From b772e1132cd51368fab686ce4dd60f3850cfbbfb Mon Sep 17 00:00:00 2001 From: Pridhiviraj Paidipeddi Date: Tue, 6 Feb 2018 07:46:33 +0530 Subject: libstb: fix failure of calling trusted measure without STB initialization. When we load a flash resource during OPAL init, STB calls trusted measure to measure the given resource. There is a situation when a flash gets loaded before STB initialization then trusted measure cannot measure properly. So this patch fixes this issue by calling trusted measure only if the corresponding trusted init was done. The ideal fix is to make sure STB init done at the first place during init and then do the loading of flash resources, by that way STB can properly verify and measure the all resources. Signed-off-by: Pridhiviraj Paidipeddi Signed-off-by: Stewart Smith --- libstb/trustedboot.c | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'libstb/trustedboot.c') diff --git a/libstb/trustedboot.c b/libstb/trustedboot.c index 058e45e3..151e4e16 100644 --- a/libstb/trustedboot.c +++ b/libstb/trustedboot.c @@ -30,6 +30,7 @@ //#define STB_DEBUG static bool trusted_mode = false; +static bool trusted_init = false; static bool boot_services_exited = false; /* @@ -114,6 +115,8 @@ void trustedboot_init(void) cvc_init(); tpm_init(); + + trusted_init = true; } int trustedboot_exit_boot_services(void) @@ -180,6 +183,13 @@ int trustedboot_measure(enum resource_id id, void *buf, size_t len) prlog(PR_ERR, "resource NOT MEASURED, resource_id=%d unknown\n", id); return -1; } + + if (!trusted_init) { + prlog(PR_ERR, "resource NOT MEASURED, resource_id=%d " + "trustedboot not yet initialized\n", id); + return -1; + } + if (boot_services_exited) { prlog(PR_ERR, "%s NOT MEASURED. Already exited from boot " "services\n", name); -- cgit v1.2.1