From 5799097be5bbfedf4e95902a9d7e3c572ac7ad83 Mon Sep 17 00:00:00 2001 From: Daisuke Nojiri Date: Tue, 15 Jul 2014 19:47:32 -0700 Subject: vboot2: read secdata and nvdata This code ports antirollback module and tpm library from platform/vboot_reference. names are modified to conform to coreboot's style. The rollback_index module is split in a bottom half and top half. The top half contains generic code which hides the underlying storage implementation. The bottom half implements the storage abstraction. With this change, the bottom half is moved to coreboot, while the top half stays in vboot_reference. TEST=Built with USE=+/-vboot2 for Blaze. Built Samus, Link. BUG=none Branch=none Original-Signed-off-by: Daisuke Nojiri Original-Change-Id: I77e3ae1a029e09d3cdefe8fd297a3b432bbb9e9e Original-Reviewed-on: https://chromium-review.googlesource.com/206065 Original-Reviewed-by: Randall Spangler Original-Reviewed-by: Luigi Semenzato (cherry picked from commit 6b66140ac979a991237bf1fe25e0a55244a406d0) Change-Id: Ia3b8f27d6b1c2055e898ce716c4a93782792599c Signed-off-by: Aaron Durbin Signed-off-by: Marc Jones Reviewed-on: http://review.coreboot.org/8615 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin --- src/include/tpm_lite/tlcl.h | 116 +++++++++----------------------------------- 1 file changed, 22 insertions(+), 94 deletions(-) (limited to 'src/include/tpm_lite') diff --git a/src/include/tpm_lite/tlcl.h b/src/include/tpm_lite/tlcl.h index 5373120066..77245922c9 100644 --- a/src/include/tpm_lite/tlcl.h +++ b/src/include/tpm_lite/tlcl.h @@ -21,45 +21,27 @@ /** * Call this first. Returns 0 if success, nonzero if error. */ -uint32_t TlclLibInit(void); - -/** - * Call this on shutdown. Returns 0 if success, nonzero if error. - */ -uint32_t TlclLibClose(void); - -/* Low-level operations */ +uint32_t tlcl_lib_init(void); /** * Perform a raw TPM request/response transaction. */ -uint32_t TlclSendReceive(const uint8_t *request, uint8_t *response, +uint32_t tlcl_send_receive(const uint8_t *request, uint8_t *response, int max_length); -/** - * Return the size of a TPM request or response packet. - */ -int TlclPacketSize(const uint8_t *packet); - /* Commands */ /** * Send a TPM_Startup(ST_CLEAR). The TPM error code is returned (0 for * success). */ -uint32_t TlclStartup(void); - -/** - * Save the TPM state. Normally done by the kernel before a suspend, included - * here for tests. The TPM error code is returned (0 for success). - */ -uint32_t TlclSaveState(void); +uint32_t tlcl_startup(void); /** * Resume by sending a TPM_Startup(ST_STATE). The TPM error code is returned * (0 for success). */ -uint32_t TlclResume(void); +uint32_t tlcl_resume(void); /** * Run the self test. @@ -67,143 +49,89 @@ uint32_t TlclResume(void); * Note---this is synchronous. To run this in parallel with other firmware, * use ContinueSelfTest(). The TPM error code is returned. */ -uint32_t TlclSelfTestFull(void); +uint32_t tlcl_self_test_full(void); /** * Run the self test in the background. */ -uint32_t TlclContinueSelfTest(void); +uint32_t tlcl_continue_self_test(void); /** * Define a space with permission [perm]. [index] is the index for the space, * [size] the usable data size. The TPM error code is returned. */ -uint32_t TlclDefineSpace(uint32_t index, uint32_t perm, uint32_t size); +uint32_t tlcl_define_space(uint32_t index, uint32_t perm, uint32_t size); /** * Write [length] bytes of [data] to space at [index]. The TPM error code is * returned. */ -uint32_t TlclWrite(uint32_t index, const void *data, uint32_t length); +uint32_t tlcl_write(uint32_t index, const void *data, uint32_t length); /** * Read [length] bytes from space at [index] into [data]. The TPM error code * is returned. */ -uint32_t TlclRead(uint32_t index, void *data, uint32_t length); - -/** - * Read PCR at [index] into [data]. [length] must be TPM_PCR_DIGEST or - * larger. The TPM error code is returned. - */ -uint32_t TlclPCRRead(uint32_t index, void *data, uint32_t length); - -/** - * Write-lock space at [index]. The TPM error code is returned. - */ -uint32_t TlclWriteLock(uint32_t index); - -/** - * Read-lock space at [index]. The TPM error code is returned. - */ -uint32_t TlclReadLock(uint32_t index); +uint32_t tlcl_read(uint32_t index, void *data, uint32_t length); /** * Assert physical presence in software. The TPM error code is returned. */ -uint32_t TlclAssertPhysicalPresence(void); +uint32_t tlcl_assert_physical_presence(void); /** * Enable the physical presence command. The TPM error code is returned. */ -uint32_t TlclPhysicalPresenceCMDEnable(void); +uint32_t tlcl_physical_presence_cmd_enable(void); /** * Finalize the physical presence settings: sofware PP is enabled, hardware PP * is disabled, and the lifetime lock is set. The TPM error code is returned. */ -uint32_t TlclFinalizePhysicalPresence(void); - -uint32_t TlclAssertPhysicalPresenceResult(void); - -/** - * Turn off physical presence and locks it off until next reboot. The TPM - * error code is returned. - */ -uint32_t TlclLockPhysicalPresence(void); +uint32_t tlcl_finalize_physical_presence(void); /** * Set the nvLocked bit. The TPM error code is returned. */ -uint32_t TlclSetNvLocked(void); - -/** - * Return 1 if the TPM is owned, 0 otherwise. - */ -int TlclIsOwned(void); +uint32_t tlcl_set_nv_locked(void); /** * Issue a ForceClear. The TPM error code is returned. */ -uint32_t TlclForceClear(void); +uint32_t tlcl_force_clear(void); /** * Issue a PhysicalEnable. The TPM error code is returned. */ -uint32_t TlclSetEnable(void); - -/** - * Issue a PhysicalDisable. The TPM error code is returned. - */ -uint32_t TlclClearEnable(void); +uint32_t tlcl_set_enable(void); /** * Issue a SetDeactivated. Pass 0 to activate. Returns result code. */ -uint32_t TlclSetDeactivated(uint8_t flag); +uint32_t tlcl_set_deactivated(uint8_t flag); /** * Get flags of interest. Pointers for flags you aren't interested in may * be NULL. The TPM error code is returned. */ -uint32_t TlclGetFlags(uint8_t *disable, uint8_t *deactivated, - uint8_t *nvlocked); +uint32_t tlcl_get_flags(uint8_t *disable, uint8_t *deactivated, + uint8_t *nvlocked); /** * Set the bGlobalLock flag, which only a reboot can clear. The TPM error * code is returned. */ -uint32_t TlclSetGlobalLock(void); +uint32_t tlcl_set_global_lock(void); /** * Perform a TPM_Extend. */ -uint32_t TlclExtend(int pcr_num, const uint8_t *in_digest, uint8_t *out_digest); - -/** - * Get the permission bits for the NVRAM space with |index|. - */ -uint32_t TlclGetPermissions(uint32_t index, uint32_t *permissions); +uint32_t tlcl_extend(int pcr_num, const uint8_t *in_digest, + uint8_t *out_digest); /** * Get the entire set of permanent flags. */ -uint32_t TlclGetPermanentFlags(TPM_PERMANENT_FLAGS *pflags); - -/** - * Get the entire set of volatile (ST_CLEAR) flags. - */ -uint32_t TlclGetSTClearFlags(TPM_STCLEAR_FLAGS *pflags); - -/** - * Get the ownership flag. The TPM error code is returned. - */ -uint32_t TlclGetOwnership(uint8_t *owned); - -/** - * Request [length] bytes from TPM RNG to be stored in [data]. Actual number of - * bytes read is stored in [size]. The TPM error code is returned. - */ -uint32_t TlclGetRandom(uint8_t *data, uint32_t length, uint32_t *size); +uint32_t tlcl_get_permanent_flags(TPM_PERMANENT_FLAGS *pflags); #endif /* TPM_LITE_TLCL_H_ */ -- cgit v1.2.3