diff options
| -rw-r--r-- | src/include/usr/secureboot/trustedbootif.H | 7 | ||||
| -rw-r--r-- | src/usr/runtime/populate_hbruntime.C | 2 | ||||
| -rw-r--r-- | src/usr/secureboot/trusted/trustedboot.C | 77 | ||||
| -rw-r--r-- | src/usr/secureboot/trusted/trustedboot.H | 11 |
4 files changed, 54 insertions, 43 deletions
diff --git a/src/include/usr/secureboot/trustedbootif.H b/src/include/usr/secureboot/trustedbootif.H index 45321be6c..5ab461cb1 100644 --- a/src/include/usr/secureboot/trustedbootif.H +++ b/src/include/usr/secureboot/trustedbootif.H @@ -234,10 +234,11 @@ namespace TRUSTEDBOOT uint32_t i_i2cMasterOffset); /** - * @brief Is trustedboot enabled and functional - * @retval true if trustboot enabled and functional TPM's are available + * @brief Checks whether the node has a present and functioning primary TPM. + * @retval true if a present and functional primary TPM is available; + * false otherwise */ - bool enabled(); + bool functionalPrimaryTpmExists(); /** * @brief Wrapper around pcrExtend for measuring PNOR sections diff --git a/src/usr/runtime/populate_hbruntime.C b/src/usr/runtime/populate_hbruntime.C index aa077ca5c..de2ddb439 100644 --- a/src/usr/runtime/populate_hbruntime.C +++ b/src/usr/runtime/populate_hbruntime.C @@ -1447,7 +1447,7 @@ errlHndl_t populate_hbSecurebootData ( void ) // populate secure setting for trusted boot bool trusted = false; #ifdef CONFIG_TPMDD - trusted = TRUSTEDBOOT::enabled(); + trusted = TRUSTEDBOOT::functionalPrimaryTpmExists(); #endif l_sysSecSets->trustedboot = trusted? 1: 0; diff --git a/src/usr/secureboot/trusted/trustedboot.C b/src/usr/secureboot/trusted/trustedboot.C index 75f7208a5..00935f68a 100644 --- a/src/usr/secureboot/trusted/trustedboot.C +++ b/src/usr/secureboot/trusted/trustedboot.C @@ -171,9 +171,9 @@ void getBackupTpm(TARGETING::Target*& o_pBackupTpm) o_pBackupTpm); } -bool enabled() +bool functionalPrimaryTpmExists() { - bool enabled = false; + bool exists = false; #ifdef CONFIG_TPMDD TARGETING::TargetHandleList tpmList; getTPMs(tpmList,TPM_FILTER::ALL_IN_BLUEPRINT); @@ -185,17 +185,21 @@ bool enabled() TARGETING::PredicateAttrVal<TARGETING::ATTR_HB_TPM_INIT_ATTEMPTED> initialized(true); + // Only look for primary TPM + TARGETING::PredicateAttrVal<TARGETING::ATTR_TPM_ROLE> + isPrimaryTpm(TARGETING::TPM_ROLE_TPM_PRIMARY); + auto itr = std::find_if(tpmList.begin(),tpmList.end(), - [&presentAndFunctional,&initialized]( + [&presentAndFunctional, &initialized, &isPrimaryTpm]( const TARGETING::Target* const i_pTpm) { - return ( presentAndFunctional(i_pTpm) - || !initialized(i_pTpm)); + return (isPrimaryTpm(i_pTpm) && (presentAndFunctional(i_pTpm) + || !initialized(i_pTpm))); }); - enabled = (itr!=tpmList.end()) ? true : false; + exists = (itr!=tpmList.end()) ? true : false; #endif - return enabled; + return exists; } void* host_update_master_tpm( void *io_pArgs ) @@ -386,7 +390,7 @@ void* host_update_master_tpm( void *io_pArgs ) // Make sure we are in a state // where we have a functional TPM - TRUSTEDBOOT::tpmVerifyFunctionalTpmExists(); + TRUSTEDBOOT::tpmVerifyFunctionalPrimaryTpmExists(); if (nullptr == err) { @@ -1171,11 +1175,11 @@ void tpmMarkFailed(TpmTarget* const i_pTpm, } -void tpmVerifyFunctionalTpmExists( +void tpmVerifyFunctionalPrimaryTpmExists( const NoTpmShutdownPolicy i_noTpmShutdownPolicy) { errlHndl_t err = nullptr; - bool foundFunctional = enabled(); + bool foundFunctional = functionalPrimaryTpmExists(); const bool isBackgroundShutdown = (i_noTpmShutdownPolicy == NoTpmShutdownPolicy::BACKGROUND_SHUTDOWN); @@ -1183,7 +1187,7 @@ void tpmVerifyFunctionalTpmExists( { systemData.failedTpmsPosted = true; TRACFCOMP( g_trac_trustedboot, - "NO FUNCTIONAL TPM FOUND"); + "NO FUNCTIONAL PRIMARY TPM FOUND ON THE NODE"); // Check to ensure jumper indicates we are running secure SECUREBOOT::SecureJumperState l_state @@ -1208,19 +1212,23 @@ void tpmVerifyFunctionalTpmExists( * @moduleid MOD_TPM_VERIFYFUNCTIONAL * @userdata1 0 * @userdata2 0 - * @devdesc The system is configured in the hardware - * (via processor secure jumpers) to enable - * Secure Boot, and the system's "TPM required" - * policy is configured to require at least one - * functional TPM in order to boot with Secure - * Boot enabled. Therefore, the system will - * terminate due to lack of functional TPMs. + * @devdesc The system (or node, if multi-node system) + * is configured in the hardware (via processor + * secure jumpers) to enable Secure Boot, and + * the system's/node's "TPM required" policy is + * configured to require at least one + * functional boot processor TPM in order to + * boot with Trusted Boot enabled. Therefore, + * the system (or node, if multi-node system) + * will terminate due to lack of functional + * boot processor TPM. * @custdesc The system is configured for Secure Boot and - * trusted platform module required mode; at - * least one functional trusted platform module - * is required to boot the system, but none are - * available. Therefore, the system will - * terminate. + * trusted platform module required mode; a + * functional boot processor trusted platform + * module is required to boot the system (or + * node, if multi-node system), but none are + * available. Therefore, the system (or node, + * if multi-node system) will terminate. * Trusted platform module required mode may be * disabled via the appropriate systems * management interface to allow platform boot @@ -1245,12 +1253,12 @@ void tpmVerifyFunctionalTpmExists( // Add Security Registers to the error log SECUREBOOT::addSecurityRegistersToErrlog(err); - // HW callout TPMs - TARGETING::TargetHandleList l_tpmList; - TRUSTEDBOOT::getTPMs(l_tpmList, TPM_FILTER::ALL_IN_BLUEPRINT); - for(const auto &tpm : l_tpmList) + // HW callout TPM + TARGETING::Target* l_primaryTpm = nullptr; + getPrimaryTpm(l_primaryTpm); + if(l_primaryTpm) { - err->addHwCallout(tpm, + err->addHwCallout(l_primaryTpm, HWAS::SRCI_PRIORITY_HIGH, HWAS::NO_DECONFIG, HWAS::GARD_NULL); @@ -1262,14 +1270,15 @@ void tpmVerifyFunctionalTpmExists( } else { - TRACUCOMP( g_trac_trustedboot, - "No functional TPM's found but TPM not Required"); + TRACUCOMP(g_trac_trustedboot, + "No functional primary TPM found but" + "TPM not Required"); } } else { - TRACUCOMP( g_trac_trustedboot, - "No functional TPM's found but not running secure"); + TRACUCOMP(g_trac_trustedboot, + "No functional primary TPM found but not running secure"); } } @@ -1437,7 +1446,7 @@ void* tpmDaemon(void* unused) // Lastly make sure we are in a state // where we have a functional TPM - TRUSTEDBOOT::tpmVerifyFunctionalTpmExists( + TRUSTEDBOOT::tpmVerifyFunctionalPrimaryTpmExists( NoTpmShutdownPolicy::BACKGROUND_SHUTDOWN); } break; @@ -1458,7 +1467,7 @@ void* tpmDaemon(void* unused) // Lastly make sure we are in a state // where we have a functional TPM - TRUSTEDBOOT::tpmVerifyFunctionalTpmExists( + TRUSTEDBOOT::tpmVerifyFunctionalPrimaryTpmExists( NoTpmShutdownPolicy::BACKGROUND_SHUTDOWN); } break; diff --git a/src/usr/secureboot/trusted/trustedboot.H b/src/usr/secureboot/trusted/trustedboot.H index d35c8a63e..155bbf696 100644 --- a/src/usr/secureboot/trusted/trustedboot.H +++ b/src/usr/secureboot/trusted/trustedboot.H @@ -99,18 +99,19 @@ enum class NoTpmShutdownPolicy }; /** - * @brief Verify a functional TPM still exists in the system + * @brief Verify a functional primary TPM still exists in the system * - * If no functional TPMs are found in the system : + * If no functional primary TPM is found in the system : * If the system is running in secure mode an error log will be committed * and if the TPMRequired attribute is true a system shutdown will be * initiated * * @param[in] i_noTpmShutdownPolicy Shutdown policy to invoke if a functional - * TPM is required to boot the system (TPM required policy is "required") - * -and- no functional TPMs are available (or other critical error occurred) + * primary TPM is required to boot the system (TPM required policy is + * "required") -and- no functional primary TPM is available + * (or other critical error occurred) */ -void tpmVerifyFunctionalTpmExists( +void tpmVerifyFunctionalPrimaryTpmExists( NoTpmShutdownPolicy i_noTpmShutdownPolicy = NoTpmShutdownPolicy::SYNC_SHUTDOWN); |
