From 2e690eeaf2c59070f74b01afb238c8a5208228f0 Mon Sep 17 00:00:00 2001 From: Joel Kitching Date: Thu, 15 Nov 2018 16:48:53 +0800 Subject: tss: implement tlcl_save_state When an untrusted OS is running, we would like to use the Cr50 vendor-specific VENDOR_CC_TPM_MODE command to disable TPM. Before doing this, we should save TPM state. Implement tlcl_save_state for this purpose. This needs to live in coreboot codebase since on S3 resume path, depthcharge is not reached. Implement the function in both tcg-1.2 and tcg-2.0 for completeness. BUG=b:70681930,b:118202153 TEST=hack a call to tlcl_save_state into coreboot on S3 resume verify in AP console that it is called Signed-off-by: Joel Kitching Change-Id: I8b51ca68456fc9b655e4dc2d0958b7c040d50510 Reviewed-on: https://review.coreboot.org/c/29646 Tested-by: build bot (Jenkins) Reviewed-by: Philipp Deppenwiese --- src/security/tpm/tss/tcg-2.0/tss_structures.h | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'src/security/tpm/tss/tcg-2.0/tss_structures.h') diff --git a/src/security/tpm/tss/tcg-2.0/tss_structures.h b/src/security/tpm/tss/tcg-2.0/tss_structures.h index e902f3c985..2bac6337e4 100644 --- a/src/security/tpm/tss/tcg-2.0/tss_structures.h +++ b/src/security/tpm/tss/tcg-2.0/tss_structures.h @@ -71,6 +71,7 @@ struct tpm_header { #define TPM2_NV_WriteLock ((TPM_CC)0x00000138) #define TPM2_SelfTest ((TPM_CC)0x00000143) #define TPM2_Startup ((TPM_CC)0x00000144) +#define TPM2_Shutdown ((TPM_CC)0x00000145) #define TPM2_NV_Read ((TPM_CC)0x0000014E) #define TPM2_GetCapability ((TPM_CC)0x0000017A) #define TPM2_PCR_Extend ((TPM_CC)0x00000182) @@ -138,6 +139,10 @@ struct tpm2_startup { TPM_SU startup_type; }; +struct tpm2_shutdown { + TPM_SU shutdown_type; +}; + /* Various TPM capability types to use when querying the device. */ typedef uint32_t TPM_CAP; #define TPM_CAP_TPM_PROPERTIES ((TPM_CAP)0x00000006) -- cgit v1.2.3