From 16cacfa043c6153843873467ad4fc510b9fbcf44 Mon Sep 17 00:00:00 2001
From: Andrey Pronin <apronin@google.com>
Date: Mon, 25 Jul 2016 18:00:47 -0700
Subject: tlcl: implement clear, startup, shutdown, self test

Implement TlclStartup, TlclSaveState, TlclResume, TlclSelfTestFull,
TlclContinueSelfTest, TlclForceClear.

BRANCH=none
BUG=chrome-os-partner:55210
BUG=chrome-os-partner:55250
TEST=boot on kevin in recovery mode, verify that 'tpmc ctest',
     'tpmc startup', 'tpmc clear' work.

Change-Id: I00839eae1984e24c0138ec5bdab8299379e1bcb6
Reviewed-on: https://chromium-review.googlesource.com/362996
Commit-Ready: Andrey Pronin <apronin@chromium.org>
Tested-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
---
 firmware/include/tpm2_tss_constants.h | 21 ++++++++++++
 firmware/lib/tpm2_lite/marshaling.c   | 61 +++++++++++++++++++++++++++++++++++
 firmware/lib/tpm2_lite/tlcl.c         | 57 ++++++++++++++++++++++++++++----
 3 files changed, 133 insertions(+), 6 deletions(-)

diff --git a/firmware/include/tpm2_tss_constants.h b/firmware/include/tpm2_tss_constants.h
index 98df06e4..bee607be 100644
--- a/firmware/include/tpm2_tss_constants.h
+++ b/firmware/include/tpm2_tss_constants.h
@@ -18,8 +18,12 @@
 
 /* TPM2 command codes. */
 #define TPM2_Hierarchy_Control ((TPM_CC)0x00000121)
+#define TPM2_Clear             ((TPM_CC)0x00000126)
 #define TPM2_NV_Write          ((TPM_CC)0x00000137)
 #define TPM2_NV_WriteLock      ((TPM_CC)0x00000138)
+#define TPM2_SelfTest          ((TPM_CC)0x00000143)
+#define TPM2_Startup           ((TPM_CC)0x00000144)
+#define TPM2_Shutdown          ((TPM_CC)0x00000145)
 #define TPM2_NV_Read           ((TPM_CC)0x0000014E)
 #define TPM2_GetCapability     ((TPM_CC)0x0000017A)
 
@@ -50,6 +54,10 @@
 #define TPM_PT_PERMANENT                (PT_VAR + 0)
 #define TPM_PT_STARTUP_CLEAR            (PT_VAR + 1)
 
+/* TPM startup types. */
+#define TPM_SU_CLEAR                    ((TPM_SU)0x0000)
+#define TPM_SU_STATE                    ((TPM_SU)0x0001)
+
 typedef uint8_t TPMI_YES_NO;
 typedef uint32_t TPM_CC;
 typedef uint32_t TPM_HANDLE;
@@ -57,6 +65,7 @@ typedef TPM_HANDLE TPMI_RH_NV_INDEX;
 typedef TPM_HANDLE TPMI_RH_ENABLES;
 typedef uint32_t TPM_CAP;
 typedef uint32_t TPM_PT;
+typedef uint16_t TPM_SU;
 
 typedef struct {
 	uint16_t      size;
@@ -117,6 +126,18 @@ struct tpm2_get_capability_cmd {
 	uint32_t property_count;
 };
 
+struct tpm2_self_test_cmd {
+	TPMI_YES_NO full_test;
+};
+
+struct tpm2_startup_cmd {
+	TPM_SU startup_type;
+};
+
+struct tpm2_shutdown_cmd {
+	TPM_SU shutdown_type;
+};
+
 /* Common command/response header. */
 struct tpm_header {
 	uint16_t tpm_tag;
diff --git a/firmware/lib/tpm2_lite/marshaling.c b/firmware/lib/tpm2_lite/marshaling.c
index fd94a51e..42e9c401 100644
--- a/firmware/lib/tpm2_lite/marshaling.c
+++ b/firmware/lib/tpm2_lite/marshaling.c
@@ -265,6 +265,7 @@ static void marshal_u32(void **buffer, uint32_t value, int *buffer_space)
 
 #define unmarshal_TPM_CC(a, b) unmarshal_u32(a, b)
 #define marshal_TPM_HANDLE(a, b, c) marshal_u32(a, b, c)
+#define marshal_TPM_SU(a, b, c) marshal_u16(a, b, c)
 
 static void marshal_session_header(void **buffer,
 				   struct tpm2_session_header *session_header,
@@ -391,6 +392,46 @@ static void marshal_get_capability(void **buffer,
 	marshal_u32(buffer, command_body->property_count, buffer_space);
 }
 
+static void marshal_clear(void **buffer,
+			  void *command_body,
+			  int *buffer_space)
+{
+	struct tpm2_session_header session_header;
+
+	tpm_tag = TPM_ST_SESSIONS;
+	marshal_TPM_HANDLE(buffer, TPM_RH_PLATFORM, buffer_space);
+	Memset(&session_header, 0, sizeof(session_header));
+	session_header.session_handle = TPM_RS_PW;
+	marshal_session_header(buffer, &session_header, buffer_space);
+}
+
+static void marshal_self_test(void **buffer,
+			      struct tpm2_self_test_cmd *command_body,
+			      int *buffer_space)
+{
+	tpm_tag = TPM_ST_NO_SESSIONS;
+
+	marshal_u8(buffer, command_body->full_test, buffer_space);
+}
+
+static void marshal_startup(void **buffer,
+			    struct tpm2_startup_cmd *command_body,
+			    int *buffer_space)
+{
+	tpm_tag = TPM_ST_NO_SESSIONS;
+
+	marshal_TPM_SU(buffer, command_body->startup_type, buffer_space);
+}
+
+static void marshal_shutdown(void **buffer,
+			     struct tpm2_shutdown_cmd *command_body,
+			     int *buffer_space)
+{
+	tpm_tag = TPM_ST_NO_SESSIONS;
+
+	marshal_TPM_SU(buffer, command_body->shutdown_type, buffer_space);
+}
+
 int tpm_marshal_command(TPM_CC command, void *tpm_command_body,
 			void *buffer, int buffer_size)
 {
@@ -424,6 +465,22 @@ int tpm_marshal_command(TPM_CC command, void *tpm_command_body,
 		marshal_get_capability(&cmd_body, tpm_command_body, &body_size);
 		break;
 
+	case TPM2_Clear:
+		marshal_clear(&cmd_body, tpm_command_body, &body_size);
+		break;
+
+	case TPM2_SelfTest:
+		marshal_self_test(&cmd_body, tpm_command_body, &body_size);
+		break;
+
+	case TPM2_Startup:
+		marshal_startup(&cmd_body, tpm_command_body, &body_size);
+		break;
+
+	case TPM2_Shutdown:
+		marshal_shutdown(&cmd_body, tpm_command_body, &body_size);
+		break;
+
 	default:
 		body_size = -1;
 		VBDEBUG(("%s:%d:Request to marshal unsupported command %#x\n",
@@ -479,6 +536,10 @@ struct tpm2_response *tpm_unmarshal_response(TPM_CC command,
 	case TPM2_Hierarchy_Control:
 	case TPM2_NV_Write:
 	case TPM2_NV_WriteLock:
+	case TPM2_Clear:
+	case TPM2_SelfTest:
+	case TPM2_Startup:
+	case TPM2_Shutdown:
 		/* Session data included in response can be safely ignored. */
 		cr_size = 0;
 		break;
diff --git a/firmware/lib/tpm2_lite/tlcl.c b/firmware/lib/tpm2_lite/tlcl.c
index d7d853bf..39c97eaa 100644
--- a/firmware/lib/tpm2_lite/tlcl.c
+++ b/firmware/lib/tpm2_lite/tlcl.c
@@ -98,31 +98,71 @@ int TlclPacketSize(const uint8_t *packet)
 
 uint32_t TlclStartup(void)
 {
-	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	struct tpm2_response *response;
+	struct tpm2_startup_cmd startup;
+
+	startup.startup_type = TPM_SU_CLEAR;
+
+	response = tpm_process_command(TPM2_Startup, &startup);
+	if (!response || response->hdr.tpm_code)
+		return TPM_E_IOERROR;
+
 	return TPM_SUCCESS;
 }
 
 uint32_t TlclSaveState(void)
 {
-	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	struct tpm2_response *response;
+	struct tpm2_shutdown_cmd shutdown;
+
+	shutdown.shutdown_type = TPM_SU_STATE;
+
+	response = tpm_process_command(TPM2_Shutdown, &shutdown);
+	if (!response || response->hdr.tpm_code)
+		return TPM_E_IOERROR;
+
 	return TPM_SUCCESS;
 }
 
 uint32_t TlclResume(void)
 {
-	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	struct tpm2_response *response;
+	struct tpm2_startup_cmd startup;
+
+	startup.startup_type = TPM_SU_STATE;
+
+	response = tpm_process_command(TPM2_Startup, &startup);
+	if (!response || response->hdr.tpm_code)
+		return TPM_E_IOERROR;
+
 	return TPM_SUCCESS;
 }
 
 uint32_t TlclSelfTestFull(void)
 {
-	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	struct tpm2_response *response;
+	struct tpm2_self_test_cmd self_test;
+
+	self_test.full_test = 1;
+
+	response = tpm_process_command(TPM2_SelfTest, &self_test);
+	if (!response || response->hdr.tpm_code)
+		return TPM_E_IOERROR;
+
 	return TPM_SUCCESS;
 }
 
 uint32_t TlclContinueSelfTest(void)
 {
-	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	struct tpm2_response *response;
+	struct tpm2_self_test_cmd self_test;
+
+	self_test.full_test = 0;
+
+	response = tpm_process_command(TPM2_SelfTest, &self_test);
+	if (!response || response->hdr.tpm_code)
+		return TPM_E_IOERROR;
+
 	return TPM_SUCCESS;
 }
 
@@ -137,7 +177,12 @@ uint32_t TlclDefineSpace(uint32_t index, uint32_t perm, uint32_t size)
  */
 uint32_t TlclForceClear(void)
 {
-	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	struct tpm2_response *response;
+
+	response = tpm_process_command(TPM2_Clear, NULL);
+	if (!response || response->hdr.tpm_code)
+		return TPM_E_IOERROR;
+
 	return TPM_SUCCESS;
 }
 
-- 
cgit v1.2.1