Add TrustedComponent D-bus Interface
TrustedComponent represents a trusted device, such as a TPM or
SPDM-capable device.
This commit adds TrustedComponent D-Bus interface.
Change-Id: Ic5de5ee6c8ffd58d50a64937dacdddbebac7f1ab
Signed-off-by: Zhichuang Sun <zhichuang@google.com>
diff --git a/yaml/xyz/openbmc_project/Attestation/ComponentIntegrity.interface.yaml b/yaml/xyz/openbmc_project/Attestation/ComponentIntegrity.interface.yaml
index bc0b6dc..168faa6 100644
--- a/yaml/xyz/openbmc_project/Attestation/ComponentIntegrity.interface.yaml
+++ b/yaml/xyz/openbmc_project/Attestation/ComponentIntegrity.interface.yaml
@@ -47,6 +47,14 @@
reverse_name: authenticated_by
required_endpoint_interfaces:
- xyz.openbmc_project.Inventory.Item
+ - name: reporting
+ description: >
+ Objects that implement ComponentIntegrity can implement the
+ "reporting" association to provide a link to the target trusted
+ component whose integrity this resource reports.
+ reverse_name: reported_by
+ required_endpoint_interfaces:
+ - xyz.openbmc_project.Inventory.Item.TrustedComponent
enumerations:
- name: SecurityTechnologyType
diff --git a/yaml/xyz/openbmc_project/Inventory/Item.interface.yaml b/yaml/xyz/openbmc_project/Inventory/Item.interface.yaml
index 4319b02..046e567 100644
--- a/yaml/xyz/openbmc_project/Inventory/Item.interface.yaml
+++ b/yaml/xyz/openbmc_project/Inventory/Item.interface.yaml
@@ -102,6 +102,14 @@
reverse_name: authenticating
required_endpoint_interfaces:
- xyz.openbmc_project.Attestation.ComponentIntegrity
+ - name: protected_by
+ description: >
+ Objects that implement Item can optionally implement the
+ "protected_by" association to provide a link to the target trusted
+ component object that protects this item.
+ reverse_name: protecting
+ required_endpoint_interfaces:
+ - xyz.openbmc_project.Inventory.Item.TrustedComponent
paths:
- namespace: /xyz/openbmc_project/inventory
diff --git a/yaml/xyz/openbmc_project/Inventory/Item/TrustedComponent.interface.yaml b/yaml/xyz/openbmc_project/Inventory/Item/TrustedComponent.interface.yaml
new file mode 100644
index 0000000..f99f4c7
--- /dev/null
+++ b/yaml/xyz/openbmc_project/Inventory/Item/TrustedComponent.interface.yaml
@@ -0,0 +1,49 @@
+description: >
+ Interface to query trusted component info.
+
+properties:
+ - name: TrustedComponentType
+ type: enum[self.ComponentAttachType]
+ default: Unknown
+ flags:
+ - readonly
+ description: >
+ The type of trusted component, such as any physical distinction about
+ the trusted component.
+
+associations:
+ - name: reported_by
+ description: >
+ Objects that implement TrustedComponent can implement the
+ "reported_by" association to provide a link to component integrity
+ object that the trusted component is reported by.
+ reverse_name: reporting
+ required_endpoint_interfaces:
+ - xyz.openbmc_project.Attestation.ComponentIntegrity
+
+ - name: protecting
+ description: >
+ Objects that implement TrustedComponent can implement the "protecting"
+ association to provide a link to the target component whose security
+ this resource protects.
+ reverse_name: protected_by
+ required_endpoint_interfaces:
+ - xyz.openbmc_project.Inventory.Item
+
+enumerations:
+ - name: ComponentAttachType
+ description: >
+ The type of trusted component, such as any physical distinction about
+ the trusted component.
+ values:
+ - name: Discrete
+ description: >
+ A discrete trusted component. It is "discrete" when basic
+ electronic components are connected through a wire or soldered
+ on a printed circuit board (PCB).
+ - name: Integrated
+ description: >
+ An integrated trusted component.
+ - name: Unknown
+ description: >
+ Attach type not known yet.