From 8b6da26a6e5978a43233f7a43c7bab5889d3817a Mon Sep 17 00:00:00 2001
From: Kees Cook <keescook@chromium.org>
Date: Thu, 7 Jun 2012 13:48:26 -0700
Subject: tlcl: add GetOwner command

Since the "ownership" permament flag does not indicate if the TPM is
currently owned, the state of TPM Ownership must be read via a Capability
read of TPM_CAP_PROP_OWNER. This adds the "getownership" function.

BUG=chromium-os:22172
TEST=x86-alex build & manual test

Change-Id: I2fc9e933e891ba40190d008436b22496dced1c93
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/24784
Reviewed-by: Will Drewry <wad@chromium.org>
---
 firmware/include/tlcl.h                         |  4 ++++
 firmware/lib/tpm_lite/include/tlcl_structures.h |  5 +++++
 firmware/lib/tpm_lite/tlcl.c                    | 15 +++++++++++++++
 utility/tlcl_generator.c                        | 20 ++++++++++++++++++++
 utility/tpmc.c                                  | 16 ++++++++++++++++
 5 files changed, 60 insertions(+)

diff --git a/firmware/include/tlcl.h b/firmware/include/tlcl.h
index b69d8fbc..682bc86b 100644
--- a/firmware/include/tlcl.h
+++ b/firmware/include/tlcl.h
@@ -154,6 +154,10 @@ uint32_t TlclGetPermanentFlags(TPM_PERMANENT_FLAGS* pflags);
  */
 uint32_t TlclGetSTClearFlags(TPM_STCLEAR_FLAGS* pflags);
 
+/* Gets ownership flag. The TPM error code is returned.
+ */
+uint32_t TlclGetOwnership(uint8_t* owned);
+
 /* Requests [length] bytes from TPM RNG to be stored in [data]. Actual
  * number of bytes read is stored in [size]. The TPM error code is returned.
  */
diff --git a/firmware/lib/tpm_lite/include/tlcl_structures.h b/firmware/lib/tpm_lite/include/tlcl_structures.h
index c4d80ba3..36c1bb9e 100644
--- a/firmware/lib/tpm_lite/include/tlcl_structures.h
+++ b/firmware/lib/tpm_lite/include/tlcl_structures.h
@@ -13,6 +13,11 @@ const struct s_tpm_get_random_cmd{
 } tpm_get_random_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x46, },
 10, };
 
+const struct s_tpm_getownership_cmd{
+  uint8_t buffer[22];
+} tpm_getownership_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0x65, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x11, },
+};
+
 const struct s_tpm_getpermissions_cmd{
   uint8_t buffer[22];
   uint16_t index;
diff --git a/firmware/lib/tpm_lite/tlcl.c b/firmware/lib/tpm_lite/tlcl.c
index df63399d..511a4fc6 100644
--- a/firmware/lib/tpm_lite/tlcl.c
+++ b/firmware/lib/tpm_lite/tlcl.c
@@ -401,6 +401,21 @@ uint32_t TlclGetPermissions(uint32_t index, uint32_t* permissions) {
   return result;
 }
 
+uint32_t TlclGetOwnership(uint8_t* owned) {
+  uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
+  uint32_t size;
+  uint32_t result =
+    TlclSendReceive(tpm_getownership_cmd.buffer, response, sizeof(response));
+  if (result != TPM_SUCCESS)
+    return result;
+  FromTpmUint32(response + kTpmResponseHeaderLength, &size);
+  VbAssert(size == sizeof(*owned));
+  Memcpy(owned,
+         response + kTpmResponseHeaderLength + sizeof(size),
+         sizeof(*owned));
+  return result;
+}
+
 uint32_t TlclGetRandom(uint8_t* data, uint32_t length, uint32_t *size) {
   struct s_tpm_get_random_cmd cmd;
   uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
diff --git a/utility/tlcl_generator.c b/utility/tlcl_generator.c
index bbc379c1..659a05d6 100644
--- a/utility/tlcl_generator.c
+++ b/utility/tlcl_generator.c
@@ -362,6 +362,25 @@ Command* BuildGetPermissionsCommand(void) {
   return cmd;
 }
 
+Command* BuildGetOwnershipCommand(void) {
+  int size = (kTpmRequestHeaderLength +
+              sizeof(TPM_CAPABILITY_AREA) +   /* capArea */
+              sizeof(uint32_t) +              /* subCapSize */
+              sizeof(uint32_t));              /* subCap */
+
+  Command* cmd = newCommand(TPM_ORD_GetCapability, size);
+  cmd->name = "tpm_getownership_cmd";
+  AddInitializedField(cmd, kTpmRequestHeaderLength,
+                      sizeof(TPM_CAPABILITY_AREA), TPM_CAP_PROPERTY);
+  AddInitializedField(cmd, kTpmRequestHeaderLength +
+                      sizeof(TPM_CAPABILITY_AREA),
+                      sizeof(uint32_t), sizeof(uint32_t));
+  AddInitializedField(cmd, kTpmRequestHeaderLength +
+                      sizeof(TPM_CAPABILITY_AREA) + sizeof(uint32_t),
+                      sizeof(uint32_t), TPM_CAP_PROP_OWNER);
+  return cmd;
+}
+
 Command* BuildGetRandomCommand(void) {
   int size = kTpmRequestHeaderLength + sizeof(uint32_t);
   Command* cmd = newCommand(TPM_ORD_GetRandom, size);
@@ -488,6 +507,7 @@ Command* (*builders[])(void) = {
   BuildGetFlagsCommand,
   BuildGetSTClearFlagsCommand,
   BuildGetPermissionsCommand,
+  BuildGetOwnershipCommand,
   BuildGetRandomCommand,
   BuildExtendCommand,
 };
diff --git a/utility/tpmc.c b/utility/tpmc.c
index 68ce6d3f..c1a97f4b 100644
--- a/utility/tpmc.c
+++ b/utility/tpmc.c
@@ -228,6 +228,20 @@ static uint32_t HandlerGetPermissions(void) {
   return result;
 }
 
+static uint32_t HandlerGetOwnership(void) {
+  uint8_t owned = 0;
+  uint32_t result;
+  if (nargs != 2) {
+    fprintf(stderr, "usage: tpmc getownership\n");
+    exit(OTHER_ERROR);
+  }
+  result = TlclGetOwnership(&owned);
+  if (result == 0) {
+    printf("Owned: %s\n", owned ? "yes" : "no");
+  }
+  return result;
+}
+
 static uint32_t HandlerGetRandom(void) {
   uint32_t length, size;
   uint8_t* bytes;
@@ -337,6 +351,8 @@ command_record command_table[] = {
     HandlerRead },
   { "pcrread", "pcr", "read from a PCR (pcrread <index>)",
     HandlerPCRRead },
+  { "getownership", "geto", "print state of TPM ownership",
+    HandlerGetOwnership },
   { "getpermissions", "getp", "print space permissions (getp <index>)",
     HandlerGetPermissions },
   { "getpermanentflags", "getpf", "print all permanent flags",
-- 
cgit v1.2.1