Skip to content

Commit

Permalink
Add TPM4 locality support
Browse files Browse the repository at this point in the history 
Change-Id: I9f16fe77ee18f3d8839d0a06f9322ca1b1e47d93
RTC: 134415
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/35271
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: William G. Hoffa <wghoffa@us.ibm.com>
  • Loading branch information
@cjengel @wghoffa
cjengel authored and wghoffa committed Jan 27, 2017
1 parent 0446c85 commit 5784da2
Show file tree
Hide file tree
Showing 12 changed files with 154 additions and 60 deletions.
9 changes: 6 additions & 3 deletions src/include/usr/devicefw/userif.H
View file
Expand Up @@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2011,2016 */
/* Contributors Listed Below - COPYRIGHT 2011,2017 */
/* [+] Google Inc. */
/* [+] International Business Machines Corp. */
/* */
Expand Down Expand Up @@ -326,11 +326,14 @@ namespace DeviceFW
* tpm_op_types_t in tpmddif.H
* @param[in] i_command_len Command length to write during transmit
* operations
* @param[in] i_locality The TPM locality to use. See tpm_locality_t
* in tpmddif.H
*/
#define DEVICE_TPM_ADDRESS( i_tpm_op, i_command_len )\
#define DEVICE_TPM_ADDRESS( i_tpm_op, i_command_len, i_locality ) \
DeviceFW::TPM,\
static_cast<uint64_t>(( i_tpm_op )),\
static_cast<uint64_t>(( i_command_len ))
static_cast<uint64_t>(( i_command_len )),\
static_cast<uint64_t>(( i_locality ))

/**
* Construct the device addressing parameters for the GPIO port extender ops
Expand Down
16 changes: 14 additions & 2 deletions src/include/usr/i2c/tpmddif.H
View file
Expand Up @@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2015,2016 */
/* Contributors Listed Below - COPYRIGHT 2015,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
Expand Down Expand Up @@ -49,6 +49,15 @@ enum tpm_addr_size_t
LAST_DEVICE_TYPE
};

/**
* @brief TPM Locality to address for operation
*/
enum tpm_locality_t
{
TPM_LOCALITY_0 = 0,
TPM_LOCALITY_4 = 4,
};

/**
* @brief Structure of common parameters needed by different parts of
* the code.
Expand Down Expand Up @@ -92,11 +101,14 @@ bool tpmPresence ( TARGETING::Target * i_target);
* @param[in/out] io_tpmInfo The structure that will contain the attribute data
* read from the target device. Chip field must be set
*
* @param[in] i_locality TPM locality to address
*
* @return errlHndl_t NULL if successful, otherwise a pointer to the
* error log.
*/
errlHndl_t tpmReadAttributes ( TARGETING::Target * i_target,
tpm_info_t & io_tpmInfo );
tpm_info_t & io_tpmInfo,
tpm_locality_t i_locality);


}; // end namespace TPMDD
Expand Down
8 changes: 7 additions & 1 deletion src/include/usr/secureboot/trustedbootif.H
View file
Expand Up @@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2015,2016 */
/* Contributors Listed Below - COPYRIGHT 2015,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
Expand Down Expand Up @@ -80,6 +80,12 @@ namespace TRUSTEDBOOT
PCR_6 = 6,
PCR_7 = 7,
PCR_DEBUG = 16,
PCR_DRTM_17 = 17,
PCR_DRTM_18 = 18,
PCR_DRTM_19 = 19,
PCR_DRTM_20 = 20,
PCR_DRTM_21 = 21,
PCR_DRTM_22 = 22,
PLATFORM_PCR = 24, ///< The number of PCR required by the platform spec
IMPLEMENTATION_PCR = 24, ///< The number of PCRs implemented by TPM
} TPM_Pcr;
Expand Down
8 changes: 5 additions & 3 deletions src/usr/devtree/bld_devtree.C
View file
Expand Up @@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2013,2016 */
/* Contributors Listed Below - COPYRIGHT 2013,2017 */
/* [+] Google Inc. */
/* [+] International Business Machines Corp. */
/* */
Expand Down Expand Up @@ -486,7 +486,8 @@ void add_i2c_info( const TARGETING::Target* i_targ,
{

// Lookup i2c info for the TPM
err = TPMDD::tpmReadAttributes(tpm->tpmTarget, tpmInfo);
err = TPMDD::tpmReadAttributes(tpm->tpmTarget, tpmInfo,
TPMDD::TPM_LOCALITY_0);
if (NULL != err)
{
// Unable to get info we skip this guy
Expand Down Expand Up @@ -1302,7 +1303,8 @@ void load_tpmlog(devTree * i_dt, uint64_t& io_address)

// We need to build the devtree path to find this TPM node
// Lookup i2c info for the TPM
l_errl = TPMDD::tpmReadAttributes(l_tpm->tpmTarget, l_tpmInfo);
l_errl = TPMDD::tpmReadAttributes(l_tpm->tpmTarget, l_tpmInfo,
TPMDD::TPM_LOCALITY_0);
if (l_errl)
{
errlCommit(l_errl, DEVTREE_COMP_ID);
Expand Down
23 changes: 15 additions & 8 deletions src/usr/i2c/test/tpmddtest.H
View file
Expand Up @@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2015,2016 */
/* Contributors Listed Below - COPYRIGHT 2015,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
Expand Down Expand Up @@ -76,7 +76,8 @@ class TPMDDTest: public CxxTest::TestSuite
// Let's see if the requested chip is functional
tpm_info_t tpmInfo;
memset(&tpmInfo, 0, sizeof(tpm_info_t));
errlHndl_t err = tpmReadAttributes (testTarget, tpmInfo);
errlHndl_t err = tpmReadAttributes (testTarget, tpmInfo,
TPM_LOCALITY_0);

if (NULL != err)
{
Expand Down Expand Up @@ -127,7 +128,8 @@ class TPMDDTest: public CxxTest::TestSuite
&data,
dataSize,
DEVICE_TPM_ADDRESS( TPM_OP_READVENDORID,
0) );
0,
TPM_LOCALITY_0) );

if( NULL != err )
{
Expand Down Expand Up @@ -191,7 +193,8 @@ class TPMDDTest: public CxxTest::TestSuite
&data,
dataSize,
DEVICE_TPM_ADDRESS( TPM_OP_LASTOP,
0) );
0,
TPM_LOCALITY_0) );

if( NULL == err )
{
Expand All @@ -216,7 +219,8 @@ class TPMDDTest: public CxxTest::TestSuite
&data,
dataSize,
DEVICE_TPM_ADDRESS( TPM_OP_READVENDORID,
0) );
0,
TPM_LOCALITY_0) );

if( NULL == err )
{
Expand Down Expand Up @@ -273,7 +277,8 @@ class TPMDDTest: public CxxTest::TestSuite
&data,
dataSize,
DEVICE_TPM_ADDRESS( TPM_OP_READVENDORID,
0) );
0,
TPM_LOCALITY_0) );

if( NULL == err ||
err->reasonCode() != TPM_OVERFLOW_ERROR)
Expand Down Expand Up @@ -423,7 +428,8 @@ class TPMDDTest: public CxxTest::TestSuite
&data,
dataSize,
DEVICE_TPM_ADDRESS( TPM_OP_TRANSMIT,
cmdSize) );
cmdSize,
TPM_LOCALITY_0) );

TRUSTEDBOOT::TPM2_BaseOut* resp =
reinterpret_cast<TRUSTEDBOOT::TPM2_BaseOut*>(data);
Expand Down Expand Up @@ -511,7 +517,8 @@ class TPMDDTest: public CxxTest::TestSuite
&data,
dataSize,
DEVICE_TPM_ADDRESS(TPM_OP_TRANSMIT,
cmdSize) );
cmdSize,
TPM_LOCALITY_0) );

if( NULL == err ||
err->reasonCode() != TPM_OVERFLOW_ERROR)
Expand Down
35 changes: 26 additions & 9 deletions src/usr/i2c/tpmdd.C
View file
Expand Up @@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2011,2016 */
/* Contributors Listed Below - COPYRIGHT 2011,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
Expand Down Expand Up @@ -102,23 +102,28 @@ errlHndl_t tpmPerformOp( DeviceFW::OperationType i_opType,
tpm_info_t tpmInfo;
uint64_t commandSize = 0;
bool unlock = false;
tpm_locality_t locality = TPM_LOCALITY_0;

tpmInfo.operation = ((TPMDD::tpm_op_types_t)va_arg( i_args, uint64_t ));
tpmInfo.operation = static_cast<TPMDD::tpm_op_types_t>
(va_arg( i_args, uint64_t ));
commandSize = va_arg( i_args, uint64_t );
locality = static_cast<TPMDD::tpm_locality_t>(va_arg( i_args, uint64_t ));

TRACDCOMP( g_trac_tpmdd,
ENTER_MRK"tpmPerformOp()" );

TRACUCOMP (g_trac_tpmdd, ENTER_MRK"tpmPerformOp(): "
"i_opType=%d, operation=%d, buflen=%d, cmdlen=%d",
(uint64_t) i_opType, tpmInfo.operation, io_buflen,
"i_opType=%d, operation=%d, loc=%d, buflen=%d, cmdlen=%d",
(uint64_t) i_opType, tpmInfo.operation,
locality, io_buflen,
commandSize);

do
{
// Read Attributes needed to complete the operation
err = tpmReadAttributes( i_target,
tpmInfo );
tpmInfo,
locality);

if( err )
{
Expand Down Expand Up @@ -306,7 +311,8 @@ bool tpmPresence ( TARGETING::Target * i_target)

// Read Attributes needed to complete the operation
err = tpmReadAttributes( i_target,
tpmInfo );
tpmInfo,
TPM_LOCALITY_0);

if( err )
{
Expand Down Expand Up @@ -1125,7 +1131,8 @@ errlHndl_t tpmPrepareAddress ( void * io_buffer,
// tpmReadAttributes
// ------------------------------------------------------------------
errlHndl_t tpmReadAttributes ( TARGETING::Target * i_target,
tpm_info_t & io_tpmInfo )
tpm_info_t & io_tpmInfo,
tpm_locality_t i_locality )
{
errlHndl_t err = NULL;

Expand Down Expand Up @@ -1177,8 +1184,18 @@ errlHndl_t tpmReadAttributes ( TARGETING::Target * i_target,

// Successful reading of Attribute, so extract the data
io_tpmInfo.port = tpmData.port;
io_tpmInfo.devAddr = tpmData.devAddrLocality0;
/// @TODO RTC: 134415 Need to handle locality4
if (TPM_LOCALITY_0 == i_locality)
{
io_tpmInfo.devAddr = tpmData.devAddrLocality0;
}
else if (TPM_LOCALITY_4 == i_locality)
{
io_tpmInfo.devAddr = tpmData.devAddrLocality4;
}
else
{
assert(false, "Unsupported locality");
}
io_tpmInfo.engine = tpmData.engine;
io_tpmInfo.i2cMasterPath = tpmData.i2cMasterPath;
io_tpmInfo.tpmEnabled = tpmData.tpmEnabled;
Expand Down
5 changes: 3 additions & 2 deletions src/usr/secureboot/trusted/test/trustedbootTest.H
View file
Expand Up @@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2015,2016 */
/* Contributors Listed Below - COPYRIGHT 2015,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
Expand Down Expand Up @@ -716,7 +716,8 @@ class TrustedBootTest: public CxxTest::TestSuite
// Let's see if the requested chip is functional
target.role = TPM_PRIMARY;
errlHndl_t err = tpmReadAttributes (target.tpmTarget,
tpmInfo);
tpmInfo,
TPM_LOCALITY_0);

if (NULL != err)
{
Expand Down
28 changes: 21 additions & 7 deletions src/usr/secureboot/trusted/trustedboot.C
View file
Expand Up @@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2015,2016 */
/* Contributors Listed Below - COPYRIGHT 2015,2017 */
/* [+] International Business Machines Corp. */
/* */
/* */
Expand Down Expand Up @@ -48,6 +48,7 @@
#include <initservice/initserviceif.H>
#include <ipmi/ipmisensor.H>
#include <config.h>
#include <i2c/tpmddif.H>
#include "trustedboot.H"
#include "trustedTypes.H"
#include "trustedbootCmds.H"
Expand Down Expand Up @@ -203,7 +204,8 @@ void* host_update_master_tpm( void *io_pArgs )
{
memset(&tpmData, 0, sizeof(tpmData));
errlHndl_t readErr = tpmReadAttributes(tpmList[tpmNum],
tpmData);
tpmData,
TPM_LOCALITY_0);
if (NULL != readErr)
{
// We are just looking for configured TPMs here
Expand Down Expand Up @@ -293,7 +295,8 @@ void* host_update_master_tpm( void *io_pArgs )
memset(&tpmInfo, 0, sizeof(tpmInfo));
errlHndl_t tmpErr = TPMDD::tpmReadAttributes(
systemTpms.tpm[TPM_BACKUP_INDEX].tpmTarget,
tpmInfo);
tpmInfo,
TPM_LOCALITY_0);
if (NULL != tmpErr || !tpmInfo.tpmEnabled)
{
TRACUCOMP( g_trac_trustedboot,
Expand Down Expand Up @@ -372,11 +375,17 @@ void tpmInitialize(TRUSTEDBOOT::TpmTarget & io_target)
io_target.initAttempted = true;
io_target.failed = false;

// TPM_STARTUP
err = tpmCmdStartup(&io_target);
if (NULL != err)
bool drtm = false;
/// @todo #157140 Add ability to check for DRTM
// Don't run STARTUP during DRTM
if (!drtm)
{
break;
// TPM_STARTUP
err = tpmCmdStartup(&io_target);
if (NULL != err)
{
break;
}
}

// TPM_GETCAPABILITY to read FW Version
Expand All @@ -386,6 +395,11 @@ void tpmInitialize(TRUSTEDBOOT::TpmTarget & io_target)
break;
}

// For a DRTM we need to reset PCRs 17-22
if (drtm)
{
/// @todo Implement PCR reset
}

} while ( 0 );

Expand Down

0 comments on commit 5784da2

Please sign in to comment.