summaryrefslogtreecommitdiff
path: root/src/security/vboot/secdata_tpm.c
AgeCommit message (Collapse)Author
2021-07-26vboot/secdata_tpm: Add WRITE_STCLEAR attr to RW ARB spacesAseda Aboagye
It can be nice to update the TPM firmware without having to clear the TPM owner. However, in order to do so would require platformHierarchy to be enabled which would leave the kernel antirollback space a bit vulnerable. To protect the kernel antirollback space from being written to by the OS, we can use the WriteLock command. In order to do so we need to add the WRITE_STCLEAR TPM attribute. This commit adds the WRITE_STCLEAR TPM attribute to the rw antirollback spaces. This includes the kernel antirollback space along with the MRC space. When an STCLEAR attribute is set, this indicates that the TPM object will need to be reloaded after any TPM Startup (CLEAR). BUG=b:186029006 BRANCH=None TEST=Build and flash a chromebook with no kernel antirollback space set up, boot to Chrome OS, run `tpm_manager_client get_space_info --index=0x1007` and verify that the WRITE_STCLEAR attribute is present. Signed-off-by: Aseda Aboagye <aaboagye@google.com> Change-Id: I3181b4c18acd908e924ad858b677e891312423fe Reviewed-on: https://review.coreboot.org/c/coreboot/+/56358 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2021-06-10security/vboot: Add support for ZTE spacesAseda Aboagye
This commit adds support for the Chrome OS Zero-Touch Enrollment related spaces. For TPM 2.0 devices which don't use Cr50, coreboot will define the RMA+SN Bits, Board ID, and RMA Bytes counter spaces. The RMA+SN Bits space is 16 bytes initialized to all 0xFFs. The Board ID space is 12 bytes initialized to all 0xFFs. The RMA Bytes counter space is 8 bytes intialized to 0. BUG=b:184676425 BRANCH=None TEST=Build and flash lalala, verify that the ZTE spaces are created successfully by undefining the firmware antirollback space in the TPM such that the TPM undergoes factory initialization in coreboot. Reboot the DUT. Boot to CrOS and run `tpm_manager_client list_spaces` and verify that the ZTE spaces are listed. Run `tpm_manager_client read_space` with the various indices and verify that the sizes and initial values of the spaces are correct. TEST=Attempt to undefine the ZTE spaces and verify that it fails due to the unsatisfiable policy. Signed-off-by: Aseda Aboagye <aaboagye@google.com> Change-Id: I97e3ae7e18fc9ee9a02afadbbafeb226b41af0eb Reviewed-on: https://review.coreboot.org/c/coreboot/+/55242 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2021-05-16vboot/secdata_tpm: Create FWMP space in corebootAseda Aboagye
This commit has coreboot create the Chrome OS Firmware Management Parameters (FWMP) space in the TPM. The space will be defined and the contents initialized to the defaults. BUG=b:184677625 BRANCH=None TEST=emerge-keeby coreboot Signed-off-by: Aseda Aboagye <aaboagye@google.com> Change-Id: I1f566e00f11046ff9a9891c65660af50fbb83675 Reviewed-on: https://review.coreboot.org/c/coreboot/+/52919 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Andrey Pronin <apronin@chromium.org>
2021-05-16vboot/secdata_tpm: Rename set_space()Aseda Aboagye
The name `set_space()` seems to imply that it's writing to a TPM space when actually, the function can create a space and write to it. This commit attempts to make that a bit more clear. Additionally, in order to use the correct sizes when creating the space, this commit also refactors the functions slightly to incorporate the vboot context object such that the correct sizes are used. The various vboot APIs will return the size of the created object that we can then create the space with. BUG=b:184677625 BRANCH=None TEST=`emerge-keeby coreboot` Signed-off-by: Aseda Aboagye <aaboagye@google.com> Change-Id: I80a8342c51d7bfaa0cb2eb3fd37240425d5901be Reviewed-on: https://review.coreboot.org/c/coreboot/+/54308 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2021-01-18security/vboot/secdata_tpm.c: Remove repeated wordElyes HAOUAS
Change-Id: Idc17a4305398defd19e7f6ba2fc00bf69af34c4b Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/49526 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Jacob Garber <jgarber1@ualberta.ca>
2020-10-28security/vboot: fix policy digest for nvmem spacesAndrey Pronin
This CL fixes the policy digest that restricts deleting the nvmem spaces to specific PCR0 states. BRANCH=none BUG=b:140958855 TEST=verified that nvmem spaces created with this digest can be deleted in the intended states, and cannot be deleted in other states (test details for ChromeOS - in BUG comments). Change-Id: I3cb7d644fdebda71cec3ae36de1dc76387e61ea7 Signed-off-by: Andrey Pronin <apronin@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/46772 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-10-22security/vboot: Remove all tpm 1.2 functions for mrc hash in the tpmShelley Chen
Since MRC_SAVE_HASH_IN_TPM depends on TPM2, we can now remove the tpm 1.2 versions of functions that deal with mrc hash in the tpm as it will not be used by tpm 1.2 boards. Also move all antirollback functions that deal with mrc hash in the tpm under CONFIG(TPM2). BUG=b:150502246 BRANCH=None TEST=make sure boards are still compiling on coreboot Jenkins Change-Id: I446dde36ce2233fc40687892da1fb515ce35b82b Signed-off-by: Shelley Chen <shchen@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/46615 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2020-10-20security/vboot: Add new TPM NVRAM index MRC_RW_HASH_NV_INDEXShelley Chen
Add new index for MRC_CACHE data in RW. Also update antirollback functions to handle this new index where necessary. BUG=b:150502246 BRANCH=None TEST=make sure memory training still works on nami Change-Id: I2de3c23aa56d3b576ca54dbd85c75e5b80199560 Signed-off-by: Shelley Chen <shchen@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/46511 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2020-10-20security/vboot: Make mrc_cache hash functions genericShelley Chen
We need to extend the functionality of the mrc_cache hash functions to work for both recovery and normal mrc_cache data. Updating the API of these functions to pass in an index to identify the hash indices for recovery and normal mode. BUG=b:150502246 BRANCH=None TEST=make sure memory training still works on nami Change-Id: I9c0bb25eafc731ca9c7a95113ab940f55997fc0f Signed-off-by: Shelley Chen <shchen@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/46432 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Furquan Shaikh <furquan@google.com>
2020-07-15security/vboot: ensure that NVMEM is saved on every kernel space writeJett Rink
If the AP actually needs to write to the TPM, then it is important and the TPM should commit those changes to NVMEM immediately in case there is an unexpected power loss (e.g. from a USB-C port partner reset upon cold reboot request). BRANCH=none BUG=b:160913048 TEST=Verify that puff will no longer reboot loop when coreboot writes a new Hmir (Hash mirror) in the TPM Change-Id: I9597a55891d11bdf040d70f38b4c5a59c7888b8a Signed-off-by: Jett Rink <jettrink@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/43414 Reviewed-by: Angel Pons <th3fanbus@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-07-09security/vboot/secdata_tpm.c: Drop dead codeAngel Pons
This code is not even being build-tested. Drop it before it grows moss. Change-Id: Ie01d65f80caf32a8318d5109ad48321661c5a87b Signed-off-by: Angel Pons <th3fanbus@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/43213 Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Michael Niewöhner Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-05-18src: Remove unused 'include <string.h>'Elyes HAOUAS
Unused includes found using following commande: diff <(git grep -l '#include <string.h>' -- src/) <(git grep -l 'memcpy\|memmove\|memset\|memcmp\|memchr\|strdup\|strconcat\|strnlen\|strlen\|strchr\|strncpy\|strcpy\|strcmp\|strncmp\|strspn\|strcspn\|atol\|strrchr\|skip_atoi\|STRINGIFY' -- src/) |grep -v vendorcode |grep '<' Change-Id: Ibaeec213b6019dfa9c45e3424b38af0e094d0c51 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41242 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Wim Vervoorn <wvervoorn@eltan.com>
2020-05-11treewide: Convert more license headers to SPDX stylePatrick Georgi
Change-Id: Ia3de79c7d71049da00ed108829eac6cb49ff3ed6 Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/41205 Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-04-23vboot: Add permission check for kernel spaceDaisuke Nojiri
This patch restores the permission check for the kernel space which was dropped when read_space_kernel was moved from Depthcharge by CL:2155429. BUG=chromium:1045217, chromium:1020578 BRANCH=none TEST=none Signed-off-by: dnojiri <dnojiri@chromium.org> Change-Id: If6d487940f39865cadc0ca9d5de6e055ad3e017d Reviewed-on: https://review.coreboot.org/c/coreboot/+/40579 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2020-04-20security/vboot, mb/google: Fix build errorsPatrick Georgi
There have been two cases of incompatibilities between overlapping changes, and they need to be resolved in a single commit to unbreak the tree: 1. CB:40389 introduced a new use of write_secdata while CB:40359 removed that function in favor of safe_write. Follow the refactor of the latter in the code introduced by the former. 2. CB:39849 changed google_chromeec_get_usb_pd_power_info()'s interface and adapted all its users. Except for duffy and kaisa which were only added in CB:40223 and CB:40393 respectively, so reapply the patch to puff's mainboard.c to their mainboard.c files. Change-Id: Ib8dfcd61bb79e0a487eaa60e719bd93561f2d97a Signed-off-by: Patrick Georgi <pgeorgi@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/40518 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Christian Walter <christian.walter@9elements.com> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Werner Zeh <werner.zeh@siemens.com> Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com>
2020-04-20vboot/secdata: remove retries, readback, and CRC checkJoel Kitching
Depthcharge trusts that our TPM driver is working reliably, and so should we. Also remove CRC check -- the value returned by antirollback_read_space_firmware() is dropped in vboot_logic.c verstage_main(), and vboot handles this check internally. BUG=b:124141368, chromium:972956 TEST=make clean && make test-abuild BRANCH=none Change-Id: I5d3f3823fca8507fd58087bb0f7b78cfa49417ab Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/40359 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2020-04-20vboot: remove leftover TPM_PCR_GBB constantsJoel Kitching
These constants were left behind after the code using them was relocated in CB:34510. BUG=b:124141368, chromium:972956 TEST=make clean && make test-abuild BRANCH=none Change-Id: I6ce7c969a9e9bdf6cdce3343ba666a08b3521f27 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/40358 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2020-04-17ec_sync: Run EFS2 in romstagednojiri
EFS2 allows EC RO to enable PD for special cases. When doing so, it sets NO_BOOT flag to avoid booting the OS. AP needs to get NO_BOOT flag from Cr50 and enforce that. This patch makes verstage get a boot mode and a mirrored hash stored in kernel secdata from Cr50. This patch also makes romstage write an expected EC hash (a.k.a. Hexp) to Cr50 (if there is an update). BUG=b:147298634, chromium:1045217, b:148259137 BRANCH=none TEST=Verify software sync succeeds on Puff. Signed-off-by: dnojiri <dnojiri@chromium.org> Change-Id: I1f387b6e920205b9cc4c8536561f2a279c36413d Reviewed-on: https://review.coreboot.org/c/coreboot/+/40389 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2020-03-07vboot: Upgrade kernel space to v1.0dnojiri
This patch upgrades the kernel space to v1.0 to accommodate EC hash, which is used for CrOS EC's early firmware selection. BUG=chromium:1045217 BRANCH=none TEST=Boot Helios. Verify software sync works. Cq-Depend: chromium:2041695 Change-Id: I525f1551afd1853cae826e87198057410167b239 Signed-off-by: dnojiri <dnojiri@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/39137 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Joel Kitching <kitching@google.com> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-12-19src/security: Remove unused <stdlib.h>Elyes HAOUAS
Change-Id: I0b5c375baf7911ebced2f8c43a88aae014c877ad Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/33694 Reviewed-by: Kyösti Mälkki <kyosti.malkki@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2019-12-12vboot: update secdata naming schemeJoel Kitching
secdata -> secdata_firmware secdatak -> secdata_kernel BUG=b:124141368, chromium:972956 TEST=make clean && make test-abuild BRANCH=none Change-Id: Ie2051de51c8f483a8921831385557fad816eb9fb Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37655 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-12-06vboot: Clear secdata change flags after factory initJulius Werner
factory_initialize_tpm() calls secdata_xxx_create() (for both firmware and kernel space) and then immediately writes those spaces out to the TPM. The create() functions make vboot think it just changed the secdata (because it reinitialized the byte arrays in the context), so we also need to clear the VB2_CONTEXT_SECDATA_xxx_CHANGED flags again, otherwise vboot thinks it still needs to flush the spaces out to the TPM even though we already did that. Also clean up some minor related stuff (VB2_CONTEXT_SECDATA_CHANGED notation is deprecated, and secdata space intialization should use the same write-and-readback function we use for updates). Change-Id: I231fadcf7b35a1aec3b39254e7e41c3d456d4911 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37471 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2019-12-02src: Move 'static' to the beginning of declarationElyes HAOUAS
Change-Id: I9b2cc1bb58922d9e32202ea4c20b9aacfe308bad Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/c/coreboot/+/33673 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2019-11-26security/vboot: Remove duplicate offsetof() definitionJacob Garber
This macro is already defined in commonlib/helpers.h Change-Id: I1fce2936757b13807e254f4a844f583b938bf349 Signed-off-by: Jacob Garber <jgarber1@ualberta.ca> Reviewed-on: https://review.coreboot.org/c/coreboot/+/37181 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr> Reviewed-by: Alex James <theracermaster@gmail.com> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-08-21vboot: update vboot2 functions to use new vb2_error_tJoel Kitching
To make explicit when vboot2 error codes should be returned, use the new vb2_error_t type on all functions which return VB2_ERROR_* constants. Additionally, add required vboot submodule commit id e6700f4c: 2019-07-31 14:12:30 +0800 - (vboot: update vboot2 functions to use new vb2_error_t) NOTE: This patch was merged separately on the Chromium tree: https://chromium-review.googlesource.com/c/1728499 BUG=b:124141368, chromium:988410 TEST=make clean && make test-abuild BRANCH=none Change-Id: I804c2b407e496d0c8eb9833be629b7c40118415c Signed-off-by: Joel Kitching <kitching@google.com> Cq-Depend: chromium:1728292 Reviewed-on: https://review.coreboot.org/c/coreboot/+/34860 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-08-21vboot: use vboot2 API to set initial secdatak valueJoel Kitching
Previously, the initial value for secdatak was embedded in secdata_tpm.c as a uint8_t array. Switch to using vb2api_secdatak_create instead, and write the value in ctx->secdatak. Remove an unnecessary call to vb2api_secdata_create in _factory_initialize_tpm. BUG=b:124141368, chromium:972956 TEST=make clean && make test-abuild BRANCH=none TEST=Check that size and value of initial secdatak has not changed. Apply the patch below and check for this output: _factory_initialize_tpm():266: _factory_initialize_tpm: secdatak sizes are identical? 1 _factory_initialize_tpm():269: _factory_initialize_tpm: secdatak values are identical? 1 diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c index ff62185107..c1818b482f 100644 --- a/src/security/vboot/secdata_tpm.c +++ b/src/security/vboot/secdata_tpm.c @@ -148,6 +148,18 @@ static uint32_t write_secdata(uint32_t index, return TPM_E_CORRUPTED_STATE; } +/* + * This is derived from rollback_index.h of vboot_reference. see struct + * RollbackSpaceKernel for details. + */ +static const uint8_t secdata_kernel[] = { + 0x02, + 0x4C, 0x57, 0x52, 0x47, + 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, + 0xE8, +}; + /* * This is used to initialize the TPM space for recovery hash after defining * it. Since there is no data available to calculate hash at the point where TPM @@ -250,6 +262,11 @@ static uint32_t _factory_initialize_tpm(struct vb2_context *ctx) * indication that TPM factory initialization was successfully * completed. */ + VBDEBUG("%s: secdatak sizes are identical? %d\n", __func__, + sizeof(secdata_kernel) == sizeof(ctx->secdatak)); + VBDEBUG("%s: secdatak values are identical? %d\n", __func__, + memcmp(secdata_kernel, ctx->secdatak, + sizeof(secdata_kernel)) == 0); RETURN_ON_FAILURE(set_kernel_space(ctx->secdatak)); if (CONFIG(VBOOT_HAS_REC_HASH_SPACE)) @@ -452,7 +469,7 @@ uint32_t antirollback_read_space_firmware(struct vb2_context *ctx) /* Read the firmware space. */ rv = read_space_firmware(ctx); - if (rv == TPM_E_BADINDEX) { + if (true) { /* * This seems the first time we've run. Initialize the TPM. */ Change-Id: I74261453df6cc55ef3f38d8fb922bcc604084c0a Signed-off-by: Joel Kitching <kitching@google.com> Cq-Depend: chromium:1652874, chromium:1655049 Reviewed-on: https://review.coreboot.org/c/coreboot/+/33386 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-08-06security/vboot: Add Support for Intel PTTChristian Walter
Add support for Intel PTT. For supporting Intel PTT we need to disable read and write access to the TPM NVRAM during the bootblock. TPM NVRAM will only be available once the DRAM is initialized. To circumvent this, we mock secdata if HAVE_INTEL_PTT is set. The underlying problem is, that the iTPM only supports a stripped down instruction set while the Intel ME is not fully booted up. Details can be found in Intel document number 571993 - Paragraph 2.10. Change-Id: I08c9a839f53f96506be5fb68f7c1ed5bf6692505 Signed-off-by: Christian Walter <christian.walter@9elements.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/34510 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com> Reviewed-by: Julius Werner <jwerner@chromium.org>
2019-03-08coreboot: Replace all IS_ENABLED(CONFIG_XXX) with CONFIG(XXX)Julius Werner
This patch is a raw application of find src/ -type f | xargs sed -i -e 's/IS_ENABLED\s*(CONFIG_/CONFIG(/g' Change-Id: I6262d6d5c23cabe23c242b4f38d446b74fe16b88 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/31774 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2019-03-07security/tpm: Fix TCPA log featurePhilipp Deppenwiese
Until now the TCPA log wasn't working correctly. * Refactor TCPA log code. * Add TCPA log dump fucntion. * Make TCPA log available in bootblock. * Fix TCPA log formatting. * Add x86 and Cavium memory for early log. Change-Id: Ic93133531b84318f48940d34bded48cbae739c44 Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/29563 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Rudolph <siro@das-labor.org>
2018-11-16src: Get rid of duplicated includesElyes HAOUAS
Change-Id: I252a1cd77bf647477edb7dddadb7e527de872439 Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Reviewed-on: https://review.coreboot.org/29582 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Marshall Dawson <marshalldawson3rd@gmail.com>
2018-08-03security/tpm: Improve TCPA log generationPhilipp Deppenwiese
* Make tcpa_log_init static and move init code into the tcpa_log_add_table_entry routine. * Add more checks for log initialization. * Fix minor issues Change-Id: I215d79eed7ad17c6ab87f0c4b14a282e519ef07d Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/27769 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2018-07-30security/vboot: Enable TCPA log extensionPhilipp Deppenwiese
* Implement TCPA log for tspi extend function. * Hook tcpa_log_init into vboot tpm_setup function. * Add TCPA log output for vboot GBB flags and HWID Change-Id: I22b1aa8da1a95380c39715727615ce5ce4c9443f Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/27727 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Rudolph <siro@das-labor.org>
2018-06-04security/tpm: Unify the coreboot TPM software stackPhilipp Deppenwiese
* Remove 2nd software stack in pc80 drivers directory. * Create TSPI interface for common usage. * Refactor TSS / TIS code base. * Add vendor tss (Cr50) directory. * Change kconfig options for TPM to TPM1. * Add user / board configuration with: * MAINBOARD_HAS_*_TPM # * BUS driver * MAINBOARD_HAS_TPM1 or MAINBOARD_HAS_TPM2 * Add kconfig TPM user selection (e.g. pluggable TPMs) * Fix existing headers and function calls. * Fix vboot for interface usage and antirollback mode. Change-Id: I7ec277e82a3c20c62a0548a1a2b013e6ce8f5b3f Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/24903 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-02-07security/vboot: overwrite existing spaces during factory init for tpm2Andrey Pronin
In TPM 2.0 case, if the factory initialization is interrupted after defining, say, the kernel tpm nvram space but before writing to this space, the following will happen upon reboot when the factory initialization will be re-attempted. Writing to this space will be skipped, and coreboot will finish the factory initialization with this space remained unwritten. At a later stage, when the rollback logic will attempt to check the version in the kernel space, it will fail (TPM2.0 returns an error when reading from unwritten spaces), and the system will go into recovery with no way out (since the kernel space will never be written). This change fixes that by always writing to the kernel, MRC hash and firmware spaces during factory initialization, even if the space already existed by that time. BUG=b:71884828 TEST=delete, define, but not write to the kernel space; trigger factory initialization; coreboot should fill the kernel space and continue booting. Change-Id: I48d8bb4f9fc0e5276e6ec81247b3b6768ec9fa3b Signed-off-by: Andrey Pronin <apronin@google.com> Reviewed-on: https://review.coreboot.org/23456 Reviewed-by: Aaron Durbin <adurbin@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
2018-01-18security/tpm: Change TPM naming for different layers.Philipp Deppenwiese
* Rename tlcl* to tss* as tpm software stack layer. * Fix inconsistent naming. Change-Id: I206dd6a32dbd303a6d4d987e424407ebf5c518fa Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22104 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2018-01-18security/tpm: Move tpm TSS and TSPI layer to security sectionPhilipp Deppenwiese
* Move code from src/lib and src/include into src/security/tpm * Split TPM TSS 1.2 and 2.0 * Fix header includes * Add a new directory structure with kconfig and makefile includes Change-Id: Id15a9aa6bd367560318dfcfd450bf5626ea0ec2b Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22103 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
2017-10-22security/vboot: Move vboot2 to security kconfig sectionPhilipp Deppenwiese
This commit just moves the vboot sources into the security directory and fixes kconfig/makefile paths. Fix vboot2 headers Change-Id: Icd87f95640186f7a625242a3937e1dd13347eb60 Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/22074 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Martin Roth <martinroth@google.com>