diff options
author | Philipp Deppenwiese <zaolin@das-labor.org> | 2017-10-18 17:13:07 +0200 |
---|---|---|
committer | Stefan Reinauer <stefan.reinauer@coreboot.org> | 2018-01-18 01:35:31 +0000 |
commit | 64e2d19082636de9e82674ccfca574269bb34712 (patch) | |
tree | dfe44c9b1cebbb611b99474c1ee096e23f930796 | |
parent | 4fef7818ecd002e5971ea6287e402fd9276b7266 (diff) |
security/tpm: Move tpm TSS and TSPI layer to security section
* Move code from src/lib and src/include into src/security/tpm
* Split TPM TSS 1.2 and 2.0
* Fix header includes
* Add a new directory structure with kconfig and makefile includes
Change-Id: Id15a9aa6bd367560318dfcfd450bf5626ea0ec2b
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/22103
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
51 files changed, 126 insertions, 107 deletions
diff --git a/src/Kconfig b/src/Kconfig index 6896d0e79c..e362281c77 100644 --- a/src/Kconfig +++ b/src/Kconfig @@ -291,14 +291,6 @@ config FMDFILE but in some cases more complex setups are required. When an fmd is specified, it overrides the default format. -config MAINBOARD_HAS_TPM2 - bool - default n - help - There is a TPM device installed on the mainboard, and it is - compliant with version 2 TCG TPM specification. Could be connected - over LPC, SPI or I2C. - endmenu # load site-local kconfig to allow user specific defaults and overrides @@ -387,37 +379,6 @@ config RTC bool default n -config TPM - bool - default n - select LPC_TPM if MAINBOARD_HAS_LPC_TPM - select I2C_TPM if !MAINBOARD_HAS_LPC_TPM && !SPI_TPM - help - Enable this option to enable TPM support in coreboot. - - If unsure, say N. - -config TPM2 - bool - select LPC_TPM if MAINBOARD_HAS_LPC_TPM - select I2C_TPM if !MAINBOARD_HAS_LPC_TPM && !SPI_TPM - help - Enable this option to enable TPM2 support in coreboot. - - If unsure, say N. - -config POWER_OFF_ON_CR50_UPDATE - bool - help - Power off machine while waiting for CR50 update to take effect. - -config MAINBOARD_HAS_TPM_CR50 - bool - default y if MAINBOARD_HAS_SPI_TPM_CR50 || MAINBOARD_HAS_I2C_TPM_CR50 - default n - select MAINBOARD_HAS_TPM2 - select POWER_OFF_ON_CR50_UPDATE if ARCH_X86 - config HEAP_SIZE hex default 0x4000 @@ -962,13 +923,6 @@ config X86EMU_DEBUG_TIMINGS If unsure, say N. -config DEBUG_TPM - bool "Output verbose TPM debug messages" - default n - depends on TPM || TPM2 - help - This option enables additional TPM related debug messages. - config DEBUG_SPI_FLASH bool "Output verbose SPI flash debug messages" default n diff --git a/src/cpu/intel/haswell/romstage.c b/src/cpu/intel/haswell/romstage.c index 136f098e71..ffbfbdfd83 100644 --- a/src/cpu/intel/haswell/romstage.c +++ b/src/cpu/intel/haswell/romstage.c @@ -42,7 +42,7 @@ #include "northbridge/intel/haswell/raminit.h" #include "southbridge/intel/lynxpoint/pch.h" #include "southbridge/intel/lynxpoint/me.h" -#include <tpm.h> +#include <security/tpm/tpm.h> static inline void reset_system(void) { diff --git a/src/drivers/i2c/tpm/cr50.c b/src/drivers/i2c/tpm/cr50.c index 8b0ea32269..0927d7fc43 100644 --- a/src/drivers/i2c/tpm/cr50.c +++ b/src/drivers/i2c/tpm/cr50.c @@ -39,7 +39,7 @@ #include <device/i2c_simple.h> #include <endian.h> #include <timer.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include "tpm.h" #define CR50_MAX_BUFSIZE 63 diff --git a/src/drivers/i2c/tpm/tis.c b/src/drivers/i2c/tpm/tis.c index 20c2d7136a..ba5f0e4a10 100644 --- a/src/drivers/i2c/tpm/tis.c +++ b/src/drivers/i2c/tpm/tis.c @@ -22,7 +22,7 @@ #include <device/i2c_simple.h> #include <endian.h> #include <lib.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include "tpm.h" #include <timer.h> diff --git a/src/drivers/i2c/tpm/tis_atmel.c b/src/drivers/i2c/tpm/tis_atmel.c index 151209974a..d321d24558 100644 --- a/src/drivers/i2c/tpm/tis_atmel.c +++ b/src/drivers/i2c/tpm/tis_atmel.c @@ -23,7 +23,7 @@ #include <device/i2c_simple.h> #include <endian.h> #include <lib.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include <timer.h> #define RECV_TIMEOUT (1 * 1000) /* 1 second */ diff --git a/src/drivers/i2c/tpm/tpm.c b/src/drivers/i2c/tpm/tpm.c index 2ce04018b3..dede671d1b 100644 --- a/src/drivers/i2c/tpm/tpm.c +++ b/src/drivers/i2c/tpm/tpm.c @@ -38,7 +38,7 @@ #include <device/i2c_simple.h> #include <endian.h> #include <timer.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include "tpm.h" /* max. number of iterations after I2C NAK */ diff --git a/src/drivers/intel/fsp1_1/romstage.c b/src/drivers/intel/fsp1_1/romstage.c index 81939c4c33..3e96136ec9 100644 --- a/src/drivers/intel/fsp1_1/romstage.c +++ b/src/drivers/intel/fsp1_1/romstage.c @@ -36,7 +36,7 @@ #include <stage_cache.h> #include <string.h> #include <timestamp.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include <vendorcode/google/chromeos/chromeos.h> asmlinkage void *romstage_main(FSP_INFO_HEADER *fih) diff --git a/src/drivers/intel/fsp2_0/memory_init.c b/src/drivers/intel/fsp2_0/memory_init.c index 368fafa5d7..18e0a2a97d 100644 --- a/src/drivers/intel/fsp2_0/memory_init.c +++ b/src/drivers/intel/fsp2_0/memory_init.c @@ -12,7 +12,7 @@ */ #include <compiler.h> -#include <antirollback.h> +#include <security/tpm/antirollback.h> #include <arch/io.h> #include <arch/cpu.h> #include <arch/symbols.h> @@ -31,7 +31,7 @@ #include <string.h> #include <symbols.h> #include <timestamp.h> -#include <tpm_lite/tlcl.h> +#include <security/tpm/tlcl.h> #include <security/vboot/vboot_common.h> #include <vb2_api.h> diff --git a/src/drivers/pc80/tpm/Kconfig b/src/drivers/pc80/tpm/Kconfig index f32071cf7d..3bd9083802 100644 --- a/src/drivers/pc80/tpm/Kconfig +++ b/src/drivers/pc80/tpm/Kconfig @@ -1,9 +1,3 @@ -config MAINBOARD_HAS_LPC_TPM - bool - default n - help - Board has TPM support - config LPC_TPM bool "Enable TPM support" depends on MAINBOARD_HAS_LPC_TPM diff --git a/src/drivers/pc80/tpm/romstage.c b/src/drivers/pc80/tpm/romstage.c index 5531458726..20413d8cf4 100644 --- a/src/drivers/pc80/tpm/romstage.c +++ b/src/drivers/pc80/tpm/romstage.c @@ -17,7 +17,7 @@ #include <console/cbmem_console.h> #include <console/console.h> #include <arch/acpi.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include <reset.h> //#define EXTRA_LOGGING diff --git a/src/drivers/pc80/tpm/tpm.c b/src/drivers/pc80/tpm/tpm.c index 574d3af6ff..8f1c5df0aa 100644 --- a/src/drivers/pc80/tpm/tpm.c +++ b/src/drivers/pc80/tpm/tpm.c @@ -32,7 +32,7 @@ #include <arch/acpi_device.h> #include <device/device.h> #include <console/console.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include <arch/early_variables.h> #include <device/pnp.h> #include "chip.h" diff --git a/src/drivers/spi/tpm/tis.c b/src/drivers/spi/tpm/tis.c index 481c9da1d0..f561a97280 100644 --- a/src/drivers/spi/tpm/tis.c +++ b/src/drivers/spi/tpm/tis.c @@ -7,7 +7,7 @@ #include <arch/early_variables.h> #include <console/console.h> #include <string.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include "tpm.h" diff --git a/src/drivers/spi/tpm/tpm.c b/src/drivers/spi/tpm/tpm.c index ceec0b0bc6..c7a3ab7749 100644 --- a/src/drivers/spi/tpm/tpm.c +++ b/src/drivers/spi/tpm/tpm.c @@ -23,7 +23,7 @@ #include <endian.h> #include <string.h> #include <timer.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include "tpm.h" diff --git a/src/lib/Makefile.inc b/src/lib/Makefile.inc index 25537d20ed..d77884c3d9 100644 --- a/src/lib/Makefile.inc +++ b/src/lib/Makefile.inc @@ -53,16 +53,6 @@ verstage-$(CONFIG_COLLECT_TIMESTAMPS) += timestamp.c verstage-y += boot_device.c verstage-$(CONFIG_CONSOLE_CBMEM) += cbmem_console.c -verstage-$(CONFIG_TPM) += tlcl.c -verstage-$(CONFIG_TPM2) += tpm2_marshaling.c -verstage-$(CONFIG_TPM2) += tpm2_tlcl.c - -ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y) -romstage-$(CONFIG_TPM) += tlcl.c -romstage-$(CONFIG_TPM2) += tpm2_marshaling.c -romstage-$(CONFIG_TPM2) += tpm2_tlcl.c -endif # CONFIG_VBOOT_SEPARATE_VERSTAGE - verstage-$(CONFIG_GENERIC_UDELAY) += timer.c verstage-$(CONFIG_GENERIC_GPIO_LIB) += gpio.c @@ -144,8 +134,6 @@ ramstage-$(CONFIG_GENERIC_GPIO_LIB) += gpio.c ramstage-$(CONFIG_GENERIC_UDELAY) += timer.c ramstage-y += b64_decode.c ramstage-$(CONFIG_ACPI_NHLT) += nhlt.c -ramstage-$(CONFIG_TPM2) += tpm2_marshaling.c -ramstage-$(CONFIG_TPM2) += tpm2_tlcl.c romstage-y += cbmem_common.c romstage-y += imd_cbmem.c diff --git a/src/mainboard/asus/kgpe-d16/romstage.c b/src/mainboard/asus/kgpe-d16/romstage.c index 63b93c19c5..b52a698f33 100644 --- a/src/mainboard/asus/kgpe-d16/romstage.c +++ b/src/mainboard/asus/kgpe-d16/romstage.c @@ -46,7 +46,7 @@ #include <cpu/amd/family_10h-family_15h/init_cpus.h> #include <arch/early_variables.h> #include <cbmem.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include "resourcemap.c" #include "cpu/amd/quadcore/quadcore.c" diff --git a/src/mainboard/google/gru/chromeos.c b/src/mainboard/google/gru/chromeos.c index 38f7f6987e..8d0acbbf2d 100644 --- a/src/mainboard/google/gru/chromeos.c +++ b/src/mainboard/google/gru/chromeos.c @@ -17,7 +17,7 @@ #include <bootmode.h> #include <boot/coreboot_tables.h> #include <gpio.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include "board.h" diff --git a/src/mainboard/google/link/romstage.c b/src/mainboard/google/link/romstage.c index 733aa301ef..e23eced50f 100644 --- a/src/mainboard/google/link/romstage.c +++ b/src/mainboard/google/link/romstage.c @@ -35,7 +35,7 @@ #include <arch/cpu.h> #include <cpu/x86/msr.h> #include <halt.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include <cbfs.h> #include <southbridge/intel/bd82x6x/chip.h> diff --git a/src/mainboard/google/oak/tpm_tis.c b/src/mainboard/google/oak/tpm_tis.c index 018f02db10..ba019a6983 100644 --- a/src/mainboard/google/oak/tpm_tis.c +++ b/src/mainboard/google/oak/tpm_tis.c @@ -14,7 +14,7 @@ */ #include <gpio.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include "gpio.h" diff --git a/src/mainboard/google/parrot/romstage.c b/src/mainboard/google/parrot/romstage.c index d9f2f8ff11..f34dac0705 100644 --- a/src/mainboard/google/parrot/romstage.c +++ b/src/mainboard/google/parrot/romstage.c @@ -35,7 +35,7 @@ #include <cpu/x86/msr.h> #include <halt.h> #include <cbfs.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include "ec/compal/ene932/ec.h" void pch_enable_lpc(void) diff --git a/src/mainboard/google/stout/romstage.c b/src/mainboard/google/stout/romstage.c index d054b393c5..90313fb848 100644 --- a/src/mainboard/google/stout/romstage.c +++ b/src/mainboard/google/stout/romstage.c @@ -35,7 +35,7 @@ #include <cpu/x86/msr.h> #include <halt.h> #include <bootmode.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include <cbfs.h> #include <ec/quanta/it8518/ec.h> #include "ec.h" diff --git a/src/mainboard/intel/emeraldlake2/romstage.c b/src/mainboard/intel/emeraldlake2/romstage.c index 446164f578..3827337f94 100644 --- a/src/mainboard/intel/emeraldlake2/romstage.c +++ b/src/mainboard/intel/emeraldlake2/romstage.c @@ -35,7 +35,7 @@ #include <arch/cpu.h> #include <cpu/x86/msr.h> #include <halt.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #define SIO_PORT 0x164e diff --git a/src/mainboard/lenovo/x201/romstage.c b/src/mainboard/lenovo/x201/romstage.c index e8312d75cf..f19f55578f 100644 --- a/src/mainboard/lenovo/x201/romstage.c +++ b/src/mainboard/lenovo/x201/romstage.c @@ -35,7 +35,7 @@ #include <timestamp.h> #include <arch/acpi.h> #include <cbmem.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include "dock.h" #include "arch/early_variables.h" diff --git a/src/mainboard/pcengines/apu2/romstage.c b/src/mainboard/pcengines/apu2/romstage.c index 6339d94abf..b4b2802ea0 100644 --- a/src/mainboard/pcengines/apu2/romstage.c +++ b/src/mainboard/pcengines/apu2/romstage.c @@ -33,7 +33,7 @@ #include <cpu/x86/lapic.h> #include <southbridge/amd/pi/hudson/hudson.h> #include <Fch/Fch.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include "gpio_ftns.h" diff --git a/src/mainboard/samsung/lumpy/romstage.c b/src/mainboard/samsung/lumpy/romstage.c index 3afb196448..a04d538e80 100644 --- a/src/mainboard/samsung/lumpy/romstage.c +++ b/src/mainboard/samsung/lumpy/romstage.c @@ -28,7 +28,7 @@ #include <cbmem.h> #include <console/console.h> #include <bootmode.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include <northbridge/intel/sandybridge/sandybridge.h> #include <northbridge/intel/sandybridge/raminit.h> #include <northbridge/intel/sandybridge/raminit_native.h> diff --git a/src/mainboard/samsung/stumpy/romstage.c b/src/mainboard/samsung/stumpy/romstage.c index ec5368dbb0..367a4388f4 100644 --- a/src/mainboard/samsung/stumpy/romstage.c +++ b/src/mainboard/samsung/stumpy/romstage.c @@ -37,7 +37,7 @@ #include <arch/cpu.h> #include <cpu/x86/msr.h> #include <halt.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #if IS_ENABLED(CONFIG_DRIVERS_UART_8250IO) #include <superio/smsc/lpc47n207/lpc47n207.h> #endif diff --git a/src/northbridge/intel/sandybridge/romstage.c b/src/northbridge/intel/sandybridge/romstage.c index 8608d5a8a4..1f31ad611e 100644 --- a/src/northbridge/intel/sandybridge/romstage.c +++ b/src/northbridge/intel/sandybridge/romstage.c @@ -28,7 +28,7 @@ #include <device/pci_def.h> #include <device/device.h> #include <halt.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include <northbridge/intel/sandybridge/chip.h> #include "southbridge/intel/bd82x6x/pch.h" #include <southbridge/intel/common/gpio.h> diff --git a/src/security/Kconfig b/src/security/Kconfig index 7d105b8cf8..6a334ac09c 100644 --- a/src/security/Kconfig +++ b/src/security/Kconfig @@ -13,3 +13,4 @@ ## source "src/security/vboot/Kconfig" +source "src/security/tpm/Kconfig" diff --git a/src/security/Makefile.inc b/src/security/Makefile.inc index d2e1e60f44..a940b82613 100644 --- a/src/security/Makefile.inc +++ b/src/security/Makefile.inc @@ -1 +1,2 @@ subdirs-y += vboot +subdirs-y += tpm diff --git a/src/security/tpm/Kconfig b/src/security/tpm/Kconfig new file mode 100644 index 0000000000..111f91a5c1 --- /dev/null +++ b/src/security/tpm/Kconfig @@ -0,0 +1,69 @@ +## This file is part of the coreboot project. +## +## Copyright (C) 2017 Philipp Deppenwiese, Facebook, Inc. +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; version 2 of the License. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## + +menu "Trusted Platform Module" + +config TPM + bool + default n + select LPC_TPM if MAINBOARD_HAS_LPC_TPM + select I2C_TPM if !MAINBOARD_HAS_LPC_TPM && !SPI_TPM + help + Enable this option to enable TPM support in coreboot. + + If unsure, say N. + +config TPM2 + bool + select LPC_TPM if MAINBOARD_HAS_LPC_TPM + select I2C_TPM if !MAINBOARD_HAS_LPC_TPM && !SPI_TPM + help + Enable this option to enable TPM2 support in coreboot. + + If unsure, say N. + +config DEBUG_TPM + bool "Output verbose TPM debug messages" + default n + depends on TPM || TPM2 + help + This option enables additional TPM related debug messages. + +config MAINBOARD_HAS_TPM_CR50 + bool + default y if MAINBOARD_HAS_SPI_TPM_CR50 || MAINBOARD_HAS_I2C_TPM_CR50 + default n + select MAINBOARD_HAS_TPM2 + select POWER_OFF_ON_CR50_UPDATE if ARCH_X86 + +config POWER_OFF_ON_CR50_UPDATE + bool + help + Power off machine while waiting for CR50 update to take effect. + +config MAINBOARD_HAS_LPC_TPM + bool + default n + help + Board has TPM support + +config MAINBOARD_HAS_TPM2 + bool + default n + help + There is a TPM device installed on the mainboard, and it is + compliant with version 2 TCG TPM specification. Could be connected + over LPC, SPI or I2C. + +endmenu # Trusted Platform Module (tpm) diff --git a/src/security/tpm/Makefile.inc b/src/security/tpm/Makefile.inc new file mode 100644 index 0000000000..48e70107e0 --- /dev/null +++ b/src/security/tpm/Makefile.inc @@ -0,0 +1,12 @@ +verstage-$(CONFIG_TPM) += tcg-1.2/tlcl.c +verstage-$(CONFIG_TPM2) += tcg-2.0/tpm2_marshaling.c +verstage-$(CONFIG_TPM2) += tcg-2.0/tpm2_tlcl.c + +ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y) +romstage-$(CONFIG_TPM) += tcg-1.2/tlcl.c +romstage-$(CONFIG_TPM2) += tcg-2.0/tpm2_marshaling.c +romstage-$(CONFIG_TPM2) += tcg-2.0/tpm2_tlcl.c +endif # CONFIG_VBOOT_SEPARATE_VERSTAGE + +ramstage-$(CONFIG_TPM2) += tcg-2.0/tpm2_marshaling.c +ramstage-$(CONFIG_TPM2) += tcg-2.0/tpm2_tlcl.c diff --git a/src/include/antirollback.h b/src/security/tpm/antirollback.h index f61aa858ff..d1bc433dcd 100644 --- a/src/include/antirollback.h +++ b/src/security/tpm/antirollback.h @@ -9,7 +9,7 @@ #ifndef ANTIROLLBACK_H_ #define ANTIROLLBACK_H_ -#include "tpm_lite/tss_constants.h" +#include "tss_constants.h" struct vb2_context; enum vb2_pcr_digest; diff --git a/src/lib/tlcl.c b/src/security/tpm/tcg-1.2/tlcl.c index 49854cbdcb..c7fcfcb7d6 100644 --- a/src/lib/tlcl.c +++ b/src/security/tpm/tcg-1.2/tlcl.c @@ -17,11 +17,11 @@ #include <arch/early_variables.h> #include <assert.h> #include <string.h> -#include <tpm_lite/tlcl.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include <vb2_api.h> #include "tlcl_internal.h" #include "tlcl_structures.h" +#include "../tlcl.h" #ifdef FOR_TEST #include <stdio.h> diff --git a/src/lib/tlcl_internal.h b/src/security/tpm/tcg-1.2/tlcl_internal.h index 3648be622a..3648be622a 100644 --- a/src/lib/tlcl_internal.h +++ b/src/security/tpm/tcg-1.2/tlcl_internal.h diff --git a/src/lib/tlcl_structures.h b/src/security/tpm/tcg-1.2/tlcl_structures.h index 880864ee50..880864ee50 100644 --- a/src/lib/tlcl_structures.h +++ b/src/security/tpm/tcg-1.2/tlcl_structures.h diff --git a/src/lib/tpm2_marshaling.c b/src/security/tpm/tcg-2.0/tpm2_marshaling.c index 3ce09a4f8d..3ce09a4f8d 100644 --- a/src/lib/tpm2_marshaling.c +++ b/src/security/tpm/tcg-2.0/tpm2_marshaling.c diff --git a/src/lib/tpm2_marshaling.h b/src/security/tpm/tcg-2.0/tpm2_marshaling.h index 5802044378..5802044378 100644 --- a/src/lib/tpm2_marshaling.h +++ b/src/security/tpm/tcg-2.0/tpm2_marshaling.h diff --git a/src/lib/tpm2_tlcl.c b/src/security/tpm/tcg-2.0/tpm2_tlcl.c index fde90a002a..e111b89ae2 100644 --- a/src/lib/tpm2_tlcl.c +++ b/src/security/tpm/tcg-2.0/tpm2_tlcl.c @@ -4,16 +4,16 @@ * found in the LICENSE file. */ -#include <antirollback.h> #include <arch/early_variables.h> #include <console/console.h> #include <endian.h> -#include <lib/tpm2_tlcl_structures.h> #include <string.h> -#include <tpm.h> #include <vb2_api.h> +#include "tpm2_tlcl_structures.h" #include "tpm2_marshaling.h" +#include "../tpm.h" +#include "../antirollback.h" /* * This file provides interface between firmware and TPM2 device. The TPM1.2 diff --git a/src/lib/tpm2_tlcl_structures.h b/src/security/tpm/tcg-2.0/tpm2_tlcl_structures.h index 2a6615df42..acd9e74aec 100644 --- a/src/lib/tpm2_tlcl_structures.h +++ b/src/security/tpm/tcg-2.0/tpm2_tlcl_structures.h @@ -13,9 +13,10 @@ */ #include <stdint.h> #include <compiler.h> -#include <tpm_lite/tlcl.h> #include <types.h> +#include "../tlcl.h" + /* This should be plenty for what firmware needs. */ #define TPM_BUFFER_SIZE 256 diff --git a/src/include/tpm_lite/tlcl.h b/src/security/tpm/tlcl.h index 8dd5d80685..8dd5d80685 100644 --- a/src/include/tpm_lite/tlcl.h +++ b/src/security/tpm/tlcl.h diff --git a/src/include/tpm.h b/src/security/tpm/tpm.h index 32a44c17eb..32a44c17eb 100644 --- a/src/include/tpm.h +++ b/src/security/tpm/tpm.h diff --git a/src/lib/tpm_error_messages.h b/src/security/tpm/tpm_error_messages.h index ac7cd4e859..ac7cd4e859 100644 --- a/src/lib/tpm_error_messages.h +++ b/src/security/tpm/tpm_error_messages.h diff --git a/src/include/tpm_lite/tss_constants.h b/src/security/tpm/tss_constants.h index 937e553969..937e553969 100644 --- a/src/include/tpm_lite/tss_constants.h +++ b/src/security/tpm/tss_constants.h diff --git a/src/security/vboot/secdata_mock.c b/src/security/vboot/secdata_mock.c index 72ee5b3c11..ff8e98e43f 100644 --- a/src/security/vboot/secdata_mock.c +++ b/src/security/vboot/secdata_mock.c @@ -32,9 +32,9 @@ * stored in the TPM NVRAM. */ -#include <antirollback.h> +#include <security/tpm/antirollback.h> #include <stdlib.h> -#include <tpm_lite/tlcl.h> +#include <security/tpm/tlcl.h> #include <vb2_api.h> uint32_t tpm_extend_pcr(struct vb2_context *ctx, int pcr, diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c index be9d680cc0..2dc11bd2dc 100644 --- a/src/security/vboot/secdata_tpm.c +++ b/src/security/vboot/secdata_tpm.c @@ -32,10 +32,10 @@ * stored in the TPM NVRAM. */ -#include <antirollback.h> +#include <security/tpm/antirollback.h> #include <stdlib.h> #include <string.h> -#include <tpm_lite/tlcl.h> +#include <security/tpm/tlcl.h> #include <vb2_api.h> #include <console/console.h> diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c index e6b97b9c2f..c76739ac51 100644 --- a/src/security/vboot/vboot_logic.c +++ b/src/security/vboot/vboot_logic.c @@ -13,7 +13,7 @@ * GNU General Public License for more details. */ -#include <antirollback.h> +#include <security/tpm/antirollback.h> #include <arch/exception.h> #include <assert.h> #include <bootmode.h> diff --git a/src/soc/intel/baytrail/romstage/romstage.c b/src/soc/intel/baytrail/romstage/romstage.c index 9990d84257..d8e6449dc6 100644 --- a/src/soc/intel/baytrail/romstage/romstage.c +++ b/src/soc/intel/baytrail/romstage/romstage.c @@ -30,7 +30,7 @@ #include <stage_cache.h> #include <string.h> #include <timestamp.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include <vendorcode/google/chromeos/chromeos.h> #include <soc/gpio.h> #include <soc/iomap.h> diff --git a/src/soc/intel/braswell/romstage/romstage.c b/src/soc/intel/braswell/romstage/romstage.c index 0f82c49999..12a15304a2 100644 --- a/src/soc/intel/braswell/romstage/romstage.c +++ b/src/soc/intel/braswell/romstage/romstage.c @@ -43,7 +43,7 @@ #include <soc/romstage.h> #include <soc/smm.h> #include <soc/spi.h> -#include <tpm.h> +#include <security/tpm/tpm.h> void program_base_addresses(void) { diff --git a/src/soc/intel/broadwell/romstage/romstage.c b/src/soc/intel/broadwell/romstage/romstage.c index 1417b802cf..fa4c1eac62 100644 --- a/src/soc/intel/broadwell/romstage/romstage.c +++ b/src/soc/intel/broadwell/romstage/romstage.c @@ -25,7 +25,7 @@ #include <cbmem.h> #include <cpu/x86/mtrr.h> #include <elog.h> -#include <tpm.h> +#include <security/tpm/tpm.h> #include <program_loading.h> #include <romstage_handoff.h> #include <stage_cache.h> diff --git a/src/soc/intel/common/tpm_tis.c b/src/soc/intel/common/tpm_tis.c index ed57cef488..f088c0d16a 100644 --- a/src/soc/intel/common/tpm_tis.c +++ b/src/soc/intel/common/tpm_tis.c @@ -14,7 +14,7 @@ */ #include <arch/acpi.h> -#include <tpm.h> +#include <security/tpm/tpm.h> int tis_plat_irq_status(void) { diff --git a/src/vendorcode/google/chromeos/cr50_enable_update.c b/src/vendorcode/google/chromeos/cr50_enable_update.c index b5e4b6cc67..d322bbea3a 100644 --- a/src/vendorcode/google/chromeos/cr50_enable_update.c +++ b/src/vendorcode/google/chromeos/cr50_enable_update.c @@ -18,7 +18,7 @@ #include <ec/google/chromeec/ec.h> #include <elog.h> #include <halt.h> -#include <tpm_lite/tlcl.h> +#include <security/tpm/tlcl.h> #include <vb2_api.h> #include <security/vboot/vboot_common.h> @@ -71,4 +71,3 @@ static void enable_update(void *unused) halt(); } BOOT_STATE_INIT_ENTRY(BS_PAYLOAD_LOAD, BS_ON_ENTRY, enable_update, NULL); - diff --git a/src/vendorcode/google/chromeos/tpm2.c b/src/vendorcode/google/chromeos/tpm2.c index fd1dac9a35..266cf75f61 100644 --- a/src/vendorcode/google/chromeos/tpm2.c +++ b/src/vendorcode/google/chromeos/tpm2.c @@ -15,7 +15,7 @@ #include <bootstate.h> #include <console/console.h> -#include <tpm_lite/tlcl.h> +#include <security/tpm/tlcl.h> #include <vb2_api.h> static void disable_platform_hierarchy(void *unused) |