Revert "Refactor TPM calls into vboot wrapper"

This reverts commit da55560cddcf7a1aa8a881cdf52792a21a01e766. This commit caused http://build.chromium.org/p/chromiumos/builders/arm%20tegra2%20binary/builds/6301 to fail.

Change-Id: Ie132c1e600ab28f97337ecfe0e7cff053987717d
Reviewed-on: http://gerrit.chromium.org/gerrit/4661
Reviewed-by: Elly Jones <ellyjones@chromium.org>
Tested-by: Elly Jones <ellyjones@chromium.org>

1 files changed, 46 insertions, 10 deletions

diff --git a/firmware/lib/rollback_index.c b/firmware/lib/rollback_index.c
index e0554ddf..fa9d0d03 100644
--- a/firmware/lib/rollback_index.c
+++ b/firmware/lib/rollback_index.c
@@ -8,6 +8,7 @@
 
 #include "rollback_index.h"
 #include "tlcl.h"
+#include "tpm_bootmode.h"
 #include "tss_constants.h"
 #include "utility.h"
 #include "vboot_api.h"
@@ -303,11 +304,10 @@ uint32_t RollbackS3Resume(void) {
   return TPM_SUCCESS;
 }
 
-uint32_t RollbackFirmwareSetup(int recovery_mode, int developer_mode,
-                               uint32_t* version) {
+uint32_t RollbackFirmwareSetup(int developer_mode, uint32_t* version) {
 #ifndef CHROMEOS_ENVIRONMENT
-  /* Initialize the TPM, but ignores return codes.  In ChromeOS
-   * environment, don't even talk to the TPM. */
+  /* Initializes the TPM, but ignores return codes.  In ChromeOS
+   * environment, doesn't even talk to the TPM. */
   TlclLibInit();
   TlclStartup();
   TlclContinueSelfTest();
@@ -329,6 +329,17 @@ uint32_t RollbackFirmwareLock(void) {
   return TPM_SUCCESS;
 }
 
+uint32_t RollbackKernelRecovery(int developer_mode) {
+#ifndef CHROMEOS_ENVIRONMENT
+  /* Initializes the TPM, but ignore return codes.  In ChromeOS
+   * environment, doesn't even talk to the TPM. */
+  TlclLibInit();
+  TlclStartup();
+  TlclSelfTestFull();
+#endif
+  return TPM_SUCCESS;
+}
+
 uint32_t RollbackKernelRead(uint32_t* version) {
   *version = 0;
   return TPM_SUCCESS;
@@ -356,19 +367,27 @@ uint32_t RollbackS3Resume(void) {
   return result;
 }
 
-uint32_t RollbackFirmwareSetup(int recovery_mode, int developer_mode,
-                               uint32_t* version) {
-  RollbackSpaceFirmware rsf;
 
-  /* Set version to 0 in case we fail */
-  *version = 0;
+uint32_t RollbackFirmwareSetup(int developer_mode, uint32_t* version) {
+  RollbackSpaceFirmware rsf;
 
-  RETURN_ON_FAILURE(SetupTPM(recovery_mode, developer_mode, &rsf));
+  RETURN_ON_FAILURE(SetupTPM(0, developer_mode, &rsf));
   *version = rsf.fw_versions;
   VBDEBUG(("TPM: RollbackFirmwareSetup %x\n", (int)rsf.fw_versions));
   return TPM_SUCCESS;
 }
 
+uint32_t RollbackFirmwareRead(uint32_t* version) {
+  RollbackSpaceFirmware rsf;
+
+  RETURN_ON_FAILURE(ReadSpaceFirmware(&rsf));
+  VBDEBUG(("TPM: RollbackFirmwareRead %x --> %x\n", (int)rsf.fw_versions,
+           (int)*version));
+  *version = rsf.fw_versions;
+  VBDEBUG(("TPM: RollbackFirmwareRead %x\n", (int)rsf.fw_versions));
+  return TPM_SUCCESS;
+}
+
 uint32_t RollbackFirmwareWrite(uint32_t version) {
   RollbackSpaceFirmware rsf;
 
@@ -383,6 +402,23 @@ uint32_t RollbackFirmwareLock(void) {
   return TlclSetGlobalLock();
 }
 
+uint32_t RollbackKernelRecovery(int developer_mode) {
+  uint32_t rvs, rve;
+  RollbackSpaceFirmware rsf;
+
+  /* In recovery mode we ignore TPM malfunctions or corruptions, and *
+   * leave the TPM complelely unlocked; we call neither
+   * TlclSetGlobalLock() nor TlclLockPhysicalPresence().  The recovery
+   * kernel will fix the TPM (if needed) and lock it ASAP.  We leave
+   * Physical Presence on in either case. */
+  rvs = SetupTPM(1, developer_mode, &rsf);
+  rve = SetTPMBootModeState(developer_mode,
+                            1,  /* Recovery Mode Status. */
+                            0);  /* In recovery mode, there is no RW firmware
+                                  * keyblock flag. */
+  return (TPM_SUCCESS == rvs) ? rve : rvs;
+}
+
 uint32_t RollbackKernelRead(uint32_t* version) {
   RollbackSpaceKernel rsk;
   uint32_t perms;