbusGetRandom(uint64_t & o_nonce) // This function call requires the CONFIG check for compilation purposes, // but no extra error handling is needed as it should not have gotten this // far if CONFIG_TPMDD wasn't set -#ifdef CONFIG_TPMDD err = TRUSTEDBOOT::GetRandom(tpm_tgt, sizeof(o_nonce), reinterpret_cast<uint8_t*>(&o_nonce)); -#endif if (err) { // Reset just to make sure above call didn't change it @@ -208,18 +205,30 @@ errlHndl_t nodeCommAbusGetRandom(uint64_t & o_nonce) get_huid(tpm_tgt), TRACE_ERR_ARGS(err), o_nonce); - // err commited outside of do-while loop below - // break to be safe in case code gets added later break; } } while( 0 ); - if (err) + if(err) { - err->collectTrace(TRBOOT_COMP_NAME); - err->collectTrace(NODECOMM_TRACE_NAME); + if(!TRUSTEDBOOT::isTpmRequired()) + { + TRACFCOMP(g_trac_nc,ERR_MRK"nodeCommAbusGetRandom: Error occurred; " + "RC: 0x%.04X; PLID: 0x%.08X. TPM Required policy is off; " + "deleting the error and trying to continue.", + err->reasonCode(), + err->plid()); + // TPM is not required - do not return the error + delete err; + err = nullptr; + } + else + { + err->collectTrace(TRBOOT_COMP_NAME); + err->collectTrace(NODECOMM_TRACE_NAME); + } } TRACFCOMP(g_trac_nc,EXIT_MRK"nodeCommAbusGetRandom: " @@ -228,6 +237,7 @@ errlHndl_t nodeCommAbusGetRandom(uint64_t & o_nonce) o_nonce, get_huid(tpm_tgt), TRACE_ERR_ARGS(err)); +#endif return err; } // end of nodeCommAbusGetRandom @@ -618,17 +628,19 @@ errlHndl_t nodeCommGenSlaveQuoteResponse(const MasterQuoteRequestBlob* const i_r { l_poisonTpmErr->plid(l_errl->plid()); } - errlCommit(l_poisonTpmErr, SECURE_COMP_ID); - } - } - - if(l_errl) - { - if(!l_tpmRequired) - { - // TPM is not required, so no need to propagate the error up and - // fail the boot. - errlCommit(l_errl, SECURE_COMP_ID); + if(l_tpmRequired) + { + errlCommit(l_poisonTpmErr, SECURE_COMP_ID); + } + else + { + TRACFCOMP(g_trac_nc,ERR_MRK"nodeCommGenSlaveQuoteResponse: " + "Could not poison TPMs. Errl PLID: 0x%.08X " + "Deleting the error log and continuing anyway.", + l_poisonTpmErr->plid()); + delete l_poisonTpmErr; + l_poisonTpmErr = nullptr; + } } } @@ -721,14 +733,19 @@ errlHndl_t nodeCommGenMasterQuoteRequest(MasterQuoteRequestBlob* const o_request { l_poisonTpmErr->plid(l_errl->plid()); } - errlCommit(l_poisonTpmErr, SECURE_COMP_ID); - } - - if(!l_tpmRequired) - { - // TPM is not required, so no need to propagate the error up and - // fail the boot. - errlCommit(l_errl, SECURE_COMP_ID); + if(l_tpmRequired) + { + errlCommit(l_poisonTpmErr, SECURE_COMP_ID); + } + else + { + TRACFCOMP(g_trac_nc,ERR_MRK"nodeCommGenMasterQuoteRequest: " + "Could not poison TPMs. Errl PLID: 0x%.08X. " + "Deleting the error log and continuing anyway.", + l_poisonTpmErr->plid()); + delete l_poisonTpmErr; + l_poisonTpmErr = nullptr; + } } } @@ -814,13 +831,19 @@ errlHndl_t nodeCommProcessSlaveQuote(uint8_t* const i_slaveQuote, { l_poisonTpmErr->plid(l_errl->plid()); } - errlCommit(l_poisonTpmErr, SECURE_COMP_ID); - } - - if(!TRUSTEDBOOT::isTpmRequired()) - { - // TPM is not required - do not propagate the error - errlCommit(l_errl, SECURE_COMP_ID); + if(TRUSTEDBOOT::isTpmRequired()) + { + errlCommit(l_poisonTpmErr, SECURE_COMP_ID); + } + else + { + TRACFCOMP(g_trac_nc, ERR_MRK"nodeCommProcessSlaveQuote: " + "Could not poison TPMs. Errl PLID: 0x%.08X. " + "Deleting the error log and continuing.", + l_poisonTpmErr->plid()); + delete l_poisonTpmErr; + l_poisonTpmErr = nullptr; + } } } @@ -1738,9 +1761,24 @@ errlHndl_t nodeCommAbusExchange(void) if (err) { - err->collectTrace(SECURE_COMP_NAME); - err->collectTrace(NODECOMM_TRACE_NAME); - err->collectTrace(TRBOOT_COMP_NAME); + if(!TRUSTEDBOOT::isTpmRequired()) + { + TRACFCOMP(g_trac_nc,EXIT_MRK"nodeCommAbusExchange:An error occurred" + " during secure node communication, but the TPM required " + "policy is not set, so the error will not be propagated." + " Original error RC: 0x%.04X; PLID: 0x%.08X." + " Deleting the error log and continuing.", + err->reasonCode(), + err->plid()); + delete err; + err = nullptr; + } + else + { + err->collectTrace(SECURE_COMP_NAME); + err->collectTrace(NODECOMM_TRACE_NAME); + err->collectTrace(TRBOOT_COMP_NAME); + } } if (l_phys_path_str != nullptr) |
