coreboot
coreboot is an Open Source project aimed at replacing the proprietary BIOS found in most computers.
tspi.h
Go to the documentation of this file.
1 /* SPDX-License-Identifier: GPL-2.0-only */
2 
3 #ifndef TSPI_H_
4 #define TSPI_H_
5 
6 #include <security/tpm/tss.h>
7 #include <commonlib/tcpa_log_serialized.h>
8 #include <commonlib/region.h>
9 #include <vb2_api.h>
10 
11 #define TPM_PCR_MAX_LEN 64
12 #define HASH_DATA_CHUNK_SIZE 1024
13 
14 /**
15  * Get the pointer to the single instance of global
16  * tcpa log data, and initialize it when necessary
17  */
18 struct tcpa_table *tcpa_log_init(void);
19 
20 /**
21  * Clears the pre-RAM tcpa log data and initializes
22  * any content with default values
23  */
24 void tcpa_preram_log_clear(void);
25 
26 /**
27  * Add table entry for cbmem TCPA log.
28  * @param name Name of the hashed data
29  * @param pcr PCR used to extend hashed data
30  * @param diget_algo sets the digest algorithm
31  * @param digest sets the hash extended into the tpm
32  * @param digest_len the length of the digest
33  */
34 void tcpa_log_add_table_entry(const char *name, const uint32_t pcr,
35  enum vb2_hash_algorithm digest_algo,
36  const uint8_t *digest,
37  const size_t digest_len);
38 
39 /**
40  * Dump TCPA log entries on console
41  */
42 void tcpa_log_dump(void *unused);
43 
44 /**
45  * Ask vboot for a digest and extend a TPM PCR with it.
46  * @param pcr sets the pcr index
47  * @param diget_algo sets the digest algorithm
48  * @param digest sets the hash to extend into the tpm
49  * @param digest_len the length of the digest
50  * @param name sets additional info where the digest comes from
51  * @return TPM_SUCCESS on success. If not a tpm error is returned
52  */
53 uint32_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo,
54  const uint8_t *digest, size_t digest_len,
55  const char *name);
56 
57 /**
58  * Issue a TPM_Clear and re-enable/reactivate the TPM.
59  * @return TPM_SUCCESS on success. If not a tpm error is returned
60  */
61 uint32_t tpm_clear_and_reenable(void);
62 
63 /**
64  * Start the TPM and establish the root of trust.
65  * @param s3flag tells the tpm setup if we wake up from a s3 state on x86
66  * @return TPM_SUCCESS on success. If not a tpm error is returned
67  */
68 uint32_t tpm_setup(int s3flag);
69 
70 /**
71  * Measure a given region device and extend given PCR with the result.
72  * @param *rdev Pointer to the region device to measure
73  * @param pcr Index of the PCR which will be extended by this measure
74  * @param *rname Name of the region that is measured
75  * @return TPM error code in case of error otherwise TPM_SUCCESS
76  */
77 uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr,
78  const char *rname);
79 
80 #endif /* TSPI_H_ */
name
const char * name
Definition: mmu.c:92
rdev
static struct region_device rdev
Definition: flashconsole.c:14
uint32_t
unsigned int uint32_t
Definition: stdint.h:14
uint8_t
unsigned char uint8_t
Definition: stdint.h:8
region_device
Definition: region.h:81
tcpa_table
Definition: tcpa_log_serialized.h:23
tcpa_log_serialized.h
tpm_extend_pcr
uint32_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo, const uint8_t *digest, size_t digest_len, const char *name)
Ask vboot for a digest and extend a TPM PCR with it.
Definition: tspi.c:220
tcpa_preram_log_clear
void tcpa_preram_log_clear(void)
Clears the pre-RAM tcpa log data and initializes any content with default values.
Definition: log.c:116
tcpa_log_dump
void tcpa_log_dump(void *unused)
Dump TCPA log entries on console.
Definition: log.c:54
tcpa_log_init
struct tcpa_table * tcpa_log_init(void)
Get the pointer to the single instance of global tcpa log data, and initialize it when necessary.
Definition: log.c:33
tpm_measure_region
uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr, const char *rname)
Measure a given region device and extend given PCR with the result.
tcpa_log_add_table_entry
void tcpa_log_add_table_entry(const char *name, const uint32_t pcr, enum vb2_hash_algorithm digest_algo, const uint8_t *digest, const size_t digest_len)
Add table entry for cbmem TCPA log.
Definition: log.c:79
tpm_setup
uint32_t tpm_setup(int s3flag)
Start the TPM and establish the root of trust.
Definition: tspi.c:135
tpm_clear_and_reenable
uint32_t tpm_clear_and_reenable(void)
Issue a TPM_Clear and re-enable/reactivate the TPM.
Definition: tspi.c:192