3 files changed, 43 insertions, 0 deletions

diff --git a/src/security/vboot/Kconfig b/src/security/vboot/Kconfig
index 7cbeea3e39..26f2484bf3 100644
--- a/src/security/vboot/Kconfig
+++ b/src/security/vboot/Kconfig
@@ -282,6 +282,14 @@ config VBOOT_X86_SHA256_ACCELERATION
 	  Use sha256msg1, sha256msg2, sha256rnds2 instruction to accelerate
 	  SHA hash calculation in vboot.
 
+config VBOOT_DEFINE_WIDEVINE_COUNTERS
+	bool
+	default n
+	help
+	  Set up Widevine Secure Counters in TPM NVRAM by defining space. Enabling this
+	  config will only define the counter space. Counters need to be incremented
+	  separately before any read operation is performed on them.
+
 menu "GBB configuration"
 
 config GBB_HWID
diff --git a/src/security/vboot/antirollback.h b/src/security/vboot/antirollback.h
index 2297762d36..71605fa1b7 100644
--- a/src/security/vboot/antirollback.h
+++ b/src/security/vboot/antirollback.h
@@ -29,6 +29,11 @@ enum vb2_pcr_digest;
 #define MRC_RW_HASH_NV_INDEX            0x100d
 #define HASH_NV_SIZE                    VB2_SHA256_DIGEST_SIZE
 #define ENT_ROLLBACK_COUNTER_INDEX      0x100e
+/* Widevine Secure Counter space */
+#define WIDEVINE_COUNTER_NV_INDEX(n)	(0x3000 + (n))
+#define NUM_WIDEVINE_COUNTERS		4
+#define WIDEVINE_COUNTER_NAME		"Widevine Secure Counter"
+#define WIDEVINE_COUNTER_SIZE		sizeof(uint64_t)
 /* Zero-Touch Enrollment related spaces */
 #define ZTE_BOARD_ID_NV_INDEX           0x3fff00
 #define ZTE_RMA_SN_BITS_INDEX           0x3fff01
diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c
index 47efe2dd00..6d8e281955 100644
--- a/src/security/vboot/secdata_tpm.c
+++ b/src/security/vboot/secdata_tpm.c
@@ -158,6 +158,18 @@ static const TPMA_NV zte_rma_bytes_attr = {
 	.TPMA_NV_POLICY_DELETE = 1,
 };
 
+static const TPMA_NV rw_orderly_counter_attributes = {
+	.TPMA_NV_COUNTER = 1,
+	.TPMA_NV_ORDERLY = 1,
+	.TPMA_NV_AUTHREAD = 1,
+	.TPMA_NV_AUTHWRITE = 1,
+	.TPMA_NV_PLATFORMCREATE = 1,
+	.TPMA_NV_WRITE_STCLEAR = 1,
+	.TPMA_NV_PPREAD = 1,
+	.TPMA_NV_PPWRITE = 1,
+	.TPMA_NV_NO_DA = 1,
+};
+
 /*
  * This policy digest was obtained using TPM2_PolicyOR on 3 digests
  * corresponding to a sequence of
@@ -350,6 +362,19 @@ static uint32_t enterprise_rollback_create_counter(void)
 				 rw_counter_attributes, NULL, 0);
 }
 
+static uint32_t setup_widevine_counter_spaces(void)
+{
+	uint32_t index, rv;
+
+	for (index = 0; index < NUM_WIDEVINE_COUNTERS; index++) {
+		rv = define_space(WIDEVINE_COUNTER_NAME, WIDEVINE_COUNTER_NV_INDEX(index),
+				WIDEVINE_COUNTER_SIZE, rw_orderly_counter_attributes, NULL, 0);
+		if (rv != TPM_SUCCESS)
+			return rv;
+	}
+	return TPM_SUCCESS;
+}
+
 static uint32_t _factory_initialize_tpm(struct vb2_context *ctx)
 {
 	RETURN_ON_FAILURE(tlcl_force_clear());
@@ -391,6 +416,11 @@ static uint32_t _factory_initialize_tpm(struct vb2_context *ctx)
 	if (CONFIG(CHROMEOS))
 		RETURN_ON_FAILURE(enterprise_rollback_create_counter());
 
+	/* Define widevine counter space. No need to increment/write to the secure counters
+	   and are expected to be incremented during the first use. */
+	if (CONFIG(VBOOT_DEFINE_WIDEVINE_COUNTERS))
+		RETURN_ON_FAILURE(setup_widevine_counter_spaces());
+
 	RETURN_ON_FAILURE(setup_firmware_space(ctx));
 
 	return TPM_SUCCESS;