aboutsummaryrefslogtreecommitdiff
path: root/src/security/tpm/tss/vendor/cr50/cr50.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/security/tpm/tss/vendor/cr50/cr50.c')
-rw-r--r--src/security/tpm/tss/vendor/cr50/cr50.c65
1 files changed, 62 insertions, 3 deletions
diff --git a/src/security/tpm/tss/vendor/cr50/cr50.c b/src/security/tpm/tss/vendor/cr50/cr50.c
index 450ad97fe5..1522ce6979 100644
--- a/src/security/tpm/tss/vendor/cr50/cr50.c
+++ b/src/security/tpm/tss/vendor/cr50/cr50.c
@@ -26,7 +26,7 @@ uint32_t tlcl_cr50_enable_nvcommits(void)
if (response == NULL || (response && response->hdr.tpm_code)) {
if (response)
printk(BIOS_INFO, "%s: failed %x\n", __func__,
- response->hdr.tpm_code);
+ response->hdr.tpm_code);
else
printk(BIOS_INFO, "%s: failed\n", __func__);
return TPM_E_IOERROR;
@@ -47,7 +47,7 @@ uint32_t tlcl_cr50_enable_update(uint16_t timeout_ms,
response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND, command_body);
if (!response || response->hdr.tpm_code)
- return TPM_E_INTERNAL_INCONSISTENCY;
+ return TPM_E_IOERROR;
*num_restored_headers = response->vcr.num_restored_headers;
return TPM_SUCCESS;
@@ -63,8 +63,67 @@ uint32_t tlcl_cr50_get_recovery_button(uint8_t *recovery_button_state)
response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND, &sub_command);
if (!response || response->hdr.tpm_code)
- return TPM_E_INTERNAL_INCONSISTENCY;
+ return TPM_E_IOERROR;
*recovery_button_state = response->vcr.recovery_button_state;
return TPM_SUCCESS;
}
+
+uint32_t tlcl_cr50_get_tpm_mode(uint8_t *tpm_mode)
+{
+ struct tpm2_response *response;
+ uint16_t mode_command = TPM2_CR50_SUB_CMD_TPM_MODE;
+ *tpm_mode = TPM_MODE_INVALID;
+
+ printk(BIOS_INFO, "Reading cr50 TPM mode\n");
+
+ response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND, &mode_command);
+
+ if (!response)
+ return TPM_E_IOERROR;
+
+ if (response->hdr.tpm_code == VENDOR_RC_INTERNAL_ERROR) {
+ /*
+ * The Cr50 returns VENDOR_RC_INTERNAL_ERROR iff the key ladder
+ * is disabled. The Cr50 requires a reboot to re-enable the key
+ * ladder.
+ */
+ return TPM_E_MUST_REBOOT;
+ }
+
+ if (response->hdr.tpm_code == VENDOR_RC_NO_SUCH_COMMAND) {
+ /*
+ * Explicitly inform caller when command is not supported
+ */
+ return TPM_E_NO_SUCH_COMMAND;
+ }
+
+ if (response->hdr.tpm_code) {
+ /* Unexpected return code from Cr50 */
+ return TPM_E_IOERROR;
+ }
+
+ /* TPM command completed without error */
+ *tpm_mode = response->vcr.tpm_mode;
+
+ return TPM_SUCCESS;
+}
+
+uint32_t tlcl_cr50_immediate_reset(uint16_t timeout_ms)
+{
+ struct tpm2_response *response;
+ uint16_t reset_command_body[] = {
+ TPM2_CR50_SUB_CMD_IMMEDIATE_RESET, timeout_ms};
+
+ /*
+ * Issue an immediate reset to the Cr50.
+ */
+ printk(BIOS_INFO, "Issuing cr50 reset\n");
+ response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND,
+ &reset_command_body);
+
+ if (!response)
+ return TPM_E_IOERROR;
+
+ return TPM_SUCCESS;
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-04 20:35:49 +0000