You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
107 lines
3.4 KiB
107 lines
3.4 KiB
From 26970c42bc017ad68b864e7134cf941c07443aa8 Mon Sep 17 00:00:00 2001 |
|
From: Chris Engel <cengel@linux.vnet.ibm.com> |
|
Date: Tue, 22 Aug 2017 14:59:06 -0500 |
|
Subject: [PATCH] Interface for ibm,physical-attestation rtas call |
|
|
|
The physical attestation interfaces are provided to allow a |
|
trusted 3rd party client to retrieve information about the |
|
trusted boot state of the target PowerVM system. This makes |
|
use of the systems physical TPM(s). These TPM(s) are used |
|
by system firmware to extend measurements during the |
|
boot process. |
|
|
|
Signed-off-by: Chris Engel <cengel@linux.vnet.ibm.com> |
|
Reviewed-by: Vasant Hegde <hegdevasant@linux.vnet.ibm.com> |
|
Signed-off-by: Tyrel Datwyler <tyreld@linux.vnet.ibm.com> |
|
--- |
|
librtas_src/librtas.h | 2 ++ |
|
librtas_src/syscall_calls.c | 63 +++++++++++++++++++++++++++++++++++++++++++++ |
|
2 files changed, 65 insertions(+) |
|
|
|
diff --git a/librtas_src/librtas.h b/librtas_src/librtas.h |
|
index ccab3d9..b84fab1 100644 |
|
--- a/librtas_src/librtas.h |
|
+++ b/librtas_src/librtas.h |
|
@@ -105,6 +105,8 @@ extern int rtas_set_time(uint32_t year, uint32_t month, uint32_t day, |
|
extern int rtas_suspend_me(uint64_t streamid); |
|
extern int rtas_update_nodes(char *workarea, unsigned int scope); |
|
extern int rtas_update_properties(char *workarea, unsigned int scope); |
|
+extern int rtas_physical_attestation(char *workarea, int seq_num, |
|
+ int *next_seq_num, int *work_area_bytes); |
|
|
|
#ifdef __cplusplus |
|
} |
|
diff --git a/librtas_src/syscall_calls.c b/librtas_src/syscall_calls.c |
|
index a194e4b..35b6d66 100644 |
|
--- a/librtas_src/syscall_calls.c |
|
+++ b/librtas_src/syscall_calls.c |
|
@@ -1329,3 +1329,66 @@ int rtas_update_properties(char *workarea, unsigned int scope) |
|
dbg("(%p) %d = %d\n", workarea, scope, rc ? rc : status); |
|
return rc ? rc : status; |
|
} |
|
+ |
|
+/** |
|
+ * rtas_physical_attestation |
|
+ * @brief Interface for ibm,physical-attestation rtas call. |
|
+ * |
|
+ * @param workarea input/output work area for rtas call |
|
+ * @param seq_num sequence number of the rtas call |
|
+ * @param next_seq_num next sequence number |
|
+ * @param work_area_bytes size of work area |
|
+ * @return 0 on success, !0 on failure |
|
+ */ |
|
+int rtas_physical_attestation(char *workarea, int seq_num, int *next_seq_num, |
|
+ int *work_area_bytes) |
|
+{ |
|
+ uint32_t workarea_pa; |
|
+ uint64_t elapsed = 0; |
|
+ void *kernbuf; |
|
+ int kbuf_sz = 4096; |
|
+ int rc, status; |
|
+ int resp_bytes = *work_area_bytes; |
|
+ |
|
+ rc = sanity_check(); |
|
+ if (rc) |
|
+ return rc; |
|
+ |
|
+ /* Caller provided more data than FW can handle */ |
|
+ if (*work_area_bytes == 0 || |
|
+ *work_area_bytes > kbuf_sz) |
|
+ return RTAS_IO_ASSERT; |
|
+ |
|
+ rc = rtas_get_rmo_buffer(kbuf_sz, &kernbuf, &workarea_pa); |
|
+ if (rc) |
|
+ return rc; |
|
+ memcpy(kernbuf, workarea, *work_area_bytes); |
|
+ |
|
+ do { |
|
+ rc = rtas_call("ibm,physical-attestation", 3, 3, |
|
+ htobe32(workarea_pa), htobe32(kbuf_sz), |
|
+ htobe32(seq_num), |
|
+ &status, next_seq_num, &resp_bytes); |
|
+ if (rc < 0) |
|
+ break; |
|
+ |
|
+ rc = handle_delay(status, &elapsed); |
|
+ } while (rc == CALL_AGAIN); |
|
+ |
|
+ *next_seq_num = be32toh(*next_seq_num); |
|
+ |
|
+ /* FW returned more data than we can handle */ |
|
+ if (be32toh(resp_bytes) > *work_area_bytes) { |
|
+ (void)rtas_free_rmo_buffer(kernbuf, workarea_pa, kbuf_sz); |
|
+ return RTAS_IO_ASSERT; |
|
+ } |
|
+ |
|
+ *work_area_bytes = be32toh(resp_bytes); |
|
+ |
|
+ if (rc == 0) |
|
+ memcpy(workarea, kernbuf, *work_area_bytes); |
|
+ |
|
+ (void)rtas_free_rmo_buffer(kernbuf, workarea_pa, kbuf_sz); |
|
+ |
|
+ return rc ? rc : status; |
|
+} |
|
-- |
|
2.9.5 |
|
|
|
|