libstb: Don't exit trustedboot services multiple times

For the very specific scenario when the fast-reboot is used, we see
multiple error messages regarding the trusteboot measurements not being
done.

The way fast-reboot works is performing just fundamental operations, like
PCI initialization, to get skiboot into good shape to boot kernel, and
later the host's Kernel. That means fast-reboot contains data structures
filled since last full reboot.

In this process trustedboot is not re-initialized when, but it still tries
to perform the STB measurements and event logging done in
trustedboot_exit_services, showing multiple failure messages.

This patch avoids that situation by returning earlier and logging that
trustedboot already exited.

If eventually something changes and trustedboot gets re-initialized during
fast-reboot this patch also set boot_services_exited to false after every
initialization so we always exit trustedboot whenever it get initialized.

Signed-off-by: Mauro S. M. Rodrigues <maurosr@linux.vnet.ibm.com>
Signed-off-by: Oliver O'Halloran <oohall@gmail.com>

1 files changed, 7 insertions, 2 deletions

diff --git a/libstb/trustedboot.c b/libstb/trustedboot.c
index 413862e..b1f86cc 100644
--- a/libstb/trustedboot.c
+++ b/libstb/trustedboot.c
@@ -116,6 +116,7 @@ void trustedboot_init(void)
 	tpm_init();
 
 	trusted_init = true;
+	boot_services_exited = false;
 }
 
 int trustedboot_exit_boot_services(void)
@@ -124,11 +125,15 @@ int trustedboot_exit_boot_services(void)
 	int rc = 0;
 	bool failed = false;
 
-	boot_services_exited = true;
-
 	if (!trusted_mode)
 		goto out_free;
 
+	if (boot_services_exited) {
+		prlog(PR_WARNING, "Trusted boot services exited before.\n");
+		goto out_free;
+	}
+
+	boot_services_exited = true;
 #ifdef STB_DEBUG
 	prlog(PR_NOTICE, "ev_separator.event: %s\n", ev_separator.event);
 	prlog(PR_NOTICE, "ev_separator.sha1:\n");