diff options
| author | Vadim Bendebury <vbendeb@chromium.org> | 2020-06-18 17:23:07 -0700 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2020-06-25 21:34:59 +0000 |
| commit | a33e33844859f5e3b2949cd085fce50acad29f86 (patch) | |
| tree | 0bcc8679a1022cd4cb281b00cf3a27357c62b56e | |
| parent | 2d7cdfffa2fec56805406c50e8c3b58b6d0b617c (diff) | |
| download | chrome-ec-a33e33844859f5e3b2949cd085fce50acad29f86.tar.gz | |
NVMEM: selective erase of TPM objects
This patch adds another NVMEM API, which allows to erase stored TPM
objects selectively. The list of indices of the objects to be erases
is supplied in a zero terminated array.
The existing nvmem_erase_tpm_data() has been modified to erase only
selected objects, if the list of objects is supplied by the caller.
BUG=b:138578447
TEST=Using tpm_manager_client created a bogus NVMEM object, modified
Cr50 code to provide a CLI command which would invoke the new
NVMEM API function to delete the new object.
Invoked 'dump_nvmem' command before and after deleting the bogus
object. Observed the NVMEM contents compacted and the bogus
object deleted. Rebooted the device, observed proper Chrome OS
start up maintaining the existing user account.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: I3e299c8004141fa01ff20c290131b6526575c42e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2253324
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>
| -rw-r--r-- | common/new_nvmem.c | 33 | ||||
| -rw-r--r-- | include/new_nvmem.h | 19 |
2 files changed, 44 insertions, 8 deletions
diff --git a/common/new_nvmem.c b/common/new_nvmem.c index 445d731f86..01d3bd69f1 100644 --- a/common/new_nvmem.c +++ b/common/new_nvmem.c @@ -2995,13 +2995,7 @@ static void dump_contents(const struct nn_container *ch) ccprintf("\n"); } -/* - * Clear tpm data from nvmem. First fill up the current top page with erased - * objects, then compact the flash storage, removing all TPM related objects. - * This would guarantee that all pages where TPM objecs were stored would be - * erased. - */ -int nvmem_erase_tpm_data(void) +int nvmem_erase_tpm_data_selective(const uint32_t *objs_to_erase) { const uint8_t *key; const uint8_t *val; @@ -3024,6 +3018,31 @@ int nvmem_erase_tpm_data(void) (ch->container_type != NN_OBJ_TPM_EVICTABLE)) continue; + /* If not all TPM objects need to be erased. */ + if (objs_to_erase) { + uint32_t curent_obj; + const uint32_t *obj; + + /* Index of the current NVMEM object. */ + memcpy(&curent_obj, ch + 1, sizeof(curent_obj)); + + /* + * Iterate over indices of the subset of objects which + * need to be erased. + */ + obj = objs_to_erase; + do { + if (curent_obj == *obj) + break; + } while (*(++obj)); + + /* + * If current NVMEM object is not in the list, do not + * erase it. + */ + if (!*obj) + continue; + } delete_object(&at, ch); } diff --git a/include/new_nvmem.h b/include/new_nvmem.h index 37399702f8..9aa551c761 100644 --- a/include/new_nvmem.h +++ b/include/new_nvmem.h @@ -134,7 +134,24 @@ struct access_tracker { enum ec_error_list new_nvmem_init(void); enum ec_error_list new_nvmem_migrate(unsigned int nvmem_act_partition); enum ec_error_list new_nvmem_save(void); -int nvmem_erase_tpm_data(void); + +/* + * nvmem_erase_tpm_data_selective + * + * Delete from NVMEM TPM NVMEM objects listed in the zero terminated array of + * indices. If the pointer to the array is NULL - delete all TPM objects. + * + * Once deletion is completed, fill up the current top page with erased + * objects, then compact the flash storage. This will ensure that the NVMEM + * does not contain erased instances of deleted objects. + */ +int nvmem_erase_tpm_data_selective(const uint32_t *objs_to_erase); + +/* Erase all TMP NVMEM objects. */ +static inline int nvmem_erase_tpm_data(void) +{ + return nvmem_erase_tpm_data_selective(NULL); +} #if defined(TEST_BUILD) && !defined(TEST_FUZZ) #define NVMEM_TEST_BUILD |