From 946370d012a809bba833ff9d37fe0ce86af09860 Mon Sep 17 00:00:00 2001
From: Kees Cook <keescook@chromium.org>
Date: Mon, 9 Jan 2012 14:17:40 -0800
Subject: tpmc: add PCR reading function

Add ability to report a single PCR value via the tpmc utility. Using
/sys/devices/platform/tpm_tis/pcrs is too slow, since it reads all
PCRs before returning. Anything wanting to read PCR0 on a time-critical
path needs maximum speed.

BUG=chromium-os:22172
TEST=install and test x86-alex.

Change-Id: I2d450961d33fa314d54b909135a74aa756279ec6
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/13891
Reviewed-by: Luigi Semenzato <semenzato@chromium.org>
---
 firmware/include/tlcl.h                         |  5 +++++
 firmware/include/tss_constants.h                |  1 +
 firmware/lib/tpm_lite/include/tlcl_structures.h |  6 ++++++
 firmware/lib/tpm_lite/tlcl.c                    | 22 ++++++++++++++++++++++
 4 files changed, 34 insertions(+)

(limited to 'firmware')

diff --git a/firmware/include/tlcl.h b/firmware/include/tlcl.h
index cb7ea9ab..6f0db1b6 100644
--- a/firmware/include/tlcl.h
+++ b/firmware/include/tlcl.h
@@ -68,6 +68,11 @@ uint32_t TlclWrite(uint32_t index, const void* data, uint32_t length);
  */
 uint32_t TlclRead(uint32_t index, void* data, uint32_t length);
 
+/* Reads PCR at [index] into [data].  [length] must be TPM_PCR_DIGEST or
+ * larger. The TPM error code is returned.
+ */
+uint32_t TlclPCRRead(uint32_t index, void* data, uint32_t length);
+
 /* Write-locks space at [index].  The TPM error code is returned.
  */
 uint32_t TlclWriteLock(uint32_t index);
diff --git a/firmware/include/tss_constants.h b/firmware/include/tss_constants.h
index 42de46f3..68a9c6ff 100644
--- a/firmware/include/tss_constants.h
+++ b/firmware/include/tss_constants.h
@@ -14,6 +14,7 @@
 #define TPM_MAX_COMMAND_SIZE 4096
 #define TPM_LARGE_ENOUGH_COMMAND_SIZE 256  /* saves space in the firmware */
 #define TPM_PUBEK_SIZE 256
+#define TPM_PCR_DIGEST 20
 
 #define TPM_E_NON_FATAL 0x800
 
diff --git a/firmware/lib/tpm_lite/include/tlcl_structures.h b/firmware/lib/tpm_lite/include/tlcl_structures.h
index a53e2baa..e0a7a46b 100644
--- a/firmware/lib/tpm_lite/include/tlcl_structures.h
+++ b/firmware/lib/tpm_lite/include/tlcl_structures.h
@@ -94,6 +94,12 @@ const struct s_tpm_ppassert_cmd{
 } tpm_ppassert_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x40, 0x0, 0x0, 0xa, 0x0, 0x8, },
 };
 
+const struct s_tpm_pcr_read_cmd{
+  uint8_t buffer[14];
+  uint16_t pcrNum;
+} tpm_pcr_read_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x15, },
+10, };
+
 const struct s_tpm_nv_read_cmd{
   uint8_t buffer[22];
   uint16_t index;
diff --git a/firmware/lib/tpm_lite/tlcl.c b/firmware/lib/tpm_lite/tlcl.c
index fc820b55..42739904 100644
--- a/firmware/lib/tpm_lite/tlcl.c
+++ b/firmware/lib/tpm_lite/tlcl.c
@@ -214,6 +214,28 @@ uint32_t TlclRead(uint32_t index, void* data, uint32_t length) {
   return result;
 }
 
+uint32_t TlclPCRRead(uint32_t index, void* data, uint32_t length) {
+  struct s_tpm_nv_read_cmd cmd;
+  uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
+  uint32_t result_length;
+  uint32_t result;
+
+  VBDEBUG(("TPM: TlclPCRRead(0x%x, %d)\n", index, length));
+  if (length < kPcrDigestLength) {
+    return TPM_E_IOERROR;
+  }
+  Memcpy(&cmd, &tpm_pcr_read_cmd, sizeof(cmd));
+  ToTpmUint32(cmd.buffer + tpm_pcr_read_cmd.pcrNum, index);
+
+  result = TlclSendReceive(cmd.buffer, response, sizeof(response));
+  if (result == TPM_SUCCESS) {
+    uint8_t* pcr_read_cursor = response + kTpmResponseHeaderLength;
+    Memcpy(data, pcr_read_cursor, kPcrDigestLength);
+  }
+
+  return result;
+}
+
 uint32_t TlclWriteLock(uint32_t index) {
   VBDEBUG(("TPM: Write lock 0x%x\n", index));
   return TlclWrite(index, NULL, 0);
-- 
cgit v1.2.1