summaryrefslogtreecommitdiffstats
path: root/src/usr/i2c/tpmdd.C
Commit message (Collapse)AuthorAgeFilesLines
* Secureboot: Enhance Error Callouts For New Multinode Trustedboot TransferMike Baiocchi2019-03-051-3/+11
| | | | | | | | | | | | | | | | | This commit adds many checks to callout potential issues with the new multinode trustedboot transfer protocol. It also improves some TPM-related traces. Change-Id: Ice3f8be0668cc63321eeb2562bb8ffe610284b6a RTC:203642 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/72363 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Ilya Smirnov <ismirno@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Secureboot: Add New TPM Commands For NodecommIlya Smirnov2019-01-181-2/+3
| | | | | | | | | | | | | | | | | | This commit adds four new TPM commands, and APIs thereto, for enhanced secure multinode communication protocol. The TPM commands are the base for the new protocol and will be used as part of it. Change-Id: I080ff87cd6001b5d2e13ae350a379cbc2c92bfcf RTC: 202364 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/69725 Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Add Support for Nuvoton 75x Model of TPMsMike Baiocchi2019-01-171-109/+290
| | | | | | | | | | | | | | | | | | This commit adds the ability for hostboot code to support the Nuvoton 75x TPMs along with the current support of the 65x models. A new attribute TPM_MODEL is used to configure the appropriate settings for each model. Change-Id: I14b0f6606a1a94d0ed300fd51bbf3f50e63dfb01 RTC:202356 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/70464 Reviewed-by: Ilya Smirnov <ismirno@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Driver changes to support i2c muxRoland Veloz2018-12-061-47/+320
| | | | | | | | | | | | | | | | | | | | | | | | | - Updated data structures gpioAddr_t, eeprom_addr_t, misc_args_t, nvdimm_addr_t and tpm_info_t with I2C MUX data members. Also added constructors to these structures to default there data members with the correct default info. - Updated macros DEVICE_I2C_PARMS, DEVICE_I2C_ADDRESS and DEVICE_I2C_ADDRESS_OFFSET to take the I2C MUX bus selector parameter and the I2C MUX entity path. - Added method i2cAccessMux to file i2c.H/.C that will setup the call for the I2C MUX. Method i2cCommonOP calls i2cAccessMux which then calls i2cCommonOp with appropriate parameters for the I2C MUX: i2cCommonOP -> i2cAccessMux -> i2cCommonOP. - Updated i2ctest.H with new I2C MUX params to get it to pass. RTC:191352 Change-Id: I6a70860eb2286bbd23d6157d72351b8adfa21aac Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/66651 Reviewed-by: Ilya Smirnov <ismirno@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Trusted Boot: When TPM not detected properly, report errors if TPM is requiredNick Bofferding2018-10-011-199/+316
| | | | | | | | | | | | | | | | | When the MRW for a machine defines a possible enabled TPM, and the "TPM Required" policy is "Required", then it is expected the TPM will be detected as present. If that is not the case, surface the detection failure as a visible error log, and generate another visible log indicating that a TPM expected to be present was not detected correctly. Change-Id: Icbfca04beaa6fdece147cc24f4e0615b5856a830 CQ: SW444532 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/66422 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Add FFDC to 'No Functional TPM' FailsMike Baiocchi2018-03-191-1/+7
| | | | | | | | | | | | | | | | | | | When no functional TPMs are detected, but TPMs are required, this commit will capture the Security Registers of each processor in the system and add them to the error log. It also updates how the tpmMarkFailed() function links and commits various error logs. Change-Id: I2e95bbfcb6ab3f3dff26149f234c219d4280e1fb CQ:SW417814 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/54808 CI-Ready: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Secure Boot: Mark redundant TPM not present until SMP is enabledNick Bofferding2018-03-151-2/+22
| | | | | | | | | | | | | | | | | | | | Until the SMP is up, a redundant TPM is not able to be presence detected. This change updates the TPM presence detect routine to report a TPM connected to remote processor as not present when the remote processor is not connected to the SMP, so that Hostboot doesn't hit errors attempting to access/use the TPM at inappropriate times. Change-Id: I10aa683ec073be2b44e810746bee320dd6366184 RTC: 184515 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/55814 Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Update TPM Retry Policy and TimingsMike Baiocchi2018-01-251-102/+82
| | | | | | | | | | | | | | | | | This commit allows for all TPMDD errors to be re-tried (not just NACK errors) and adds a longer wait time between retries. Change-Id: Ibc38483881e710519f4a30cde5359c69fbbdaa62 Backport: release-fips910 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/52392 Reviewed-by: Timothy R. Block <block@us.ibm.com> Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Add TPM device driver support for DRTM PCR reset sequenceChris Engel2017-03-081-15/+76
| | | | | | | | | | | Change-Id: Ief02e10fc85d09b837e20dfb529186e2da4269fd Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35935 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Support DRTM RIT protectionNick Bofferding2017-03-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Added mailbox scratch register 7 definition - Added DRTM functions - Added set/clear security switch register functions - Added additional security switch bit definitions - Added secureboot extended library to host DRTM functions - Inhibited TPM start command in DRTM flow - Added new config options for DRTM and DRTM RIT protection - Added new DRTM attribute to indicate if DRTM is active - Added new DRTM attribute to hold DRTM payload address - Added new DRTM attribute to initiate DRTM in lieu of loading payload - Updated target service init to determine DRTM settings - Updated host start payload step to initiate DRTM if conditions are met - Updated host MPIPL service to verify DRTM payload and clean up DRTM HW state - Updated host gard step to verify DRTM HW state - Rerouted PCR extensions to PCR 17 in DRTM boot - Use locality 2 for all PCR extensions in DRTM boot - Inhibit extension logging (for now) in DRTM boot - Only extend seperator to PCR 17 in DRTM boot Change-Id: Id52c36c3a64ca002571396d605caa308d9dc0199 RTC: 157140 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35633 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Timothy R. Block <block@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Add base support for TPM locality 2Nick Bofferding2017-02-081-10/+14
| | | | | | | | | | | | | | | | | | | | | - Added locality 2 enum - Updated check for localities to include locality 2 - Updated MRW generator to add locality 2 - Updated standalone config files to include locality 2 - Updated TPM_INFO to include locality 2 Change-Id: I385f331875c59568def895c1b89fcdc14dda6234 RTC: 157140 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35916 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Timothy R. Block <block@us.ibm.com> Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Add TPM4 locality supportChris Engel2017-01-271-9/+26
| | | | | | | | | | | | | Change-Id: I9f16fe77ee18f3d8839d0a06f9322ca1b1e47d93 RTC: 134415 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35271 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Timothy R. Block <block@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Trustedboot support for using TPM targetChris Engel2016-08-221-241/+211
| | | | | | | | | | Change-Id: I362085fd81663b9b8ec56ed9e0670cf71fc851e4 RTC: 153386 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/28482 Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Support for TPM Required attribute to allow system to IPL without a TPMChris Engel2016-07-271-11/+17
| | | | | | | | | | | Change-Id: I53e841036dfff75c6ed7d04ee55292b1285a6bee RTC: 125287 ForwardPort: yes Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/27454 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
* Trustedboot add TPM and associated i2c master to the devtreeChris Engel2016-06-081-0/+39
| | | | | | | | | | | Change-Id: Ic2edee549d23669f046a6e78f0cfae838faaec2d RTC: 125287 ForwardPort: yes Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/25470 Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com> Tested-by: Jenkins Server Tested-by: FSP CI Jenkins Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* TPM default attributes for nimbus modelChris Engel2016-06-071-1/+1
| | | | | | | | | | | | | | Enable trustedboot support by default for P9 Change-Id: Ibe5e4428100225d78ee9d107da3769ab35578c2b RTC: 125287 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/25187 Tested-by: Jenkins Server Tested-by: FSP CI Jenkins Reviewed-by: Timothy R. Block <block@us.ibm.com> Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
* Fix error log memory leaks in tpmddChris Engel2016-05-271-5/+14
| | | | | | | | | | | | | | | | Change-Id: I03bf0184affa6020697403aa0a64f8dd0f229220 RTC: 125287 ForwardPort: yes Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/25002 Tested-by: Jenkins Server Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Tested-by: FSP CI Jenkins Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com> Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/25097 Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
* Trustedboot: Additional commands in trusted boot init sequenceChris Engel2015-12-111-29/+17
| | | | | | | | | | | | | | - getCap FW Version - TPM Command marshal/unmarshal code Change-Id: Ia9a90b1160c9c3b5d818318771bff21eb013bdf4 RTC: 125287 Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/20056 Tested-by: Jenkins Server Tested-by: Jenkins OP Build CI Reviewed-by: STEPHEN M. CPREK <smcprek@us.ibm.com> Reviewed-by: Timothy R. Block <block@us.ibm.com> Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
* Trustedboot: Remove TPM 1.2 supportChris Engel2015-11-191-20/+0
| | | | | | | | | | | | Change-Id: I2a8635f901e1473ffb81e92861a4b25a5d479095 RTC:125288 Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/22088 Tested-by: Jenkins Server Reviewed-by: Timothy R. Block <block@us.ibm.com> Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Tested-by: FSP CI Jenkins Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
* Trustedboot: Move data to Hostboot base and add pcrExtend stub functionChris Engel2015-11-181-11/+0
| | | | | | | | | | | | Change-Id: Id488af88c7f1796606434a062a9001f31f413ac0 RTC: 125288 Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/21475 Tested-by: Jenkins Server Reviewed-by: Timothy R. Block <block@us.ibm.com> Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Tested-by: FSP CI Jenkins Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
* Trusted boot support for performing TPM_STARTUP during istepsChris Engel2015-11-051-19/+168
| | | | | | | | | | | | | | | | | Support added for TPM DD2.0 Added call to host_update_master_tpm during host_discover_targets istep host_update_master_tpm istep performs TPM_STARTUP on TPM Change-Id: Ie9c232ed6ecf72da58c40df726fe1deaec5af053 RTC: 125287 Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/18075 Tested-by: Jenkins Server Reviewed-by: STEPHEN M. CPREK <smcprek@us.ibm.com> Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Tested-by: FSP CI Jenkins Reviewed-by: Timothy R. Block <block@us.ibm.com> Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
* Nuvoton TPM 1.2 Device DriverChris Engel2015-08-311-0/+2036
This adds support for the Nuvoton TPM 1.2 in simics Change-Id: I24973cb9824e31967aae3fb97e86a631e514b2ff RTC: 125287 Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/16535 Tested-by: Jenkins Server Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Tested-by: FSP CI Jenkins Reviewed-by: Michael Baiocchi <baiocchi@us.ibm.com> Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
OpenPOWER on IntegriCloud