summaryrefslogtreecommitdiff
path: root/src/security
diff options
context:
space:
mode:
Diffstat (limited to 'src/security')
-rw-r--r--src/security/intel/txt/txt_register.h4
-rw-r--r--src/security/tpm/tis.h16
-rw-r--r--src/security/tpm/tspi.h14
-rw-r--r--src/security/tpm/tspi/crtm.c47
-rw-r--r--src/security/tpm/tspi/crtm.h5
-rw-r--r--src/security/tpm/tspi/tspi.c54
-rw-r--r--src/security/tpm/tss.h58
-rw-r--r--src/security/tpm/tss/tcg-1.2/tss.c100
-rw-r--r--src/security/tpm/tss/tcg-2.0/tss.c61
-rw-r--r--src/security/tpm/tss/vendor/cr50/cr50.c16
-rw-r--r--src/security/tpm/tss/vendor/cr50/cr50.h17
-rw-r--r--src/security/tpm/tss_errors.h9
-rw-r--r--src/security/vboot/antirollback.h21
-rw-r--r--src/security/vboot/mrc_cache_hash_tpm.c24
-rw-r--r--src/security/vboot/secdata_mock.c41
-rw-r--r--src/security/vboot/secdata_tpm.c109
-rw-r--r--src/security/vboot/tpm_common.c15
-rw-r--r--src/security/vboot/tpm_common.h8
-rw-r--r--src/security/vboot/vbios_cache_hash_tpm.c24
-rw-r--r--src/security/vboot/vboot_common.c5
-rw-r--r--src/security/vboot/vboot_logic.c43
21 files changed, 361 insertions, 330 deletions
diff --git a/src/security/intel/txt/txt_register.h b/src/security/intel/txt/txt_register.h
index 95f2a680d9..a00084511f 100644
--- a/src/security/intel/txt/txt_register.h
+++ b/src/security/intel/txt/txt_register.h
@@ -109,9 +109,9 @@
* Note: Only locality 0 registers are publicly accessible.
*/
-#define TPM_BASE 0xfed40000UL
+#define TPM_BASE_ADDR 0xfed40000UL
-#define TPM_ACCESS_REG (TPM_BASE + 0x00)
+#define TPM_ACCESS_REG (TPM_BASE_ADDR + 0x00)
/*
* TXT Memory regions
diff --git a/src/security/tpm/tis.h b/src/security/tpm/tis.h
index fae049efff..34dc8e8bd7 100644
--- a/src/security/tpm/tis.h
+++ b/src/security/tpm/tis.h
@@ -3,6 +3,7 @@
#ifndef TIS_H_
#define TIS_H_
+#include <security/tpm/tss_errors.h>
#include <types.h>
enum tis_access {
@@ -34,19 +35,19 @@ enum tis_status {
/*
* tis_init()
*
- * Initialize the TPM device. Returns 0 on success or -1 on
- * failure (in case device probing did not succeed).
+ * Initialize the TPM device.
+ * Returns TSS Return Code from TCG TPM Structures. See tss_errors.h
*/
-int tis_init(void);
+tpm_result_t tis_init(void);
/*
* tis_open()
*
* Requests access to locality 0 for the caller.
*
- * Returns 0 on success, -1 on failure.
+ * Returns TSS Return Code from TCG TPM Structures. See tss_errors.h
*/
-int tis_open(void);
+tpm_result_t tis_open(void);
/*
* tis_sendrecv()
@@ -58,10 +59,9 @@ int tis_open(void);
* @recvbuf - memory to save the response to
* @recv_len - pointer to the size of the response buffer
*
- * Returns 0 on success (and places the number of response bytes at recv_len)
- * or -1 on failure.
+ * Returns TSS Return Code from TCG TPM Structures. See tss_errors.h
*/
-int tis_sendrecv(const u8 *sendbuf, size_t send_size, u8 *recvbuf,
+tpm_result_t tis_sendrecv(const u8 *sendbuf, size_t send_size, u8 *recvbuf,
size_t *recv_len);
/*
diff --git a/src/security/tpm/tspi.h b/src/security/tpm/tspi.h
index 33f363cab6..3e7e5f10f5 100644
--- a/src/security/tpm/tspi.h
+++ b/src/security/tpm/tspi.h
@@ -137,22 +137,22 @@ static inline void tpm_log_dump(void *unused)
* @param name sets additional info where the digest comes from
* @return TPM_SUCCESS on success. If not a tpm error is returned
*/
-uint32_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo,
- const uint8_t *digest, size_t digest_len,
- const char *name);
+tpm_result_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo,
+ const uint8_t *digest, size_t digest_len,
+ const char *name);
/**
* Issue a TPM_Clear and re-enable/reactivate the TPM.
* @return TPM_SUCCESS on success. If not a tpm error is returned
*/
-uint32_t tpm_clear_and_reenable(void);
+tpm_result_t tpm_clear_and_reenable(void);
/**
* Start the TPM and establish the root of trust.
* @param s3flag tells the tpm setup if we wake up from a s3 state on x86
* @return TPM_SUCCESS on success. If not a tpm error is returned
*/
-uint32_t tpm_setup(int s3flag);
+tpm_result_t tpm_setup(int s3flag);
/**
* Measure a given region device and extend given PCR with the result.
@@ -161,7 +161,7 @@ uint32_t tpm_setup(int s3flag);
* @param *rname Name of the region that is measured
* @return TPM error code in case of error otherwise TPM_SUCCESS
*/
-uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr,
- const char *rname);
+tpm_result_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr,
+ const char *rname);
#endif /* TSPI_H_ */
diff --git a/src/security/tpm/tspi/crtm.c b/src/security/tpm/tspi/crtm.c
index 4f29ad134b..4a89d7f262 100644
--- a/src/security/tpm/tspi/crtm.c
+++ b/src/security/tpm/tspi/crtm.c
@@ -31,25 +31,27 @@ static inline int tpm_log_available(void)
* stage.
*
* Takes the current vboot context as parameter for s3 checks.
- * returns on success VB2_SUCCESS, else a vboot error.
+ * returns on success TPM_SUCCESS, else a TPM error.
*/
-static uint32_t tspi_init_crtm(void)
+static tpm_result_t tspi_init_crtm(void)
{
+ tpm_result_t rc = TPM_SUCCESS;
/* Initialize TPM PRERAM log. */
if (!tpm_log_available()) {
tpm_preram_log_clear();
tpm_log_initialized = 1;
} else {
printk(BIOS_WARNING, "TSPI: CRTM already initialized!\n");
- return VB2_SUCCESS;
+ return TPM_SUCCESS;
}
struct region_device fmap;
if (fmap_locate_area_as_rdev("FMAP", &fmap) == 0) {
- if (tpm_measure_region(&fmap, CONFIG_PCR_SRTM, "FMAP: FMAP")) {
+ rc = tpm_measure_region(&fmap, CONFIG_PCR_SRTM, "FMAP: FMAP");
+ if (rc) {
printk(BIOS_ERR,
- "TSPI: Couldn't measure FMAP into CRTM!\n");
- return VB2_ERROR_UNKNOWN;
+ "TSPI: Couldn't measure FMAP into CRTM! rc %#x\n", rc);
+ return rc;
}
} else {
printk(BIOS_ERR, "TSPI: Could not find FMAP!\n");
@@ -59,10 +61,11 @@ static uint32_t tspi_init_crtm(void)
if (!CONFIG(ARCH_X86)) {
struct region_device bootblock_fmap;
if (fmap_locate_area_as_rdev("BOOTBLOCK", &bootblock_fmap) == 0) {
- if (tpm_measure_region(&bootblock_fmap,
+ rc = tpm_measure_region(&bootblock_fmap,
CONFIG_PCR_SRTM,
- "FMAP: BOOTBLOCK"))
- return VB2_ERROR_UNKNOWN;
+ "FMAP: BOOTBLOCK");
+ if (rc)
+ return rc;
}
} else if (CONFIG(BOOTBLOCK_IN_CBFS)){
/* Mapping measures the file. We know we can safely map here because
@@ -72,7 +75,7 @@ static uint32_t tspi_init_crtm(void)
if (!mapping) {
printk(BIOS_INFO,
"TSPI: Couldn't measure bootblock into CRTM!\n");
- return VB2_ERROR_UNKNOWN;
+ return TPM_CB_FAIL;
}
cbfs_unmap(mapping);
} else {
@@ -82,11 +85,11 @@ static uint32_t tspi_init_crtm(void)
if (tspi_soc_measure_bootblock(CONFIG_PCR_SRTM)) {
printk(BIOS_INFO,
"TSPI: Couldn't measure bootblock into CRTM on SoC level!\n");
- return VB2_ERROR_UNKNOWN;
+ return TPM_CB_FAIL;
}
}
- return VB2_SUCCESS;
+ return TPM_SUCCESS;
}
static bool is_runtime_data(const char *name)
@@ -108,16 +111,18 @@ static bool is_runtime_data(const char *name)
return !strcmp(allowlist, name);
}
-uint32_t tspi_cbfs_measurement(const char *name, uint32_t type, const struct vb2_hash *hash)
+tpm_result_t tspi_cbfs_measurement(const char *name, uint32_t type, const struct vb2_hash *hash)
{
uint32_t pcr_index;
+ tpm_result_t rc = TPM_SUCCESS;
char tpm_log_metadata[TPM_CB_LOG_PCR_HASH_NAME];
if (!tpm_log_available()) {
- if (tspi_init_crtm() != VB2_SUCCESS) {
+ rc = tspi_init_crtm();
+ if (rc) {
printk(BIOS_WARNING,
"Initializing CRTM failed!\n");
- return 0;
+ return rc;
}
printk(BIOS_DEBUG, "CRTM initialized.\n");
}
@@ -171,7 +176,7 @@ void *tpm_log_init(void)
return tclt;
}
-int tspi_measure_cache_to_pcr(void)
+tpm_result_t tspi_measure_cache_to_pcr(void)
{
int i;
int pcr;
@@ -181,27 +186,27 @@ int tspi_measure_cache_to_pcr(void)
/* This means the table is empty. */
if (!tpm_log_available())
- return VB2_SUCCESS;
+ return TPM_SUCCESS;
if (tpm_log_init() == NULL) {
printk(BIOS_WARNING, "TPM LOG: log non-existent!\n");
- return VB2_ERROR_UNKNOWN;
+ return TPM_CB_FAIL;
}
printk(BIOS_DEBUG, "TPM: Write digests cached in TPM log to PCR\n");
i = 0;
while (!tpm_log_get(i++, &pcr, &digest_data, &digest_algo, &event_name)) {
printk(BIOS_DEBUG, "TPM: Write digest for %s into PCR %d\n", event_name, pcr);
- int rc = tlcl_extend(pcr, digest_data, digest_algo);
+ tpm_result_t rc = tlcl_extend(pcr, digest_data, digest_algo);
if (rc != TPM_SUCCESS) {
printk(BIOS_ERR,
"TPM: Writing digest of %s into PCR failed with error %d\n",
event_name, rc);
- return VB2_ERROR_UNKNOWN;
+ return rc;
}
}
- return VB2_SUCCESS;
+ return TPM_SUCCESS;
}
#if !CONFIG(VBOOT_RETURN_FROM_VERSTAGE)
diff --git a/src/security/tpm/tspi/crtm.h b/src/security/tpm/tspi/crtm.h
index 2bc1d1fad9..6f5eb2e716 100644
--- a/src/security/tpm/tspi/crtm.h
+++ b/src/security/tpm/tspi/crtm.h
@@ -5,6 +5,7 @@
#include <program_loading.h>
#include <security/tpm/tspi.h>
+#include <security/tpm/tss_errors.h>
#include <types.h>
#include <vb2_sha.h>
@@ -40,12 +41,12 @@
/**
* Measure digests cached in TPM log entries into PCRs
*/
-int tspi_measure_cache_to_pcr(void);
+tpm_result_t tspi_measure_cache_to_pcr(void);
/**
* Extend a measurement hash taken for a CBFS file into the appropriate PCR.
*/
-uint32_t tspi_cbfs_measurement(const char *name, uint32_t type, const struct vb2_hash *hash);
+tpm_result_t tspi_cbfs_measurement(const char *name, uint32_t type, const struct vb2_hash *hash);
/*
* Provide a function on SoC level to measure the bootblock for cases where bootblock is
diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c
index aee1cf4709..80f33d59c6 100644
--- a/src/security/tpm/tspi/tspi.c
+++ b/src/security/tpm/tspi/tspi.c
@@ -11,16 +11,16 @@
#include <vb2_sha.h>
#if CONFIG(TPM1)
-static uint32_t tpm1_invoke_state_machine(void)
+static tpm_result_t tpm1_invoke_state_machine(void)
{
uint8_t disabled;
uint8_t deactivated;
- uint32_t rc = TPM_SUCCESS;
+ tpm_result_t rc = TPM_SUCCESS;
/* Check that the TPM is enabled and activated. */
rc = tlcl_get_flags(&disabled, &deactivated, NULL);
if (rc != TPM_SUCCESS) {
- printk(BIOS_ERR, "TPM: Can't read capabilities.\n");
+ printk(BIOS_ERR, "TPM Error (%#x): Can't read capabilities.\n", rc);
return rc;
}
@@ -29,7 +29,7 @@ static uint32_t tpm1_invoke_state_machine(void)
rc = tlcl_set_enable();
if (rc != TPM_SUCCESS) {
- printk(BIOS_ERR, "TPM: Can't set enabled state.\n");
+ printk(BIOS_ERR, "TPM Error (%#x): Can't set enabled state.\n", rc);
return rc;
}
}
@@ -40,7 +40,7 @@ static uint32_t tpm1_invoke_state_machine(void)
rc = tlcl_set_deactivated(!deactivated);
if (rc != TPM_SUCCESS) {
printk(BIOS_ERR,
- "TPM: Can't toggle deactivated state.\n");
+ "TPM Error (%#x): Can't toggle deactivated state.\n", rc);
return rc;
}
@@ -52,11 +52,9 @@ static uint32_t tpm1_invoke_state_machine(void)
}
#endif
-static uint32_t tpm_setup_s3_helper(void)
+static tpm_result_t tpm_setup_s3_helper(void)
{
- uint32_t rc;
-
- rc = tlcl_resume();
+ tpm_result_t rc = tlcl_resume();
switch (rc) {
case TPM_SUCCESS:
break;
@@ -78,7 +76,7 @@ static uint32_t tpm_setup_s3_helper(void)
return rc;
}
-static uint32_t tpm_setup_epilogue(uint32_t rc)
+static tpm_result_t tpm_setup_epilogue(tpm_result_t rc)
{
if (rc != TPM_SUCCESS)
post_code(POSTCODE_TPM_FAILURE);
@@ -133,13 +131,13 @@ static inline int tspi_tpm_is_setup(void)
* to the TPM flashram at every reboot or wake-up, because of concerns about
* the durability of the NVRAM.
*/
-uint32_t tpm_setup(int s3flag)
+tpm_result_t tpm_setup(int s3flag)
{
- uint32_t rc;
+ tpm_result_t rc;
rc = tlcl_lib_init();
if (rc != TPM_SUCCESS) {
- printk(BIOS_ERR, "TPM: Can't initialize.\n");
+ printk(BIOS_ERR, "TPM Error (%#x): Can't initialize.\n", rc);
return tpm_setup_epilogue(rc);
}
@@ -152,11 +150,11 @@ uint32_t tpm_setup(int s3flag)
rc = tlcl_startup();
if (CONFIG(TPM_STARTUP_IGNORE_POSTINIT)
&& rc == TPM_INVALID_POSTINIT) {
- printk(BIOS_DEBUG, "TPM: ignoring invalid POSTINIT\n");
+ printk(BIOS_DEBUG, "TPM Warn(%#x): ignoring invalid POSTINIT\n", rc);
rc = TPM_SUCCESS;
}
if (rc != TPM_SUCCESS) {
- printk(BIOS_ERR, "TPM: Can't run startup command.\n");
+ printk(BIOS_ERR, "TPM Error (%#x): Can't run startup command.\n", rc);
return tpm_setup_epilogue(rc);
}
@@ -169,13 +167,13 @@ uint32_t tpm_setup(int s3flag)
*/
rc = tlcl_physical_presence_cmd_enable();
if (rc != TPM_SUCCESS) {
- printk(BIOS_ERR, "TPM: Can't enable physical presence command.\n");
+ printk(BIOS_ERR, "TPM Error (%#x): Can't enable physical presence command.\n", rc);
return tpm_setup_epilogue(rc);
}
rc = tlcl_assert_physical_presence();
if (rc != TPM_SUCCESS) {
- printk(BIOS_ERR, "TPM: Can't assert physical presence.\n");
+ printk(BIOS_ERR, "TPM Error (%#x): Can't assert physical presence.\n", rc);
return tpm_setup_epilogue(rc);
}
}
@@ -190,27 +188,27 @@ uint32_t tpm_setup(int s3flag)
return tpm_setup_epilogue(rc);
}
-uint32_t tpm_clear_and_reenable(void)
+tpm_result_t tpm_clear_and_reenable(void)
{
- uint32_t rc;
+ tpm_result_t rc;
printk(BIOS_INFO, "TPM: Clear and re-enable\n");
rc = tlcl_force_clear();
if (rc != TPM_SUCCESS) {
- printk(BIOS_ERR, "TPM: Can't initiate a force clear.\n");
+ printk(BIOS_ERR, "TPM Error (%#x): Can't initiate a force clear.\n", rc);
return rc;
}
#if CONFIG(TPM1)
rc = tlcl_set_enable();
if (rc != TPM_SUCCESS) {
- printk(BIOS_ERR, "TPM: Can't set enabled state.\n");
+ printk(BIOS_ERR, "TPM Error (%#x): Can't set enabled state.\n", rc);
return rc;
}
rc = tlcl_set_deactivated(0);
if (rc != TPM_SUCCESS) {
- printk(BIOS_ERR, "TPM: Can't set deactivated state.\n");
+ printk(BIOS_ERR, "TPM Error (%#x): Can't set deactivated state.\n", rc);
return rc;
}
#endif
@@ -218,10 +216,10 @@ uint32_t tpm_clear_and_reenable(void)
return TPM_SUCCESS;
}
-uint32_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo,
+tpm_result_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo,
const uint8_t *digest, size_t digest_len, const char *name)
{
- uint32_t rc;
+ tpm_result_t rc;
if (!digest)
return TPM_IOERROR;
@@ -229,15 +227,15 @@ uint32_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo,
if (tspi_tpm_is_setup()) {
rc = tlcl_lib_init();
if (rc != TPM_SUCCESS) {
- printk(BIOS_ERR, "TPM: Can't initialize library.\n");
+ printk(BIOS_ERR, "TPM Error (%#x): Can't initialize library.\n", rc);
return rc;
}
printk(BIOS_DEBUG, "TPM: Extending digest for `%s` into PCR %d\n", name, pcr);
rc = tlcl_extend(pcr, digest, digest_algo);
if (rc != TPM_SUCCESS) {
- printk(BIOS_ERR, "TPM: Extending hash for `%s` into PCR %d failed.\n",
- name, pcr);
+ printk(BIOS_ERR, "TPM Error (%#x): Extending hash for `%s` into PCR %d failed.\n",
+ rc, name, pcr);
return rc;
}
}
@@ -252,7 +250,7 @@ uint32_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo,
}
#if CONFIG(VBOOT_LIB)
-uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr,
+tpm_result_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr,
const char *rname)
{
uint8_t digest[TPM_PCR_MAX_LEN], digest_len;
diff --git a/src/security/tpm/tss.h b/src/security/tpm/tss.h
index fa8cf52cff..9a5521f086 100644
--- a/src/security/tpm/tss.h
+++ b/src/security/tpm/tss.h
@@ -23,29 +23,29 @@
* Define a space with permission [perm]. [index] is the index for the space,
* [size] the usable data size. The TPM error code is returned.
*/
-uint32_t tlcl_define_space(uint32_t index, uint32_t perm, uint32_t size);
+tpm_result_t tlcl_define_space(uint32_t index, uint32_t perm, uint32_t size);
/**
* Issue a PhysicalEnable. The TPM error code is returned.
*/
-uint32_t tlcl_set_enable(void);
+tpm_result_t tlcl_set_enable(void);
/**
* Issue a SetDeactivated. Pass 0 to activate. Returns result code.
*/
-uint32_t tlcl_set_deactivated(uint8_t flag);
+tpm_result_t tlcl_set_deactivated(uint8_t flag);
/**
* Get flags of interest. Pointers for flags you aren't interested in may
* be NULL. The TPM error code is returned.
*/
-uint32_t tlcl_get_flags(uint8_t *disable, uint8_t *deactivated,
- uint8_t *nvlocked);
+tpm_result_t tlcl_get_flags(uint8_t *disable, uint8_t *deactivated,
+ uint8_t *nvlocked);
/**
* Get the entire set of permanent flags.
*/
-uint32_t tlcl_get_permanent_flags(TPM_PERMANENT_FLAGS *pflags);
+tpm_result_t tlcl_get_permanent_flags(TPM_PERMANENT_FLAGS *pflags);
#endif
@@ -57,19 +57,19 @@ uint32_t tlcl_get_permanent_flags(TPM_PERMANENT_FLAGS *pflags);
* Define a TPM2 space. The define space command TPM command used by the tlcl
* layer offers the ability to use custom nv attributes and policies.
*/
-uint32_t tlcl_define_space(uint32_t space_index, size_t space_size,
+tpm_result_t tlcl_define_space(uint32_t space_index, size_t space_size,
const TPMA_NV nv_attributes,
const uint8_t *nv_policy, size_t nv_policy_size);
/*
* Issue TPM2_GetCapability command
*/
-uint32_t tlcl_get_capability(TPM_CAP capability, uint32_t property,
+tpm_result_t tlcl_get_capability(TPM_CAP capability, uint32_t property,
uint32_t property_count,
TPMS_CAPABILITY_DATA *capability_data);
/* Issue TPM2_NV_SetBits command */
-uint32_t tlcl_set_bits(uint32_t index, uint64_t bits);
+tpm_result_t tlcl_set_bits(uint32_t index, uint64_t bits);
/*
* Makes tpm_process_command available for on top implementations of
@@ -88,12 +88,12 @@ uint16_t tlcl_get_hash_size_from_algo(TPMI_ALG_HASH hash_algo);
/**
* Call this first. Returns 0 if success, nonzero if error.
*/
-uint32_t tlcl_lib_init(void);
+tpm_result_t tlcl_lib_init(void);
/**
* Perform a raw TPM request/response transaction.
*/
-uint32_t tlcl_send_receive(const uint8_t *request, uint8_t *response,
+tpm_result_t tlcl_send_receive(const uint8_t *request, uint8_t *response,
int max_length);
/* Commands */
@@ -102,20 +102,20 @@ uint32_t tlcl_send_receive(const uint8_t *request, uint8_t *response,
* Send a TPM_Startup(ST_CLEAR). The TPM error code is returned (0 for
* success).
*/
-uint32_t tlcl_startup(void);
+tpm_result_t tlcl_startup(void);
/**
* Resume by sending a TPM_Startup(ST_STATE). The TPM error code is returned
* (0 for success).
*/
-uint32_t tlcl_resume(void);
+tpm_result_t tlcl_resume(void);
/**
* Save TPM state by sending either TPM_SaveState() (TPM1.2) or
* TPM_Shutdown(ST_STATE) (TPM2.0). The TPM error code is returned (0 for
* success).
*/
-uint32_t tlcl_save_state(void);
+tpm_result_t tlcl_save_state(void);
/**
* Run the self test.
@@ -123,81 +123,81 @@ uint32_t tlcl_save_state(void);
* Note---this is synchronous. To run this in parallel with other firmware,
* use ContinueSelfTest(). The TPM error code is returned.
*/
-uint32_t tlcl_self_test_full(void);
+tpm_result_t tlcl_self_test_full(void);
/**
* Run the self test in the background.
*/
-uint32_t tlcl_continue_self_test(void);
+tpm_result_t tlcl_continue_self_test(void);
/**
* Write [length] bytes of [data] to space at [index]. The TPM error code is
* returned.
*/
-uint32_t tlcl_write(uint32_t index, const void *data, uint32_t length);
+tpm_result_t tlcl_write(uint32_t index, const void *data, uint32_t length);
/**
* Read [length] bytes from space at [index] into [data]. The TPM error code
* is returned.
*/
-uint32_t tlcl_read(uint32_t index, void *data, uint32_t length);
+tpm_result_t tlcl_read(uint32_t index, void *data, uint32_t length);
/**
* Assert physical presence in software. The TPM error code is returned.
*/
-uint32_t tlcl_assert_physical_presence(void);
+tpm_result_t tlcl_assert_physical_presence(void);
/**
* Enable the physical presence command. The TPM error code is returned.
*/
-uint32_t tlcl_physical_presence_cmd_enable(void);
+tpm_result_t tlcl_physical_presence_cmd_enable(void);
/**
* Finalize the physical presence settings: software PP is enabled, hardware PP
* is disabled, and the lifetime lock is set. The TPM error code is returned.
*/
-uint32_t tlcl_finalize_physical_presence(void);
+tpm_result_t tlcl_finalize_physical_presence(void);
/**
* Set the nvLocked bit. The TPM error code is returned.
*/
-uint32_t tlcl_set_nv_locked(void);
+tpm_result_t tlcl_set_nv_locked(void);
/**
* Issue a ForceClear. The TPM error code is returned.
*/
-uint32_t tlcl_force_clear(void);
+tpm_result_t tlcl_force_clear(void);
/**
* Set Clear Control. The TPM error code is returned.
*/
-uint32_t tlcl_clear_control(bool disable);
+tpm_result_t tlcl_clear_control(bool disable);
/**
* Set the bGlobalLock flag, which only a reboot can clear. The TPM error
* code is returned.
*/
-uint32_t tlcl_set_global_lock(void);
+tpm_result_t tlcl_set_global_lock(void);
/**
* Make an NV Ram location read_only. The TPM error code is returned.
*/
-uint32_t tlcl_lock_nv_write(uint32_t index);
+tpm_result_t tlcl_lock_nv_write(uint32_t index);
/**
* Perform a TPM_Extend.
*/
-uint32_t tlcl_extend(int pcr_num, const uint8_t *digest_data,
+tpm_result_t tlcl_extend(int pcr_num, const uint8_t *digest_data,
enum vb2_hash_algorithm digest_algo);
/**
* Disable platform hierarchy. Specific to TPM2. The TPM error code is returned.
*/
-uint32_t tlcl_disable_platform_hierarchy(void);
+tpm_result_t tlcl_disable_platform_hierarchy(void);
/**
* Get the permission bits for the NVRAM space with |index|.
*/
-uint32_t tlcl_get_permissions(uint32_t index, uint32_t *permissions);
+tpm_result_t tlcl_get_permissions(uint32_t index, uint32_t *permissions);
#endif /* TSS_H_ */
diff --git a/src/security/tpm/tss/tcg-1.2/tss.c b/src/security/tpm/tss/tcg-1.2/tss.c
index 076b8a7562..e73db388e8 100644
--- a/src/security/tpm/tss/tcg-1.2/tss.c
+++ b/src/security/tpm/tss/tcg-1.2/tss.c
@@ -24,19 +24,21 @@
#include <console/console.h>
#define VBDEBUG(format, args...) printk(BIOS_DEBUG, format, ## args)
-static int tpm_send_receive(const uint8_t *request,
+static tpm_result_t tpm_send_receive(const uint8_t *request,
uint32_t request_length,
uint8_t *response,
uint32_t *response_length)
{
size_t len = *response_length;
- if (tis_sendrecv(request, request_length, response, &len))
- return VB2_ERROR_UNKNOWN;
+ tpm_result_t rc = tis_sendrecv(request, request_length, response, &len);
+ if (rc)
+ return rc;
/* check 64->32bit overflow and (re)check response buffer overflow */
if (len > *response_length)
- return VB2_ERROR_UNKNOWN;
- *response_length = len;
- return VB2_SUCCESS;
+ rc = TPM_CB_FAIL;
+ else
+ *response_length = len;
+ return rc;
}
/* Sets the size field of a TPM command. */
@@ -55,15 +57,15 @@ static inline int tpm_command_size(const uint8_t *buffer)
}
/* Gets the code field of a TPM command. */
-static inline int tpm_command_code(const uint8_t *buffer)
+static inline tpm_result_t tpm_command_code(const uint8_t *buffer)
{
- uint32_t rc;
+ tpm_result_t rc;
from_tpm_uint32(buffer + sizeof(uint16_t) + sizeof(uint32_t), &rc);
return rc;
}
/* Gets the return code field of a TPM result. */
-static inline int tpm_return_code(const uint8_t *buffer)
+static inline tpm_result_t tpm_return_code(const uint8_t *buffer)
{
return tpm_command_code(buffer);
}
@@ -72,15 +74,15 @@ static inline int tpm_return_code(const uint8_t *buffer)
* Like TlclSendReceive below, but do not retry if NEEDS_SELFTEST or
* DOING_SELFTEST errors are returned.
*/
-static uint32_t tlcl_send_receive_no_retry(const uint8_t *request,
+static tpm_result_t tlcl_send_receive_no_retry(const uint8_t *request,
uint8_t *response, int max_length)
{
uint32_t response_length = max_length;
- uint32_t rc;
+ tpm_result_t rc;
rc = tpm_send_receive(request, tpm_command_size(request),
response, &response_length);
- if (rc != 0) {
+ if (rc != TPM_SUCCESS) {
/* Communication with TPM failed, so response is garbage */
VBDEBUG("TPM: command %#x send/receive failed: %#x\n",
tpm_command_code(request), rc);
@@ -96,15 +98,15 @@ static uint32_t tlcl_send_receive_no_retry(const uint8_t *request,
VBDEBUG("TPM: command %#x returned %#x\n",
tpm_command_code(request), rc);
-return rc;
+ return rc;
}
/* Sends a TPM command and gets a response. Returns 0 if success or the TPM
* error code if error. Waits for the self test to complete if needed. */
-uint32_t tlcl_send_receive(const uint8_t *request, uint8_t *response,
+tpm_result_t tlcl_send_receive(const uint8_t *request, uint8_t *response,
int max_length)
{
- uint32_t rc = tlcl_send_receive_no_retry(request, response,
+ tpm_result_t rc = tlcl_send_receive_no_retry(request, response,
max_length);
/* If the command fails because the self test has not completed, try it
* again after attempting to ensure that the self test has completed. */
@@ -132,7 +134,7 @@ uint32_t tlcl_send_receive(const uint8_t *request, uint8_t *response,
}
/* Sends a command and returns the error code. */
-static uint32_t send(const uint8_t *command)
+static tpm_result_t send(const uint8_t *command)
{
uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
return tlcl_send_receive(command, response, sizeof(response));
@@ -142,46 +144,48 @@ static uint32_t send(const uint8_t *command)
static uint8_t tlcl_init_done;
-uint32_t tlcl_lib_init(void)
+tpm_result_t tlcl_lib_init(void)
{
+ tpm_result_t rc = TPM_SUCCESS;
if (tlcl_init_done)
- return VB2_SUCCESS;
-
- if (tis_init())
- return VB2_ERROR_UNKNOWN;
- if (tis_open())
- return VB2_ERROR_UNKNOWN;
+ return rc;
+ rc = tis_init();
+ if (rc)
+ return rc;
+ rc = tis_open();
+ if (rc)
+ return rc;
tlcl_init_done = 1;
- return VB2_SUCCESS;
+ return rc;
}
-uint32_t tlcl_startup(void)
+tpm_result_t tlcl_startup(void)
{
VBDEBUG("TPM: Startup\n");
return send(tpm_startup_cmd.buffer);
}
-uint32_t tlcl_resume(void)
+tpm_result_t tlcl_resume(void)
{
VBDEBUG("TPM: Resume\n");
return send(tpm_resume_cmd.buffer);
}
-uint32_t tlcl_save_state(void)
+tpm_result_t tlcl_save_state(void)
{
VBDEBUG("TPM: Save state\n");
return send(tpm_savestate_cmd.buffer);
}
-uint32_t tlcl_self_test_full(void)
+tpm_result_t tlcl_self_test_full(void)
{
VBDEBUG("TPM: Self test full\n");
return send(tpm_selftestfull_cmd.buffer);
}
-uint32_t tlcl_continue_self_test(void)
+tpm_result_t tlcl_continue_self_test(void)
{
uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
VBDEBUG("TPM: Continue self test\n");
@@ -190,7 +194,7 @@ uint32_t tlcl_continue_self_test(void)
response, sizeof(response));
}
-uint32_t tlcl_define_space(uint32_t index, uint32_t perm, uint32_t size)
+tpm_result_t tlcl_define_space(uint32_t index, uint32_t perm, uint32_t size)
{
struct s_tpm_nv_definespace_cmd cmd;
VBDEBUG("TPM: TlclDefineSpace(%#x, %#x, %d)\n", index, perm, size);
@@ -201,7 +205,7 @@ uint32_t tlcl_define_space(uint32_t index, uint32_t perm, uint32_t size)
return send(cmd.buffer);
}
-uint32_t tlcl_write(uint32_t index, const void *data, uint32_t length)
+tpm_result_t tlcl_write(uint32_t index, const void *data, uint32_t length)
{
struct s_tpm_nv_write_cmd cmd;
uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
@@ -221,12 +225,12 @@ uint32_t tlcl_write(uint32_t index, const void *data, uint32_t length)
return tlcl_send_receive(cmd.buffer, response, sizeof(response));
}
-uint32_t tlcl_read(uint32_t index, void *data, uint32_t length)
+tpm_result_t tlcl_read(uint32_t index, void *data, uint32_t length)
{
struct s_tpm_nv_read_cmd cmd;
uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
uint32_t result_length;
- uint32_t rc;
+ tpm_result_t rc;
VBDEBUG("TPM: %s(%#x, %d)\n", __func__, index, length);
memcpy(&cmd, &tpm_nv_read_cmd, sizeof(cmd));
@@ -246,43 +250,43 @@ uint32_t tlcl_read(uint32_t index, void *data, uint32_t length)
return rc;
}
-uint32_t tlcl_assert_physical_presence(void)
+tpm_result_t tlcl_assert_physical_presence(void)
{
VBDEBUG("TPM: Asserting physical presence\n");
return send(tpm_ppassert_cmd.buffer);
}
-uint32_t tlcl_physical_presence_cmd_enable(void)
+tpm_result_t tlcl_physical_presence_cmd_enable(void)
{
VBDEBUG("TPM: Enable the physical presence command\n");
return send(tpm_ppenable_cmd.buffer);
}
-uint32_t tlcl_finalize_physical_presence(void)
+tpm_result_t tlcl_finalize_physical_presence(void)
{
VBDEBUG("TPM: Enable PP cmd, disable HW pp, and set lifetime lock\n");
return send(tpm_finalizepp_cmd.buffer);
}
-uint32_t tlcl_set_nv_locked(void)
+tpm_result_t tlcl_set_nv_locked(void)
{
VBDEBUG("TPM: Set NV locked\n");
return tlcl_define_space(TPM_NV_INDEX_LOCK, 0, 0);
}
-uint32_t tlcl_force_clear(void)
+tpm_result_t tlcl_force_clear(void)
{
VBDEBUG("TPM: Force clear\n");
return send(tpm_forceclear_cmd.buffer);
}
-uint32_t tlcl_set_enable(void)
+tpm_result_t tlcl_set_enable(void)
{
VBDEBUG("TPM: Enabling TPM\n");
return send(tpm_physicalenable_cmd.buffer);
}
-uint32_t tlcl_set_deactivated(uint8_t flag)
+tpm_result_t tlcl_set_deactivated(uint8_t flag)
{
struct s_tpm_physicalsetdeactivated_cmd cmd;
VBDEBUG("TPM: SetDeactivated(%d)\n", flag);
@@ -291,11 +295,11 @@ uint32_t tlcl_set_deactivated(uint8_t flag)
return send(cmd.buffer);
}
-uint32_t tlcl_get_permanent_flags(TPM_PERMANENT_FLAGS *pflags)
+tpm_result_t tlcl_get_permanent_flags(TPM_PERMANENT_FLAGS *pflags)
{
uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
uint32_t size;
- uint32_t rc = tlcl_send_receive(tpm_getflags_cmd.buffer, response,
+ tpm_result_t rc = tlcl_send_receive(tpm_getflags_cmd.buffer, response,
sizeof(response));
if (rc != TPM_SUCCESS)
return rc;
@@ -307,11 +311,11 @@ uint32_t tlcl_get_permanent_flags(TPM_PERMANENT_FLAGS *pflags)
return rc;
}
-uint32_t tlcl_get_flags(uint8_t *disable, uint8_t *deactivated,
+tpm_result_t tlcl_get_flags(uint8_t *disable, uint8_t *deactivated,
uint8_t *nvlocked)
{
TPM_PERMANENT_FLAGS pflags;
- uint32_t rc = tlcl_get_permanent_flags(&pflags);
+ tpm_result_t rc = tlcl_get_permanent_flags(&pflags);
if (rc == TPM_SUCCESS) {
if (disable)
*disable = pflags.disable;
@@ -325,13 +329,13 @@ uint32_t tlcl_get_flags(uint8_t *disable, uint8_t *deactivated,
return rc;
}
-uint32_t tlcl_set_global_lock(void)
+tpm_result_t tlcl_set_global_lock(void)
{
VBDEBUG("TPM: Set global lock\n");
return tlcl_write(TPM_NV_INDEX0, NULL, 0);
}
-uint32_t tlcl_extend(int pcr_num, const uint8_t *digest_data,
+tpm_result_t tlcl_extend(int pcr_num, const uint8_t *digest_data,
enum vb2_hash_algorithm digest_algo)
{
struct s_tpm_extend_cmd cmd;
@@ -347,12 +351,12 @@ uint32_t tlcl_extend(int pcr_num, const uint8_t *digest_data,
return tlcl_send_receive(cmd.buffer, response, sizeof(response));
}
-uint32_t tlcl_get_permissions(uint32_t index, uint32_t *permissions)
+tpm_result_t tlcl_get_permissions(uint32_t index, uint32_t *permissions)
{
struct s_tpm_getpermissions_cmd cmd;
uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
uint8_t *nvdata;
- uint32_t rc;
+ tpm_result_t rc;
uint32_t size;
memcpy(&cmd, &tpm_getpermissions_cmd, sizeof(cmd));
diff --git a/src/security/tpm/tss/tcg-2.0/tss.c b/src/security/tpm/tss/tcg-2.0/tss.c
index e780bd24d3..e23a0d280d 100644
--- a/src/security/tpm/tss/tcg-2.0/tss.c
+++ b/src/security/tpm/tss/tcg-2.0/tss.c
@@ -46,7 +46,7 @@ void *tpm_process_command(TPM_CC command, void *command_body)
return tpm_unmarshal_response(command, &ib);
}
-static uint32_t tlcl_send_startup(TPM_SU type)
+static tpm_result_t tlcl_send_startup(TPM_SU type)
{
struct tpm2_startup startup;
struct tpm2_response *response;
@@ -75,12 +75,12 @@ static uint32_t tlcl_send_startup(TPM_SU type)
return TPM_IOERROR;
}
-uint32_t tlcl_resume(void)
+tpm_result_t tlcl_resume(void)
{
return tlcl_send_startup(TPM_SU_STATE);
}
-static uint32_t tlcl_send_shutdown(TPM_SU type)
+static tpm_result_t tlcl_send_shutdown(TPM_SU type)
{
struct tpm2_shutdown shutdown;
struct tpm2_response *response;
@@ -104,12 +104,12 @@ static uint32_t tlcl_send_shutdown(TPM_SU type)
return TPM_IOERROR;
}
-uint32_t tlcl_save_state(void)
+tpm_result_t tlcl_save_state(void)
{
return tlcl_send_shutdown(TPM_SU_STATE);
}
-uint32_t tlcl_assert_physical_presence(void)
+tpm_result_t tlcl_assert_physical_presence(void)
{
/*
* Nothing to do on TPM2 for this, use platform hierarchy availability
@@ -135,7 +135,7 @@ static TPM_ALG_ID tpmalg_from_vb2_hash(enum vb2_hash_algorithm hash_type)
}
}
-uint32_t tlcl_extend(int pcr_num, const uint8_t *digest_data,
+tpm_result_t tlcl_extend(int pcr_num, const uint8_t *digest_data,
enum vb2_hash_algorithm digest_type)
{
struct tpm2_pcr_extend_cmd pcr_ext_cmd;
@@ -163,14 +163,14 @@ uint32_t tlcl_extend(int pcr_num, const uint8_t *digest_data,
return TPM_SUCCESS;
}
-uint32_t tlcl_finalize_physical_presence(void)
+tpm_result_t tlcl_finalize_physical_presence(void)
{
/* Nothing needs to be done with tpm2. */
printk(BIOS_INFO, "%s:%s:%d\n", __FILE__, __func__, __LINE__);
return TPM_SUCCESS;
}
-uint32_t tlcl_force_clear(void)
+tpm_result_t tlcl_force_clear(void)
{
struct tpm2_response *response;
@@ -184,7 +184,7 @@ uint32_t tlcl_force_clear(void)
return TPM_SUCCESS;
}
-uint32_t tlcl_clear_control(bool disable)
+tpm_result_t tlcl_clear_control(bool disable)
{
struct tpm2_response *response;
struct tpm2_clear_control_cmd cc = {
@@ -204,33 +204,36 @@ uint32_t tlcl_clear_control(bool disable)
static uint8_t tlcl_init_done;
/* This function is called directly by vboot, uses vboot return types. */
-uint32_t tlcl_lib_init(void)
+tpm_result_t tlcl_lib_init(void)
{
+ tpm_result_t rc = TPM_SUCCESS;
if (tlcl_init_done)
- return VB2_SUCCESS;
+ return rc;
- if (tis_init()) {
- printk(BIOS_ERR, "%s: tis_init returned error\n", __func__);
- return VB2_ERROR_UNKNOWN;
+ rc = tis_init();
+ if (rc) {
+ printk(BIOS_ERR, "%s: tis_init returned error %d\n", __func__, rc);
+ return rc;
}
-
- if (tis_open()) {
- printk(BIOS_ERR, "%s: tis_open returned error\n", __func__);
- return VB2_ERROR_UNKNOWN;
+ rc = tis_open();
+ if (rc) {
+ printk(BIOS_ERR, "%s: tis_open returned error %d\n"
+ , __func__, rc);
+ return rc;
}
tlcl_init_done = 1;
- return VB2_SUCCESS;
+ return rc;
}
-uint32_t tlcl_physical_presence_cmd_enable(void)
+tpm_result_t tlcl_physical_presence_cmd_enable(void)
{
printk(BIOS_INFO, "%s:%s:%d\n", __FILE__, __func__, __LINE__);
return TPM_SUCCESS;
}
-uint32_t tlcl_read(uint32_t index, void *data, uint32_t length)
+tpm_result_t tlcl_read(uint32_t index, void *data, uint32_t length)
{
struct tpm2_nv_read_cmd nv_readc;
struct tpm2_response *response;
@@ -279,7 +282,7 @@ uint32_t tlcl_read(uint32_t index, void *data, uint32_t length)
return TPM_SUCCESS;
}
-uint32_t tlcl_self_test_full(void)
+tpm_result_t tlcl_self_test_full(void)
{
struct tpm2_self_test st;
struct tpm2_response *response;
@@ -292,7 +295,7 @@ uint32_t tlcl_self_test_full(void)
return TPM_SUCCESS;
}
-uint32_t tlcl_lock_nv_write(uint32_t index)
+tpm_result_t tlcl_lock_nv_write(uint32_t index)
{
struct tpm2_response *response;
/* TPM Will reject attempts to write at non-defined index. */
@@ -311,12 +314,12 @@ uint32_t tlcl_lock_nv_write(uint32_t index)
return TPM_SUCCESS;
}
-uint32_t tlcl_startup(void)
+tpm_result_t tlcl_startup(void)
{
return tlcl_send_startup(TPM_SU_CLEAR);
}
-uint32_t tlcl_write(uint32_t index, const void *data, uint32_t length)
+tpm_result_t tlcl_write(uint32_t index, const void *data, uint32_t length)
{
struct tpm2_nv_write_cmd nv_writec;
struct tpm2_response *response;
@@ -339,7 +342,7 @@ uint32_t tlcl_write(uint32_t index, const void *data, uint32_t length)
return TPM_SUCCESS;
}
-uint32_t tlcl_set_bits(uint32_t index, uint64_t bits)
+tpm_result_t tlcl_set_bits(uint32_t index, uint64_t bits)
{
struct tpm2_nv_setbits_cmd nvsb_cmd;
struct tpm2_response *response;
@@ -362,7 +365,7 @@ uint32_t tlcl_set_bits(uint32_t index, uint64_t bits)
return TPM_SUCCESS;
}
-uint32_t tlcl_define_space(uint32_t space_index, size_t space_size,
+tpm_result_t tlcl_define_space(uint32_t space_index, size_t space_size,
const TPMA_NV nv_attributes,
const uint8_t *nv_policy, size_t nv_policy_size)
{
@@ -437,7 +440,7 @@ uint16_t tlcl_get_hash_size_from_algo(TPMI_ALG_HASH hash_algo)
return value;
}
-uint32_t tlcl_disable_platform_hierarchy(void)
+tpm_result_t tlcl_disable_platform_hierarchy(void)
{
struct tpm2_response *response;
struct tpm2_hierarchy_control_cmd hc = {
@@ -453,7 +456,7 @@ uint32_t tlcl_disable_platform_hierarchy(void)
return TPM_SUCCESS;
}
-uint32_t tlcl_get_capability(TPM_CAP capability, uint32_t property,
+tpm_result_t tlcl_get_capability(TPM_CAP capability, uint32_t property,
uint32_t property_count,
TPMS_CAPABILITY_DATA *capability_data)
{
diff --git a/src/security/tpm/tss/vendor/cr50/cr50.c b/src/security/tpm/tss/vendor/cr50/cr50.c
index 1711501323..87889d128b 100644
--- a/src/security/tpm/tss/vendor/cr50/cr50.c
+++ b/src/security/tpm/tss/vendor/cr50/cr50.c
@@ -9,7 +9,7 @@
#include "../../tcg-2.0/tss_marshaling.h"
-uint32_t tlcl_cr50_enable_nvcommits(void)
+tpm_result_t tlcl_cr50_enable_nvcommits(void)
{
uint16_t sub_command = TPM2_CR50_SUB_CMD_NVMEM_ENABLE_COMMITS;
struct tpm2_response *response;
@@ -29,8 +29,8 @@ uint32_t tlcl_cr50_enable_nvcommits(void)
return TPM_SUCCESS;
}
-uint32_t tlcl_cr50_enable_update(uint16_t timeout_ms,
- uint8_t *num_restored_headers)
+tpm_result_t tlcl_cr50_enable_update(uint16_t timeout_ms,
+ uint8_t *num_restored_headers)
{
struct tpm2_response *response;
uint16_t command_body[] = {
@@ -48,7 +48,7 @@ uint32_t tlcl_cr50_enable_update(uint16_t timeout_ms,
return TPM_SUCCESS;
}
-uint32_t tlcl_cr50_get_recovery_button(uint8_t *recovery_button_state)
+tpm_result_t tlcl_cr50_get_recovery_button(uint8_t *recovery_button_state)
{
struct tpm2_response *response;
uint16_t sub_command = TPM2_CR50_SUB_CMD_GET_REC_BTN;
@@ -64,7 +64,7 @@ uint32_t tlcl_cr50_get_recovery_button(uint8_t *recovery_button_state)
return TPM_SUCCESS;
}
-uint32_t tlcl_cr50_get_tpm_mode(uint8_t *tpm_mode)
+tpm_result_t tlcl_cr50_get_tpm_mode(uint8_t *tpm_mode)
{
struct tpm2_response *response;
uint16_t mode_command = TPM2_CR50_SUB_CMD_TPM_MODE;
@@ -105,7 +105,7 @@ uint32_t tlcl_cr50_get_tpm_mode(uint8_t *tpm_mode)
return TPM_SUCCESS;
}
-uint32_t tlcl_cr50_get_boot_mode(uint8_t *boot_mode)
+tpm_result_t tlcl_cr50_get_boot_mode(uint8_t *boot_mode)
{
struct tpm2_response *response;
uint16_t mode_command = TPM2_CR50_SUB_CMD_GET_BOOT_MODE;
@@ -131,7 +131,7 @@ uint32_t tlcl_cr50_get_boot_mode(uint8_t *boot_mode)
return TPM_SUCCESS;
}
-uint32_t tlcl_cr50_immediate_reset(uint16_t timeout_ms)
+tpm_result_t tlcl_cr50_immediate_reset(uint16_t timeout_ms)
{
struct tpm2_response *response;
uint16_t reset_command_body[] = {
@@ -150,7 +150,7 @@ uint32_t tlcl_cr50_immediate_reset(uint16_t timeout_ms)
return TPM_SUCCESS;
}
-uint32_t tlcl_cr50_reset_ec(void)
+tpm_result_t tlcl_cr50_reset_ec(void)
{
struct tpm2_response *response;
uint16_t reset_cmd = TPM2_CR50_SUB_CMD_RESET_EC;
diff --git a/src/security/tpm/tss/vendor/cr50/cr50.h b/src/security/tpm/tss/vendor/cr50/cr50.h
index ee6b30f6d5..edd5083d17 100644
--- a/src/security/tpm/tss/vendor/cr50/cr50.h
+++ b/src/security/tpm/tss/vendor/cr50/cr50.h
@@ -3,6 +3,7 @@
#define CR50_TSS_STRUCTURES_H_
#include <stdint.h>
+#include <security/tpm/tss_errors.h>
/* FIXME: below is not enough to differentiate between vendors commands
of numerous devices. However, the current tpm2 APIs aren't very amenable
@@ -45,7 +46,7 @@ enum cr50_tpm_mode {
* CR50 specific tpm command to enable nvmem commits before internal timeout
* expires.
*/
-uint32_t tlcl_cr50_enable_nvcommits(void);
+tpm_result_t tlcl_cr50_enable_nvcommits(void);
/**
* CR50 specific tpm command to restore header(s) of the dormant RO/RW
@@ -56,8 +57,8 @@ uint32_t tlcl_cr50_enable_nvcommits(void);
* Return value indicates success or failure of accessing the TPM; in case of
* success the number of restored headers is saved in num_restored_headers.
*/
-uint32_t tlcl_cr50_enable_update(uint16_t timeout_ms,
- uint8_t *num_restored_headers);
+tpm_result_t tlcl_cr50_enable_update(uint16_t timeout_ms,
+ uint8_t *num_restored_headers);
/**
* CR50 specific tpm command to get the latched state of the recovery button.
@@ -65,7 +66,7 @@ uint32_t tlcl_cr50_enable_update(uint16_t timeout_ms,
* Return value indicates success or failure of accessing the TPM; in case of
* success the recovery button state is saved in recovery_button_state.
*/
-uint32_t tlcl_cr50_get_recovery_button(uint8_t *recovery_button_state);
+tpm_result_t tlcl_cr50_get_recovery_button(uint8_t *recovery_button_state);
/**
* CR50 specific TPM command sequence to query the current TPM mode.
@@ -77,7 +78,7 @@ uint32_t tlcl_cr50_get_recovery_button(uint8_t *recovery_button_state);
* Returns TPM_CB_NO_SUCH_COMMAND if the Cr50 does not support the command.
* Other returns value indicate a failure accessing the TPM.
*/
-uint32_t tlcl_cr50_get_tpm_mode(uint8_t *tpm_mode);
+tpm_result_t tlcl_cr50_get_tpm_mode(uint8_t *tpm_mode);
/**
* CR50 specific TPM command sequence to query the current boot mode.
@@ -85,7 +86,7 @@ uint32_t tlcl_cr50_get_tpm_mode(uint8_t *tpm_mode);
* Returns TPM_SUCCESS if boot mode is successfully retrieved.
* Returns TPM_* for errors.
*/
-uint32_t tlcl_cr50_get_boot_mode(uint8_t *boot_mode);
+tpm_result_t tlcl_cr50_get_boot_mode(uint8_t *boot_mode);
/**
* CR50 specific TPM command sequence to trigger an immediate reset to the Cr50
@@ -94,7 +95,7 @@ uint32_t tlcl_cr50_get_boot_mode(uint8_t *boot_mode);
*
* Return value indicates success or failure of accessing the TPM.
*/
-uint32_t tlcl_cr50_immediate_reset(uint16_t timeout_ms);
+tpm_result_t tlcl_cr50_immediate_reset(uint16_t timeout_ms);
/**
* CR50 specific TPM command sequence to issue an EC reset.
@@ -102,6 +103,6 @@ uint32_t tlcl_cr50_immediate_reset(uint16_t timeout_ms);
* Returns TPM_* for errors.
* On Success, this function invokes halt() and does not return.
*/
-uint32_t tlcl_cr50_reset_ec(void);
+tpm_result_t tlcl_cr50_reset_ec(void);
#endif /* CR50_TSS_STRUCTURES_H_ */
diff --git a/src/security/tpm/tss_errors.h b/src/security/tpm/tss_errors.h
index 3545f04110..8198ca1940 100644
--- a/src/security/tpm/tss_errors.h
+++ b/src/security/tpm/tss_errors.h
@@ -4,7 +4,7 @@
* TPM error codes.
*
* Copy-pasted and lightly edited from TCG TPM Main Part 2 TPM Structures
- * Version 1.2 Level 2 Revision 103 26 October 2006 Draft.
+ * Version 1.2 Level 2 Revision 116 1 March 2011.
*/
#ifndef TSS_ERRORS_H_
@@ -17,11 +17,13 @@ typedef uint32_t tpm_result_t;
#define TPM_BASE 0x0
-#define TPM_NON_FATAL 0x800
+#define TPM_NON_FATAL (0x800 + TPM_BASE)
#define TPM_CB_ERROR TPM_Vendor_Specific32
#define TPM_SUCCESS ((tpm_result_t) (TPM_BASE + 0x00))
#define TPM_BADINDEX ((tpm_result_t) (TPM_BASE + 0x02))
+#define TPM_BAD_PARAMETER ((tpm_result_t) (TPM_BASE + 0x03))
+#define TPM_FAIL ((tpm_result_t) (TPM_BASE + 0x09))
#define TPM_OWNER_SET ((tpm_result_t) (TPM_BASE + 0x14))
#define TPM_IOERROR ((tpm_result_t) (TPM_BASE + 0x1F))
#define TPM_INVALID_POSTINIT ((tpm_result_t) (TPM_BASE + 0x26))
@@ -29,6 +31,7 @@ typedef uint32_t tpm_result_t;
#define TPM_AREA_LOCKED ((tpm_result_t) (TPM_BASE + 0x3C))
#define TPM_MAXNVWRITES ((tpm_result_t) (TPM_BASE + 0x48))
+#define TPM_RETRY ((tpm_result_t) (TPM_NON_FATAL + 0x00))
#define TPM_NEEDS_SELFTEST ((tpm_result_t) (TPM_NON_FATAL + 0x01))
#define TPM_DOING_SELFTEST ((tpm_result_t) (TPM_NON_FATAL + 0x02))
@@ -56,5 +59,7 @@ typedef uint32_t tpm_result_t;
#define TPM_CB_HASH_ERROR ((tpm_result_t) (TPM_CB_ERROR + 0x8D))
#define TPM_CB_NO_SUCH_COMMAND ((tpm_result_t) (TPM_CB_ERROR + 0x8E))
#define TPM_CB_RANGE ((tpm_result_t) (TPM_CB_ERROR + 0x8F))
+#define TPM_CB_FAIL ((tpm_result_t) (TPM_CB_ERROR + 0x90))
+#define TPM_CB_TIMEOUT ((tpm_result_t) (TPM_CB_ERROR + 0x91))
#endif /* TSS_ERRORS_H_ */
diff --git a/src/security/vboot/antirollback.h b/src/security/vboot/antirollback.h
index ab7c43aac9..c0f77c9fa7 100644
--- a/src/security/vboot/antirollback.h
+++ b/src/security/vboot/antirollback.h
@@ -10,6 +10,7 @@
#include <types.h>
#include <security/tpm/tspi.h>
+#include <security/tpm/tss_errors.h>
#include <vb2_sha.h>
struct vb2_context;
@@ -52,23 +53,23 @@ enum vb2_pcr_digest;
/* All functions return TPM_SUCCESS (zero) if successful, non-zero if error */
-uint32_t antirollback_read_space_firmware(struct vb2_context *ctx);
+tpm_result_t antirollback_read_space_firmware(struct vb2_context *ctx);
/**
* Write may be called if the versions change.
*/
-uint32_t antirollback_write_space_firmware(struct vb2_context *ctx);
+tpm_result_t antirollback_write_space_firmware(struct vb2_context *ctx);
/**
* Read and write kernel space in TPM.
*/
-uint32_t antirollback_read_space_kernel(struct vb2_context *ctx);
-uint32_t antirollback_write_space_kernel(struct vb2_context *ctx);
+tpm_result_t antirollback_read_space_kernel(struct vb2_context *ctx);
+tpm_result_t antirollback_write_space_kernel(struct vb2_context *ctx);
/**
* Lock must be called.
*/
-uint32_t antirollback_lock_space_firmware(void);
+tpm_result_t antirollback_lock_space_firmware(void);
/*
* Read MRC hash data from TPM.
@@ -79,7 +80,7 @@ uint32_t antirollback_lock_space_firmware(void);
* @param data pointer to buffer where hash from TPM read into
* @param size size of buffer
*/
-uint32_t antirollback_read_space_mrc_hash(uint32_t index, uint8_t *data, uint32_t size);
+tpm_result_t antirollback_read_space_mrc_hash(uint32_t index, uint8_t *data, uint32_t size);
/*
* Write new hash data to MRC space in TPM.\
* @param index index into TPM NVRAM where hash is stored The index
@@ -89,7 +90,7 @@ uint32_t antirollback_read_space_mrc_hash(uint32_t index, uint8_t *data, uint32_
* @param data pointer to buffer of hash value to be written
* @param size size of buffer
*/
-uint32_t antirollback_write_space_mrc_hash(uint32_t index, const uint8_t *data,
+tpm_result_t antirollback_write_space_mrc_hash(uint32_t index, const uint8_t *data,
uint32_t size);
/*
* Lock down MRC hash space in TPM.
@@ -98,19 +99,19 @@ uint32_t antirollback_write_space_mrc_hash(uint32_t index, const uint8_t *data,
* MRC_RW_HASH_NV_INDEX depending upon whether we are
* booting in recovery or normal mode.
*/
-uint32_t antirollback_lock_space_mrc_hash(uint32_t index);
+tpm_result_t antirollback_lock_space_mrc_hash(uint32_t index);
/*
* Read VBIOS hash data from TPM.
* @param data pointer to buffer where hash from TPM read into
* @param size size of buffer
*/
-uint32_t antirollback_read_space_vbios_hash(uint8_t *data, uint32_t size);
+tpm_result_t antirollback_read_space_vbios_hash(uint8_t *data, uint32_t size);
/*
* Write new hash data to VBIOS space in TPM.
* @param data pointer to buffer of hash value to be written
* @param size size of buffer
*/
-uint32_t antirollback_write_space_vbios_hash(const uint8_t *data, uint32_t size);
+tpm_result_t antirollback_write_space_vbios_hash(const uint8_t *data, uint32_t size);
#endif /* ANTIROLLBACK_H_ */
diff --git a/src/security/vboot/mrc_cache_hash_tpm.c b/src/security/vboot/mrc_cache_hash_tpm.c
index 07baed7eba..d7712a9c5e 100644
--- a/src/security/vboot/mrc_cache_hash_tpm.c
+++ b/src/security/vboot/mrc_cache_hash_tpm.c
@@ -12,10 +12,12 @@
void mrc_cache_update_hash(uint32_t index, const uint8_t *data, size_t size)
{
struct vb2_hash hash;
+ tpm_result_t rc = TPM_SUCCESS;
/* Initialize TPM driver. */
- if (tlcl_lib_init() != VB2_SUCCESS) {
- printk(BIOS_ERR, "MRC: TPM driver initialization failed.\n");
+ rc = tlcl_lib_init();
+ if (rc != TPM_SUCCESS) {
+ printk(BIOS_ERR, "MRC: TPM driver initialization failed with error %#x.\n", rc);
return;
}
@@ -35,9 +37,9 @@ void mrc_cache_update_hash(uint32_t index, const uint8_t *data, size_t size)
}
/* Write hash of data to TPM space. */
- if (antirollback_write_space_mrc_hash(index, hash.sha256, sizeof(hash.sha256))
- != TPM_SUCCESS) {
- printk(BIOS_ERR, "MRC: Could not save hash to TPM.\n");
+ rc = antirollback_write_space_mrc_hash(index, hash.sha256, sizeof(hash.sha256));
+ if (rc != TPM_SUCCESS) {
+ printk(BIOS_ERR, "MRC: Could not save hash to TPM with error %#x.\n", rc);
return;
}
@@ -47,17 +49,19 @@ void mrc_cache_update_hash(uint32_t index, const uint8_t *data, size_t size)
int mrc_cache_verify_hash(uint32_t index, const uint8_t *data, size_t size)
{
struct vb2_hash tpm_hash = { .algo = VB2_HASH_SHA256 };
+ tpm_result_t rc = TPM_SUCCESS;
/* Initialize TPM driver. */
- if (tlcl_lib_init() != VB2_SUCCESS) {
- printk(BIOS_ERR, "MRC: TPM driver initialization failed.\n");
+ rc = tlcl_lib_init();
+ if (rc != TPM_SUCCESS) {
+ printk(BIOS_ERR, "MRC: TPM driver initialization failed with error %#x.\n", rc);
return 0;
}
/* Read hash of MRC data saved in TPM. */
- if (antirollback_read_space_mrc_hash(index, tpm_hash.sha256, sizeof(tpm_hash.sha256))
- != TPM_SUCCESS) {
- printk(BIOS_ERR, "MRC: Could not read hash from TPM.\n");
+ rc = antirollback_read_space_mrc_hash(index, tpm_hash.sha256, sizeof(tpm_hash.sha256));
+ if (rc != TPM_SUCCESS) {
+ printk(BIOS_ERR, "MRC: Could not read hash from TPM with error %#x.\n", rc);
return 0;
}
diff --git a/src/security/vboot/secdata_mock.c b/src/security/vboot/secdata_mock.c
index 9d8c13d2ef..83c437da2a 100644
--- a/src/security/vboot/secdata_mock.c
+++ b/src/security/vboot/secdata_mock.c
@@ -6,6 +6,7 @@
*/
#include <security/tpm/tspi.h>
+#include <security/tpm/tss_errors.h>
#include <vb2_api.h>
#include "antirollback.h"
@@ -15,18 +16,18 @@ vb2_error_t vb2ex_tpm_clear_owner(struct vb2_context *ctx)
return VB2_SUCCESS;
}
-vb2_error_t antirollback_read_space_firmware(struct vb2_context *ctx)
+tpm_result_t antirollback_read_space_firmware(struct vb2_context *ctx)
{
vb2api_secdata_firmware_create(ctx);
- return VB2_SUCCESS;
+ return TPM_SUCCESS;
}
-vb2_error_t antirollback_write_space_firmware(struct vb2_context *ctx)
+tpm_result_t antirollback_write_space_firmware(struct vb2_context *ctx)
{
- return VB2_SUCCESS;
+ return TPM_SUCCESS;
}
-vb2_error_t antirollback_read_space_kernel(struct vb2_context *ctx)
+tpm_result_t antirollback_read_space_kernel(struct vb2_context *ctx)
{
/*
* The new kernel secdata v1 stores the last read EC hash, and reboots the
@@ -41,41 +42,41 @@ vb2_error_t antirollback_read_space_kernel(struct vb2_context *ctx)
* v0 device when using MOCK_SECDATA.
*/
vb2api_secdata_kernel_create_v0(ctx);
- return VB2_SUCCESS;
+ return TPM_SUCCESS;
}
-vb2_error_t antirollback_write_space_kernel(struct vb2_context *ctx)
+tpm_result_t antirollback_write_space_kernel(struct vb2_context *ctx)
{
- return VB2_SUCCESS;
+ return TPM_SUCCESS;
}
-vb2_error_t antirollback_lock_space_firmware(void)
+tpm_result_t antirollback_lock_space_firmware(void)
{
- return VB2_SUCCESS;
+ return TPM_SUCCESS;
}
-vb2_error_t antirollback_lock_space_mrc_hash(uint32_t index)
+tpm_result_t antirollback_lock_space_mrc_hash(uint32_t index)
{
- return VB2_SUCCESS;
+ return TPM_SUCCESS;
}
-vb2_error_t antirollback_read_space_mrc_hash(uint32_t index, uint8_t *data, uint32_t size)
+tpm_result_t antirollback_read_space_mrc_hash(uint32_t index, uint8_t *data, uint32_t size)
{
- return VB2_SUCCESS;
+ return TPM_SUCCESS;
}
-vb2_error_t antirollback_write_space_mrc_hash(uint32_t index, const uint8_t *data,
+tpm_result_t antirollback_write_space_mrc_hash(uint32_t index, const uint8_t *data,
uint32_t size)
{
- return VB2_SUCCESS;
+ return TPM_SUCCESS;
}
-vb2_error_t antirollback_read_space_vbios_hash(uint8_t *data, uint32_t size)
+tpm_result_t antirollback_read_space_vbios_hash(uint8_t *data, uint32_t size)
{
- return VB2_SUCCESS;
+ return TPM_SUCCESS;
}
-vb2_error_t antirollback_write_space_vbios_hash(const uint8_t *data, uint32_t size)
+tpm_result_t antirollback_write_space_vbios_hash(const uint8_t *data, uint32_t size)
{
- return VB2_SUCCESS;
+ return TPM_SUCCESS;
}
diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c
index d19b47e609..1204be8787 100644
--- a/src/security/vboot/secdata_tpm.c
+++ b/src/security/vboot/secdata_tpm.c
@@ -18,17 +18,17 @@
printk(BIOS_INFO, "%s():%d: " format, __func__, __LINE__, ## args)
#define RETURN_ON_FAILURE(tpm_cmd) do { \
- uint32_t rc_; \
+ tpm_result_t rc_; \
if ((rc_ = (tpm_cmd)) != TPM_SUCCESS) { \
VBDEBUG("Antirollback: %08x returned by " #tpm_cmd \
- "\n", (int)rc_); \
+ "\n", (tpm_result_t)rc_); \
return rc_; \
} \
} while (0)
-static uint32_t safe_write(uint32_t index, const void *data, uint32_t length);
+static tpm_result_t safe_write(uint32_t index, const void *data, uint32_t length);
-uint32_t antirollback_read_space_kernel(struct vb2_context *ctx)
+tpm_result_t antirollback_read_space_kernel(struct vb2_context *ctx)
{
if (!CONFIG(TPM2)) {
/*
@@ -51,7 +51,7 @@ uint32_t antirollback_read_space_kernel(struct vb2_context *ctx)
}
uint8_t size = VB2_SECDATA_KERNEL_SIZE;
- uint32_t rc;
+ tpm_result_t rc;
/* Start with the version 1.0 size used by all modern Cr50/Ti50 boards. */
rc = tlcl_read(KERNEL_NV_INDEX, ctx->secdata_kernel, size);
@@ -72,7 +72,7 @@ uint32_t antirollback_read_space_kernel(struct vb2_context *ctx)
#if CONFIG(TPM2)
-static uint32_t read_space_mrc_hash(uint32_t index, uint8_t *data)
+static tpm_result_t read_space_mrc_hash(uint32_t index, uint8_t *data)
{
RETURN_ON_FAILURE(tlcl_read(index, data,
HASH_NV_SIZE));
@@ -206,7 +206,7 @@ static uint32_t define_space(const char *name, uint32_t index, uint32_t length,
const TPMA_NV nv_attributes,
const uint8_t *nv_policy, size_t nv_policy_size)
{
- uint32_t rc;
+ tpm_result_t rc;
rc = tlcl_define_space(index, length, nv_attributes, nv_policy,
nv_policy_size);
@@ -227,16 +227,16 @@ static uint32_t define_space(const char *name, uint32_t index, uint32_t length,
}
/* Nothing special in the TPM2 path yet. */
-static uint32_t safe_write(uint32_t index, const void *data, uint32_t length)
+static tpm_result_t safe_write(uint32_t index, const void *data, uint32_t length)
{
return tlcl_write(index, data, length);
}
-static uint32_t setup_space(const char *name, uint32_t index, const void *data,
- uint32_t length, const TPMA_NV nv_attributes,
- const uint8_t *nv_policy, size_t nv_policy_size)
+static tpm_result_t setup_space(const char *name, uint32_t index, const void *data,
+ uint32_t length, const TPMA_NV nv_attributes,
+ const uint8_t *nv_policy, size_t nv_policy_size)
{
- uint32_t rc;
+ tpm_result_t rc;
rc = define_space(name, index, length, nv_attributes, nv_policy,
nv_policy_size);
@@ -246,7 +246,7 @@ static uint32_t setup_space(const char *name, uint32_t index, const void *data,
return safe_write(index, data, length);
}
-static uint32_t setup_firmware_space(struct vb2_context *ctx)
+static tpm_result_t setup_firmware_space(struct vb2_context *ctx)
{
uint32_t firmware_space_size = vb2api_secdata_firmware_create(ctx);
@@ -256,7 +256,7 @@ static uint32_t setup_firmware_space(struct vb2_context *ctx)
sizeof(pcr0_allowed_policy));
}
-static uint32_t setup_fwmp_space(struct vb2_context *ctx)
+static tpm_result_t setup_fwmp_space(struct vb2_context *ctx)
{
uint32_t fwmp_space_size = vb2api_secdata_fwmp_create(ctx);
@@ -264,7 +264,7 @@ static uint32_t setup_fwmp_space(struct vb2_context *ctx)
fwmp_attr, NULL, 0);
}
-static uint32_t setup_kernel_space(struct vb2_context *ctx)
+static tpm_result_t setup_kernel_space(struct vb2_context *ctx)
{
uint32_t kernel_space_size = vb2api_secdata_kernel_create(ctx);
@@ -272,7 +272,7 @@ static uint32_t setup_kernel_space(struct vb2_context *ctx)
kernel_space_size, rw_space_attributes, NULL, 0);
}
-static uint32_t set_mrc_hash_space(uint32_t index, const uint8_t *data)
+static tpm_result_t set_mrc_hash_space(uint32_t index, const uint8_t *data)
{
if (index == MRC_REC_HASH_NV_INDEX) {
return setup_space("RO MRC Hash", index, data, HASH_NV_SIZE,
@@ -289,9 +289,9 @@ static uint32_t set_mrc_hash_space(uint32_t index, const uint8_t *data)
*
* These spaces are not used by firmware, but we do need to initialize them.
*/
-static uint32_t setup_zte_spaces(void)
+static tpm_result_t setup_zte_spaces(void)
{
- uint32_t rc;
+ tpm_result_t rc;
uint64_t rma_bytes_counter_default = 0;
uint8_t rma_sn_bits_default[16];
uint8_t board_id_default[12];
@@ -307,7 +307,7 @@ static uint32_t setup_zte_spaces(void)
zte_attr,
unsatisfiable_policy, sizeof(unsatisfiable_policy));
if (rc != TPM_SUCCESS) {
- VBDEBUG("%s: Failed to set up RMA + SN Bits space\n", __func__);
+ VBDEBUG("%s: Failed to set up RMA + SN Bits space with error %#x\n", __func__, rc);
return rc;
}
@@ -316,7 +316,7 @@ static uint32_t setup_zte_spaces(void)
zte_attr,
unsatisfiable_policy, sizeof(unsatisfiable_policy));
if (rc != TPM_SUCCESS) {
- VBDEBUG("%s: Failed to set up Board ID space\n", __func__);
+ VBDEBUG("%s: Failed to set up Board ID space with error %#x\n", __func__, rc);
return rc;
}
@@ -326,7 +326,7 @@ static uint32_t setup_zte_spaces(void)
zte_rma_bytes_attr,
unsatisfiable_policy, sizeof(unsatisfiable_policy));
if (rc != TPM_SUCCESS) {
- VBDEBUG("%s: Failed to define RMA Bytes space\n", __func__);
+ VBDEBUG("%s: Failed to define RMA Bytes space with error %#x\n", __func__, rc);
return rc;
}
@@ -337,8 +337,8 @@ static uint32_t setup_zte_spaces(void)
rc = tlcl_set_bits(ZTE_RMA_BYTES_COUNTER_INDEX,
rma_bytes_counter_default);
if (rc != TPM_SUCCESS) {
- VBDEBUG("%s: Failed to init RMA Bytes counter space\n",
- __func__);
+ VBDEBUG("%s: Failed to init RMA Bytes counter space wit error %#x\n",
+ __func__, rc);
return rc;
}
@@ -351,7 +351,7 @@ static uint32_t setup_zte_spaces(void)
* This space is not used by firmware but needs to survive owner clear. Thus, it
* needs to be created here.
*/
-static uint32_t enterprise_rollback_create_space(void)
+static tpm_result_t enterprise_rollback_create_space(void)
{
uint8_t rollback_space_default[32] = {0};
@@ -361,9 +361,10 @@ static uint32_t enterprise_rollback_create_space(void)
unsatisfiable_policy, sizeof(unsatisfiable_policy));
}
-static uint32_t setup_widevine_counter_spaces(void)
+static tpm_result_t setup_widevine_counter_spaces(void)
{
- uint32_t index, rc;
+ uint32_t index;
+ tpm_result_t rc;
for (index = 0; index < NUM_WIDEVINE_COUNTERS; index++) {
rc = define_space(WIDEVINE_COUNTER_NAME,
@@ -375,10 +376,10 @@ static uint32_t setup_widevine_counter_spaces(void)
if (rc != TPM_SUCCESS)
return rc;
}
- return TPM_SUCCESS;
+ return rc;
}
-static uint32_t _factory_initialize_tpm(struct vb2_context *ctx)
+static tpm_result_t _factory_initialize_tpm(struct vb2_context *ctx)
{
RETURN_ON_FAILURE(tlcl_force_clear());
@@ -428,12 +429,12 @@ static uint32_t _factory_initialize_tpm(struct vb2_context *ctx)
return TPM_SUCCESS;
}
-uint32_t antirollback_lock_space_firmware(void)
+tpm_result_t antirollback_lock_space_firmware(void)
{
return tlcl_lock_nv_write(FIRMWARE_NV_INDEX);
}
-uint32_t antirollback_read_space_mrc_hash(uint32_t index, uint8_t *data, uint32_t size)
+tpm_result_t antirollback_read_space_mrc_hash(uint32_t index, uint8_t *data, uint32_t size)
{
if (size != HASH_NV_SIZE) {
VBDEBUG("TPM: Incorrect buffer size for hash idx %#x. "
@@ -444,10 +445,10 @@ uint32_t antirollback_read_space_mrc_hash(uint32_t index, uint8_t *data, uint32_
return read_space_mrc_hash(index, data);
}
-uint32_t antirollback_write_space_mrc_hash(uint32_t index, const uint8_t *data, uint32_t size)
+tpm_result_t antirollback_write_space_mrc_hash(uint32_t index, const uint8_t *data, uint32_t size)
{
uint8_t spc_data[HASH_NV_SIZE];
- uint32_t rc;
+ tpm_result_t rc;
if (size != HASH_NV_SIZE) {
VBDEBUG("TPM: Incorrect buffer size for hash idx %#x. "
@@ -472,18 +473,18 @@ uint32_t antirollback_write_space_mrc_hash(uint32_t index, const uint8_t *data,
return safe_write(index, data, size);
}
-uint32_t antirollback_lock_space_mrc_hash(uint32_t index)
+tpm_result_t antirollback_lock_space_mrc_hash(uint32_t index)
{
return tlcl_lock_nv_write(index);
}
-static uint32_t read_space_vbios_hash(uint8_t *data)
+static tpm_result_t read_space_vbios_hash(uint8_t *data)
{
RETURN_ON_FAILURE(tlcl_read(VBIOS_CACHE_NV_INDEX, data, HASH_NV_SIZE));
return TPM_SUCCESS;
}
-uint32_t antirollback_read_space_vbios_hash(uint8_t *data, uint32_t size)
+tpm_result_t antirollback_read_space_vbios_hash(uint8_t *data, uint32_t size)
{
if (size != HASH_NV_SIZE) {
VBDEBUG("TPM: Incorrect buffer size for hash idx %#x. "
@@ -494,10 +495,10 @@ uint32_t antirollback_read_space_vbios_hash(uint8_t *data, uint32_t size)
return read_space_vbios_hash(data);
}
-uint32_t antirollback_write_space_vbios_hash(const uint8_t *data, uint32_t size)
+tpm_result_t antirollback_write_space_vbios_hash(const uint8_t *data, uint32_t size)
{
uint8_t spc_data[HASH_NV_SIZE];
- uint32_t rc;
+ tpm_result_t rc;
if (size != HASH_NV_SIZE) {
VBDEBUG("TPM: Incorrect buffer size for hash idx %#x. "
@@ -532,9 +533,9 @@ uint32_t antirollback_write_space_vbios_hash(const uint8_t *data, uint32_t size)
* This is not expected to happen frequently, but it could happen.
*/
-static uint32_t safe_write(uint32_t index, const void *data, uint32_t length)
+static tpm_result_t safe_write(uint32_t index, const void *data, uint32_t length)
{
- uint32_t rc = tlcl_write(index, data, length);
+ tpm_result_t rc = tlcl_write(index, data, length);
if (rc == TPM_MAXNVWRITES) {
RETURN_ON_FAILURE(tpm_clear_and_reenable());
return tlcl_write(index, data, length);
@@ -549,9 +550,9 @@ static uint32_t safe_write(uint32_t index, const void *data, uint32_t length)
* writes because we only define spaces once at initialization, but we'd
* rather be paranoid about this.
*/
-static uint32_t safe_define_space(uint32_t index, uint32_t perm, uint32_t size)
+static tpm_result_t safe_define_space(uint32_t index, uint32_t perm, uint32_t size)
{
- uint32_t rc = tlcl_define_space(index, perm, size);
+ tpm_result_t rc = tlcl_define_space(index, perm, size);
if (rc == TPM_MAXNVWRITES) {
RETURN_ON_FAILURE(tpm_clear_and_reenable());
return tlcl_define_space(index, perm, size);
@@ -560,10 +561,10 @@ static uint32_t safe_define_space(uint32_t index, uint32_t perm, uint32_t size)
}
}
-static uint32_t _factory_initialize_tpm(struct vb2_context *ctx)
+static tpm_result_t _factory_initialize_tpm(struct vb2_context *ctx)
{
TPM_PERMANENT_FLAGS pflags;
- uint32_t rc;
+ tpm_result_t rc;
vb2api_secdata_firmware_create(ctx);
vb2api_secdata_kernel_create_v0(ctx);
@@ -618,7 +619,7 @@ static uint32_t _factory_initialize_tpm(struct vb2_context *ctx)
return TPM_SUCCESS;
}
-uint32_t antirollback_lock_space_firmware(void)
+tpm_result_t antirollback_lock_space_firmware(void)
{
return tlcl_set_global_lock();
}
@@ -632,9 +633,9 @@ uint32_t antirollback_lock_space_firmware(void)
* nvLocked bit and ensures the physical presence command is enabled and
* locked.
*/
-static uint32_t factory_initialize_tpm(struct vb2_context *ctx)
+static tpm_result_t factory_initialize_tpm(struct vb2_context *ctx)
{
- uint32_t rc;
+ tpm_result_t rc;
VBDEBUG("TPM: factory initialization\n");
@@ -664,9 +665,9 @@ static uint32_t factory_initialize_tpm(struct vb2_context *ctx)
return TPM_SUCCESS;
}
-uint32_t antirollback_read_space_firmware(struct vb2_context *ctx)
+tpm_result_t antirollback_read_space_firmware(struct vb2_context *ctx)
{
- uint32_t rc;
+ tpm_result_t rc;
rc = tlcl_read(FIRMWARE_NV_INDEX, ctx->secdata_firmware, VB2_SECDATA_FIRMWARE_SIZE);
if (rc == TPM_BADINDEX) {
@@ -678,10 +679,10 @@ uint32_t antirollback_read_space_firmware(struct vb2_context *ctx)
return TPM_CB_CORRUPTED_STATE;
}
- return TPM_SUCCESS;
+ return rc;
}
-uint32_t antirollback_write_space_firmware(struct vb2_context *ctx)
+tpm_result_t antirollback_write_space_firmware(struct vb2_context *ctx)
{
if (CONFIG(TPM_GOOGLE_IMMEDIATELY_COMMIT_FW_SECDATA))
tlcl_cr50_enable_nvcommits();
@@ -689,7 +690,7 @@ uint32_t antirollback_write_space_firmware(struct vb2_context *ctx)
VB2_SECDATA_FIRMWARE_SIZE);
}
-uint32_t antirollback_write_space_kernel(struct vb2_context *ctx)
+tpm_result_t antirollback_write_space_kernel(struct vb2_context *ctx)
{
/* Learn the expected size. */
uint8_t size = VB2_SECDATA_KERNEL_MIN_SIZE;
@@ -710,10 +711,6 @@ uint32_t antirollback_write_space_kernel(struct vb2_context *ctx)
vb2_error_t vb2ex_tpm_clear_owner(struct vb2_context *ctx)
{
- uint32_t rc;
printk(BIOS_INFO, "Clearing TPM owner\n");
- rc = tpm_clear_and_reenable();
- if (rc)
- return VB2_ERROR_EX_TPM_CLEAR_OWNER;
- return VB2_SUCCESS;
+ return tpm_clear_and_reenable() == TPM_SUCCESS ? VB2_SUCCESS : VB2_ERROR_EX_TPM_CLEAR_OWNER;
}
diff --git a/src/security/vboot/tpm_common.c b/src/security/vboot/tpm_common.c
index a2e9bb45cd..c330cc2dcd 100644
--- a/src/security/vboot/tpm_common.c
+++ b/src/security/vboot/tpm_common.c
@@ -2,6 +2,7 @@
#include <security/tpm/tspi.h>
#include <security/vboot/tpm_common.h>
+#include <security/tpm/tss_errors.h>
#include <vb2_api.h>
#include <vb2_sha.h>
@@ -9,9 +10,9 @@
#define TPM_PCR_GBB_HWID_NAME "VBOOT: GBB HWID"
#define TPM_PCR_MINIMUM_DIGEST_SIZE 20
-uint32_t vboot_setup_tpm(struct vb2_context *ctx)
+tpm_result_t vboot_setup_tpm(struct vb2_context *ctx)
{
- uint32_t rc;
+ tpm_result_t rc;
rc = tpm_setup(ctx->flags & VB2_CONTEXT_S3_RESUME);
if (rc == TPM_CB_MUST_REBOOT)
@@ -20,16 +21,14 @@ uint32_t vboot_setup_tpm(struct vb2_context *ctx)
return rc;
}
-vb2_error_t vboot_extend_pcr(struct vb2_context *ctx, int pcr,
+tpm_result_t vboot_extend_pcr(struct vb2_context *ctx, int pcr,
enum vb2_pcr_digest which_digest)
{
uint8_t buffer[VB2_PCR_DIGEST_RECOMMENDED_SIZE];
uint32_t size = sizeof(buffer);
- vb2_error_t rv;
- rv = vb2api_get_pcr_digest(ctx, which_digest, buffer, &size);
- if (rv != VB2_SUCCESS)
- return rv;
+ if (vb2api_get_pcr_digest(ctx, which_digest, buffer, &size) != VB2_SUCCESS)
+ return TPM_CB_FAIL;
/*
* On TPM 1.2, all PCRs are intended for use with SHA1. We truncate our
@@ -56,6 +55,6 @@ vb2_error_t vboot_extend_pcr(struct vb2_context *ctx, int pcr,
return tpm_extend_pcr(pcr, algo, buffer, vb2_digest_size(algo),
TPM_PCR_GBB_HWID_NAME);
default:
- return VB2_ERROR_UNKNOWN;
+ return TPM_CB_FAIL;
}
}
diff --git a/src/security/vboot/tpm_common.h b/src/security/vboot/tpm_common.h
index 7c440f52d2..22ece8927b 100644
--- a/src/security/vboot/tpm_common.h
+++ b/src/security/vboot/tpm_common.h
@@ -3,16 +3,16 @@
#if CONFIG(TPM)
/* Start of the root of trust */
-uint32_t vboot_setup_tpm(struct vb2_context *ctx);
+tpm_result_t vboot_setup_tpm(struct vb2_context *ctx);
/* vboot_extend_pcr function for vb2 context */
-vb2_error_t vboot_extend_pcr(struct vb2_context *ctx, int pcr,
+tpm_result_t vboot_extend_pcr(struct vb2_context *ctx, int pcr,
enum vb2_pcr_digest which_digest);
#else
-#define vboot_setup_tpm(ctx) 0
+#define vboot_setup_tpm(ctx) TPM_SUCCESS
-#define vboot_extend_pcr(ctx, pcr, which_digest) 0
+#define vboot_extend_pcr(ctx, pcr, which_digest) TPM_SUCCESS
#endif
diff --git a/src/security/vboot/vbios_cache_hash_tpm.c b/src/security/vboot/vbios_cache_hash_tpm.c
index 6ad09ace8e..49971350f1 100644
--- a/src/security/vboot/vbios_cache_hash_tpm.c
+++ b/src/security/vboot/vbios_cache_hash_tpm.c
@@ -12,10 +12,12 @@
void vbios_cache_update_hash(const uint8_t *data, size_t size)
{
struct vb2_hash hash;
+ tpm_result_t rc = TPM_SUCCESS;
/* Initialize TPM driver. */
- if (tlcl_lib_init() != VB2_SUCCESS) {
- printk(BIOS_ERR, "VBIOS_CACHE: TPM driver initialization failed.\n");
+ rc = tlcl_lib_init();
+ if (rc != TPM_SUCCESS) {
+ printk(BIOS_ERR, "VBIOS_CACHE: TPM driver initialization failed with error %#x.\n", rc);
return;
}
@@ -35,9 +37,9 @@ void vbios_cache_update_hash(const uint8_t *data, size_t size)
}
/* Write hash of data to TPM space. */
- if (antirollback_write_space_vbios_hash(hash.sha256, sizeof(hash.sha256))
- != TPM_SUCCESS) {
- printk(BIOS_ERR, "VBIOS_CACHE: Could not save hash to TPM.\n");
+ rc = antirollback_write_space_vbios_hash(hash.sha256, sizeof(hash.sha256));
+ if (rc != TPM_SUCCESS) {
+ printk(BIOS_ERR, "VBIOS_CACHE: Could not save hash to TPM with error %#x.\n", rc);
return;
}
@@ -48,17 +50,19 @@ void vbios_cache_update_hash(const uint8_t *data, size_t size)
enum cb_err vbios_cache_verify_hash(const uint8_t *data, size_t size)
{
struct vb2_hash tpm_hash = { .algo = VB2_HASH_SHA256 };
+ tpm_result_t rc = TPM_SUCCESS;
/* Initialize TPM driver. */
- if (tlcl_lib_init() != VB2_SUCCESS) {
- printk(BIOS_ERR, "VBIOS_CACHE: TPM driver initialization failed.\n");
+ rc = tlcl_lib_init();
+ if (rc != TPM_SUCCESS) {
+ printk(BIOS_ERR, "VBIOS_CACHE: TPM driver initialization failed with error %#x.\n", rc);
return CB_ERR;
}
/* Read hash of VBIOS data saved in TPM. */
- if (antirollback_read_space_vbios_hash(tpm_hash.sha256, sizeof(tpm_hash.sha256))
- != TPM_SUCCESS) {
- printk(BIOS_ERR, "VBIOS_CACHE: Could not read hash from TPM.\n");
+ rc = antirollback_read_space_vbios_hash(tpm_hash.sha256, sizeof(tpm_hash.sha256));
+ if (rc != TPM_SUCCESS) {
+ printk(BIOS_ERR, "VBIOS_CACHE: Could not read hash from TPM with error %#x.\n", rc);
return CB_ERR;
}
diff --git a/src/security/vboot/vboot_common.c b/src/security/vboot/vboot_common.c
index 3c4957a7ed..f9080c585a 100644
--- a/src/security/vboot/vboot_common.c
+++ b/src/security/vboot/vboot_common.c
@@ -2,6 +2,7 @@
#include <console/cbmem_console.h>
#include <reset.h>
+#include <security/tpm/tss_errors.h>
#include <security/vboot/misc.h>
#include <security/vboot/vboot_common.h>
#include <security/vboot/vbnv.h>
@@ -12,14 +13,14 @@
static void save_secdata(struct vb2_context *ctx)
{
if (ctx->flags & VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED
- && (CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) {
+ && (CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == TPM_SUCCESS)) {
printk(BIOS_INFO, "Saving secdata firmware\n");
antirollback_write_space_firmware(ctx);
ctx->flags &= ~VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED;
}
if (ctx->flags & VB2_CONTEXT_SECDATA_KERNEL_CHANGED
- && (CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) {
+ && (CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == TPM_SUCCESS)) {
printk(BIOS_INFO, "Saving secdata kernel\n");
antirollback_write_space_kernel(ctx);
ctx->flags &= ~VB2_CONTEXT_SECDATA_KERNEL_CHANGED;
diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c
index f6d8bad2e3..ab38085f48 100644
--- a/src/security/vboot/vboot_logic.c
+++ b/src/security/vboot/vboot_logic.c
@@ -7,6 +7,7 @@
#include <fmap.h>
#include <security/tpm/tspi/crtm.h>
#include <security/tpm/tss/vendor/cr50/cr50.h>
+#include <security/tpm/tss_errors.h>
#include <security/vboot/misc.h>
#include <security/vboot/vbnv.h>
#include <security/vboot/tpm_common.h>
@@ -182,12 +183,12 @@ static vb2_error_t hash_body(struct vb2_context *ctx,
return handle_digest_result(hash_digest, hash_digest_sz);
}
-static vb2_error_t extend_pcrs(struct vb2_context *ctx)
+static tpm_result_t extend_pcrs(struct vb2_context *ctx)
{
- vb2_error_t rv;
- rv = vboot_extend_pcr(ctx, CONFIG_PCR_BOOT_MODE, BOOT_MODE_PCR);
- if (rv)
- return rv;
+ tpm_result_t rc;
+ rc = vboot_extend_pcr(ctx, CONFIG_PCR_BOOT_MODE, BOOT_MODE_PCR);
+ if (rc)
+ return rc;
return vboot_extend_pcr(ctx, CONFIG_PCR_HWID, HWID_DIGEST_PCR);
}
@@ -210,7 +211,7 @@ static const char *get_boot_mode_string(uint8_t boot_mode)
static void check_boot_mode(struct vb2_context *ctx)
{
uint8_t boot_mode;
- int rc;
+ tpm_result_t rc;
rc = tlcl_cr50_get_boot_mode(&boot_mode);
switch (rc) {
@@ -222,7 +223,7 @@ static void check_boot_mode(struct vb2_context *ctx)
break;
default:
printk(BIOS_ERR,
- "Communication error in getting GSC boot mode.\n");
+ "Communication error(%#x) in getting GSC boot mode.\n", rc);
vb2api_fail(ctx, VB2_RECOVERY_GSC_BOOT_MODE, rc);
return;
}
@@ -240,6 +241,7 @@ static void check_boot_mode(struct vb2_context *ctx)
void verstage_main(void)
{
struct vb2_context *ctx;
+ tpm_result_t tpm_rc;
vb2_error_t rv;
timestamp_add_now(TS_VBOOT_START);
@@ -363,10 +365,13 @@ void verstage_main(void)
/* Only extend PCRs once on boot. */
if (!(ctx->flags & VB2_CONTEXT_S3_RESUME)) {
timestamp_add_now(TS_TPMPCR_START);
- rv = extend_pcrs(ctx);
- if (rv) {
- printk(BIOS_WARNING, "Failed to extend TPM PCRs (%#x)\n", rv);
- vboot_fail_and_reboot(ctx, VB2_RECOVERY_RO_TPM_U_ERROR, rv);
+ tpm_rc = extend_pcrs(ctx);
+ if (tpm_rc) {
+ printk(BIOS_WARNING, "Failed to extend TPM PCRs (%#x)\n",
+ tpm_rc);
+ vboot_fail_and_reboot(ctx,
+ VB2_RECOVERY_RO_TPM_U_ERROR,
+ tpm_rc);
}
timestamp_add_now(TS_TPMPCR_END);
}
@@ -374,19 +379,21 @@ void verstage_main(void)
/* Lock TPM */
timestamp_add_now(TS_TPMLOCK_START);
- rv = antirollback_lock_space_firmware();
- if (rv) {
- printk(BIOS_INFO, "Failed to lock TPM (%#x)\n", rv);
+ tpm_rc = antirollback_lock_space_firmware();
+ if (tpm_rc) {
+ printk(BIOS_INFO, "Failed to lock TPM (%#x)\n", tpm_rc);
vboot_fail_and_reboot(ctx, VB2_RECOVERY_RO_TPM_L_ERROR, 0);
}
timestamp_add_now(TS_TPMLOCK_END);
/* Lock rec hash space if available. */
if (CONFIG(VBOOT_HAS_REC_HASH_SPACE)) {
- rv = antirollback_lock_space_mrc_hash(MRC_REC_HASH_NV_INDEX);
- if (rv) {
- printk(BIOS_INFO, "Failed to lock rec hash space(%#x)\n", rv);
- vboot_fail_and_reboot(ctx, VB2_RECOVERY_RO_TPM_REC_HASH_L_ERROR, rv);
+ tpm_rc = antirollback_lock_space_mrc_hash(
+ MRC_REC_HASH_NV_INDEX);
+ if (tpm_rc) {
+ printk(BIOS_INFO, "Failed to lock rec hash space(%#x)\n",
+ tpm_rc);
+ vboot_fail_and_reboot(ctx, VB2_RECOVERY_RO_TPM_REC_HASH_L_ERROR, tpm_rc);
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-26 22:46:52 +0000