cr50: add get_tpm_pcr_value method

This CL adds get_tpm_pcr_value() for reading current PCR values.

BUG=b:267674073
TEST=build

Cq-Depend: chromium:4242409
Change-Id: I632cb13a3f44130f29b72cc4c22ea97a692ffad8
Signed-off-by: Andrey Pronin <apronin@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4241650
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>

2 files changed, 16 insertions, 0 deletions

diff --git a/board/cr50/tpm_nvmem_ops.c b/board/cr50/tpm_nvmem_ops.c
index 74f2ffbc79..92e8721b0a 100644
--- a/board/cr50/tpm_nvmem_ops.c
+++ b/board/cr50/tpm_nvmem_ops.c
@@ -14,6 +14,7 @@
 #include "Global.h"
 #include "Implementation.h"
 #include "NV_fp.h"
+#include "PCR_fp.h"
 #include "tpm_types.h"
 
 #define CPRINTF(format, args...) cprintf(CC_TASK, format, ## args)
@@ -120,3 +121,8 @@ void tpm_orderly_state_restore(const char copy[TPM_ORDERLY_STATE_SIZE])
 {
 	NvStateRestore(copy);
 }
+
+bool get_tpm_pcr_value(uint32_t pcr_num, uint8_t value[SHA256_DIGEST_SIZE])
+{
+	return PCRGetValue(TPM_ALG_SHA256, pcr_num, SHA256_DIGEST_SIZE, value);
+}
diff --git a/board/cr50/tpm_nvmem_ops.h b/board/cr50/tpm_nvmem_ops.h
index 70187a2245..d157c5308b 100644
--- a/board/cr50/tpm_nvmem_ops.h
+++ b/board/cr50/tpm_nvmem_ops.h
@@ -7,6 +7,10 @@
 #ifndef __EC_BOARD_CR50_TPM_NVMEM_OPS_H
 #define __EC_BOARD_CR50_TPM_NVMEM_OPS_H
 
+#ifndef SHA256_DIGEST_SIZE
+#define SHA256_DIGEST_SIZE 32
+#endif /* SHA256_DIGEST_SIZE */
+
 #define TPM_ORDERLY_STATE_SIZE 512
 
 enum tpm_read_rv {
@@ -52,4 +56,10 @@ void tpm_orderly_state_capture(char copy[TPM_ORDERLY_STATE_SIZE]);
 
 void tpm_orderly_state_restore(const char copy[TPM_ORDERLY_STATE_SIZE]);
 
+/*
+ * Read value of the specified PCR in SHA-256 bank into a buffer,
+ * or return false if no such PCR
+ */
+bool get_tpm_pcr_value(uint32_t pcr_num, uint8_t value[SHA256_DIGEST_SIZE]);
+
 #endif  /* ! __EC_BOARD_CR50_TPM_NVMEM_OPS_H */