diff options
-rw-r--r-- | src/security/vboot/secdata_tpm.c | 111 |
1 files changed, 41 insertions, 70 deletions
diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c index 0304b923fb..65d9c83a34 100644 --- a/src/security/vboot/secdata_tpm.c +++ b/src/security/vboot/secdata_tpm.c @@ -71,6 +71,8 @@ uint32_t antirollback_read_space_kernel(struct vb2_context *ctx) return TPM_SUCCESS; } +#if CONFIG(TPM2) + static uint32_t read_space_mrc_hash(uint32_t index, uint8_t *data) { RETURN_ON_FAILURE(tlcl_read(index, data, @@ -85,7 +87,6 @@ static uint32_t read_space_mrc_hash(uint32_t index, uint8_t *data) */ static const uint8_t mrc_hash_data[HASH_NV_SIZE] = { }; -#if CONFIG(TPM2) /* * Different sets of NVRAM space attributes apply to the "ro" spaces, * i.e. those which should not be possible to delete or modify once @@ -208,6 +209,45 @@ uint32_t antirollback_lock_space_firmware(void) return tlcl_lock_nv_write(FIRMWARE_NV_INDEX); } +uint32_t antirollback_read_space_mrc_hash(uint32_t index, uint8_t *data, uint32_t size) +{ + if (size != HASH_NV_SIZE) { + VBDEBUG("TPM: Incorrect buffer size for hash idx 0x%x. " + "(Expected=0x%x Actual=0x%x).\n", index, HASH_NV_SIZE, + size); + return TPM_E_READ_FAILURE; + } + return read_space_mrc_hash(index, data); +} + +uint32_t antirollback_write_space_mrc_hash(uint32_t index, const uint8_t *data, uint32_t size) +{ + uint8_t spc_data[HASH_NV_SIZE]; + uint32_t rv; + + if (size != HASH_NV_SIZE) { + VBDEBUG("TPM: Incorrect buffer size for hash idx 0x%x. " + "(Expected=0x%x Actual=0x%x).\n", index, HASH_NV_SIZE, + size); + return TPM_E_WRITE_FAILURE; + } + + rv = read_space_mrc_hash(index, spc_data); + if (rv == TPM_E_BADINDEX) { + /* + * If space is not defined already for hash, define + * new space. + */ + VBDEBUG("TPM: Initializing hash space.\n"); + return set_mrc_hash_space(index, data); + } + + if (rv != TPM_SUCCESS) + return rv; + + return safe_write(index, data, size); +} + uint32_t antirollback_lock_space_mrc_hash(uint32_t index) { return tlcl_lock_nv_write(index); @@ -250,18 +290,6 @@ static uint32_t safe_define_space(uint32_t index, uint32_t perm, uint32_t size) } } -static uint32_t set_mrc_hash_space(uint32_t index, const uint8_t *data) -{ - RETURN_ON_FAILURE(safe_define_space(index, - TPM_NV_PER_GLOBALLOCK | - TPM_NV_PER_PPWRITE, - HASH_NV_SIZE)); - RETURN_ON_FAILURE(safe_write(index, data, - HASH_NV_SIZE)); - - return TPM_SUCCESS; -} - static uint32_t _factory_initialize_tpm(struct vb2_context *ctx) { TPM_PERMANENT_FLAGS pflags; @@ -316,16 +344,6 @@ static uint32_t _factory_initialize_tpm(struct vb2_context *ctx) ctx->secdata_firmware, VB2_SECDATA_FIRMWARE_SIZE)); - /* - * Define and set rec hash space, if available. No need to - * create the RW hash space because we will definitely boot - * once in normal mode before shipping, meaning that the space - * will get created with correct permissions while still in in - * our hands. - */ - if (CONFIG(VBOOT_HAS_REC_HASH_SPACE)) - RETURN_ON_FAILURE(set_mrc_hash_space(MRC_REC_HASH_NV_INDEX, mrc_hash_data)); - return TPM_SUCCESS; } @@ -334,14 +352,6 @@ uint32_t antirollback_lock_space_firmware(void) return tlcl_set_global_lock(); } -uint32_t antirollback_lock_space_mrc_hash(uint32_t index) -{ - /* - * Nothing needs to be done here, since global lock is already set while - * locking firmware space. - */ - return TPM_SUCCESS; -} #endif /** @@ -434,45 +444,6 @@ uint32_t antirollback_write_space_kernel(struct vb2_context *ctx) return safe_write(KERNEL_NV_INDEX, ctx->secdata_kernel, size); } -uint32_t antirollback_read_space_mrc_hash(uint32_t index, uint8_t *data, uint32_t size) -{ - if (size != HASH_NV_SIZE) { - VBDEBUG("TPM: Incorrect buffer size for hash idx 0x%x. " - "(Expected=0x%x Actual=0x%x).\n", index, HASH_NV_SIZE, - size); - return TPM_E_READ_FAILURE; - } - return read_space_mrc_hash(index, data); -} - -uint32_t antirollback_write_space_mrc_hash(uint32_t index, const uint8_t *data, uint32_t size) -{ - uint8_t spc_data[HASH_NV_SIZE]; - uint32_t rv; - - if (size != HASH_NV_SIZE) { - VBDEBUG("TPM: Incorrect buffer size for hash idx 0x%x. " - "(Expected=0x%x Actual=0x%x).\n", index, HASH_NV_SIZE, - size); - return TPM_E_WRITE_FAILURE; - } - - rv = read_space_mrc_hash(index, spc_data); - if (rv == TPM_E_BADINDEX) { - /* - * If space is not defined already for hash, define - * new space. - */ - VBDEBUG("TPM: Initializing hash space.\n"); - return set_mrc_hash_space(index, data); - } - - if (rv != TPM_SUCCESS) - return rv; - - return safe_write(index, data, size); -} - vb2_error_t vb2ex_tpm_clear_owner(struct vb2_context *ctx) { uint32_t rv; |