diff options
Diffstat (limited to 'board')
-rw-r--r-- | board/cr50/tpm_nvmem_ops.c | 39 | ||||
-rw-r--r-- | board/cr50/tpm_nvmem_ops.h | 25 |
2 files changed, 64 insertions, 0 deletions
diff --git a/board/cr50/tpm_nvmem_ops.c b/board/cr50/tpm_nvmem_ops.c index 34e0c76879..90bddfb313 100644 --- a/board/cr50/tpm_nvmem_ops.c +++ b/board/cr50/tpm_nvmem_ops.c @@ -53,3 +53,42 @@ enum tpm_read_rv read_tpm_nvmem(uint16_t obj_index, return tpm_read_success; } + +enum tpm_read_rv read_tpm_nvmem_hidden(uint16_t object_index, + uint16_t object_size, + void *obj_value) +{ + if (NvGetHiddenObject(HR_HIDDEN | object_index, + object_size, + obj_value) == TPM_RC_SUCCESS) { + return tpm_read_success; + } else { + return tpm_read_not_found; + } +} + +enum tpm_write_rv write_tpm_nvmem_hidden(uint16_t object_index, + uint16_t object_size, + void *obj_value, + int commit) +{ + enum tpm_write_rv ret = tpm_write_fail; + + uint32_t handle = object_index | HR_HIDDEN; + + if (!NvIsDefinedHiddenObject(handle) && + NvAddHiddenObject(handle, + object_size, + obj_value) == TPM_RC_SUCCESS) { + ret = tpm_write_created; + } else if (NvWriteHiddenObject(handle, + object_size, + obj_value) == TPM_RC_SUCCESS) { + ret = tpm_write_updated; + } + + if (commit && !NvCommit()) + ret = tpm_write_fail; + + return ret; +} diff --git a/board/cr50/tpm_nvmem_ops.h b/board/cr50/tpm_nvmem_ops.h index 77247e0615..d01c804c4e 100644 --- a/board/cr50/tpm_nvmem_ops.h +++ b/board/cr50/tpm_nvmem_ops.h @@ -13,8 +13,33 @@ enum tpm_read_rv { tpm_read_too_small }; +enum tpm_write_rv { + tpm_write_created, + tpm_write_updated, + tpm_write_fail +}; + +enum tpm_nv_hidden_object { + TPM_HIDDEN_U2F_KEK +}; + enum tpm_read_rv read_tpm_nvmem(uint16_t object_index, uint16_t object_size, void *obj_value); +/* + * The following functions must only be called from the TPM task, + * and only after TPM initialization is complete (specifically, + * after NvInitStatic). + */ + +enum tpm_read_rv read_tpm_nvmem_hidden(uint16_t object_index, + uint16_t object_size, + void *obj_value); + +enum tpm_write_rv write_tpm_nvmem_hidden(uint16_t object_index, + uint16_t object_size, + void *obj_value, + int commit); + #endif /* ! __EC_BOARD_CR50_TPM_NVMEM_OPS_H */ |