diff options
author | Karthikeyan Ramasubramanian <kramasub@google.com> | 2021-03-01 13:50:20 -0700 |
---|---|---|
committer | Patrick Georgi <pgeorgi@google.com> | 2021-03-05 10:57:01 +0000 |
commit | ba7b90ecf216c8882d4b37579380e9a46d79e2f0 (patch) | |
tree | bf3fb44d2dcbf106f3fecf9d5a46f9febe01669d /src/security/tpm/tss/vendor/cr50 | |
parent | 7cdcf64f71036966a187b4c71dddba5085f519dd (diff) |
security/tpm/tss/vendor/cr50: Introduce vendor sub-command to reset EC
Add marshaling and unmarshaling support for cr50 vendor sub-command to
reset EC and a interface function to exchange the same.
BUG=b:181051734
TEST=Build and boot to OS in drawlat. Ensure that when the command is
issued, EC reset is triggered.
Change-Id: I46063678511d27fea5eabbd12fc3af0b1df68143
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@google.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/51164
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
Diffstat (limited to 'src/security/tpm/tss/vendor/cr50')
-rw-r--r-- | src/security/tpm/tss/vendor/cr50/cr50.c | 28 | ||||
-rw-r--r-- | src/security/tpm/tss/vendor/cr50/cr50.h | 9 |
2 files changed, 37 insertions, 0 deletions
diff --git a/src/security/tpm/tss/vendor/cr50/cr50.c b/src/security/tpm/tss/vendor/cr50/cr50.c index a5b8057a01..e38ca30ad4 100644 --- a/src/security/tpm/tss/vendor/cr50/cr50.c +++ b/src/security/tpm/tss/vendor/cr50/cr50.c @@ -2,6 +2,7 @@ #include <console/console.h> #include <endian.h> +#include <halt.h> #include <vb2_api.h> #include <security/tpm/tis.h> #include <security/tpm/tss.h> @@ -148,3 +149,30 @@ uint32_t tlcl_cr50_immediate_reset(uint16_t timeout_ms) return TPM_SUCCESS; } + +uint32_t tlcl_cr50_reset_ec(void) +{ + struct tpm2_response *response; + uint16_t reset_cmd = TPM2_CR50_SUB_CMD_RESET_EC; + + printk(BIOS_DEBUG, "Issuing EC reset\n"); + + response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND, &reset_cmd); + + if (!response) + return TPM_E_IOERROR; + + if (response->hdr.tpm_code == VENDOR_RC_NO_SUCH_COMMAND || + response->hdr.tpm_code == VENDOR_RC_NO_SUCH_SUBCOMMAND) + /* Explicitly inform caller when command is not supported */ + return TPM_E_NO_SUCH_COMMAND; + + if (response->hdr.tpm_code) + /* Unexpected return code from Cr50 */ + return TPM_E_IOERROR; + + printk(BIOS_DEBUG, "EC reset coming up...\n"); + halt(); + + return TPM_SUCCESS; +} diff --git a/src/security/tpm/tss/vendor/cr50/cr50.h b/src/security/tpm/tss/vendor/cr50/cr50.h index 7730eccd29..0028e80b3c 100644 --- a/src/security/tpm/tss/vendor/cr50/cr50.h +++ b/src/security/tpm/tss/vendor/cr50/cr50.h @@ -15,6 +15,7 @@ #define TPM2_CR50_SUB_CMD_GET_REC_BTN (29) #define TPM2_CR50_SUB_CMD_TPM_MODE (40) #define TPM2_CR50_SUB_CMD_GET_BOOT_MODE (52) +#define TPM2_CR50_SUB_CMD_RESET_EC (53) /* Cr50 vendor-specific error codes. */ #define VENDOR_RC_ERR 0x00000500 @@ -95,4 +96,12 @@ uint32_t tlcl_cr50_get_boot_mode(uint8_t *boot_mode); */ uint32_t tlcl_cr50_immediate_reset(uint16_t timeout_ms); +/** + * CR50 specific TPM command sequence to issue an EC reset. + * + * Returns TPM_E_* for errors. + * On Success, this function invokes halt() and does not return. + */ +uint32_t tlcl_cr50_reset_ec(void); + #endif /* CR50_TSS_STRUCTURES_H_ */ |