Skip to content

Commit

Permalink
Update the data extended into TPM's PCR_6
Browse files Browse the repository at this point in the history 
In an effort to seal the PCRs for ultravisor, this commit updates
which elements are extended into PCR_6 of valid TPMs during the IPL.

Change-Id: Ic455e7a0b36955eabf0723685119132c38da5e81
RTC:201448
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/95061
Reviewed-by: Nicholas E Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Ilya Smirnov <ismirno@us.ibm.com>
Reviewed-by: Christopher J Engel <cjengel@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M Crowell <dcrowell@us.ibm.com>
  • Loading branch information
@mabaiocchi @dcrowell77
mabaiocchi authored and dcrowell77 committed May 6, 2020
1 parent 7198f17 commit 5bda93c
Show file tree
Hide file tree
Showing 9 changed files with 165 additions and 59 deletions.
34 changes: 17 additions & 17 deletions src/usr/secureboot/node_comm/node_comm.C
View file
Expand Up @@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2018 */
/* Contributors Listed Below - COPYRIGHT 2018,2020 */
/* [+] International Business Machines Corp. */
/* */
/* */
Expand Down Expand Up @@ -84,7 +84,7 @@ errlHndl_t nodeCommAbusRecvMessage(TARGETING::Target* i_pProc,
const uint64_t interval_ns = NODE_COMM_POLL_DELAY_NS;
uint64_t time_polled_ns = 0;

TRACUCOMP(g_trac_nc,ENTER_MRK"nodeCommAbusRecvMessage: pProc=0x%.08X",
TRACUTCOMP(g_trac_nc,ENTER_MRK"nodeCommAbusRecvMessage: pProc=0x%.08X",
get_huid(i_pProc));

do
Expand All @@ -109,7 +109,7 @@ errlHndl_t nodeCommAbusRecvMessage(TARGETING::Target* i_pProc,
}
if (attn_found == true)
{
TRACUCOMP(g_trac_nc,INFO_MRK"nodeCommAbusRecvMessage: "
TRACUTCOMP(g_trac_nc,INFO_MRK"nodeCommAbusRecvMessage: "
"nodeCommMapAttn attn_found (%d) for Tgt=0x%.08X, link=%d, "
"mbox=%d",
attn_found, get_huid(i_pProc), actual_linkId, actual_mboxId);
Expand Down Expand Up @@ -257,7 +257,7 @@ errlHndl_t nodeCommAbusRecvMessage(TARGETING::Target* i_pProc,

} while( 0 );

TRACUCOMP(g_trac_nc,EXIT_MRK"nodeCommAbusRecvMessage: "
TRACUTCOMP(g_trac_nc,EXIT_MRK"nodeCommAbusRecvMessage: "
"Tgt=0x%.08X, link=%d, mbox=%d attn_found=%d: "
"data=0x%.16llX. "
TRACE_ERR_FMT,
Expand All @@ -281,7 +281,7 @@ errlHndl_t nodeCommAbusSendMessage(TARGETING::Target* i_pProc,
{
errlHndl_t err = nullptr;

TRACUCOMP(g_trac_nc,ENTER_MRK"nodeCommAbusSendMessage: iProc=0x%.08X "
TRACUTCOMP(g_trac_nc,ENTER_MRK"nodeCommAbusSendMessage: iProc=0x%.08X "
"to send data=0x%.16llX through linkId=%d mboxId=%d",
get_huid(i_pProc), i_data, i_linkId, i_mboxId);

Expand Down Expand Up @@ -312,7 +312,7 @@ errlHndl_t nodeCommAbusSendMessage(TARGETING::Target* i_pProc,

} while( 0 );

TRACUCOMP(g_trac_nc,EXIT_MRK"nodeCommAbusSendMessage: iProc=0x%.08X "
TRACUTCOMP(g_trac_nc,EXIT_MRK"nodeCommAbusSendMessage: iProc=0x%.08X "
"send data=0x%.16llX through linkId=%d mboxId=%d: "
TRACE_ERR_FMT,
get_huid(i_pProc), i_data, i_linkId, i_mboxId,
Expand Down Expand Up @@ -351,7 +351,7 @@ errlHndl_t nodeCommMapAttn(TARGETING::Target* i_pProc,

const size_t expSize = sizeof(fir_data);

TRACUCOMP(g_trac_nc,ENTER_MRK
TRACUTCOMP(g_trac_nc,ENTER_MRK
"nodeCommMapAttn: tgt=0x%X, mode=%s, fir_addr=0x%.16llX",
get_huid(i_pProc),
(i_mode == NCDD_MODE_ABUS)
Expand Down Expand Up @@ -386,13 +386,13 @@ errlHndl_t nodeCommMapAttn(TARGETING::Target* i_pProc,
// Map Attention bits in the FIR
fir_data_with_mask = fir_data & fir_mask;
const int bit_count = __builtin_popcount(fir_data_with_mask);
TRACUCOMP(g_trac_nc,"nodeCommMapAttn: FIR data = 0x%.16llX, "
TRACUTCOMP(g_trac_nc,"nodeCommMapAttn: FIR data = 0x%.16llX, "
"mask=0x%.16llX, data+mask=0x%.16llX, count=%d",
fir_data, fir_mask, fir_data_with_mask, bit_count);

if (bit_count == 0)
{
TRACUCOMP(g_trac_nc,INFO_MRK"nodeCommMapAttn: no attentions found: "
TRACUTCOMP(g_trac_nc,INFO_MRK"nodeCommMapAttn: no attentions found: "
"FIR data = 0x%.16llX, mask=0x%.16llX, data+mask=0x%.16llX",
fir_data, fir_mask, fir_data_with_mask);
break;
Expand Down Expand Up @@ -453,7 +453,7 @@ errlHndl_t nodeCommMapAttn(TARGETING::Target* i_pProc,
o_linkId = (bit / 2);
o_mboxId = (bit % 2);

TRACUCOMP(g_trac_nc,INFO_MRK"nodeCommMapAttn: tgt=0x%X: "
TRACUTCOMP(g_trac_nc,INFO_MRK"nodeCommMapAttn: tgt=0x%X: "
"o_attn_found=%d, o_linkId=%d, mboxId=%d, "
TRACE_ERR_FMT,
get_huid(i_pProc), o_attn_found, o_linkId, o_mboxId,
Expand All @@ -464,7 +464,7 @@ errlHndl_t nodeCommMapAttn(TARGETING::Target* i_pProc,

} while( 0 );

TRACUCOMP(g_trac_nc,EXIT_MRK"nodeCommMapAttn: tgt=0x%X: "
TRACUTCOMP(g_trac_nc,EXIT_MRK"nodeCommMapAttn: tgt=0x%X: "
"o_attn_found=%d, o_linkId=%d, mboxId=%d, "
TRACE_ERR_FMT,
get_huid(i_pProc), o_attn_found, o_linkId, o_mboxId,
Expand Down Expand Up @@ -507,7 +507,7 @@ errlHndl_t getObusTrainedLinks(TARGETING::Target* i_pObus,

assert(i_pObus != nullptr, "getObusTrainedLinks: i_pObus == nullptr");

TRACUCOMP(g_trac_nc,ENTER_MRK
TRACUTCOMP(g_trac_nc,ENTER_MRK
"getObusTrainedLinks: OBUS tgt=0x%X",
get_huid(i_pObus));

Expand Down Expand Up @@ -690,7 +690,7 @@ void addNodeCommBusCallout(const node_comm_modes_t i_mode,
}
l_ep2_path_str = l_ep2.toString();

TRACUCOMP(g_trac_nc,INFO_MRK"addNodeCommBusCallout: Checking "
TRACUTCOMP(g_trac_nc,INFO_MRK"addNodeCommBusCallout: Checking "
"i_pProc 0x%.08X BUS HUID 0x%.08X's (%s) PEER_PATH: %s",
get_huid(i_pProc), get_huid(l_busTgt),
l_ep1_path_str,
Expand All @@ -700,7 +700,7 @@ void addNodeCommBusCallout(const node_comm_modes_t i_mode,
l_ep2.pathElementOfType(l_type);
if(l_ep2_peBus.type == TYPE_NA)
{
TRACUCOMP(g_trac_nc,INFO_MRK"addNodeCommBusCallout: "
TRACUTCOMP(g_trac_nc,INFO_MRK"addNodeCommBusCallout: "
"Skipping i_pProc 0x%.08X "
"BUS HUID 0x%.08X's (%s) PEER_PATH %s because "
"cannot find BUS in PEER_PATH",
Expand Down Expand Up @@ -766,7 +766,7 @@ void addNodeCommBusCallout(const node_comm_modes_t i_mode,
}
l_ep2_path_str = l_smpGroup_peer_ep.toString();

TRACUCOMP(g_trac_nc,INFO_MRK"addNodeCommBusCallout: "
TRACUTCOMP(g_trac_nc,INFO_MRK"addNodeCommBusCallout: "
"SMPGROUP HUID: 0x%.08X (%s): rel_pos=%d, "
"instance=%d: peer=%s",
get_huid(l_smpGroup),
Expand All @@ -776,7 +776,7 @@ void addNodeCommBusCallout(const node_comm_modes_t i_mode,
l_ep2_path_str);

// Find matching instance and relative link Id
if ((l_smpGroup_ep_peSmpGroup.instance % 2) ==
if ((l_smpGroup_ep_peSmpGroup.instance % 2) ==
(i_linkId % 2))
{
found_peer_endpoint = true;
Expand Down Expand Up @@ -813,7 +813,7 @@ void addNodeCommBusCallout(const node_comm_modes_t i_mode,
}
else
{
TRACUCOMP(g_trac_nc,INFO_MRK"addNodeCommBusCallout: "
TRACUTCOMP(g_trac_nc,INFO_MRK"addNodeCommBusCallout: "
"Skipping i_pProc 0x%.08X BUS HUID 0x%.08X's "
"PEER_PATH %s because ep1 bus instance (%d) does not "
"match instance (%d) converted from i_linkId (%d)",
Expand Down
3 changes: 3 additions & 0 deletions src/usr/secureboot/node_comm/node_comm.H
View file
Expand Up @@ -43,6 +43,9 @@
#define NODECOMM_TRACE_NAME "NODECOMM"
extern trace_desc_t* g_trac_nc;

// Switch from TRACDCOMP to TRACFCOMP to enable unit test tracing
#define TRACUTCOMP(args...) TRACDCOMP(args)

namespace SECUREBOOT
{

Expand Down
24 changes: 12 additions & 12 deletions src/usr/secureboot/node_comm/node_comm_dd.C
View file
Expand Up @@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2018 */
/* Contributors Listed Below - COPYRIGHT 2018,2020 */
/* [+] International Business Machines Corp. */
/* */
/* */
Expand Down Expand Up @@ -177,7 +177,7 @@ errlHndl_t nodeCommPerformOp( DeviceFW::OperationType i_opType,
break;
}

TRACUCOMP(g_trac_nc,ENTER_MRK"nodeCommPerformOp: %s: %s: "
TRACUTCOMP(g_trac_nc,ENTER_MRK"nodeCommPerformOp: %s: %s: "
"tgt=0x%X, LinkId=%d, MboxId=%d, data=0x%.16llX",
(node_comm_args.mode == NCDD_MODE_ABUS)
? NCDD_ABUS_STRING : NCDD_XBUS_STRING,
Expand Down Expand Up @@ -253,7 +253,7 @@ errlHndl_t nodeCommPerformOp( DeviceFW::OperationType i_opType,
}


TRACUCOMP (g_trac_nc, EXIT_MRK"nodeCommPerformOp: %s: %s: "
TRACUTCOMP (g_trac_nc, EXIT_MRK"nodeCommPerformOp: %s: %s: "
"tgt=0x%X, LinkId=%d, MboxId=%d, data=0x%.16llX. "
TRACE_ERR_FMT,
(node_comm_args.mode == NCDD_MODE_ABUS)
Expand Down Expand Up @@ -321,7 +321,7 @@ errlHndl_t ncddRead(node_comm_args_t & i_args)

uint64_t reg_addr = getLinkMboxRegAddr(NCDD_REG_FIR_WOX_AND, i_args.mode);

TRACUCOMP(g_trac_nc,"ncddRead: Clearing FIR bit 0x%.16llX based on "
TRACUTCOMP(g_trac_nc,"ncddRead: Clearing FIR bit 0x%.16llX based on "
"linkId=%d, mboxId=%d, mode=%s, by writing 0x%.16llX to FIR Reg "
"Addr 0x%.16llX on Target 0x%X",
fir_attn_bit, i_args.linkId, i_args.mboxId,
Expand All @@ -348,7 +348,7 @@ errlHndl_t ncddRead(node_comm_args_t & i_args)

} while( 0 );

TRACUCOMP( g_trac_nc,EXIT_MRK"ncddRead: "
TRACUTCOMP( g_trac_nc,EXIT_MRK"ncddRead: "
TRACE_ERR_FMT,
TRACE_ERR_ARGS(err));

Expand Down Expand Up @@ -457,7 +457,7 @@ errlHndl_t ncddWrite (node_comm_args_t & i_args)

} while( 0 );

TRACUCOMP( g_trac_nc,EXIT_MRK"ncddWrite: "
TRACUTCOMP( g_trac_nc,EXIT_MRK"ncddWrite: "
TRACE_ERR_FMT,
TRACE_ERR_ARGS(err));

Expand All @@ -472,7 +472,7 @@ errlHndl_t ncddCheckStatus (node_comm_args_t & i_args,
errlHndl_t err = nullptr;
bool errorFound = false;

TRACUCOMP( g_trac_nc,
TRACUTCOMP( g_trac_nc,
ENTER_MRK"ncddCheckStatus(): Tgt=0x%X: 0x%.16llX",
i_args.tgt_huid,
i_statusVal.value );
Expand Down Expand Up @@ -550,7 +550,7 @@ errlHndl_t ncddCheckStatus (node_comm_args_t & i_args,

} while( 0 );

TRACUCOMP( g_trac_nc,EXIT_MRK"ncddCheckStatus: "
TRACUTCOMP( g_trac_nc,EXIT_MRK"ncddCheckStatus: "
TRACE_ERR_FMT,
TRACE_ERR_ARGS(err));

Expand All @@ -567,7 +567,7 @@ errlHndl_t ncddWaitForCmdComp (node_comm_args_t & i_args,
int timeout_ns = NODE_COMM_DD_POLL_DELAY_TOTAL_NS;
ctrl_reg_t ctrl_reg_status;

TRACUCOMP(g_trac_nc, "ncddWaitForCmdComp(): timeout_ns=%d, "
TRACUTCOMP(g_trac_nc, "ncddWaitForCmdComp(): timeout_ns=%d, "
"interval_ns=%d", timeout_ns, interval_ns);

do
Expand Down Expand Up @@ -660,7 +660,7 @@ errlHndl_t ncddWaitForCmdComp (node_comm_args_t & i_args,

o_statusVal = ctrl_reg_status;

TRACUCOMP( g_trac_nc,EXIT_MRK"ncddWaitForCmdComp: "
TRACUTCOMP( g_trac_nc,EXIT_MRK"ncddWaitForCmdComp: "
TRACE_ERR_FMT,
TRACE_ERR_ARGS(err));

Expand Down Expand Up @@ -729,7 +729,7 @@ errlHndl_t ncddRegisterOp ( DeviceFW::OperationType i_opType,
const size_t expSize = sizeof(i_reg);
uint64_t l_reg = getLinkMboxRegAddr(i_reg, i_args.mode);

TRACUCOMP(g_trac_nc,ENTER_MRK"ncddRegisterOp: %s: %s: "
TRACUTCOMP(g_trac_nc,ENTER_MRK"ncddRegisterOp: %s: %s: "
"tgt=0x%X, reg_addr=0x%.16llX, data=0x%.16llX",
(i_args.mode == NCDD_MODE_ABUS)
? NCDD_ABUS_STRING : NCDD_XBUS_STRING,
Expand Down Expand Up @@ -764,7 +764,7 @@ errlHndl_t ncddRegisterOp ( DeviceFW::OperationType i_opType,

} while (0);

TRACUCOMP(g_trac_nc,EXIT_MRK"ncddRegisterOp: %s: %s: "
TRACUTCOMP(g_trac_nc,EXIT_MRK"ncddRegisterOp: %s: %s: "
"tgt=0x%X, reg_addr=0x%.16llX, data=0x%.16llX. "
TRACE_ERR_FMT,
(i_args.mode == NCDD_MODE_ABUS)
Expand Down
10 changes: 5 additions & 5 deletions src/usr/secureboot/node_comm/node_comm_exchange.C
View file
Expand Up @@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2018,2019 */
/* Contributors Listed Below - COPYRIGHT 2018,2020 */
/* [+] International Business Machines Corp. */
/* */
/* */
Expand Down Expand Up @@ -135,7 +135,7 @@ errlHndl_t nodeCommAbusGetRandom(uint64_t & o_nonce)
#ifdef CONFIG_TPMDD
Target* tpm_tgt = nullptr;

TRACUCOMP(g_trac_nc,ENTER_MRK"nodeCommAbusGetRandom:");
TRACUTCOMP(g_trac_nc,ENTER_MRK"nodeCommAbusGetRandom:");

do
{
Expand All @@ -149,7 +149,7 @@ errlHndl_t nodeCommAbusGetRandom(uint64_t & o_nonce)
if(tpm_tgt)
{
hwasState = tpm_tgt->getAttr<TARGETING::ATTR_HWAS_STATE>();
TRACUCOMP(g_trac_nc,INFO_MRK
TRACUTCOMP(g_trac_nc,INFO_MRK
"TPM HUID 0x%08X has state of {present=%d, "
"functional=%d}",
get_huid(tpm_tgt),
Expand Down Expand Up @@ -255,7 +255,7 @@ errlHndl_t nodeCommAbusLogNonce(uint64_t & i_nonce)
{
errlHndl_t err = nullptr;

TRACUCOMP(g_trac_nc,ENTER_MRK"nodeCommAbusLogNonce: i_nonce=0x%.16llX",
TRACUTCOMP(g_trac_nc,ENTER_MRK"nodeCommAbusLogNonce: i_nonce=0x%.16llX",
i_nonce);

do
Expand Down Expand Up @@ -764,7 +764,7 @@ errlHndl_t nodeCommProcessSlaveQuote(uint8_t* const i_slaveQuote,
{
errlHndl_t l_errl = nullptr;
#ifdef CONFIG_TPMDD
TRACFCOMP(g_trac_nc, ENTER_MRK"nodeCommProcessSlaveQuote");
TRACFCOMP(g_trac_nc, ENTER_MRK"nodeCommProcessSlaveQuote: size=0x%016llX",i_slaveQuoteSize);
bool l_tpmRequired = TRUSTEDBOOT::isTpmRequired();
bool l_errorOccurred = false;

Expand Down
6 changes: 3 additions & 3 deletions src/usr/secureboot/node_comm/node_comm_test.C
View file
Expand Up @@ -5,7 +5,7 @@
/* */
/* OpenPOWER HostBoot Project */
/* */
/* Contributors Listed Below - COPYRIGHT 2018 */
/* Contributors Listed Below - COPYRIGHT 2018,2020 */
/* [+] International Business Machines Corp. */
/* */
/* */
Expand Down Expand Up @@ -88,7 +88,7 @@ errlHndl_t nodeCommXbus2ProcTest(void)
break;
}

TRACUCOMP(g_trac_nc,ENTER_MRK"nodeCommXbus2ProcTest: Running with %d procs",
TRACUTCOMP(g_trac_nc,ENTER_MRK"nodeCommXbus2ProcTest: Running with %d procs",
l_cpuTargetList.size());

// 1) Send Data Out of First Proc Xbus Link Mailbox
Expand Down Expand Up @@ -191,7 +191,7 @@ errlHndl_t nodeCommXbus2ProcTest(void)
}
else
{
TRACUCOMP(g_trac_nc,INFO_MRK"nodeCommXbus2ProcTest: "
TRACUTCOMP(g_trac_nc,INFO_MRK"nodeCommXbus2ProcTest: "
"Attention was found (%d) on tgt=0x%.08X",
attn_found, get_huid(read_tgt));
}
Expand Down
2 changes: 1 addition & 1 deletion src/usr/secureboot/node_comm/node_comm_transfer.C
View file
Expand Up @@ -117,7 +117,7 @@ errlHndl_t nodeCommTransferSend(TARGETING::Target* i_pProc,
// Loop of sending messages (initiation and data) and receiving ACKs
for ( ; msg_seq <= total_data_msgs; ++msg_seq)
{
TRACUCOMP(g_trac_nc,INFO_MRK"nodeCommTransferSend: loop start: "
TRACUTCOMP(g_trac_nc,INFO_MRK"nodeCommTransferSend: loop start: "
"seq = %d (msg %d of %d)",
msg_seq, msg_seq+1, total_data_msgs);

Expand Down

0 comments on commit 5bda93c

Please sign in to comment.