Skip to content

Commit 5784da2

Browse files
cjengelwghoffa
cjengel
authored and
wghoffa
committed
Add TPM4 locality support
Change-Id: I9f16fe77ee18f3d8839d0a06f9322ca1b1e47d93 RTC: 134415 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35271 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com> Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com> Reviewed-by: Timothy R. Block <block@us.ibm.com> Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
1 parent 0446c85 commit 5784da2

File tree

12 files changed

+154
-60
lines changed

12 files changed

+154
-60
lines changed

src/include/usr/devicefw/userif.H

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
/* */
66
/* OpenPOWER HostBoot Project */
77
/* */
8-
/* Contributors Listed Below - COPYRIGHT 2011,2016 */
8+
/* Contributors Listed Below - COPYRIGHT 2011,2017 */
99
/* [+] Google Inc. */
1010
/* [+] International Business Machines Corp. */
1111
/* */
@@ -326,11 +326,14 @@ namespace DeviceFW
326326
* tpm_op_types_t in tpmddif.H
327327
* @param[in] i_command_len Command length to write during transmit
328328
* operations
329+
* @param[in] i_locality The TPM locality to use. See tpm_locality_t
330+
* in tpmddif.H
329331
*/
330-
#define DEVICE_TPM_ADDRESS( i_tpm_op, i_command_len )\
332+
#define DEVICE_TPM_ADDRESS( i_tpm_op, i_command_len, i_locality ) \
331333
DeviceFW::TPM,\
332334
static_cast<uint64_t>(( i_tpm_op )),\
333-
static_cast<uint64_t>(( i_command_len ))
335+
static_cast<uint64_t>(( i_command_len )),\
336+
static_cast<uint64_t>(( i_locality ))
334337

335338
/**
336339
* Construct the device addressing parameters for the GPIO port extender ops

src/include/usr/i2c/tpmddif.H

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
/* */
66
/* OpenPOWER HostBoot Project */
77
/* */
8-
/* Contributors Listed Below - COPYRIGHT 2015,2016 */
8+
/* Contributors Listed Below - COPYRIGHT 2015,2017 */
99
/* [+] International Business Machines Corp. */
1010
/* */
1111
/* */
@@ -49,6 +49,15 @@ enum tpm_addr_size_t
4949
LAST_DEVICE_TYPE
5050
};
5151

52+
/**
53+
* @brief TPM Locality to address for operation
54+
*/
55+
enum tpm_locality_t
56+
{
57+
TPM_LOCALITY_0 = 0,
58+
TPM_LOCALITY_4 = 4,
59+
};
60+
5261
/**
5362
* @brief Structure of common parameters needed by different parts of
5463
* the code.
@@ -92,11 +101,14 @@ bool tpmPresence ( TARGETING::Target * i_target);
92101
* @param[in/out] io_tpmInfo The structure that will contain the attribute data
93102
* read from the target device. Chip field must be set
94103
*
104+
* @param[in] i_locality TPM locality to address
105+
*
95106
* @return errlHndl_t NULL if successful, otherwise a pointer to the
96107
* error log.
97108
*/
98109
errlHndl_t tpmReadAttributes ( TARGETING::Target * i_target,
99-
tpm_info_t & io_tpmInfo );
110+
tpm_info_t & io_tpmInfo,
111+
tpm_locality_t i_locality);
100112

101113

102114
}; // end namespace TPMDD

src/include/usr/secureboot/trustedbootif.H

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
/* */
66
/* OpenPOWER HostBoot Project */
77
/* */
8-
/* Contributors Listed Below - COPYRIGHT 2015,2016 */
8+
/* Contributors Listed Below - COPYRIGHT 2015,2017 */
99
/* [+] International Business Machines Corp. */
1010
/* */
1111
/* */
@@ -80,6 +80,12 @@ namespace TRUSTEDBOOT
8080
PCR_6 = 6,
8181
PCR_7 = 7,
8282
PCR_DEBUG = 16,
83+
PCR_DRTM_17 = 17,
84+
PCR_DRTM_18 = 18,
85+
PCR_DRTM_19 = 19,
86+
PCR_DRTM_20 = 20,
87+
PCR_DRTM_21 = 21,
88+
PCR_DRTM_22 = 22,
8389
PLATFORM_PCR = 24, ///< The number of PCR required by the platform spec
8490
IMPLEMENTATION_PCR = 24, ///< The number of PCRs implemented by TPM
8591
} TPM_Pcr;

src/usr/devtree/bld_devtree.C

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
/* */
66
/* OpenPOWER HostBoot Project */
77
/* */
8-
/* Contributors Listed Below - COPYRIGHT 2013,2016 */
8+
/* Contributors Listed Below - COPYRIGHT 2013,2017 */
99
/* [+] Google Inc. */
1010
/* [+] International Business Machines Corp. */
1111
/* */
@@ -486,7 +486,8 @@ void add_i2c_info( const TARGETING::Target* i_targ,
486486
{
487487

488488
// Lookup i2c info for the TPM
489-
err = TPMDD::tpmReadAttributes(tpm->tpmTarget, tpmInfo);
489+
err = TPMDD::tpmReadAttributes(tpm->tpmTarget, tpmInfo,
490+
TPMDD::TPM_LOCALITY_0);
490491
if (NULL != err)
491492
{
492493
// Unable to get info we skip this guy
@@ -1302,7 +1303,8 @@ void load_tpmlog(devTree * i_dt, uint64_t& io_address)
13021303

13031304
// We need to build the devtree path to find this TPM node
13041305
// Lookup i2c info for the TPM
1305-
l_errl = TPMDD::tpmReadAttributes(l_tpm->tpmTarget, l_tpmInfo);
1306+
l_errl = TPMDD::tpmReadAttributes(l_tpm->tpmTarget, l_tpmInfo,
1307+
TPMDD::TPM_LOCALITY_0);
13061308
if (l_errl)
13071309
{
13081310
errlCommit(l_errl, DEVTREE_COMP_ID);

src/usr/i2c/test/tpmddtest.H

Lines changed: 15 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
/* */
66
/* OpenPOWER HostBoot Project */
77
/* */
8-
/* Contributors Listed Below - COPYRIGHT 2015,2016 */
8+
/* Contributors Listed Below - COPYRIGHT 2015,2017 */
99
/* [+] International Business Machines Corp. */
1010
/* */
1111
/* */
@@ -76,7 +76,8 @@ class TPMDDTest: public CxxTest::TestSuite
7676
// Let's see if the requested chip is functional
7777
tpm_info_t tpmInfo;
7878
memset(&tpmInfo, 0, sizeof(tpm_info_t));
79-
errlHndl_t err = tpmReadAttributes (testTarget, tpmInfo);
79+
errlHndl_t err = tpmReadAttributes (testTarget, tpmInfo,
80+
TPM_LOCALITY_0);
8081

8182
if (NULL != err)
8283
{
@@ -127,7 +128,8 @@ class TPMDDTest: public CxxTest::TestSuite
127128
&data,
128129
dataSize,
129130
DEVICE_TPM_ADDRESS( TPM_OP_READVENDORID,
130-
0) );
131+
0,
132+
TPM_LOCALITY_0) );
131133

132134
if( NULL != err )
133135
{
@@ -191,7 +193,8 @@ class TPMDDTest: public CxxTest::TestSuite
191193
&data,
192194
dataSize,
193195
DEVICE_TPM_ADDRESS( TPM_OP_LASTOP,
194-
0) );
196+
0,
197+
TPM_LOCALITY_0) );
195198

196199
if( NULL == err )
197200
{
@@ -216,7 +219,8 @@ class TPMDDTest: public CxxTest::TestSuite
216219
&data,
217220
dataSize,
218221
DEVICE_TPM_ADDRESS( TPM_OP_READVENDORID,
219-
0) );
222+
0,
223+
TPM_LOCALITY_0) );
220224

221225
if( NULL == err )
222226
{
@@ -273,7 +277,8 @@ class TPMDDTest: public CxxTest::TestSuite
273277
&data,
274278
dataSize,
275279
DEVICE_TPM_ADDRESS( TPM_OP_READVENDORID,
276-
0) );
280+
0,
281+
TPM_LOCALITY_0) );
277282

278283
if( NULL == err ||
279284
err->reasonCode() != TPM_OVERFLOW_ERROR)
@@ -423,7 +428,8 @@ class TPMDDTest: public CxxTest::TestSuite
423428
&data,
424429
dataSize,
425430
DEVICE_TPM_ADDRESS( TPM_OP_TRANSMIT,
426-
cmdSize) );
431+
cmdSize,
432+
TPM_LOCALITY_0) );
427433

428434
TRUSTEDBOOT::TPM2_BaseOut* resp =
429435
reinterpret_cast<TRUSTEDBOOT::TPM2_BaseOut*>(data);
@@ -511,7 +517,8 @@ class TPMDDTest: public CxxTest::TestSuite
511517
&data,
512518
dataSize,
513519
DEVICE_TPM_ADDRESS(TPM_OP_TRANSMIT,
514-
cmdSize) );
520+
cmdSize,
521+
TPM_LOCALITY_0) );
515522

516523
if( NULL == err ||
517524
err->reasonCode() != TPM_OVERFLOW_ERROR)

src/usr/i2c/tpmdd.C

Lines changed: 26 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
/* */
66
/* OpenPOWER HostBoot Project */
77
/* */
8-
/* Contributors Listed Below - COPYRIGHT 2011,2016 */
8+
/* Contributors Listed Below - COPYRIGHT 2011,2017 */
99
/* [+] International Business Machines Corp. */
1010
/* */
1111
/* */
@@ -102,23 +102,28 @@ errlHndl_t tpmPerformOp( DeviceFW::OperationType i_opType,
102102
tpm_info_t tpmInfo;
103103
uint64_t commandSize = 0;
104104
bool unlock = false;
105+
tpm_locality_t locality = TPM_LOCALITY_0;
105106

106-
tpmInfo.operation = ((TPMDD::tpm_op_types_t)va_arg( i_args, uint64_t ));
107+
tpmInfo.operation = static_cast<TPMDD::tpm_op_types_t>
108+
(va_arg( i_args, uint64_t ));
107109
commandSize = va_arg( i_args, uint64_t );
110+
locality = static_cast<TPMDD::tpm_locality_t>(va_arg( i_args, uint64_t ));
108111

109112
TRACDCOMP( g_trac_tpmdd,
110113
ENTER_MRK"tpmPerformOp()" );
111114

112115
TRACUCOMP (g_trac_tpmdd, ENTER_MRK"tpmPerformOp(): "
113-
"i_opType=%d, operation=%d, buflen=%d, cmdlen=%d",
114-
(uint64_t) i_opType, tpmInfo.operation, io_buflen,
116+
"i_opType=%d, operation=%d, loc=%d, buflen=%d, cmdlen=%d",
117+
(uint64_t) i_opType, tpmInfo.operation,
118+
locality, io_buflen,
115119
commandSize);
116120

117121
do
118122
{
119123
// Read Attributes needed to complete the operation
120124
err = tpmReadAttributes( i_target,
121-
tpmInfo );
125+
tpmInfo,
126+
locality);
122127

123128
if( err )
124129
{
@@ -306,7 +311,8 @@ bool tpmPresence ( TARGETING::Target * i_target)
306311

307312
// Read Attributes needed to complete the operation
308313
err = tpmReadAttributes( i_target,
309-
tpmInfo );
314+
tpmInfo,
315+
TPM_LOCALITY_0);
310316

311317
if( err )
312318
{
@@ -1125,7 +1131,8 @@ errlHndl_t tpmPrepareAddress ( void * io_buffer,
11251131
// tpmReadAttributes
11261132
// ------------------------------------------------------------------
11271133
errlHndl_t tpmReadAttributes ( TARGETING::Target * i_target,
1128-
tpm_info_t & io_tpmInfo )
1134+
tpm_info_t & io_tpmInfo,
1135+
tpm_locality_t i_locality )
11291136
{
11301137
errlHndl_t err = NULL;
11311138

@@ -1177,8 +1184,18 @@ errlHndl_t tpmReadAttributes ( TARGETING::Target * i_target,
11771184

11781185
// Successful reading of Attribute, so extract the data
11791186
io_tpmInfo.port = tpmData.port;
1180-
io_tpmInfo.devAddr = tpmData.devAddrLocality0;
1181-
/// @TODO RTC: 134415 Need to handle locality4
1187+
if (TPM_LOCALITY_0 == i_locality)
1188+
{
1189+
io_tpmInfo.devAddr = tpmData.devAddrLocality0;
1190+
}
1191+
else if (TPM_LOCALITY_4 == i_locality)
1192+
{
1193+
io_tpmInfo.devAddr = tpmData.devAddrLocality4;
1194+
}
1195+
else
1196+
{
1197+
assert(false, "Unsupported locality");
1198+
}
11821199
io_tpmInfo.engine = tpmData.engine;
11831200
io_tpmInfo.i2cMasterPath = tpmData.i2cMasterPath;
11841201
io_tpmInfo.tpmEnabled = tpmData.tpmEnabled;

src/usr/secureboot/trusted/test/trustedbootTest.H

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
/* */
66
/* OpenPOWER HostBoot Project */
77
/* */
8-
/* Contributors Listed Below - COPYRIGHT 2015,2016 */
8+
/* Contributors Listed Below - COPYRIGHT 2015,2017 */
99
/* [+] International Business Machines Corp. */
1010
/* */
1111
/* */
@@ -716,7 +716,8 @@ class TrustedBootTest: public CxxTest::TestSuite
716716
// Let's see if the requested chip is functional
717717
target.role = TPM_PRIMARY;
718718
errlHndl_t err = tpmReadAttributes (target.tpmTarget,
719-
tpmInfo);
719+
tpmInfo,
720+
TPM_LOCALITY_0);
720721

721722
if (NULL != err)
722723
{

src/usr/secureboot/trusted/trustedboot.C

Lines changed: 21 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
/* */
66
/* OpenPOWER HostBoot Project */
77
/* */
8-
/* Contributors Listed Below - COPYRIGHT 2015,2016 */
8+
/* Contributors Listed Below - COPYRIGHT 2015,2017 */
99
/* [+] International Business Machines Corp. */
1010
/* */
1111
/* */
@@ -48,6 +48,7 @@
4848
#include <initservice/initserviceif.H>
4949
#include <ipmi/ipmisensor.H>
5050
#include <config.h>
51+
#include <i2c/tpmddif.H>
5152
#include "trustedboot.H"
5253
#include "trustedTypes.H"
5354
#include "trustedbootCmds.H"
@@ -203,7 +204,8 @@ void* host_update_master_tpm( void *io_pArgs )
203204
{
204205
memset(&tpmData, 0, sizeof(tpmData));
205206
errlHndl_t readErr = tpmReadAttributes(tpmList[tpmNum],
206-
tpmData);
207+
tpmData,
208+
TPM_LOCALITY_0);
207209
if (NULL != readErr)
208210
{
209211
// We are just looking for configured TPMs here
@@ -293,7 +295,8 @@ void* host_update_master_tpm( void *io_pArgs )
293295
memset(&tpmInfo, 0, sizeof(tpmInfo));
294296
errlHndl_t tmpErr = TPMDD::tpmReadAttributes(
295297
systemTpms.tpm[TPM_BACKUP_INDEX].tpmTarget,
296-
tpmInfo);
298+
tpmInfo,
299+
TPM_LOCALITY_0);
297300
if (NULL != tmpErr || !tpmInfo.tpmEnabled)
298301
{
299302
TRACUCOMP( g_trac_trustedboot,
@@ -372,11 +375,17 @@ void tpmInitialize(TRUSTEDBOOT::TpmTarget & io_target)
372375
io_target.initAttempted = true;
373376
io_target.failed = false;
374377

375-
// TPM_STARTUP
376-
err = tpmCmdStartup(&io_target);
377-
if (NULL != err)
378+
bool drtm = false;
379+
/// @todo #157140 Add ability to check for DRTM
380+
// Don't run STARTUP during DRTM
381+
if (!drtm)
378382
{
379-
break;
383+
// TPM_STARTUP
384+
err = tpmCmdStartup(&io_target);
385+
if (NULL != err)
386+
{
387+
break;
388+
}
380389
}
381390

382391
// TPM_GETCAPABILITY to read FW Version
@@ -386,6 +395,11 @@ void tpmInitialize(TRUSTEDBOOT::TpmTarget & io_target)
386395
break;
387396
}
388397

398+
// For a DRTM we need to reset PCRs 17-22
399+
if (drtm)
400+
{
401+
/// @todo Implement PCR reset
402+
}
389403

390404
} while ( 0 );
391405

0 commit comments

Comments
 (0)