 |
coreboot
coreboot is an Open Source project aimed at replacing the proprietary BIOS found in most computers.
|
|
coreboot
coreboot is an Open Source project aimed at replacing the proprietary BIOS found in most computers.
|
#include <console/console.h>#include <endian.h>#include <string.h>#include <vb2_api.h>#include <security/tpm/tis.h>#include <security/tpm/tss.h>#include "tss_structures.h"#include "tss_marshaling.h"
Go to the source code of this file.
Functions | |
| void * | tpm_process_command (TPM_CC command, void *command_body) |
| static uint32_t | tlcl_send_startup (TPM_SU type) |
| uint32_t | tlcl_resume (void) |
| Resume by sending a TPM_Startup(ST_STATE). More... | |
| static uint32_t | tlcl_send_shutdown (TPM_SU type) |
| uint32_t | tlcl_save_state (void) |
| Save TPM state by sending either TPM_SaveState() (TPM1.2) or TPM_Shutdown(ST_STATE) (TPM2.0). More... | |
| uint32_t | tlcl_assert_physical_presence (void) |
| Assert physical presence in software. More... | |
| uint32_t | tlcl_extend (int pcr_num, const uint8_t *in_digest, uint8_t *out_digest) |
| Perform a TPM_Extend. More... | |
| uint32_t | tlcl_finalize_physical_presence (void) |
| Finalize the physical presence settings: software PP is enabled, hardware PP is disabled, and the lifetime lock is set. More... | |
| uint32_t | tlcl_force_clear (void) |
| Issue a ForceClear. More... | |
| uint32_t | tlcl_clear_control (bool disable) |
| Set Clear Control. More... | |
| uint32_t | tlcl_lib_init (void) |
| Call this first. More... | |
| uint32_t | tlcl_physical_presence_cmd_enable (void) |
| Enable the physical presence command. More... | |
| uint32_t | tlcl_read (uint32_t index, void *data, uint32_t length) |
| Read [length] bytes from space at [index] into [data]. More... | |
| uint32_t | tlcl_self_test_full (void) |
| Run the self test. More... | |
| uint32_t | tlcl_lock_nv_write (uint32_t index) |
| Make an NV Ram location read_only. More... | |
| uint32_t | tlcl_startup (void) |
| Send a TPM_Startup(ST_CLEAR). More... | |
| uint32_t | tlcl_write (uint32_t index, const void *data, uint32_t length) |
| Write [length] bytes of [data] to space at [index]. More... | |
| uint32_t | tlcl_set_bits (uint32_t index, uint64_t bits) |
| uint32_t | tlcl_define_space (uint32_t space_index, size_t space_size, const TPMA_NV nv_attributes, const uint8_t *nv_policy, size_t nv_policy_size) |
| uint16_t | tlcl_get_hash_size_from_algo (TPMI_ALG_HASH hash_algo) |
| uint32_t | tlcl_disable_platform_hierarchy (void) |
| Disable platform hierarchy. More... | |
| uint32_t | tlcl_get_capability (TPM_CAP capability, uint32_t property, uint32_t property_count, TPMS_CAPABILITY_DATA *capability_data) |
Variables | |
| static uint8_t | tlcl_init_done |
Assert physical presence in software.
The TPM error code is returned.
Definition at line 112 of file tss.c.
References TPM_SUCCESS.
Set Clear Control.
The TPM error code is returned.
Definition at line 168 of file tss.c.
References BIOS_INFO, tpm2_clear_control_cmd::disable, tpm2_response::hdr, printk, TPM2_ClearControl, tpm_header::tpm_code, TPM_E_IOERROR, tpm_process_command(), and TPM_SUCCESS.
| uint32_t tlcl_define_space | ( | uint32_t | space_index, |
| size_t | space_size, | ||
| const TPMA_NV | nv_attributes, | ||
| const uint8_t * | nv_policy, | ||
| size_t | nv_policy_size | ||
| ) |
Definition at line 346 of file tss.c.
References TPMS_NV_PUBLIC::attributes, TPMS_NV_PUBLIC::authPolicy, BIOS_INFO, TPM2B_DIGEST::buffer, TPMS_NV_PUBLIC::dataSize, tpm2_response::hdr, HR_NV_INDEX, memset(), TPMS_NV_PUBLIC::nameAlg, TPMS_NV_PUBLIC::nvIndex, printk, tpm2_nv_define_space_cmd::publicInfo, TPM2B_DIGEST::size, TPM2B_DIGEST::t, TPM2_NV_DefineSpace, TPM2_RC_NV_DEFINED, TPM2_RC_SUCCESS, TPM_ALG_SHA256, tpm_header::tpm_code, TPM_E_INTERNAL_INCONSISTENCY, TPM_E_NO_DEVICE, TPM_E_NV_DEFINED, tpm_process_command(), and TPM_SUCCESS.
Disable platform hierarchy.
Specific to TPM2. The TPM error code is returned.
Definition at line 421 of file tss.c.
References tpm2_hierarchy_control_cmd::enable, tpm2_response::hdr, TPM2_Hierarchy_Control, tpm_header::tpm_code, TPM_E_INTERNAL_INCONSISTENCY, tpm_process_command(), TPM_RH_PLATFORM, and TPM_SUCCESS.
Referenced by psp_verstage_s0i3_resume().
Perform a TPM_Extend.
Definition at line 125 of file tss.c.
References BIOS_INFO, TPML_DIGEST_VALUES::count, TPMT_HA::digest, TPML_DIGEST_VALUES::digests, tpm2_pcr_extend_cmd::digests, TPMT_HA::hashAlg, tpm2_response::hdr, HR_PCR, memcpy(), tpm2_pcr_extend_cmd::pcrHandle, printk, TPMU_HA::sha256, TPM2_PCR_Extend, TPM_ALG_SHA256, tpm_header::tpm_code, TPM_E_IOERROR, tpm_process_command(), and TPM_SUCCESS.
Finalize the physical presence settings: software PP is enabled, hardware PP is disabled, and the lifetime lock is set.
The TPM error code is returned.
Definition at line 147 of file tss.c.
References BIOS_INFO, printk, and TPM_SUCCESS.
Issue a ForceClear.
The TPM error code is returned.
Definition at line 154 of file tss.c.
References BIOS_INFO, tpm2_response::hdr, NULL, printk, TPM2_Clear, tpm_header::tpm_code, TPM_E_IOERROR, tpm_process_command(), and TPM_SUCCESS.
| uint32_t tlcl_get_capability | ( | TPM_CAP | capability, |
| uint32_t | property, | ||
| uint32_t | property_count, | ||
| TPMS_CAPABILITY_DATA * | capability_data | ||
| ) |
Definition at line 437 of file tss.c.
References BIOS_ERR, tpm2_get_capability::capability, get_cap_response::cd, tpm2_response::gc, memcpy(), printk, tpm2_get_capability::property, tpm2_get_capability::propertyCount, TPM2_GetCapability, TPM_E_IOERROR, tpm_process_command(), and TPM_SUCCESS.
| uint16_t tlcl_get_hash_size_from_algo | ( | TPMI_ALG_HASH | hash_algo | ) |
Definition at line 389 of file tss.c.
References BIOS_SPEW, printk, SHA1_DIGEST_SIZE, SHA256_DIGEST_SIZE, SHA384_DIGEST_SIZE, SHA512_DIGEST_SIZE, SM3_256_DIGEST_SIZE, TPM_ALG_ERROR, TPM_ALG_SHA1, TPM_ALG_SHA256, TPM_ALG_SHA384, TPM_ALG_SHA512, TPM_ALG_SM3_256, and value.
Referenced by marshal_TPMT_HA().
Call this first.
Returns 0 if success, nonzero if error.
Definition at line 188 of file tss.c.
References BIOS_ERR, printk, tis_init(), tis_open(), and tlcl_init_done.
Make an NV Ram location read_only.
The TPM error code is returned.
Definition at line 276 of file tss.c.
References BIOS_INFO, tpm2_response::hdr, HR_NV_INDEX, tpm2_nv_write_lock_cmd::nvIndex, printk, TPM2_NV_WriteLock, tpm_header::tpm_code, TPM_E_IOERROR, tpm_process_command(), and TPM_SUCCESS.
Enable the physical presence command.
The TPM error code is returned.
Definition at line 208 of file tss.c.
References BIOS_INFO, printk, and TPM_SUCCESS.
Read [length] bytes from space at [index] into [data].
The TPM error code is returned.
Definition at line 214 of file tss.c.
References BIOS_INFO, TPM2B_MAX_NV_BUFFER::buffer, nv_read_response::buffer, tpm2_response::hdr, HR_NV_INDEX, length, memcpy(), memset(), tpm2_nv_read_cmd::nvIndex, tpm2_response::nvr, printk, TPM2B_MAX_NV_BUFFER::size, tpm2_nv_read_cmd::size, TPM2B_MAX_NV_BUFFER::t, TPM2_NV_Read, tpm_header::tpm_code, TPM_E_BADINDEX, TPM_E_RANGE, TPM_E_READ_EMPTY, TPM_E_READ_FAILURE, TPM_E_RESPONSE_TOO_LARGE, tpm_process_command(), TPM_RC_CR50_NV_UNDEFINED, TPM_RC_NV_RANGE, TPM_RC_NV_UNINITIALIZED, and TPM_SUCCESS.
Resume by sending a TPM_Startup(ST_STATE).
The TPM error code is returned (0 for success).
Definition at line 78 of file tss.c.
References tlcl_send_startup(), and TPM_SU_STATE.
Save TPM state by sending either TPM_SaveState() (TPM1.2) or TPM_Shutdown(ST_STATE) (TPM2.0).
The TPM error code is returned (0 for success).
Definition at line 107 of file tss.c.
References tlcl_send_shutdown(), and TPM_SU_STATE.
Run the self test.
Note—this is synchronous. To run this in parallel with other firmware, use ContinueSelfTest(). The TPM error code is returned.
Definition at line 263 of file tss.c.
References BIOS_INFO, tpm2_response::hdr, printk, TPM2_SelfTest, tpm_header::tpm_code, tpm_process_command(), TPM_SUCCESS, and tpm2_self_test::yes_no.
Definition at line 83 of file tss.c.
References BIOS_ERR, BIOS_INFO, tpm2_response::hdr, NULL, printk, tpm2_shutdown::shutdown_type, TPM2_RC_SUCCESS, TPM2_Shutdown, tpm_header::tpm_code, TPM_E_IOERROR, tpm_process_command(), TPM_SUCCESS, and type.
Referenced by tlcl_save_state().
Definition at line 49 of file tss.c.
References BIOS_ERR, BIOS_INFO, tpm2_response::hdr, NULL, printk, tpm2_startup::startup_type, TPM2_RC_SUCCESS, TPM2_Startup, tpm_header::tpm_code, TPM_E_INVALID_POSTINIT, TPM_E_IOERROR, tpm_process_command(), TPM_RC_INITIALIZE, TPM_SUCCESS, and type.
Referenced by tlcl_resume(), and tlcl_startup().
Definition at line 323 of file tss.c.
References BIOS_INFO, tpm2_nv_setbits_cmd::bits, tpm2_response::hdr, HR_NV_INDEX, memset(), tpm2_nv_setbits_cmd::nvIndex, printk, TPM2_NV_SetBits, tpm_header::tpm_code, TPM_E_WRITE_FAILURE, tpm_process_command(), and TPM_SUCCESS.
Send a TPM_Startup(ST_CLEAR).
The TPM error code is returned (0 for success).
Definition at line 295 of file tss.c.
References tlcl_send_startup(), and TPM_SU_CLEAR.
Write [length] bytes of [data] to space at [index].
The TPM error code is returned.
Definition at line 300 of file tss.c.
References BIOS_INFO, TPM2B_MAX_NV_BUFFER::buffer, tpm2_nv_write_cmd::data, tpm2_response::hdr, HR_NV_INDEX, length, memset(), tpm2_nv_write_cmd::nvIndex, printk, TPM2B_MAX_NV_BUFFER::size, TPM2B_MAX_NV_BUFFER::t, TPM2_NV_Write, tpm_header::tpm_code, TPM_E_WRITE_FAILURE, tpm_process_command(), and TPM_SUCCESS.
Definition at line 19 of file tss.c.
References BIOS_ERR, ibuf_init(), NULL, obuf_contents(), obuf_init(), printk, tis_sendrecv(), TPM_BUFFER_SIZE, tpm_marshal_command(), and tpm_unmarshal_response().
Referenced by tlcl_clear_control(), tlcl_cr50_enable_nvcommits(), tlcl_cr50_enable_update(), tlcl_cr50_get_boot_mode(), tlcl_cr50_get_recovery_button(), tlcl_cr50_get_tpm_mode(), tlcl_cr50_immediate_reset(), tlcl_cr50_reset_ec(), tlcl_define_space(), tlcl_disable_platform_hierarchy(), tlcl_extend(), tlcl_force_clear(), tlcl_get_capability(), tlcl_lock_nv_write(), tlcl_read(), tlcl_self_test_full(), tlcl_send_shutdown(), tlcl_send_startup(), tlcl_set_bits(), and tlcl_write().
|
static |
Definition at line 185 of file tss.c.
Referenced by tlcl_lib_init().
1.9.1