diff options
| author | Kees Cook <keescook@chromium.org> | 2012-06-07 13:48:26 -0700 |
|---|---|---|
| committer | Gerrit <chrome-bot@google.com> | 2012-06-13 14:22:12 -0700 |
| commit | 8b6da26a6e5978a43233f7a43c7bab5889d3817a (patch) | |
| tree | 30d54d0daedca8a126a61ac7e435c0423e768c54 /firmware/lib/tpm_lite | |
| parent | c0e3742996a84d3c503cfa002b09a0831bcb2c32 (diff) | |
| download | vboot-8b6da26a6e5978a43233f7a43c7bab5889d3817a.tar.gz | |
tlcl: add GetOwner command
Since the "ownership" permament flag does not indicate if the TPM is
currently owned, the state of TPM Ownership must be read via a Capability
read of TPM_CAP_PROP_OWNER. This adds the "getownership" function.
BUG=chromium-os:22172
TEST=x86-alex build & manual test
Change-Id: I2fc9e933e891ba40190d008436b22496dced1c93
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/24784
Reviewed-by: Will Drewry <wad@chromium.org>
Diffstat (limited to 'firmware/lib/tpm_lite')
| -rw-r--r-- | firmware/lib/tpm_lite/include/tlcl_structures.h | 5 | ||||
| -rw-r--r-- | firmware/lib/tpm_lite/tlcl.c | 15 |
2 files changed, 20 insertions, 0 deletions
diff --git a/firmware/lib/tpm_lite/include/tlcl_structures.h b/firmware/lib/tpm_lite/include/tlcl_structures.h index c4d80ba3..36c1bb9e 100644 --- a/firmware/lib/tpm_lite/include/tlcl_structures.h +++ b/firmware/lib/tpm_lite/include/tlcl_structures.h @@ -13,6 +13,11 @@ const struct s_tpm_get_random_cmd{ } tpm_get_random_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x46, }, 10, }; +const struct s_tpm_getownership_cmd{ + uint8_t buffer[22]; +} tpm_getownership_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0x65, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x11, }, +}; + const struct s_tpm_getpermissions_cmd{ uint8_t buffer[22]; uint16_t index; diff --git a/firmware/lib/tpm_lite/tlcl.c b/firmware/lib/tpm_lite/tlcl.c index df63399d..511a4fc6 100644 --- a/firmware/lib/tpm_lite/tlcl.c +++ b/firmware/lib/tpm_lite/tlcl.c @@ -401,6 +401,21 @@ uint32_t TlclGetPermissions(uint32_t index, uint32_t* permissions) { return result; } +uint32_t TlclGetOwnership(uint8_t* owned) { + uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE]; + uint32_t size; + uint32_t result = + TlclSendReceive(tpm_getownership_cmd.buffer, response, sizeof(response)); + if (result != TPM_SUCCESS) + return result; + FromTpmUint32(response + kTpmResponseHeaderLength, &size); + VbAssert(size == sizeof(*owned)); + Memcpy(owned, + response + kTpmResponseHeaderLength + sizeof(size), + sizeof(*owned)); + return result; +} + uint32_t TlclGetRandom(uint8_t* data, uint32_t length, uint32_t *size) { struct s_tpm_get_random_cmd cmd; uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE]; |