1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* Functions for querying, manipulating and locking rollback indices
* stored in the TPM NVRAM.
*/
#ifndef VBOOT_REFERENCE_ROLLBACK_INDEX_H_
#define VBOOT_REFERENCE_ROLLBACK_INDEX_H_
#include "sysincludes.h"
#include "tss_constants.h"
/* TPM NVRAM location indices. */
#define FIRMWARE_NV_INDEX 0x1007
#define KERNEL_NV_INDEX 0x1008
/* Structure definitions for TPM spaces */
__pragma(pack(push, 1)) /* Support packing for MSVC. */
/* Kernel space - KERNEL_NV_INDEX, locked with physical presence. */
#define ROLLBACK_SPACE_KERNEL_VERSION 2
#define ROLLBACK_SPACE_KERNEL_UID 0x4752574C /* 'GRWL' */
typedef struct RollbackSpaceKernel {
uint8_t struct_version; /* Struct version, for backwards
* compatibility */
uint32_t uid; /* Unique ID to detect space redefinition */
uint32_t kernel_versions; /* Kernel versions */
uint8_t reserved[3]; /* Reserved for future expansion */
uint8_t crc8; /* Checksum (v2 and later only) */
} __attribute__((packed)) RollbackSpaceKernel;
/* Flags for firmware space */
/* Last boot was developer mode. TPM ownership is cleared when
* transitioning to/from developer mode. */
#define FLAG_LAST_BOOT_DEVELOPER 0x01
/* Some systems may not have a dedicated dev-mode switch, but enter and leave
* dev-mode through some recovery-mode magic keypresses. For those systems,
* the dev-mode "switch" state is in this bit (0=normal, 1=dev). To make it
* work, a new flag is passed to VbInit(), indicating that the system lacks a
* physical dev-mode switch. If a physical switch is present, this bit is
* ignored. */
#define FLAG_VIRTUAL_DEV_MODE_ON 0x02
#define ROLLBACK_SPACE_FIRMWARE_VERSION 2
/* Firmware space - FIRMWARE_NV_INDEX, locked with global lock. */
typedef struct RollbackSpaceFirmware {
uint8_t struct_version; /* Struct version, for backwards compatibility */
uint8_t flags; /* Flags (see FLAG_* above) */
uint32_t fw_versions; /* Firmware versions */
uint8_t reserved[3]; /* Reserved for future expansion */
uint8_t crc8; /* Checksum (v2 and later only) */
} __attribute__((packed)) RollbackSpaceFirmware;
__pragma(pack(pop)) /* Support packing for MSVC. */
/* All functions return TPM_SUCCESS (zero) if successful, non-zero if error */
/* These functions are called from VbInit(). They cannot use global
* variables. */
uint32_t RollbackS3Resume(void);
/* These functions are callable from VbSelectFirmware(). They cannot use
* global variables. */
/* Setup must be called. Pass recovery_mode=nonzero if in recovery mode. Pass
* *developer_mode=nonzero if in developer mode. Set hw_dev_sw if there's a
* hardware developer switch. Duh. */
uint32_t RollbackFirmwareSetup(int recovery_mode, int hw_dev_sw,
int* dev_mode_ptr, uint32_t* version);
/* Write may be called if the versions change */
uint32_t RollbackFirmwareWrite(uint32_t version);
/* Lock must be called */
uint32_t RollbackFirmwareLock(void);
/* These functions are callable from VbSelectAndLoadKernel(). They
* may use global variables. */
/* Read and write may be called to read and write the kernel version. */
uint32_t RollbackKernelRead(uint32_t* version);
uint32_t RollbackKernelWrite(uint32_t version);
/* Lock must be called. Internally, it's ignored in recovery mode. */
uint32_t RollbackKernelLock(void);
/****************************************************************************/
/* The following functions are internal apis, listed here for use by
* unit tests only. */
/* Issue a TPM_Clear and reenable/reactivate the TPM. */
uint32_t TPMClearAndReenable(void);
/* Like TlclWrite(), but checks for write errors due to hitting the 64-write
* limit and clears the TPM when that happens. This can only happen when the
* TPM is unowned, so it is OK to clear it (and we really have no choice).
* This is not expected to happen frequently, but it could happen. */
uint32_t SafeWrite(uint32_t index, const void* data, uint32_t length);
/* Similarly to SafeWrite(), this ensures we don't fail a DefineSpace because
* we hit the TPM write limit. This is even less likely to happen than with
* writes because we only define spaces once at initialization, but we'd rather
* be paranoid about this. */
uint32_t SafeDefineSpace(uint32_t index, uint32_t perm, uint32_t size);
/* Performs one-time initializations. Creates the NVRAM spaces, and sets their
* initial values as needed. Sets the nvLocked bit and ensures the physical
* presence command is enabled and locked.
*/
uint32_t OneTimeInitializeTPM(RollbackSpaceFirmware* rsf,
RollbackSpaceKernel* rsk);
/* SetupTPM starts the TPM and establishes the root of trust for the
* anti-rollback mechanism. */
uint32_t SetupTPM(int recovery_mode, int developer_mode,
RollbackSpaceFirmware* rsf);
#endif /* VBOOT_REFERENCE_ROLLBACK_INDEX_H_ */
|
