Set TPM_UNUSABLE Only if TPM is Required

This change sets the attribure used for TPM alignment check (TPM_UNUSABLE) only if the TPM Required policy is on. This will prevent HWSV from failing the boot due to no minimum HW when the policy is off. Change-Id: Ia63475c7496e5a4deb73c0caeb0d070bd8eb95c3 CQ: SW441033 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/64553 Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
open-power · Aug 16, 2018 · f70518c · f70518c
1 parent e55c53f
commit f70518c
Showing 1 changed file with 18 additions and 6 deletions.
diff --git a/src/usr/secureboot/trusted/trustedboot.C b/src/usr/secureboot/trusted/trustedboot.C
@@ -325,7 +325,10 @@ void* host_update_master_tpm( void *io_pArgs )
                 !primaryHwasState.present)
             {
                 primaryTpmAvail = false;
-                pPrimaryTpm->setAttr<TARGETING::ATTR_TPM_UNUSABLE>(true);
+                if(isTpmRequired())
+                {
+                    pPrimaryTpm->setAttr<TARGETING::ATTR_TPM_UNUSABLE>(true);
+                }
             }
         }
 
@@ -1008,8 +1011,11 @@ void tpmMarkFailed(TpmTarget* const i_pTpm,
     i_pTpm->setAttr<
         TARGETING::ATTR_HWAS_STATE>(hwasState);
 
-    // Mark the TPM as unusable so that FSP can perform alignment check
-    i_pTpm->setAttr<TARGETING::ATTR_TPM_UNUSABLE>(true);
+    if(isTpmRequired())
+    {
+        // Mark the TPM as unusable so that FSP can perform alignment check
+        i_pTpm->setAttr<TARGETING::ATTR_TPM_UNUSABLE>(true);
+    }
 
     #ifdef CONFIG_SECUREBOOT
     TARGETING::Target* l_tpm = i_pTpm;
@@ -1403,10 +1409,16 @@ void doInitBackupTpm()
     if(l_backupTpm)
     {
         l_backupTpm->setAttr<TARGETING::ATTR_HB_TPM_INIT_ATTEMPTED>(true);
-        auto l_backupHwasState = l_backupTpm->getAttr<
+        if(isTpmRequired())
+        {
+            auto l_backupHwasState = l_backupTpm->getAttr<
                                                   TARGETING::ATTR_HWAS_STATE>();
-        l_backupTpm->setAttr<TARGETING::ATTR_TPM_UNUSABLE>(
-                  !(l_backupHwasState.present && l_backupHwasState.functional));
+
+            if(!l_backupHwasState.present || !l_backupHwasState.functional)
+            {
+                l_backupTpm->setAttr<TARGETING::ATTR_TPM_UNUSABLE>(true);
+            }
+        }
     }
 }