aboutsummaryrefslogtreecommitdiff
path: root/src/lib/tpm2_tlcl_structures.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/tpm2_tlcl_structures.h')
-rw-r--r--src/lib/tpm2_tlcl_structures.h325
1 files changed, 325 insertions, 0 deletions
diff --git a/src/lib/tpm2_tlcl_structures.h b/src/lib/tpm2_tlcl_structures.h
new file mode 100644
index 0000000000..fad9c0d7bd
--- /dev/null
+++ b/src/lib/tpm2_tlcl_structures.h
@@ -0,0 +1,325 @@
+/*
+ * Copyright 2016 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#ifndef __SRC_LIB_TPM2_TLCL_STRUCTURES_H
+#define __SRC_LIB_TPM2_TLCL_STRUCTURES_H
+
+/*
+ * This file includes a subset of definitions of TPM protocol version 2.x
+ * constants and structures needed for functions used in coreboot.
+ */
+#include <stdint.h>
+#include <tpm_lite/tlcl.h>
+#include <types.h>
+
+/* This should be plenty for what firmware needs. */
+#define TPM_BUFFER_SIZE 256
+
+/* Basic TPM2 types. */
+typedef uint16_t TPM_SU;
+typedef uint16_t TPM_ALG_ID;
+typedef uint32_t TPM_CC;
+typedef uint32_t TPM_HANDLE;
+typedef uint32_t TPM_RC;
+typedef uint8_t TPMI_YES_NO;
+typedef TPM_HANDLE TPMI_RH_NV_INDEX;
+typedef TPM_HANDLE TPMI_RH_PROVISION;
+typedef TPM_HANDLE TPMI_SH_AUTH_SESSION;
+typedef TPM_HANDLE TPM_RH;
+typedef TPM_ALG_ID TPMI_ALG_HASH;
+
+/* Some hardcoded algorithm values. */
+#define TPM_ALG_HMAC ((TPM_ALG_ID)0x0005)
+#define TPM_ALG_NULL ((TPM_ALG_ID)0x0010)
+#define TPM_ALG_SHA1 ((TPM_ALG_ID)0x0004)
+#define TPM_ALG_SHA256 ((TPM_ALG_ID)0x000b)
+
+/* Some hardcoded hierarchies. */
+#define TPM_RH_NULL 0x40000007
+#define TPM_RS_PW 0x40000009
+#define TPM_RH_PLATFORM 0x4000000C
+
+typedef struct {
+ uint16_t size;
+ uint8_t *buffer;
+} TPM2B;
+
+typedef union {
+ uint8_t body[512];
+} TPMU_HA;
+
+typedef struct {
+ TPMI_ALG_HASH hashAlg;
+ TPMU_HA digest;
+} TPMT_HA;
+
+typedef union {
+ TPMT_HA digest;
+ TPM_HANDLE handle;
+} TPMU_NAME;
+
+typedef union {
+ struct {
+ uint16_t size;
+ uint8_t name[sizeof(TPMU_NAME)];
+ } t;
+ TPM2B b;
+} TPM2B_NAME;
+
+/* Relevant TPM Command's structures. */
+/* Common command/response header. */
+struct tpm_header {
+ uint16_t tpm_tag;
+ uint32_t tpm_size;
+ TPM_CC tpm_code;
+} __attribute__((packed));
+
+/* TPM command codes. */
+#define TPM2_NV_DefineSpace ((TPM_CC)0x0000012A)
+#define TPM2_NV_Write ((TPM_CC)0x00000137)
+#define TPM2_SelfTest ((TPM_CC)0x00000143)
+#define TPM2_Startup ((TPM_CC)0x00000144)
+#define TPM2_NV_Read ((TPM_CC)0x0000014E)
+#define TPM2_GetCapability ((TPM_CC)0x0000017A)
+
+/* Startup values. */
+#define TPM_SU_CLEAR 0
+#define TPM_SU_STATE 1
+
+#define TPM_HT_NV_INDEX 0x01
+#define TPM_HT_HMAC_SESSION 0x02
+#define TPM_HT_POLICY_SESSION 0x03
+
+#define HR_SHIFT 24
+#define HR_PCR (TPM_HT_PCR << HR_SHIFT)
+#define HR_HMAC_SESSION (TPM_HT_HMAC_SESSION << HR_SHIFT)
+#define HR_POLICY_SESSION (TPM_HT_POLICY_SESSION << HR_SHIFT)
+#define HR_TRANSIENT (TPM_HT_TRANSIENT << HR_SHIFT)
+#define HR_PERSISTENT (TPM_HT_PERSISTENT << HR_SHIFT)
+#define HR_NV_INDEX (TPM_HT_NV_INDEX << HR_SHIFT)
+#define HR_PERMANENT (TPM_HT_PERMANENT << HR_SHIFT)
+#define PCR_FIRST (HR_PCR + 0)
+#define PCR_LAST (PCR_FIRST + IMPLEMENTATION_PCR-1)
+#define HMAC_SESSION_FIRST (HR_HMAC_SESSION + 0)
+#define HMAC_SESSION_LAST (HMAC_SESSION_FIRST+MAX_ACTIVE_SESSIONS-1)
+#define LOADED_SESSION_FIRST HMAC_SESSION_FIRST
+#define LOADED_SESSION_LAST HMAC_SESSION_LAST
+#define POLICY_SESSION_FIRST (HR_POLICY_SESSION + 0)
+#define POLICY_SESSION_LAST (POLICY_SESSION_FIRST + MAX_ACTIVE_SESSIONS-1)
+#define TRANSIENT_FIRST (HR_TRANSIENT + 0)
+#define ACTIVE_SESSION_FIRST POLICY_SESSION_FIRST
+#define ACTIVE_SESSION_LAST POLICY_SESSION_LAST
+#define TRANSIENT_LAST (TRANSIENT_FIRST+MAX_LOADED_OBJECTS-1)
+#define PERSISTENT_FIRST (HR_PERSISTENT + 0)
+#define PERSISTENT_LAST (PERSISTENT_FIRST + 0x00FFFFFF)
+#define PLATFORM_PERSISTENT (PERSISTENT_FIRST + 0x00800000)
+#define NV_INDEX_FIRST (HR_NV_INDEX + 0)
+#define NV_INDEX_LAST (NV_INDEX_FIRST + 0x00FFFFFF)
+#define PERMANENT_FIRST TPM_RH_FIRST
+#define PERMANENT_LAST TPM_RH_LAST
+
+/* Tpm2 command tags. */
+#define TPM_ST_NO_SESSIONS 0x8001
+#define TPM_ST_SESSIONS 0x8002
+
+#define RC_VER1 0x100
+#define TPM_RC_INITIALIZE ((TPM_RC)(RC_VER1 + 0x000))
+
+/* TPM command structures. */
+
+struct tpm2_startup {
+ TPM_SU startup_type;
+};
+
+/* Various TPM capability types to use when querying the device. */
+typedef uint32_t TPM_CAP;
+#define TPM_CAP_TPM_PROPERTIES ((TPM_CAP)0x00000006)
+
+typedef TPM_HANDLE TPMI_RH_NV_AUTH;
+typedef TPM_HANDLE TPMI_RH_NV_INDEX;
+
+/* TPM Property capability constants. */
+typedef uint32_t TPM_PT;
+#define PT_GROUP 0x00000100
+#define PT_VAR (PT_GROUP * 2)
+#define TPM_PT_PERMANENT ((TPM_PT)(PT_VAR + 0))
+
+/* Structures of payloads of various TPM2 commands. */
+struct tpm2_get_capability {
+ TPM_CAP capability;
+ uint32_t property;
+ uint32_t propertyCount;
+};
+
+/* get_capability response when PT_PERMANENT is requested. */
+typedef struct {
+ uint32_t ownerAuthSet : 1;
+ uint32_t endorsementAuthSet : 1;
+ uint32_t lockoutAuthSet : 1;
+ uint32_t reserved3_7 : 5;
+ uint32_t disableClear : 1;
+ uint32_t inLockout : 1;
+ uint32_t tpmGeneratedEPS : 1;
+ uint32_t reserved11_31 : 21;
+} TPMA_PERMANENT;
+
+typedef struct {
+ uint32_t TPMA_NV_PPWRITE : 1;
+ uint32_t TPMA_NV_OWNERWRITE : 1;
+ uint32_t TPMA_NV_AUTHWRITE : 1;
+ uint32_t TPMA_NV_POLICYWRITE : 1;
+ uint32_t TPMA_NV_COUNTER : 1;
+ uint32_t TPMA_NV_BITS : 1;
+ uint32_t TPMA_NV_EXTEND : 1;
+ uint32_t reserved7_9 : 3;
+ uint32_t TPMA_NV_POLICY_DELETE : 1;
+ uint32_t TPMA_NV_WRITELOCKED : 1;
+ uint32_t TPMA_NV_WRITEALL : 1;
+ uint32_t TPMA_NV_WRITEDEFINE : 1;
+ uint32_t TPMA_NV_WRITE_STCLEAR : 1;
+ uint32_t TPMA_NV_GLOBALLOCK : 1;
+ uint32_t TPMA_NV_PPREAD : 1;
+ uint32_t TPMA_NV_OWNERREAD : 1;
+ uint32_t TPMA_NV_AUTHREAD : 1;
+ uint32_t TPMA_NV_POLICYREAD : 1;
+ uint32_t reserved20_24 : 5;
+ uint32_t TPMA_NV_NO_DA : 1;
+ uint32_t TPMA_NV_ORDERLY : 1;
+ uint32_t TPMA_NV_CLEAR_STCLEAR : 1;
+ uint32_t TPMA_NV_READLOCKED : 1;
+ uint32_t TPMA_NV_WRITTEN : 1;
+ uint32_t TPMA_NV_PLATFORMCREATE : 1;
+ uint32_t TPMA_NV_READ_STCLEAR : 1;
+} TPMA_NV;
+
+typedef union {
+ struct {
+ uint16_t size;
+ uint8_t buffer[sizeof(TPMU_HA)];
+ } t;
+ TPM2B b;
+} TPM2B_DIGEST;
+
+typedef TPM2B_DIGEST TPM2B_AUTH;
+typedef TPM2B_DIGEST TPM2B_NONCE;
+
+typedef struct {
+ TPM_PT property;
+ uint32_t value;
+} TPMS_TAGGED_PROPERTY;
+
+#define MAX_CAP_DATA (TPM_BUFFER_SIZE - sizeof(struct tpm_header) - \
+ sizeof(TPMI_YES_NO) - sizeof(TPM_CAP) - sizeof(uint32_t))
+#define MAX_TPM_PROPERTIES (MAX_CAP_DATA/sizeof(TPMS_TAGGED_PROPERTY))
+
+/* Somewhat arbitrary, leave enough room for command wrappers. */
+#define MAX_NV_BUFFER_SIZE (TPM_BUFFER_SIZE - sizeof(struct tpm_header) - 50)
+
+typedef struct {
+ uint32_t count;
+ TPMS_TAGGED_PROPERTY tpmProperty[MAX_TPM_PROPERTIES];
+} TPML_TAGGED_TPM_PROPERTY;
+
+typedef union {
+ TPML_TAGGED_TPM_PROPERTY tpmProperties;
+} TPMU_CAPABILITIES;
+
+typedef struct {
+ TPM_CAP capability;
+ TPMU_CAPABILITIES data;
+} TPMS_CAPABILITY_DATA;
+
+struct get_cap_response {
+ TPMI_YES_NO more_data;
+ TPMS_CAPABILITY_DATA cd;
+};
+
+typedef struct {
+ TPMI_RH_NV_INDEX nvIndex;
+ TPMI_ALG_HASH nameAlg;
+ TPMA_NV attributes;
+ TPM2B_DIGEST authPolicy;
+ uint16_t dataSize;
+} TPMS_NV_PUBLIC;
+
+typedef union {
+ struct {
+ uint16_t size;
+ TPMS_NV_PUBLIC nvPublic;
+ } t;
+ TPM2B b;
+} TPM2B_NV_PUBLIC;
+
+typedef union {
+ struct {
+ uint16_t size;
+ const uint8_t *buffer;
+ } t;
+ TPM2B b;
+} TPM2B_MAX_NV_BUFFER;
+
+struct nv_read_response {
+ uint32_t params_size;
+ TPM2B_MAX_NV_BUFFER buffer;
+};
+
+struct tpm2_session_attrs {
+ uint8_t continueSession : 1;
+ uint8_t auditExclusive : 1;
+ uint8_t auditReset : 1;
+ uint8_t reserved3_4 : 2;
+ uint8_t decrypt : 1;
+ uint8_t encrypt : 1;
+ uint8_t audit : 1;
+};
+
+/*
+ * TPM session header for commands requiring session information. Also
+ * included in the responses to those commands.
+ */
+struct tpm2_session_header {
+ uint32_t session_handle;
+ uint16_t nonce_size;
+ uint8_t *nonce;
+ union {
+ struct tpm2_session_attrs session_attr_bits;
+ uint8_t session_attrs;
+ } __attribute__((packed));
+ uint16_t auth_size;
+ uint8_t *auth;
+};
+
+struct tpm2_response {
+ struct tpm_header hdr;
+ union {
+ struct get_cap_response gc;
+ struct nv_read_response nvr;
+ struct tpm2_session_header def_space;
+ };
+};
+
+struct tpm2_nv_define_space_cmd {
+ TPM2B_AUTH auth;
+ TPMS_NV_PUBLIC publicInfo;
+};
+
+struct tpm2_nv_write_cmd {
+ TPMI_RH_NV_INDEX nvIndex;
+ TPM2B_MAX_NV_BUFFER data;
+ uint16_t offset;
+};
+
+struct tpm2_self_test {
+ TPMI_YES_NO yes_no;
+};
+
+struct tpm2_nv_read_cmd {
+ TPMI_RH_NV_INDEX nvIndex;
+ uint16_t size;
+ uint16_t offset;
+};
+
+#endif // __SRC_LIB_TPM2_TLCL_STRUCTURES_H
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-19 19:01:08 +0000