diff options
author | Michael Anderson <andmike@linux.ibm.com> | 2020-01-28 13:33:37 -0800 |
---|---|---|
committer | Ram Pai <linuxram@us.ibm.com> | 2020-11-03 12:52:37 -0500 |
commit | 4d2efabb95548ccf52f7b21383fb9365fa07095b (patch) | |
tree | b697849b937282a4febf6e340236fca8b632ef01 | |
parent | a6279d437e5a1d1b5a3c8acad68a5a8d0315361c (diff) | |
download | skiboot-4d2efabb95548ccf52f7b21383fb9365fa07095b.zip skiboot-4d2efabb95548ccf52f7b21383fb9365fa07095b.tar.gz skiboot-4d2efabb95548ccf52f7b21383fb9365fa07095b.tar.bz2 |
tpm: Send selftest to mitigate RSA key issue
- Send selftest to mitigate RSA key issue.
Signed-off-by: Michael Anderson <andmike@linux.ibm.com>
-rw-r--r-- | libstb/tss2/opalcreate.c | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/libstb/tss2/opalcreate.c b/libstb/tss2/opalcreate.c index 01b9717..e195cce 100644 --- a/libstb/tss2/opalcreate.c +++ b/libstb/tss2/opalcreate.c @@ -929,6 +929,28 @@ out_err: return 0; } +static int send_selftest(TSS_CONTEXT *ctx) +{ + SelfTest_In in; + TPM_RC rc; + + in.fullTest = 1; + + rc = TSS_Execute(ctx, + NULL, + (COMMAND_PARAMETERS *)&in, + NULL, + TPM_CC_SelfTest, + TPM_RH_NULL, NULL, 0); + if (rc) { + traceError("selftest", rc); + prlog(PR_ERR,"selftest failed\n"); + return -1; + } + + return 0; +} + int wrapping_key_init(void) { TPMS_CAPABILITY_DATA capabilityData; @@ -1054,6 +1076,11 @@ out_publicname: goto out_err_free; } + /* Mitigate RSA key errata by sending selftest */ + rc = send_selftest(ctx); + if (rc) + prlog(PR_ERR,"Mitigate RSA key errata selftest failed\n"); + rc = TSS_Delete(ctx); if (rc) prlog(PR_ERR,"Failed to delete TSS context\n"); |