| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rather than having to remember to include config.h anywhere
we reference a CONFIG variable (and usually forgetting),
this adds it to the default compiler flags so that it
gets included in every source file we build.
Change-Id: I53622ab4d46c55d942e98cae6ec03049fd5b3d08
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/87475
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Zachary Clark <zach@ibm.com>
Reviewed-by: Roland Veloz <rveloz@us.ibm.com>
Reviewed-by: Christian R Geddes <crgeddes@us.ibm.com>
Reviewed-by: Nicholas E Bofferding <bofferdn@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PCR8 was erroneously being included in the quote response from the TPM. We
don't actually want to read out PCR8 in hostboot firmware. This change
excludes PCR8 from the quote process.
Change-Id: Ib2ace53b157b64b6a5dac392b0304b31765d7afb
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/74895
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It was discovered that the quote and signature data returned
from TPM as part of the new multinode comm contained an extra
uint32 size field that should not be inlcuded into the slave
quote blob. This commit removes that size field from the quote.
Change-Id: Ia40eeee67567d08b1c1982f964dab1db411ff81b
RTC: 203645
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/72216
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit introduces the logic to create the master node nodecomm
request to the slave nodes and logic to process the responses from
the slave nodes. The data from the slave nodes (the slave quote) is
hashed and extended into PCR1. The binary quote blob is also included
in the TPM log as a log message.
Additional changes: the logic to relocate the TPM log to increase
its size, and the logic to allow uint8_t* instead of char* as
the TPM log message.
Change-Id: Ide4465f0d4a91aec815c9db5d765cdbde231dcd3
RTC: 203644
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/71407
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit introduces the logic to create the slave response
for the new enhanced multinode comm protocol. The slave response
consists of an eye catcher, node ID, quote and signature data
from TPM, PCR contents of the slave node TPM, Attestation Key
Certificate, and the TPM log. All of the above data is packaged
into a binary blob to be sent back to the master node.
Change-Id: I927c6ca937e6c07af4185cf54c782697c5d822f6
RTC: 203643
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/70791
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds four new TPM commands, and APIs thereto,
for enhanced secure multinode communication protocol. The
TPM commands are the base for the new protocol and will be
used as part of it.
Change-Id: I080ff87cd6001b5d2e13ae350a379cbc2c92bfcf
RTC: 202364
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/69725
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds high priority TPM callout and low priority HB procedure callout when the
TPM is detected not to be provisoned correctly
Change-Id: Ia6fc3e4d5baf80f5a899e0b576d9fe07f4a1570c
CQ: SW435398
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/61429
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new programming interface allows us to obtain random numbers
from the TPM more easily (i.e. in a more high-level way).
Change-Id: Ibd3d3b320411bea146d6eab4d1a59ca760bc726c
RTC:191000
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/57802
Reviewed-by: ILYA SMIRNOV <ismirno@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I137b6f6c81cbcd3c2379e4ef34ddff021c3cd576
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/42835
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Added mailbox scratch register 7 definition
- Added DRTM functions
- Added set/clear security switch register functions
- Added additional security switch bit definitions
- Added secureboot extended library to host DRTM functions
- Inhibited TPM start command in DRTM flow
- Added new config options for DRTM and DRTM RIT protection
- Added new DRTM attribute to indicate if DRTM is active
- Added new DRTM attribute to hold DRTM payload address
- Added new DRTM attribute to initiate DRTM in lieu of loading payload
- Updated target service init to determine DRTM settings
- Updated host start payload step to initiate DRTM if conditions are met
- Updated host MPIPL service to verify DRTM payload and clean up DRTM HW state
- Updated host gard step to verify DRTM HW state
- Rerouted PCR extensions to PCR 17 in DRTM boot
- Use locality 2 for all PCR extensions in DRTM boot
- Inhibit extension logging (for now) in DRTM boot
- Only extend seperator to PCR 17 in DRTM boot
Change-Id: Id52c36c3a64ca002571396d605caa308d9dc0199
RTC: 157140
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35633
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I9f16fe77ee18f3d8839d0a06f9322ca1b1e47d93
RTC: 134415
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35271
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I526809abe8fa8d00929f79a4c3e1dcaf7386873a
RTC: 154324
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/27032
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/27634
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Removed TPM log manager and required functions from HBB and replaced
with a simple message queue
Change-Id: I5f5a418b6ea8c0228229e8c45523385b488e2b6b
RTC: 155519
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/27133
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Replay log events to TPM after initialization
Change-Id: Ibab5e28790324c28a7cd9fb2805041d7a896376a
RTC:125290
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/23898
Tested-by: Jenkins Server
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Tested-by: FSP CI Jenkins
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
cherry picked from commit 93cd77a2455e60f01b003f747368e69cfef1b844
RTC: 125287
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/701
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Change-Id: I37103173d417ce1f378ee3ce76646f1028339ee0
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/22496
Tested-by: Jenkins Server
Tested-by: FSP CI Jenkins
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I05614ef6c3e5d68e0b512ec6b69a0b6054a9d7b4
RTC: 125288
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/790
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/22366
Tested-by: Jenkins Server
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Tested-by: FSP CI Jenkins
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I4a8c2010421a63e44112666bdd424e2e5d010e7f
RTC: 125289
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/960
Tested-by: Jenkins Server
Tested-by: Jenkins OP Build CI
Tested-by: Jenkins OP HW
Tested-by: FSP CI Jenkins
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/22009
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I1e90a71f1027e0a801b96cbad6d59e432357f281
RTC: 125289
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/21318
Tested-by: Jenkins Server
Tested-by: Jenkins OP Build CI
Tested-by: Jenkins OP HW
Tested-by: FSP CI Jenkins
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/21809
|
|
|
- getCap FW Version
- TPM Command marshal/unmarshal code
Change-Id: Ia9a90b1160c9c3b5d818318771bff21eb013bdf4
RTC: 125287
Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/20056
Tested-by: Jenkins Server
Tested-by: Jenkins OP Build CI
Reviewed-by: STEPHEN M. CPREK <smcprek@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
|
