tpm2: simplify rollback checks.

On the systems using TPM2 this rollback index check will run only for the kernel space. This means that TPM initialization is guaranteed to be completed by the time this code runs. The exact ways of verifying the space settings and locking it are still being designed, this functionality is temporarily excluded in this patch. BRANCH=none BUG=chrome-os-partner:50645 TEST=with the rest of the patches applied kevin/gru boards boot into chrome OS with rollback counters read from/written to TPM2 Change-Id: Ie4e22886493404f538b2b3ae6f8c2bdca5f7ab22 Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/356752 Reviewed-by: Randall Spangler <rspangler@chromium.org>
author: Vadim Bendebury <vbendeb@chromium.org> 2016-06-28 10:15:11 -0700
committer: chrome-bot <chrome-bot@chromium.org> 2016-07-01 05:16:04 -0700
commit: 3c9acf83d516d4de01ecd3e8a7eb9486bb2896f2 (patch)
tree: 7cc9edada81d91792e9f82eaf1372191e17b3784
parent: b8e8801c4fa435d0f760df6bff91e961adda1cd6 (diff)
download: vboot-3c9acf83d516d4de01ecd3e8a7eb9486bb2896f2.tar.gz
1 files changed, 21 insertions, 8 deletions
diff --git a/firmware/lib/rollback_index.c b/firmware/lib/rollback_index.c
index 7a4c0443..94690f50 100644
--- a/firmware/lib/rollback_index.c
+++ b/firmware/lib/rollback_index.c
@@ -247,6 +247,7 @@ uint32_t WriteSpaceKernel(RollbackSpaceKernel *rsk)
 	return TPM_E_CORRUPTED_STATE;
 }
 
+#ifndef TPM2_MODE
 uint32_t OneTimeInitializeTPM(RollbackSpaceFirmware *rsf,
                               RollbackSpaceKernel *rsk)
 {
@@ -326,7 +327,7 @@ uint32_t OneTimeInitializeTPM(RollbackSpaceFirmware *rsf,
 
 	return TPM_SUCCESS;
 }
-
+#endif
 
 /*
  * SetupTPM starts the TPM and establishes the root of trust for the
@@ -419,6 +420,7 @@ uint32_t SetupTPM(int developer_mode, int disable_dev_request,
 
 	/* Read the firmware space. */
 	result = ReadSpaceFirmware(rsf);
+#ifndef TPM2_MDOE
 	if (TPM_E_BADINDEX == result) {
 		RollbackSpaceKernel rsk;
 
@@ -428,7 +430,9 @@ uint32_t SetupTPM(int developer_mode, int disable_dev_request,
 		 */
 		VBDEBUG(("TPM: Not initialized yet.\n"));
 		RETURN_ON_FAILURE(OneTimeInitializeTPM(rsf, &rsk));
-	} else if (TPM_SUCCESS != result) {
+	} else
+#endif
+	if (TPM_SUCCESS != result) {
 		VBDEBUG(("TPM: Firmware space in a bad state; giving up.\n"));
 		return TPM_E_CORRUPTED_STATE;
 	}
@@ -614,7 +618,6 @@ uint32_t RollbackFirmwareLock(void)
 uint32_t RollbackKernelRead(uint32_t* version)
 {
 	RollbackSpaceKernel rsk;
-	uint32_t perms, uid;
 
 	/*
 	 * Read the kernel space and verify its permissions.  If the kernel
@@ -625,11 +628,21 @@ uint32_t RollbackKernelRead(uint32_t* version)
 	 * PP-protected space (but not write to it).
 	 */
 	RETURN_ON_FAILURE(ReadSpaceKernel(&rsk));
-	RETURN_ON_FAILURE(TlclGetPermissions(KERNEL_NV_INDEX, &perms));
-	Memcpy(&uid, &rsk.uid, sizeof(uid));
-	if (TPM_NV_PER_PPWRITE != perms || ROLLBACK_SPACE_KERNEL_UID != uid)
-		return TPM_E_CORRUPTED_STATE;
-
+#ifndef TPM2_MODE
+	/*
+	 * TODO(vbendeb): restore this when it is defined how the kernel space
+	 * gets protected.
+	 */
+	{
+		uint32_t perms, uid;
+
+		RETURN_ON_FAILURE(TlclGetPermissions(KERNEL_NV_INDEX, &perms));
+		Memcpy(&uid, &rsk.uid, sizeof(uid));
+		if (TPM_NV_PER_PPWRITE != perms ||
+		    ROLLBACK_SPACE_KERNEL_UID != uid)
+			return TPM_E_CORRUPTED_STATE;
+	}
+#endif
 	Memcpy(version, &rsk.kernel_versions, sizeof(*version));
 	VBDEBUG(("TPM: RollbackKernelRead %x\n", (int)*version));
 	return TPM_SUCCESS;
author	Vadim Bendebury <vbendeb@chromium.org>	2016-06-28 10:15:11 -0700
committer	chrome-bot <chrome-bot@chromium.org>	2016-07-01 05:16:04 -0700
commit	3c9acf83d516d4de01ecd3e8a7eb9486bb2896f2 (patch)
tree	7cc9edada81d91792e9f82eaf1372191e17b3784
parent	b8e8801c4fa435d0f760df6bff91e961adda1cd6 (diff)
download	vboot-3c9acf83d516d4de01ecd3e8a7eb9486bb2896f2.tar.gz