Add Support for TPM Message Queue Flushing

Add a synchronous message handler to TPM daemon. This message handler is used to make sure that all of the traces are flushed before the daemon is shut down. Change-Id: Ibb8ea2fd12d7ded9e43f284ff44c1791e61d8767 CQ:SW435287 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/55223 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
author: Ilya Smirnov <ismirno@us.ibm.com> 2018-03-06 16:12:45 -0600
committer: Daniel M. Crowell <dcrowell@us.ibm.com> 2018-07-01 21:19:29 -0400
commit: 41cda93cb3e7ac6a75e8454731728153247279f0 (patch)
tree: 4c5cefc8ffef072f627ffba600809e7e42d6bf48 /src
parent: 4085033d657dd4e8fa9ff768b7fe8b3ca9c361b1 (diff)
download: talos-hostboot-41cda93cb3e7ac6a75e8454731728153247279f0.tar.gz
talos-hostboot-41cda93cb3e7ac6a75e8454731728153247279f0.zip
6 files changed, 75 insertions, 3 deletions
diff --git a/src/include/usr/secureboot/trustedboot_reasoncodes.H b/src/include/usr/secureboot/trustedboot_reasoncodes.H
index 0020ab20a..30865f5e0 100644
--- a/src/include/usr/secureboot/trustedboot_reasoncodes.H
+++ b/src/include/usr/secureboot/trustedboot_reasoncodes.H
@@ -58,6 +58,7 @@ namespace TRUSTEDBOOT
         MOD_TPM_SYNCRESPONSE                = 0x0C,
         MOD_TPM_SEPARATOR                   = 0x0D,
         MOD_TPM_CMD_GETCAPNVINDEX           = 0x0E,
+        MOD_FLUSH_TPM_QUEUE                 = 0x0F,
         MOD_TPMLOGMGR_INITIALIZE            = 0x10,
         MOD_TPMLOGMGR_ADDEVENT              = 0x11,
         MOD_TPMLOGMGR_INITIALIZEEXISTLOG    = 0x12,
diff --git a/src/include/usr/secureboot/trustedbootif.H b/src/include/usr/secureboot/trustedbootif.H
index 63655964a..65223c90a 100644
--- a/src/include/usr/secureboot/trustedbootif.H
+++ b/src/include/usr/secureboot/trustedbootif.H
@@ -341,6 +341,14 @@ namespace TRUSTEDBOOT
      */
     bool isTpmRequired();
 
+    /**
+     * @brief Send the synchronous flush queue message to the TPM daemon
+     *
+     * @return errlHndl_t nullptr if successful, otherwise a pointer to the
+     *      error log.
+     */
+    errlHndl_t flushTpmQueue();
+
 } // end TRUSTEDBOOT namespace
 
 
diff --git a/src/usr/initservice/istepdispatcher/istepdispatcher.C b/src/usr/initservice/istepdispatcher/istepdispatcher.C
index e4037e860..ec71a59cd 100644
--- a/src/usr/initservice/istepdispatcher/istepdispatcher.C
+++ b/src/usr/initservice/istepdispatcher/istepdispatcher.C
@@ -82,6 +82,7 @@
 #include <trace/trace.H>
 #include <util/utilmbox_scratch.H>
 #include <secureboot/service.H>
+#include <secureboot/trustedbootif.H>
 #include <p9_perst_phb.H>
 #include <plat_hwp_invoker.H>
 #include <ipcSp.H>
@@ -2167,6 +2168,15 @@ void IStepDispatcher::handleProcFabIovalidMsg(msg_t * & io_pMsg)
                 errlCommit(err, INITSVC_COMP_ID);
             }
 
+            err = TRUSTEDBOOT::flushTpmQueue();
+            if(err)
+            {
+                TRACFCOMP(g_trac_initsvc,
+                          "ERROR: TPM message queue flushing failed. The system"
+                          " may experience a hang condition.");
+                errlCommit(err, INITSVC_COMP_ID);
+            }
+
             //cpu_all_winkle is a system call.. After the system call,
             //the cpu are all hung at that instruction. After the fsp
             //wake us up, we will resume execution from the next instruction
diff --git a/src/usr/secureboot/trusted/base/trustedbootMsg.H b/src/usr/secureboot/trusted/base/trustedbootMsg.H
index ededabdcf..b327d6375 100644
--- a/src/usr/secureboot/trusted/base/trustedbootMsg.H
+++ b/src/usr/secureboot/trusted/base/trustedbootMsg.H
@@ -53,6 +53,7 @@ namespace TRUSTEDBOOT
         MSG_TYPE_NOOP,
         MSG_TYPE_PCREXTEND,
         MSG_TYPE_SEPARATOR,
+        MSG_TYPE_FLUSH,
         MSG_TYPE_SHUTDOWN,
         MSG_TYPE_INIT_BACKUP_TPM,
         MSG_TYPE_GETRANDOM,
diff --git a/src/usr/secureboot/trusted/base/trustedboot_base.C b/src/usr/secureboot/trusted/base/trustedboot_base.C
index 5050c9a99..090cac160 100644
--- a/src/usr/secureboot/trusted/base/trustedboot_base.C
+++ b/src/usr/secureboot/trusted/base/trustedboot_base.C
@@ -802,4 +802,52 @@ errlHndl_t testCmpPrimaryAndBackupTpm()
     return l_err;
 }
 
+errlHndl_t flushTpmQueue()
+{
+    errlHndl_t l_errl = nullptr;
+#ifdef CONFIG_TPMDD
+    TRACFCOMP(g_trac_trustedboot, ENTER_MRK"flushTpmQueue()");
+
+    Message* l_msg = Message::factory(MSG_TYPE_FLUSH,
+                                      0,
+                                      nullptr,
+                                      MSG_MODE_SYNC);
+
+    assert(l_msg != nullptr, "TPM flush message is nullptr");
+
+    int l_rc = msg_sendrecv(systemData.msgQ, l_msg->iv_msg);
+    if(l_rc)
+    {
+       /*@
+        * @errortype       ERRL_SEV_UNRECOVERABLE
+        * @moduleid        MOD_FLUSH_TPM_QUEUE
+        * @reasoncode      RC_SENDRECV_FAIL
+        * @userdata1       rc from msq_sendrecv()
+        * @devdesc         msg_sendrecv() failed trying to send flush message to
+        *                  TPM daemon
+        * @custdesc        Trusted boot failure
+        */
+        l_errl = new ERRORLOG::ErrlEntry(ERRORLOG::ERRL_SEV_UNRECOVERABLE,
+                                         MOD_FLUSH_TPM_QUEUE,
+                                         RC_SENDRECV_FAIL,
+                                         l_rc,
+                                         0,
+                                         true);
+        l_errl->collectTrace(SECURE_COMP_NAME);
+        l_errl->collectTrace(TRBOOT_COMP_NAME);
+    }
+    else
+    {
+        l_errl = l_msg->iv_errl;
+        l_msg->iv_errl = nullptr;
+    }
+
+    delete l_msg;
+    l_msg = nullptr;
+
+    TRACFCOMP(g_trac_trustedboot, EXIT_MRK"flushTpmQueue()");
+#endif
+    return l_errl;
+}
+
 } // end TRUSTEDBOOT
diff --git a/src/usr/secureboot/trusted/trustedboot.C b/src/usr/secureboot/trusted/trustedboot.C
index d8a380ed7..594d4947c 100644
--- a/src/usr/secureboot/trusted/trustedboot.C
+++ b/src/usr/secureboot/trusted/trustedboot.C
@@ -1488,8 +1488,7 @@ void* tpmDaemon(void* unused)
                       // Add the separator to this TPM,
                       // if an error occurs the TPM will
                       //  be marked as failed and the error log committed
-                      TRUSTEDBOOT::pcrExtendSeparator(
-                                   tpm);
+                      TRUSTEDBOOT::pcrExtendSeparator(tpm);
                   }
 
                   // Lastly make sure we are in a state
@@ -1537,7 +1536,6 @@ void* tpmDaemon(void* unused)
 
                   err = tpmTransmitCommand(l_pTpm, dataBuf, dataSize,
                                            TPM_LOCALITY_0);
-
                   if (err != nullptr)
                   {
                       TRACFCOMP( g_trac_trustedboot,
@@ -1571,6 +1569,12 @@ void* tpmDaemon(void* unused)
                   }
               }
               break;
+          case TRUSTEDBOOT::MSG_TYPE_FLUSH:
+              {
+                  TRACFCOMP(g_trac_trustedboot, "Flushing TPM message queue");
+              }
+              break;
+
           default:
             assert(false, "Invalid msg command");
             break;
author	Ilya Smirnov <ismirno@us.ibm.com>	2018-03-06 16:12:45 -0600
committer	Daniel M. Crowell <dcrowell@us.ibm.com>	2018-07-01 21:19:29 -0400
commit	41cda93cb3e7ac6a75e8454731728153247279f0 (patch)
tree	4c5cefc8ffef072f627ffba600809e7e42d6bf48 /src
parent	4085033d657dd4e8fa9ff768b7fe8b3ca9c361b1 (diff)
download	talos-hostboot-41cda93cb3e7ac6a75e8454731728153247279f0.tar.gz talos-hostboot-41cda93cb3e7ac6a75e8454731728153247279f0.zip