From e9eacec8bad1e2dade70ebed0fc3d00b5ab59232 Mon Sep 17 00:00:00 2001 From: Jaymes Wilks Date: Tue, 1 May 2018 15:33:32 -0500 Subject: Support TPM PCR Poisoning MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit To support Fleetwood secure inter-node communication, we need to “poison” the PCRs of all still functional non-master node TPMs just prior to transferring control to PHyp, and report that poisoned state to HDAT. Change-Id: Ic104ef2e44fc98895b9b435fdf8ba4c5e4972818 RTC:191001 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/58244 Tested-by: Jenkins Server Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Tested-by: FSP CI Jenkins Reviewed-by: Nicholas E. Bofferding Reviewed-by: Michael Baiocchi Reviewed-by: ILYA SMIRNOV Reviewed-by: Daniel M. Crowell --- src/include/usr/secureboot/trustedbootif.H | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) (limited to 'src/include/usr/secureboot') diff --git a/src/include/usr/secureboot/trustedbootif.H b/src/include/usr/secureboot/trustedbootif.H index f8af75fb5..63655964a 100644 --- a/src/include/usr/secureboot/trustedbootif.H +++ b/src/include/usr/secureboot/trustedbootif.H @@ -135,13 +135,18 @@ namespace TRUSTEDBOOT void* host_update_master_tpm( void *io_pArgs ); /** - * @brief Extend a measurement into the TPMs and log atomically + * @brief Extend a measurement into the TPM(s) and log atomically * @param[in] i_pcr PCR to write to * @param[in] i_eventType Event type to log * @param[in] i_digest Digest value to write to PCR * @param[in] i_digestSize Byte size of i_digest data * @param[in] i_logMsg Null terminated log message, truncated at 128 chars * @param[in] i_sendAsync Perform extension asynchronously, default true + * @param[in] i_pTpm A specific TPM to singly extend a measurement into, + default is nullptr, which indicates all of the TPMs will be + extended. + * @param[in] i_mirrorToLog After extending the measurement, mirror to log. + * default is true. Typically, false is used to poison the TPM. * @return errlHndl_t NULL if successful, otherwise a pointer to the * error log. * Digest will be right padded with zeros or truncated to match TPM digest @@ -152,7 +157,9 @@ namespace TRUSTEDBOOT const uint8_t* i_digest, size_t i_digestSize, const char* i_logMsg, - bool i_sendAsync = true); + bool i_sendAsync = true, + const TpmTarget* i_pTpm = nullptr, + bool i_mirrorToLog = true); /** * @brief Extend a separator into the TPMs and log atomically @@ -250,6 +257,22 @@ namespace TRUSTEDBOOT errlHndl_t GetRandom(const TpmTarget* i_pTpm, uint64_t& o_randNum); #endif + /** + * @brief Poison a TPM. Poisoning a TPM's PCR means extending a random + * number measurement to the TPM, but not to the corresponding log + * entry. This includes extending random numbers to every bank/PCR + * combo in use by the firmware (sha1/sha256 banks of PCR 0-7). The + * random number along with the absent log entry makes remote + * attestation impossible with that TPM for that boot. + * + * @parm[in] i_pTpm Pointer to the TPM target to be poisoned. Must be a TPM + * and must not be nullptr + * + * @return errlHndl_t nullptr if successful or error log otherwise. Failure + * to poison a TPM will result in deconfiguring the TPM. + */ + errlHndl_t poisonTpm(const TpmTarget* i_pTpm); + /** * @brief Helper function for validating TPM handles. Returns an error log * if the supplied TPM is null, not a TPM target, or not functional. -- cgit v1.2.1