From b013c352cce4f0f7da2a59020b782a67732e5259 Mon Sep 17 00:00:00 2001 From: Ilya Smirnov Date: Tue, 10 Apr 2018 17:37:13 -0500 Subject: Secure Boot: Basic Support For Redundant TPM This change implements the detection and initialization of the backup TPM in istep 10.14. The backup TPM is presence-detected and initialized; the logs of the primary TPM are extended into the secondary TPM in istep 10.14. After the initialization of the secondary TPM, all events are extended into both TPMs. A test was created to test whether the backup TPM is initialized correctly. Change-Id: I305500c9f680115e684ab153fc882b8d5364b0d4 RTC: 134912 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/57374 Tested-by: Jenkins Server Reviewed-by: Michael Baiocchi Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Reviewed-by: Nicholas E. Bofferding Reviewed-by: Daniel M. Crowell --- .../usr/secureboot/trustedboot_reasoncodes.H | 47 ++++++++++++---------- src/include/usr/secureboot/trustedbootif.H | 33 ++++++++++++++- 2 files changed, 58 insertions(+), 22 deletions(-) (limited to 'src/include') diff --git a/src/include/usr/secureboot/trustedboot_reasoncodes.H b/src/include/usr/secureboot/trustedboot_reasoncodes.H index 846d9c664..82647766a 100644 --- a/src/include/usr/secureboot/trustedboot_reasoncodes.H +++ b/src/include/usr/secureboot/trustedboot_reasoncodes.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2015,2017 */ +/* Contributors Listed Below - COPYRIGHT 2015,2018 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -43,27 +43,30 @@ namespace TRUSTEDBOOT enum TRUSTEDModuleId { - MOD_HOST_UPDATE_MASTER_TPM = 0x00, - MOD_TPM_INITIALIZE = 0x01, - MOD_TPM_CMD_STARTUP = 0x02, - MOD_TPM_CMD_GETCAPFWVERSION = 0x03, - MOD_TPM_MARSHALCMDDATA = 0x04, - MOD_TPM_UNMARSHALRESPDATA = 0x05, - MOD_TPM_VERIFYFUNCTIONAL = 0x06, - MOD_TPM_CMD_PCREXTEND = 0x07, - MOD_TPM_CMD_PCRREAD = 0x08, - MOD_TPM_REPLAY_LOG = 0x09, - MOD_TPM_PCREXTEND = 0x0A, - MOD_TPM_TPMDAEMON = 0x0B, - MOD_TPM_SYNCRESPONSE = 0x0C, - MOD_TPM_SEPARATOR = 0x0D, - MOD_TPM_CMD_GETCAPNVINDEX = 0x0E, + MOD_HOST_UPDATE_MASTER_TPM = 0x00, + MOD_TPM_INITIALIZE = 0x01, + MOD_TPM_CMD_STARTUP = 0x02, + MOD_TPM_CMD_GETCAPFWVERSION = 0x03, + MOD_TPM_MARSHALCMDDATA = 0x04, + MOD_TPM_UNMARSHALRESPDATA = 0x05, + MOD_TPM_VERIFYFUNCTIONAL = 0x06, + MOD_TPM_CMD_PCREXTEND = 0x07, + MOD_TPM_CMD_PCRREAD = 0x08, + MOD_TPM_REPLAY_LOG = 0x09, + MOD_TPM_PCREXTEND = 0x0A, + MOD_TPM_TPMDAEMON = 0x0B, + MOD_TPM_SYNCRESPONSE = 0x0C, + MOD_TPM_SEPARATOR = 0x0D, + MOD_TPM_CMD_GETCAPNVINDEX = 0x0E, - MOD_TPMLOGMGR_INITIALIZE = 0x10, - MOD_TPMLOGMGR_ADDEVENT = 0x11, - MOD_TPMLOGMGR_INITIALIZEEXISTLOG = 0x12, - MOD_TPMLOGMGR_GETDEVTREEINFO = 0x13, - MOD_TPM_MARK_FAILED = 0x14, + MOD_TPMLOGMGR_INITIALIZE = 0x10, + MOD_TPMLOGMGR_ADDEVENT = 0x11, + MOD_TPMLOGMGR_INITIALIZEEXISTLOG = 0x12, + MOD_TPMLOGMGR_GETDEVTREEINFO = 0x13, + MOD_TPM_MARK_FAILED = 0x14, + MOD_INIT_BACKUP_TPM = 0x15, + MOD_DO_INIT_BACKUP_TPM = 0x16, + MOD_TEST_CMP_PRIMARY_AND_BACKUP_TPM = 0x17 }; enum TRUSTEDReasonCode @@ -92,6 +95,8 @@ namespace TRUSTEDBOOT RC_MSGRESPOND_FAIL = TRBOOT_COMP_ID | 0xB3, RC_UPDATE_SECURITY_CTRL_HWP_FAIL = TRBOOT_COMP_ID | 0xB4, RC_TPM_NVINDEX_VALIDATE_FAIL = TRBOOT_COMP_ID | 0xB5, + RC_TPMLOGMGR_INITIALIZE_FAIL = TRBOOT_COMP_ID | 0xB6, + RC_BACKUP_TPM_TEST_FAIL = TRBOOT_COMP_ID | 0xB7, }; #ifdef __cplusplus } diff --git a/src/include/usr/secureboot/trustedbootif.H b/src/include/usr/secureboot/trustedbootif.H index 41ba6ece9..45321be6c 100644 --- a/src/include/usr/secureboot/trustedbootif.H +++ b/src/include/usr/secureboot/trustedbootif.H @@ -5,7 +5,7 @@ /* */ /* OpenPOWER HostBoot Project */ /* */ -/* Contributors Listed Below - COPYRIGHT 2015,2017 */ +/* Contributors Listed Below - COPYRIGHT 2015,2018 */ /* [+] International Business Machines Corp. */ /* */ /* */ @@ -109,6 +109,19 @@ namespace TRUSTEDBOOT EV_INVALID ///< Used for error checking } EventTypes; + // Indicate the points in the code where the backup TPM test failed. + // TODO RTC:191761 + // remove once the Cxx test is created. + typedef enum : uint8_t + { + TPM_TEST_NO_ERROR = 0x00, + TPM_TEST_LOGS_NOT_INITIALIZED = 0x01, + TPM_TEST_LOG_SIZE_MISMATCH = 0x02, + TPM_TEST_UNMARSHAL_ERROR = 0x03, + TPM_TEST_LOG_MISMATCH = 0x04, + TPM_TEST_DIGEST_MISMATCH = 0x05, + } BackupTpmTestFailures; + /** * @brief Initialize trusted boot/TPM components for the master TPM @@ -148,6 +161,24 @@ namespace TRUSTEDBOOT */ errlHndl_t pcrExtendSeparator(bool i_sendAsync = true); + /** + * @brief Attempt to initialize the backup TPM by sending a synchronous + * MSG_TYPE_INIT_BACKUP_TPM to TPM daemon. Any error will be + * committed internally. + */ + void initBackupTpm(); + + /** + * @brief A testcase to make sure the backup TPM's logs and PCR registers + * look exactly as the primary's. + * @return errlHndl_t NULL if test ran successfully; otherwise a pointer to + * the error log. + */ + errlHndl_t testCmpPrimaryAndBackupTpm(); //TODO RTC:191761 + // make this a Cxx standalone + // test when the simics model has + // support for both boot chips. + /** * @brief Returns list of TPMs in the system meeting the specified critera * -- cgit v1.2.3