1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
|
/*
* Copyright 2016 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* Some TPM constants and type definitions for standalone compilation for use
* in the firmware
*/
#include "rollback_index.h"
#include "tpm2_marshaling.h"
#include "utility.h"
static void *tpm_process_command(TPM_CC command, void *command_body)
{
/* Command/response buffer. */
static uint8_t cr_buffer[TPM_BUFFER_SIZE];
uint32_t out_size, in_size;
out_size = tpm_marshal_command(command, command_body,
cr_buffer, sizeof(cr_buffer));
if (out_size < 0) {
VBDEBUG(("command %#x, cr size %d\n",
command, out_size));
return NULL;
}
in_size = sizeof(cr_buffer);
if (VbExTpmSendReceive(cr_buffer, out_size,
cr_buffer, &in_size) != TPM_SUCCESS) {
VBDEBUG(("tpm transaction failed\n"));
return NULL;
}
return tpm_unmarshal_response(command, cr_buffer, in_size);
}
/**
* Issue a ForceClear. The TPM error code is returned.
*/
uint32_t TlclForceClear(void)
{
VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
return TPM_SUCCESS;
}
uint32_t TlclSetDeactivated(uint8_t flag)
{
VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
return TPM_SUCCESS;
}
uint32_t TlclSetEnable(void)
{
VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
return TPM_SUCCESS;
}
/**
* Get the permission bits for the NVRAM space with |index|.
*/
uint32_t TlclGetPermissions(uint32_t index, uint32_t *permissions)
{
*permissions = 0;
VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
return TPM_SUCCESS;
}
static uint32_t tlcl_lock_nv_write(uint32_t index)
{
struct tpm2_response *response;
struct tpm2_nv_write_lock_cmd nv_wl;
nv_wl.nvIndex = HR_NV_INDEX + index;
response = tpm_process_command(TPM2_NV_WriteLock, &nv_wl);
if (!response || response->hdr.tpm_code)
return TPM_E_INTERNAL_INCONSISTENCY;
return TPM_SUCCESS;
}
static uint32_t tlcl_disable_platform_hierarchy(void)
{
struct tpm2_response *response;
struct tpm2_hierarchy_control_cmd hc;
hc.enable = TPM_RH_PLATFORM;
hc.state = 0;
response = tpm_process_command(TPM2_Hierarchy_Control, &hc);
if (!response || response->hdr.tpm_code)
return TPM_E_INTERNAL_INCONSISTENCY;
return TPM_SUCCESS;
}
/**
* Turn off physical presence and locks it off until next reboot. The TPM
* error code is returned.
*
* The name of the function was kept to maintain the existing TPM API, but
* TPM2.0 does not have to use the Physical Presence concept. Instead it just
* removes platform authorization - this makes sure that firmware and kernel
* rollback counter spaces can not be modified.
*
* It also explicitly locks the kernel rollback counter space (the FW rollback
* counter space was locked before RW firmware started.)
*/
uint32_t TlclLockPhysicalPresence(void)
{
uint32_t rv;
rv = tlcl_lock_nv_write(KERNEL_NV_INDEX);
if (rv == TPM_SUCCESS)
rv = tlcl_disable_platform_hierarchy();
return rv;
}
uint32_t TlclRead(uint32_t index, void* data, uint32_t length)
{
struct tpm2_nv_read_cmd nv_readc;
struct tpm2_response *response;
Memset(&nv_readc, 0, sizeof(nv_readc));
nv_readc.nvIndex = HR_NV_INDEX + index;
nv_readc.size = length;
response = tpm_process_command(TPM2_NV_Read, &nv_readc);
/* Need to map tpm error codes into internal values. */
if (!response)
return TPM_E_READ_FAILURE;
VBDEBUG(("%s:%d index %#x return code %x\n",
__FILE__, __LINE__, index, response->hdr.tpm_code));
switch (response->hdr.tpm_code) {
case 0:
break;
case 0x28b:
return TPM_E_BADINDEX;
default:
return TPM_E_READ_FAILURE;
}
if (length > response->nvr.buffer.t.size)
return TPM_E_RESPONSE_TOO_LARGE;
if (length < response->nvr.buffer.t.size)
return TPM_E_READ_EMPTY;
Memcpy(data, response->nvr.buffer.t.buffer, length);
return TPM_SUCCESS;
}
uint32_t TlclWrite(uint32_t index, const void *data, uint32_t length)
{
struct tpm2_nv_write_cmd nv_writec;
struct tpm2_response *response;
Memset(&nv_writec, 0, sizeof(nv_writec));
nv_writec.nvIndex = HR_NV_INDEX + index;
nv_writec.data.t.size = length;
nv_writec.data.t.buffer = data;
response = tpm_process_command(TPM2_NV_Write, &nv_writec);
/* Need to map tpm error codes into internal values. */
if (!response)
return TPM_E_WRITE_FAILURE;
VBDEBUG(("%s:%d return code %x\n", __func__, __LINE__,
response->hdr.tpm_code));
return TPM_SUCCESS;
}
|
