1 files changed, 45 insertions, 4 deletions

diff --git a/firmware/lib/tpm2_lite/tlcl.c b/firmware/lib/tpm2_lite/tlcl.c
index ae1fa5d8..9d7e1dfb 100644
--- a/firmware/lib/tpm2_lite/tlcl.c
+++ b/firmware/lib/tpm2_lite/tlcl.c
@@ -163,18 +163,59 @@ uint32_t TlclGetPermissions(uint32_t index, uint32_t *permissions)
 	return TPM_SUCCESS;
 }
 
-uint32_t TlclGetPermanentFlags(TPM_PERMANENT_FLAGS *pflags)
+static uint32_t tlcl_get_capability(TPM_CAP cap, TPM_PT property,
+				    struct get_capability_response **presp)
 {
-	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	struct tpm2_response *response;
+	struct tpm2_get_capability_cmd getcap;
+
+	getcap.capability = cap;
+	getcap.property = property;
+	getcap.property_count = 1;
+
+	response = tpm_process_command(TPM2_GetCapability, &getcap);
+	if (!response || response->hdr.tpm_code)
+		return TPM_E_IOERROR;
+	*presp = &response->cap;
+
 	return TPM_SUCCESS;
 }
 
-uint32_t TlclGetSTClearFlags(TPM_STCLEAR_FLAGS *pflags)
+static uint32_t tlcl_get_tpm_property(TPM_PT property, uint32_t *pvalue)
 {
-	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	uint32_t rv;
+	struct get_capability_response *resp;
+	TPML_TAGGED_TPM_PROPERTY *tpm_prop;
+
+	rv = tlcl_get_capability(TPM_CAP_TPM_PROPERTIES, property, &resp);
+	if (rv != TPM_SUCCESS)
+		return rv;
+
+	if (resp->capability_data.capability != TPM_CAP_TPM_PROPERTIES)
+		return TPM_E_IOERROR;
+
+	tpm_prop = &resp->capability_data.data.tpm_properties;
+
+	if ((tpm_prop->count != 1) ||
+	    (tpm_prop->tpm_property[0].property != property))
+		return TPM_E_IOERROR;
+
+	*pvalue = tpm_prop->tpm_property[0].value;
 	return TPM_SUCCESS;
 }
 
+uint32_t TlclGetPermanentFlags(TPM_PERMANENT_FLAGS *pflags)
+{
+	return tlcl_get_tpm_property(TPM_PT_PERMANENT,
+				     (uint32_t *)pflags);
+}
+
+uint32_t TlclGetSTClearFlags(TPM_STCLEAR_FLAGS *pflags)
+{
+	return tlcl_get_tpm_property(TPM_PT_STARTUP_CLEAR,
+				     (uint32_t *)pflags);
+}
+
 uint32_t TlclGetOwnership(uint8_t *owned)
 {
 	*owned = 0;