diff options
author | Pridhiviraj Paidipeddi <ppaidipe@linux.vnet.ibm.com> | 2018-02-06 07:46:33 +0530 |
---|---|---|
committer | Stewart Smith <stewart@linux.vnet.ibm.com> | 2018-02-08 18:21:42 -0600 |
commit | b772e1132cd51368fab686ce4dd60f3850cfbbfb (patch) | |
tree | bbe93fbcc0cec592d90bfdf36c110f8d31b958a7 /libstb | |
parent | 2109b81d9f78c59b4099b625e18d34a66baa1b71 (diff) | |
download | skiboot-b772e1132cd51368fab686ce4dd60f3850cfbbfb.zip skiboot-b772e1132cd51368fab686ce4dd60f3850cfbbfb.tar.gz skiboot-b772e1132cd51368fab686ce4dd60f3850cfbbfb.tar.bz2 |
libstb: fix failure of calling trusted measure without STB initialization.
When we load a flash resource during OPAL init, STB calls trusted measure
to measure the given resource. There is a situation when a flash gets loaded
before STB initialization then trusted measure cannot measure properly.
So this patch fixes this issue by calling trusted measure only if the
corresponding trusted init was done.
The ideal fix is to make sure STB init done at the first place during init
and then do the loading of flash resources, by that way STB can properly
verify and measure the all resources.
Signed-off-by: Pridhiviraj Paidipeddi <ppaidipe@linux.vnet.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
Diffstat (limited to 'libstb')
-rw-r--r-- | libstb/trustedboot.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/libstb/trustedboot.c b/libstb/trustedboot.c index 058e45e..151e4e1 100644 --- a/libstb/trustedboot.c +++ b/libstb/trustedboot.c @@ -30,6 +30,7 @@ //#define STB_DEBUG static bool trusted_mode = false; +static bool trusted_init = false; static bool boot_services_exited = false; /* @@ -114,6 +115,8 @@ void trustedboot_init(void) cvc_init(); tpm_init(); + + trusted_init = true; } int trustedboot_exit_boot_services(void) @@ -180,6 +183,13 @@ int trustedboot_measure(enum resource_id id, void *buf, size_t len) prlog(PR_ERR, "resource NOT MEASURED, resource_id=%d unknown\n", id); return -1; } + + if (!trusted_init) { + prlog(PR_ERR, "resource NOT MEASURED, resource_id=%d " + "trustedboot not yet initialized\n", id); + return -1; + } + if (boot_services_exited) { prlog(PR_ERR, "%s NOT MEASURED. Already exited from boot " "services\n", name); |