Age | Commit message (Collapse) | Author |
|
Also adjust a few comments to follow the style guide.
Change-Id: I22001320f2ce1f0db348e0f7fabc5a65b50ba53e
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/41600
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
|
|
Add ClearControl Function which is needed for a follow-up patch.
Change-Id: Ia19185528fd821e420b0bdb424760c93b79523a4
Signed-off-by: Christian Walter <christian.walter@9elements.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/38617
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
|
|
Change-Id: I1c09eda6164efb390de4626f52aafba59962f9c4
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/37029
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
|
|
This reverts commit fdb9805d6884090fd7bf62dbdf9c858692e55fb4.
CB:33252 wasn't reviewed by a TPM maintainer and breaks abstraction
layers (pulling TSS-details into TSPI, completely changing
interpretation of the arguments to tlcl_extend() based on TSS version).
It's also not clear why it was implemented the way it was (should have
been much easier and cleaner ways to achieve the same thing).
Since the author is not reacting, let's revert it for now. It can be
cleaned up and resubmitted later. (Not reverting the header changes
since those are not objectionable, and there are later patches dependent
on it.)
Change-Id: Ice44f55c75a0acc07794fe41c757a7bca75406eb
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35351
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
|
|
TPMU_HA is a union of all the different hash digests, and so
sizeof(TPMU_HA) evaluates to 64 (the size of the largest one). This will
lead to out-of-bounds writes when copying smaller digests, so use the
specific digest size for each algorithm.
Change-Id: Ic9101f157d5a19836b200ecd99f060de552498d2
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 14049{49,50,51,52,53,54,55,56,57,58,60,61,62}
Reviewed-on: https://review.coreboot.org/c/coreboot/+/35287
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
|
|
To support multi digists the tlcl_extend() for TPM2 expects
TPML_DIGEST_VALUE pointer as input argument.
BUG=N/A
TEST=Build binary and verified logging on Facebook FBG-1701
Change-Id: I8d86c41c23e4e93a84e0527d7cddcfd30d5d8394
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33252
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lance Zhao <lance.zhao@gmail.com>
|
|
mashal_TPMT_HA() uses size of SHA-256 hash.
Use tlcll_get_hash_size_from_algo() to determince the hash size.
BUG=N/A
TEST=Build binary and verified logging on Facebook FBG-1701
Change-Id: I739260e13e9cd10a61d52e13e8741b12ec868d7f
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33251
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lance Zhao <lance.zhao@gmail.com>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
|
|
Add function tlcl_getcapability() to return TPM2 capability.
To support TPM2 capability TPM_CAP_PCRS handling is added to
unmarshal_get_capability().
BUG=N/A
TEST=Build binary and verified logging on Facebook FBG-1701
Change-Id: I85e1bd2822aa6e7fd95ff2b9faa25cf183e6de37
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/30826
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
|
|
No message is reported in tlcl_lib_init() when tis_init() or tis_open()
returned an error value.
Add debug string.
BUG=N/A
TEST=Build binary and verified logging on Facebook FBG-1701
Change-Id: I522e488ddd3a1bd94a1a8c8470c757bd79c6d5c5
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33415
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
|
|
When an untrusted OS is running, we would like to use the Cr50
vendor-specific VENDOR_CC_TPM_MODE command to disable TPM.
Before doing this, we should save TPM state. Implement
tlcl_save_state for this purpose.
This needs to live in coreboot codebase since on S3 resume path,
depthcharge is not reached.
Implement the function in both tcg-1.2 and tcg-2.0 for
completeness.
BUG=b:70681930,b:118202153
TEST=hack a call to tlcl_save_state into coreboot on S3 resume
verify in AP console that it is called
Signed-off-by: Joel Kitching <kitching@google.com>
Change-Id: I8b51ca68456fc9b655e4dc2d0958b7c040d50510
Reviewed-on: https://review.coreboot.org/c/29646
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
|
|
Change TSS layer tlcl_send_startup() to expose TPM_RC_INITIALIZE,
which gets mapped to TPM_E_INVALID_POSTINIT. The return value
is exposed to TSPI layer tpm_setup(), and dealt with as follows:
- Regular startup: TPM_E_INVALID_POSTINIT should count as failure.
- S3 resume: TPM_E_INVALID_POSTINIT can be assumed to mean that
TPM maintains power during S3, and is already initialized.
Also, correct an error where |response| could be erroneously accessed
when it is set to NULL.
BUG=b:114018226
TEST=compile coreboot
Change-Id: Ib0c3750386ae04279401c1dc318c5019d39f5ecf
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://review.coreboot.org/29063
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
|
|
BUG=b:114018226
TEST=compile coreboot
Change-Id: Iffad582d5c19252dde1c9dc97fc7fd145944a3b3
Signed-off-by: Joel Kitching <kitching@google.com>
Reviewed-on: https://review.coreboot.org/28749
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Furquan Shaikh <furquan@google.com>
|
|
* Remove 2nd software stack in pc80 drivers directory.
* Create TSPI interface for common usage.
* Refactor TSS / TIS code base.
* Add vendor tss (Cr50) directory.
* Change kconfig options for TPM to TPM1.
* Add user / board configuration with:
* MAINBOARD_HAS_*_TPM # * BUS driver
* MAINBOARD_HAS_TPM1 or MAINBOARD_HAS_TPM2
* Add kconfig TPM user selection (e.g. pluggable TPMs)
* Fix existing headers and function calls.
* Fix vboot for interface usage and antirollback mode.
Change-Id: I7ec277e82a3c20c62a0548a1a2b013e6ce8f5b3f
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/24903
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
|
|
Change-Id: I5e20d98665c17d39f3f69772093a062bb905f6f9
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/22105
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
|