diff options
Diffstat (limited to 'src/security')
| -rw-r--r-- | src/security/tpm/tis.h | 15 | ||||
| -rw-r--r-- | src/security/tpm/tss/tcg-1.2/tss.c | 9 | ||||
| -rw-r--r-- | src/security/tpm/tss/tcg-2.0/tss.c | 11 |
3 files changed, 30 insertions, 5 deletions
diff --git a/src/security/tpm/tis.h b/src/security/tpm/tis.h index ac07bfb5c6..4a8dc14c31 100644 --- a/src/security/tpm/tis.h +++ b/src/security/tpm/tis.h @@ -32,6 +32,12 @@ enum tis_status { TPM_STS_RESPONSE_RETRY = (1 << 1), }; +enum tpm_family { + TPM_UNKNOWN = 0, + TPM_1 = 1, + TPM_2 = 2, +}; + /* * tis_sendrecv() * @@ -50,13 +56,16 @@ typedef tpm_result_t (*tis_sendrecv_fn)(const u8 *sendbuf, size_t send_size, u8 /* * tis_probe() * - * Probe for the TPM device and set it up for use within locality 0. Returns - * pointer to send-receive function on success or NULL on failure. + * Probe for the TPM device and set it up for use within locality 0. + * + * @family - pointer which is set to TPM family of the device + * + * Returns pointer to send-receive function on success or NULL on failure. * * Do not call this explicitly, it's meant to be used exclusively by TSS * implementation (tlcl_lib_init() function to be specific). */ -tis_sendrecv_fn tis_probe(void); +tis_sendrecv_fn tis_probe(enum tpm_family *family); /* * tis_vendor_write() diff --git a/src/security/tpm/tss/tcg-1.2/tss.c b/src/security/tpm/tss/tcg-1.2/tss.c index f0d28dfe3f..913f79b106 100644 --- a/src/security/tpm/tss/tcg-1.2/tss.c +++ b/src/security/tpm/tss/tcg-1.2/tss.c @@ -153,13 +153,20 @@ static tpm_result_t send(const uint8_t *command) tpm_result_t tlcl_lib_init(void) { + enum tpm_family family; + if (tis_sendrecv != NULL) return TPM_SUCCESS; - tis_sendrecv = tis_probe(); + tis_sendrecv = tis_probe(&family); if (tis_sendrecv == NULL) return TPM_CB_NO_DEVICE; + if (family != TPM_1) { + tis_sendrecv = NULL; + return TPM_CB_INTERNAL_INCONSISTENCY; + } + return TPM_SUCCESS; } diff --git a/src/security/tpm/tss/tcg-2.0/tss.c b/src/security/tpm/tss/tcg-2.0/tss.c index 135d2964e6..27390a78ab 100644 --- a/src/security/tpm/tss/tcg-2.0/tss.c +++ b/src/security/tpm/tss/tcg-2.0/tss.c @@ -211,15 +211,24 @@ tpm_result_t tlcl_clear_control(bool disable) /* This function is called directly by vboot, uses vboot return types. */ tpm_result_t tlcl_lib_init(void) { + enum tpm_family family; + if (tis_sendrecv != NULL) return TPM_SUCCESS; - tis_sendrecv = tis_probe(); + tis_sendrecv = tis_probe(&family); if (tis_sendrecv == NULL) { printk(BIOS_ERR, "%s: tis_probe returned error\n", __func__); return TPM_CB_NO_DEVICE; } + if (family != TPM_2) { + tis_sendrecv = NULL; + printk(BIOS_ERR, "%s: tis_probe returned unsupported TPM family: %d\n", + __func__, family); + return TPM_CB_INTERNAL_INCONSISTENCY; + } + return TPM_SUCCESS; } |