From patchwork Thu Aug 31 07:42:49 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Claudio Carvalho X-Patchwork-Id: 808107 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xjZB30Vcmz9sRq for ; Thu, 31 Aug 2017 17:43:39 +1000 (AEST) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3xjZB26jkTzDqYb for ; Thu, 31 Aug 2017 17:43:38 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xjZ9T1HxDzDqGX for ; Thu, 31 Aug 2017 17:43:08 +1000 (AEST) Received: from pps.filterd (m0098419.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7V7csh2096490 for ; Thu, 31 Aug 2017 03:43:06 -0400 Received: from e32.co.us.ibm.com (e32.co.us.ibm.com [32.97.110.150]) by mx0b-001b2d01.pphosted.com with ESMTP id 2cpa77ygqm-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 31 Aug 2017 03:43:06 -0400 Received: from localhost by e32.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Aug 2017 01:43:05 -0600 Received: from b03cxnp07028.gho.boulder.ibm.com (9.17.130.15) by e32.co.us.ibm.com (192.168.1.132) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 31 Aug 2017 01:43:04 -0600 Received: from b03ledav005.gho.boulder.ibm.com (b03ledav005.gho.boulder.ibm.com [9.17.130.236]) by b03cxnp07028.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v7V7h3mb4194658 for ; Thu, 31 Aug 2017 00:43:03 -0700 Received: from b03ledav005.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D4C7ABE039 for ; Thu, 31 Aug 2017 01:43:03 -0600 (MDT) Received: from legolas.ibm.com (unknown [9.85.193.48]) by b03ledav005.gho.boulder.ibm.com (Postfix) with ESMTP id 3E847BE038 for ; Thu, 31 Aug 2017 01:43:03 -0600 (MDT) From: Claudio Carvalho To: skiboot@lists.ozlabs.org Date: Thu, 31 Aug 2017 04:42:49 -0300 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1504165372-15971-1-git-send-email-cclaudio@linux.vnet.ibm.com> References: <1504165372-15971-1-git-send-email-cclaudio@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17083107-0004-0000-0000-000012DA09F0 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00007640; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000226; SDB=6.00910104; UDB=6.00456514; IPR=6.00690384; BA=6.00005562; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016938; XFM=3.00000015; UTC=2017-08-31 07:43:05 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17083107-0005-0000-0000-000080EDDCE6 Message-Id: <1504165372-15971-3-git-send-email-cclaudio@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-31_02:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708310118 Subject: [Skiboot] [PATCH 2/5] hdata/tpmrel.c: add eventlog info to tpm devices X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" This parses the TPMREL secureboot_tpm_info structure in order to add the event log info to i2c tpm devices. There can be multiple secureboot_tpm_info entries with each entry corresponding to a master processor that has a tpm device. Signed-off-by: Claudio Carvalho --- hdata/spira.h | 28 ++++++++++++++++++++++++++++ hdata/tpmrel.c | 54 +++++++++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 81 insertions(+), 1 deletion(-) diff --git a/hdata/spira.h b/hdata/spira.h index d2a70c1..78ff33d 100644 --- a/hdata/spira.h +++ b/hdata/spira.h @@ -1098,6 +1098,34 @@ struct ipmi_sensors { */ #define STB_HDIF_SIG "TPMREL" +/* + * Idata index 0 : Secure Boot and TPM Instance Info + * + * There can be multiple entries with each entry corresponding to + * a master processor that has a TPM device + */ +#define TPMREL_IDATA_SECUREBOOT_TPM_INFO 0 + +struct secureboot_tpm_info { + __be32 chip_id; + __be32 dbob_id; + uint8_t locality1; + uint8_t locality2; + uint8_t locality3; + uint8_t locality4; +#define TPM_PRESENT_AND_FUNCTIONAL 0x01 +#define TPM_PRESENT_AND_NOT_FUNCTIONAL 0x02 +#define TPM_NOT_PRESENT 0x03 + uint8_t tpm_status; + uint8_t reserved[3]; + /* zero indicates no tpm log data */ + __be32 srtm_log_offset; + __be32 srtm_log_size; + /* zero indicates no tpm log data */ + __be32 drtm_log_offset; + __be32 drtm_log_size; +} __packed; + static inline const char *cpu_state(u32 flags) { switch ((flags & CPU_ID_VERIFY_MASK) >> CPU_ID_VERIFY_SHIFT) { diff --git a/hdata/tpmrel.c b/hdata/tpmrel.c index 7ded404..f2e2ec8 100644 --- a/hdata/tpmrel.c +++ b/hdata/tpmrel.c @@ -19,11 +19,62 @@ #endif #include +#include #include "spira.h" #include "hdata.h" #include "hdif.h" +#define TPM_SRTM_EVENTLOG_MAX_SIZE 0x10000 + +static void add_tpmrel_tpm_eventlog(const struct HDIF_common_hdr *hdif_hdr) +{ + const struct secureboot_tpm_info *stinfo; + struct dt_node *xscom, *node; + uint64_t addr; + bool tpmfound = false; + int count, i; + + count = HDIF_get_iarray_size(hdif_hdr, TPMREL_IDATA_SECUREBOOT_TPM_INFO); + if (count > 1) { + prerror("multinode not supported, count=%d\n", + count); + return; + } + + for (i = 0; i < count; i++) { + + stinfo = HDIF_get_iarray_item(hdif_hdr, + TPMREL_IDATA_SECUREBOOT_TPM_INFO, + i, NULL); + + xscom = find_xscom_for_chip(be32_to_cpu(stinfo->chip_id)); + if (xscom) { + dt_for_each_node(xscom, node) { + if (dt_has_node_property(node, "label", "tpm")) { + tpmfound=true; + addr = (uint64_t) stinfo + + be32_to_cpu(stinfo->srtm_log_offset); + dt_add_property_u64s(node, "linux,sml-base", addr); + dt_add_property_cells(node, "linux,sml-size", + TPM_SRTM_EVENTLOG_MAX_SIZE); + break; + } + } + if (!tpmfound && + stinfo->tpm_status == TPM_PRESENT_AND_FUNCTIONAL) { + prerror("TPM functional but not found for chip_id=%d.\n", + stinfo->chip_id); + continue; + } + } else { + prerror("could not add TPM device, chip_id=%d invalid\n", + stinfo->chip_id); + continue; + } + } +} + void node_stb_parse(void) { struct HDIF_common_hdr *hdif_hdr; @@ -34,7 +85,8 @@ void node_stb_parse(void) return; } - /* TODO: Idata 0: Secure Boot and TPM Instance Info */ + add_tpmrel_tpm_eventlog(hdif_hdr); + /* TODO: Idata 1: User Physical Interaction Mechanism Info */ /* TODO: Idata 2: Hash and Verification Function Offset Array */ }