summaryrefslogtreecommitdiffstats
path: root/src/usr/secureboot/trusted/trustedboot.C
diff options
context:
space:
mode:
Diffstat (limited to 'src/usr/secureboot/trusted/trustedboot.C')
-rw-r--r--src/usr/secureboot/trusted/trustedboot.C134
1 files changed, 129 insertions, 5 deletions
diff --git a/src/usr/secureboot/trusted/trustedboot.C b/src/usr/secureboot/trusted/trustedboot.C
index 0d9ae36c6..1f5e159a2 100644
--- a/src/usr/secureboot/trusted/trustedboot.C
+++ b/src/usr/secureboot/trusted/trustedboot.C
@@ -1479,6 +1479,93 @@ void doInitBackupTpm()
}
}
+errlHndl_t doCreateAttKeys(TpmTarget* i_tpm)
+{
+ errlHndl_t l_errl = nullptr;
+
+ do {
+ l_errl = validateTpmHandle(i_tpm);
+ if(l_errl)
+ {
+ break;
+ }
+
+ l_errl = tpmCmdCreateAttestationKeys(i_tpm);
+ if(l_errl)
+ {
+ break;
+ }
+
+ } while(0);
+
+ return l_errl;
+}
+
+errlHndl_t doReadAKCert(TpmTarget* i_tpm, AKCertificate_t* o_data)
+{
+ errlHndl_t l_errl = nullptr;
+
+ do {
+ l_errl = validateTpmHandle(i_tpm);
+ if(l_errl)
+ {
+ break;
+ }
+
+ l_errl = tpmCmdReadAKCertificate(i_tpm, o_data);
+ if(l_errl)
+ {
+ break;
+ }
+ } while(0);
+
+ return l_errl;
+}
+
+errlHndl_t doGenQuote(TpmTarget* i_tpm,
+ MasterTpmNonce_t* i_masterNonce,
+ QuoteDataOut* o_data)
+{
+ errlHndl_t l_errl = nullptr;
+
+ do {
+ l_errl = validateTpmHandle(i_tpm);
+ if(l_errl)
+ {
+ break;
+ }
+
+ l_errl = tpmCmdGenerateQuote(i_tpm, i_masterNonce, o_data);
+ if(l_errl)
+ {
+ break;
+ }
+ } while(0);
+
+ return l_errl;
+}
+
+errlHndl_t doFlushContext(TpmTarget* i_tpm)
+{
+ errlHndl_t l_errl = nullptr;
+
+ do {
+ l_errl = validateTpmHandle(i_tpm);
+ if(l_errl)
+ {
+ break;
+ }
+
+ l_errl = tpmCmdFlushContext(i_tpm);
+ if(l_errl)
+ {
+ break;
+ }
+ } while(0);
+
+ return l_errl;
+}
+
void* tpmDaemon(void* unused)
{
bool shutdownPending = false;
@@ -1690,6 +1777,44 @@ void* tpmDaemon(void* unused)
}
break;
+ case TRUSTEDBOOT::MSG_TYPE_CREATE_ATT_KEYS:
+ {
+ tb_msg = static_cast<TRUSTEDBOOT::Message*>(msg->extra_data);
+ TpmTargetData* l_data =
+ reinterpret_cast<TpmTargetData*>(tb_msg->iv_data);
+ tb_msg->iv_errl = doCreateAttKeys(l_data->tpm);
+ }
+ break;
+
+ case TRUSTEDBOOT::MSG_TYPE_READ_AK_CERT:
+ {
+ tb_msg = static_cast<TRUSTEDBOOT::Message*>(msg->extra_data);
+ ReadAKCertData* l_data =
+ reinterpret_cast<ReadAKCertData*>(tb_msg->iv_data);
+ tb_msg->iv_errl = doReadAKCert(l_data->tpm, l_data->data);
+ }
+ break;
+
+ case TRUSTEDBOOT::MSG_TYPE_GEN_QUOTE:
+ {
+ tb_msg = static_cast<TRUSTEDBOOT::Message*>(msg->extra_data);
+ GenQuoteData* l_data =
+ reinterpret_cast<GenQuoteData*>(tb_msg->iv_data);
+ tb_msg->iv_errl = doGenQuote(l_data->tpm,
+ l_data->masterNonce,
+ l_data->data);
+ }
+ break;
+
+ case TRUSTEDBOOT::MSG_TYPE_FLUSH_CONTEXT:
+ {
+ tb_msg = static_cast<TRUSTEDBOOT::Message*>(msg->extra_data);
+ TpmTargetData* l_data =
+ reinterpret_cast<TpmTargetData*>(tb_msg->iv_data);
+ tb_msg->iv_errl = doFlushContext(l_data->tpm);
+ }
+ break;
+
default:
assert(false, "Invalid msg command");
break;
@@ -1955,8 +2080,8 @@ errlHndl_t tpmDrtmReset(TpmTarget* const i_pTpm)
#ifdef CONFIG_TPMDD
errlHndl_t GetRandom(const TpmTarget* i_pTpm,
- uint8_t* o_randNum,
- const size_t i_randNumSize)
+ const size_t i_randNumSize,
+ uint8_t* o_randNum)
{
errlHndl_t err = nullptr;
Message* msg = nullptr;
@@ -2056,8 +2181,8 @@ errlHndl_t poisonTpm(const TpmTarget* i_pTpm)
// Note: GetRandom validates the TPM handle internally and returns an
// error log if invalid
l_errl = GetRandom(i_pTpm,
- reinterpret_cast<uint8_t*>(&l_randNum),
- sizeof(l_randNum));
+ sizeof(l_randNum),
+ reinterpret_cast<uint8_t*>(&l_randNum));
if (l_errl)
{
@@ -2094,5 +2219,4 @@ errlHndl_t poisonTpm(const TpmTarget* i_pTpm)
return l_errl;
}
-
} // end TRUSTEDBOOT
OpenPOWER on IntegriCloud