Secure Boot: Enabled final Secure Boot settings for Zeppelin

- Force TPM_REQUIRED to 1 in various XML models (by not overriding default)
- Remove old reference to SECUREBOOT_BEST_EFFORT policy in HBConfig
- Double initial TPM log size

Change-Id: Ibc9a2075ec5e490a876415d5743da40984f172f7
RTC: 187292
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/59776
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>

4 files changed, 2 insertions, 42 deletions

diff --git a/src/build/configs/fsprelease.config b/src/build/configs/fsprelease.config
index 431671a6a..8c36ddc76 100644
--- a/src/build/configs/fsprelease.config
+++ b/src/build/configs/fsprelease.config
@@ -17,4 +17,3 @@ set FSP_BUILD
 unset ENABLE_CHECKSTOP_ANALYSIS
 unset IPLTIME_CHECKSTOP_ANALYSIS
 
-set SECUREBOOT_BEST_EFFORT
diff --git a/src/usr/secureboot/trusted/tpmLogMgr.H b/src/usr/secureboot/trusted/tpmLogMgr.H
index 6828e42fe..58d0cd7a0 100644
--- a/src/usr/secureboot/trusted/tpmLogMgr.H
+++ b/src/usr/secureboot/trusted/tpmLogMgr.H
@@ -5,7 +5,7 @@
 /*                                                                        */
 /* OpenPOWER HostBoot Project                                             */
 /*                                                                        */
-/* Contributors Listed Below - COPYRIGHT 2015,2017                        */
+/* Contributors Listed Below - COPYRIGHT 2015,2018                        */
 /* [+] International Business Machines Corp.                              */
 /*                                                                        */
 /*                                                                        */
@@ -77,7 +77,7 @@ namespace TRUSTEDBOOT
     uint32_t TCG_EfiSpecIdEventStruct_size(TCG_EfiSpecIdEventStruct* val);
 
     enum {
-        TPMLOG_BUFFER_SIZE   = 3584, ///< Size of event log buffer for HB
+        TPMLOG_BUFFER_SIZE   = 7168,    ///< Size of event log buffer for HB
         TPMLOG_DEVTREE_SIZE  = 64*1024, ///< Size to allocate for OPAL
     };
 
diff --git a/src/usr/targeting/common/xmltohb/simics_CUMULUS.system.xml b/src/usr/targeting/common/xmltohb/simics_CUMULUS.system.xml
index eaa1fb348..4d8a00399 100644
--- a/src/usr/targeting/common/xmltohb/simics_CUMULUS.system.xml
+++ b/src/usr/targeting/common/xmltohb/simics_CUMULUS.system.xml
@@ -599,32 +599,10 @@
             <field><id>reserved</id><value/></field>
         </default>
     </attribute>
-
-
-
-
-
-
-
-
-
-
-
-
-
-    <attribute>
-        <id>TPM_REQUIRED</id>
-        <default>0</default>
-    </attribute>
     <attribute>
         <id>TYPE</id>
         <default>SYS</default>
     </attribute>
-
-
-
-
-
     <attribute>
         <id>X_EREPAIR_THRESHOLD_FIELD</id>
         <default>1</default>
diff --git a/src/usr/targeting/common/xmltohb/simics_CUMULUS_CDIMM.system.xml b/src/usr/targeting/common/xmltohb/simics_CUMULUS_CDIMM.system.xml
index 43750df7d..2a7493734 100644
--- a/src/usr/targeting/common/xmltohb/simics_CUMULUS_CDIMM.system.xml
+++ b/src/usr/targeting/common/xmltohb/simics_CUMULUS_CDIMM.system.xml
@@ -599,23 +599,6 @@
             <field><id>reserved</id><value/></field>
         </default>
     </attribute>
-
-
-
-
-
-
-
-
-
-
-
-
-
-    <attribute>
-        <id>TPM_REQUIRED</id>
-        <default>0</default>
-    </attribute>
     <attribute>
         <id>TYPE</id>
         <default>SYS</default>