crossystem: support clear_tpm_owner_request on TPM2.0 simulator

This CL would give VM boards the ability to hard reset TPM.

When clearing TPM ownership on real devices, there are two things
would happen:
1. TPM reset all of its NVRAM data.
2. mount-encrypted can't decrypt old encrypted partition.

The TPM2.0 simulator put its NV space at "/var/lib/trunks/NVChip".
And "/var/lib" is under encrypted partition.
Remove the mount-encrypted key would cause mount-encrypted lost the
encrypted partition on next boot, and it would simply achieve those
two targets.

BUG=b:170785530
BRANCH=none
TEST=crossystem clear_tpm_owner_request=1

Cq-Depend: chromium:2501904
Signed-off-by: Yi Chou <yich@google.com>
Change-Id: Ifeff0cf03bf76706849905816d22024f3d1b952f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2470577
Reviewed-by: Joel Kitching <kitching@chromium.org>

2 files changed, 38 insertions, 3 deletions

diff --git a/Makefile b/Makefile
index 8f1bd148..f508a386 100644
--- a/Makefile
+++ b/Makefile
@@ -191,6 +191,13 @@ ifneq (${MOCK_TPM},)
 CFLAGS += -DMOCK_TPM
 endif
 
+# TPM2_SIMULATOR indicates whether the TPM2 simulator feature is enable or not.
+ifneq ($(filter-out 0,${TPM2_SIMULATOR}),)
+CFLAGS += -DTPM2_SIMULATOR=1
+else
+CFLAGS += -DTPM2_SIMULATOR=0
+endif
+
 # DETACHABLE indicates whether the device is a detachable or not.
 ifneq ($(filter-out 0,${DETACHABLE}),)
 CFLAGS += -DDETACHABLE=1
diff --git a/host/lib/crossystem.c b/host/lib/crossystem.c
index 6d72dc07..25a55d82 100644
--- a/host/lib/crossystem.c
+++ b/host/lib/crossystem.c
@@ -3,10 +3,11 @@
  * found in the LICENSE file.
  */
 
+#include <ctype.h>
 #include <stddef.h>
 #include <stdio.h>
 #include <string.h>
-#include <ctype.h>
+#include <unistd.h>
 
 #include "2api.h"
 #include "2common.h"
@@ -23,6 +24,9 @@
 /* Filename for kernel command line */
 #define KERNEL_CMDLINE_PATH "/proc/cmdline"
 
+/* Filename for the mount-encrypted key */
+#define MOUNT_ENCRYPTED_KEY_PATH "/mnt/stateful_partition/encrypted.key"
+
 /* Fields that GetVdatString() can get */
 typedef enum VdatStringField {
 	VDAT_STRING_DEPRECATED_TIMERS = 0,  /* Timer values */
@@ -370,7 +374,12 @@ int VbGetSystemPropertyInt(const char *name)
 	} else if (!strcasecmp(name,"disable_dev_request")) {
 		value = vb2_get_nv_storage(VB2_NV_DISABLE_DEV_REQUEST);
 	} else if (!strcasecmp(name,"clear_tpm_owner_request")) {
-		value = vb2_get_nv_storage(VB2_NV_CLEAR_TPM_OWNER_REQUEST);
+		if (TPM2_SIMULATOR)
+			/* Check mount-encrypted key status */
+			value = access(MOUNT_ENCRYPTED_KEY_PATH, F_OK) != 0;
+		else
+			value = vb2_get_nv_storage(
+				VB2_NV_CLEAR_TPM_OWNER_REQUEST);
 	} else if (!strcasecmp(name,"clear_tpm_owner_done")) {
 		value = vb2_get_nv_storage(VB2_NV_CLEAR_TPM_OWNER_DONE);
 	} else if (!strcasecmp(name,"tpm_rebooted")) {
@@ -542,7 +551,26 @@ int VbSetSystemPropertyInt(const char *name, int value)
 	} else if (!strcasecmp(name,"disable_dev_request")) {
 		return vb2_set_nv_storage(VB2_NV_DISABLE_DEV_REQUEST, value);
 	} else if (!strcasecmp(name,"clear_tpm_owner_request")) {
-		return vb2_set_nv_storage(VB2_NV_CLEAR_TPM_OWNER_REQUEST, value);
+		if (TPM2_SIMULATOR) {
+			/* We don't support to set clear_tpm_owner_request to 0
+			 * on simulator */
+			if (value == 0)
+				return -1;
+			/* Check mount-encrypted key status */
+			if (!access(MOUNT_ENCRYPTED_KEY_PATH, F_OK)) {
+				/* Remove the mount_encrypted key, and it would
+				 * also clear the TPM2.0 simulator NV space on
+				 * it. */
+				return remove(MOUNT_ENCRYPTED_KEY_PATH);
+			} else {
+				/* Return success when the file is already
+				 * removed */
+				return 0;
+			}
+		} else {
+			return vb2_set_nv_storage(
+				VB2_NV_CLEAR_TPM_OWNER_REQUEST, value);
+		}
 	} else if (!strcasecmp(name,"clear_tpm_owner_done")) {
 		/* Can only clear this flag; it's set by firmware. */
 		return vb2_set_nv_storage(VB2_NV_CLEAR_TPM_OWNER_DONE, 0);