 |
coreboot
coreboot is an Open Source project aimed at replacing the proprietary BIOS found in most computers.
|
|
coreboot
coreboot is an Open Source project aimed at replacing the proprietary BIOS found in most computers.
|
#include <console/console.h>#include <endian.h>#include <halt.h>#include <vb2_api.h>#include <security/tpm/tis.h>#include <security/tpm/tss.h>#include "../../tcg-2.0/tss_marshaling.h"
Go to the source code of this file.
Functions | |
| uint32_t | tlcl_cr50_enable_nvcommits (void) |
| CR50 specific tpm command to enable nvmem commits before internal timeout expires. More... | |
| uint32_t | tlcl_cr50_enable_update (uint16_t timeout_ms, uint8_t *num_restored_headers) |
| CR50 specific tpm command to restore header(s) of the dormant RO/RW image(s) and in case there indeed was a dormant image, trigger reboot after the timeout milliseconds. More... | |
| uint32_t | tlcl_cr50_get_recovery_button (uint8_t *recovery_button_state) |
| CR50 specific tpm command to get the latched state of the recovery button. More... | |
| uint32_t | tlcl_cr50_get_tpm_mode (uint8_t *tpm_mode) |
| CR50 specific TPM command sequence to query the current TPM mode. More... | |
| uint32_t | tlcl_cr50_get_boot_mode (uint8_t *boot_mode) |
| CR50 specific TPM command sequence to query the current boot mode. More... | |
| uint32_t | tlcl_cr50_immediate_reset (uint16_t timeout_ms) |
| CR50 specific TPM command sequence to trigger an immediate reset to the Cr50 device after the specified timeout in milliseconds. More... | |
| uint32_t | tlcl_cr50_reset_ec (void) |
| CR50 specific TPM command sequence to issue an EC reset. More... | |
CR50 specific tpm command to enable nvmem commits before internal timeout expires.
Definition at line 12 of file cr50.c.
References BIOS_INFO, tpm2_response::hdr, NULL, printk, TPM2_CR50_SUB_CMD_NVMEM_ENABLE_COMMITS, TPM2_CR50_VENDOR_COMMAND, tpm_header::tpm_code, TPM_E_IOERROR, tpm_process_command(), and TPM_SUCCESS.
Referenced by antirollback_write_space_firmware(), and antirollback_write_space_kernel().
CR50 specific tpm command to restore header(s) of the dormant RO/RW image(s) and in case there indeed was a dormant image, trigger reboot after the timeout milliseconds.
Note that timeout of zero means "NO REBOOT", not "IMMEDIATE REBOOT".
Return value indicates success or failure of accessing the TPM; in case of success the number of restored headers is saved in num_restored_headers.
Definition at line 32 of file cr50.c.
References BIOS_INFO, tpm2_response::hdr, vendor_command_response::num_restored_headers, printk, TPM2_CR50_SUB_CMD_TURN_UPDATE_ON, TPM2_CR50_VENDOR_COMMAND, tpm_header::tpm_code, TPM_E_IOERROR, tpm_process_command(), TPM_SUCCESS, and tpm2_response::vcr.
CR50 specific TPM command sequence to query the current boot mode.
Returns TPM_SUCCESS if boot mode is successfully retrieved. Returns TPM_E_* for errors.
Definition at line 108 of file cr50.c.
References BIOS_DEBUG, vendor_command_response::boot_mode, tpm2_response::hdr, printk, TPM2_CR50_SUB_CMD_GET_BOOT_MODE, TPM2_CR50_VENDOR_COMMAND, tpm_header::tpm_code, TPM_E_IOERROR, TPM_E_NO_SUCH_COMMAND, tpm_process_command(), TPM_SUCCESS, tpm2_response::vcr, VENDOR_RC_NO_SUCH_COMMAND, and VENDOR_RC_NO_SUCH_SUBCOMMAND.
Referenced by check_boot_mode().
CR50 specific tpm command to get the latched state of the recovery button.
Return value indicates success or failure of accessing the TPM; in case of success the recovery button state is saved in recovery_button_state.
Definition at line 51 of file cr50.c.
References BIOS_INFO, tpm2_response::hdr, printk, vendor_command_response::recovery_button_state, TPM2_CR50_SUB_CMD_GET_REC_BTN, TPM2_CR50_VENDOR_COMMAND, tpm_header::tpm_code, TPM_E_IOERROR, tpm_process_command(), TPM_SUCCESS, and tpm2_response::vcr.
Referenced by get_recovery_mode_switch().
CR50 specific TPM command sequence to query the current TPM mode.
Returns TPM_SUCCESS if TPM mode command completed, the Cr50 does not need a reboot, and the tpm_mode parameter is set to the current TPM mode. Returns TPM_E_MUST_REBOOT if TPM mode command completed, but the Cr50 requires a reboot. Returns TPM_E_NO_SUCH_COMMAND if the Cr50 does not support the command. Other returns value indicate a failure accessing the TPM.
Definition at line 67 of file cr50.c.
References BIOS_INFO, tpm2_response::hdr, printk, TPM2_CR50_SUB_CMD_TPM_MODE, TPM2_CR50_VENDOR_COMMAND, tpm_header::tpm_code, TPM_E_IOERROR, TPM_E_MUST_REBOOT, TPM_E_NO_SUCH_COMMAND, vendor_command_response::tpm_mode, TPM_MODE_INVALID, tpm_process_command(), TPM_SUCCESS, tpm2_response::vcr, VENDOR_RC_INTERNAL_ERROR, VENDOR_RC_NO_SUCH_COMMAND, and VENDOR_RC_NO_SUCH_SUBCOMMAND.
CR50 specific TPM command sequence to trigger an immediate reset to the Cr50 device after the specified timeout in milliseconds.
A timeout of zero means "IMMEDIATE REBOOT".
Return value indicates success or failure of accessing the TPM.
Definition at line 134 of file cr50.c.
References BIOS_INFO, printk, TPM2_CR50_SUB_CMD_IMMEDIATE_RESET, TPM2_CR50_VENDOR_COMMAND, TPM_E_IOERROR, tpm_process_command(), and TPM_SUCCESS.
CR50 specific TPM command sequence to issue an EC reset.
Returns TPM_E_* for errors. On Success, this function invokes halt() and does not return.
Definition at line 153 of file cr50.c.
References BIOS_DEBUG, halt(), tpm2_response::hdr, printk, TPM2_CR50_SUB_CMD_RESET_EC, TPM2_CR50_VENDOR_COMMAND, tpm_header::tpm_code, TPM_E_IOERROR, TPM_E_NO_SUCH_COMMAND, tpm_process_command(), TPM_SUCCESS, VENDOR_RC_NO_SUCH_COMMAND, and VENDOR_RC_NO_SUCH_SUBCOMMAND.
1.9.1