tlcl: add GetOwner command

Since the "ownership" permament flag does not indicate if the TPM is
currently owned, the state of TPM Ownership must be read via a Capability
read of TPM_CAP_PROP_OWNER. This adds the "getownership" function.

BUG=chromium-os:22172
TEST=x86-alex build & manual test

Change-Id: I2fc9e933e891ba40190d008436b22496dced1c93
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/24784
Reviewed-by: Will Drewry <wad@chromium.org>

1 files changed, 16 insertions, 0 deletions

diff --git a/utility/tpmc.c b/utility/tpmc.c
index 68ce6d3f..c1a97f4b 100644
--- a/utility/tpmc.c
+++ b/utility/tpmc.c
@@ -228,6 +228,20 @@ static uint32_t HandlerGetPermissions(void) {
   return result;
 }
 
+static uint32_t HandlerGetOwnership(void) {
+  uint8_t owned = 0;
+  uint32_t result;
+  if (nargs != 2) {
+    fprintf(stderr, "usage: tpmc getownership\n");
+    exit(OTHER_ERROR);
+  }
+  result = TlclGetOwnership(&owned);
+  if (result == 0) {
+    printf("Owned: %s\n", owned ? "yes" : "no");
+  }
+  return result;
+}
+
 static uint32_t HandlerGetRandom(void) {
   uint32_t length, size;
   uint8_t* bytes;
@@ -337,6 +351,8 @@ command_record command_table[] = {
     HandlerRead },
   { "pcrread", "pcr", "read from a PCR (pcrread <index>)",
     HandlerPCRRead },
+  { "getownership", "geto", "print state of TPM ownership",
+    HandlerGetOwnership },
   { "getpermissions", "getp", "print space permissions (getp <index>)",
     HandlerGetPermissions },
   { "getpermanentflags", "getpf", "print all permanent flags",