 |
coreboot
coreboot is an Open Source project aimed at replacing the proprietary BIOS found in most computers.
|
|
coreboot
coreboot is an Open Source project aimed at replacing the proprietary BIOS found in most computers.
|
#include <types.h>#include <security/tpm/tss/common/tss_common.h>#include <security/tpm/tss_errors.h>#include <security/tpm/tss/vendor/cr50/cr50.h>
Go to the source code of this file.
Functions | |
| uint32_t | tlcl_lib_init (void) |
| Call this first. More... | |
| uint32_t | tlcl_send_receive (const uint8_t *request, uint8_t *response, int max_length) |
| Perform a raw TPM request/response transaction. More... | |
| uint32_t | tlcl_startup (void) |
| Send a TPM_Startup(ST_CLEAR). More... | |
| uint32_t | tlcl_resume (void) |
| Resume by sending a TPM_Startup(ST_STATE). More... | |
| uint32_t | tlcl_save_state (void) |
| Save TPM state by sending either TPM_SaveState() (TPM1.2) or TPM_Shutdown(ST_STATE) (TPM2.0). More... | |
| uint32_t | tlcl_self_test_full (void) |
| Run the self test. More... | |
| uint32_t | tlcl_continue_self_test (void) |
| Run the self test in the background. More... | |
| uint32_t | tlcl_write (uint32_t index, const void *data, uint32_t length) |
| Write [length] bytes of [data] to space at [index]. More... | |
| uint32_t | tlcl_read (uint32_t index, void *data, uint32_t length) |
| Read [length] bytes from space at [index] into [data]. More... | |
| uint32_t | tlcl_assert_physical_presence (void) |
| Assert physical presence in software. More... | |
| uint32_t | tlcl_physical_presence_cmd_enable (void) |
| Enable the physical presence command. More... | |
| uint32_t | tlcl_finalize_physical_presence (void) |
| Finalize the physical presence settings: software PP is enabled, hardware PP is disabled, and the lifetime lock is set. More... | |
| uint32_t | tlcl_set_nv_locked (void) |
| Set the nvLocked bit. More... | |
| uint32_t | tlcl_force_clear (void) |
| Issue a ForceClear. More... | |
| uint32_t | tlcl_clear_control (bool disable) |
| Set Clear Control. More... | |
| uint32_t | tlcl_set_global_lock (void) |
| Set the bGlobalLock flag, which only a reboot can clear. More... | |
| uint32_t | tlcl_lock_nv_write (uint32_t index) |
| Make an NV Ram location read_only. More... | |
| uint32_t | tlcl_extend (int pcr_num, const uint8_t *in_digest, uint8_t *out_digest) |
| Perform a TPM_Extend. More... | |
| uint32_t | tlcl_disable_platform_hierarchy (void) |
| Disable platform hierarchy. More... | |
| uint32_t | tlcl_get_permissions (uint32_t index, uint32_t *permissions) |
| Get the permission bits for the NVRAM space with |index|. More... | |
Assert physical presence in software.
The TPM error code is returned.
Definition at line 249 of file tss.c.
References s_tpm_ppassert_cmd::buffer, send(), tpm_ppassert_cmd, TPM_SUCCESS, and VBDEBUG.
Referenced by tpm_setup().
Set Clear Control.
The TPM error code is returned.
Definition at line 168 of file tss.c.
References BIOS_INFO, tpm2_clear_control_cmd::disable, tpm2_response::hdr, printk, TPM2_ClearControl, tpm_header::tpm_code, TPM_E_IOERROR, tpm_process_command(), and TPM_SUCCESS.
Run the self test in the background.
Definition at line 184 of file tss.c.
References s_tpm_continueselftest_cmd::buffer, tlcl_send_receive_no_retry(), tpm_continueselftest_cmd, TPM_LARGE_ENOUGH_COMMAND_SIZE, and VBDEBUG.
Referenced by tlcl_send_receive().
Disable platform hierarchy.
Specific to TPM2. The TPM error code is returned.
Definition at line 421 of file tss.c.
References tpm2_hierarchy_control_cmd::enable, tpm2_response::hdr, TPM2_Hierarchy_Control, tpm_header::tpm_code, TPM_E_INTERNAL_INCONSISTENCY, tpm_process_command(), TPM_RH_PLATFORM, and TPM_SUCCESS.
Referenced by psp_verstage_s0i3_resume().
Perform a TPM_Extend.
Definition at line 334 of file tss.c.
References BIOS_INFO, s_tpm_extend_cmd::buffer, TPML_DIGEST_VALUES::count, TPMT_HA::digest, TPML_DIGEST_VALUES::digests, tpm2_pcr_extend_cmd::digests, TPMT_HA::hashAlg, tpm2_response::hdr, HR_PCR, s_tpm_extend_cmd::inDigest, kPcrDigestLength, kTpmResponseHeaderLength, memcpy(), tpm2_pcr_extend_cmd::pcrHandle, s_tpm_extend_cmd::pcrNum, printk, TPMU_HA::sha256, tlcl_send_receive(), to_tpm_uint32(), TPM2_PCR_Extend, TPM_ALG_SHA256, tpm_header::tpm_code, TPM_E_IOERROR, tpm_extend_cmd, tpm_process_command(), and TPM_SUCCESS.
Referenced by tpm_extend_pcr(), and tspi_measure_cache_to_pcr().
Finalize the physical presence settings: software PP is enabled, hardware PP is disabled, and the lifetime lock is set.
The TPM error code is returned.
Definition at line 261 of file tss.c.
References BIOS_INFO, s_tpm_finalizepp_cmd::buffer, printk, send(), tpm_finalizepp_cmd, TPM_SUCCESS, and VBDEBUG.
Referenced by _factory_initialize_tpm().
Issue a ForceClear.
The TPM error code is returned.
Definition at line 273 of file tss.c.
References BIOS_INFO, s_tpm_forceclear_cmd::buffer, tpm2_response::hdr, NULL, printk, send(), TPM2_Clear, tpm_header::tpm_code, TPM_E_IOERROR, tpm_forceclear_cmd, tpm_process_command(), TPM_SUCCESS, and VBDEBUG.
Referenced by tpm_clear_and_reenable().
Get the permission bits for the NVRAM space with |index|.
Definition at line 355 of file tss.c.
References s_tpm_getpermissions_cmd::buffer, from_tpm_uint32(), s_tpm_getpermissions_cmd::index, kNvDataPublicPermissionsOffset, kTpmResponseHeaderLength, memcpy(), tlcl_send_receive(), to_tpm_uint32(), tpm_getpermissions_cmd, TPM_LARGE_ENOUGH_COMMAND_SIZE, and TPM_SUCCESS.
Referenced by antirollback_read_space_kernel().
Call this first.
Returns 0 if success, nonzero if error.
Definition at line 145 of file tss.c.
References BIOS_ERR, printk, tis_init(), tis_open(), and tlcl_init_done.
Referenced by mainboard_update_soc_chip_config(), mrc_cache_update_hash(), mrc_cache_verify_hash(), tpm_extend_pcr(), tpm_setup(), and vboot_save_data().
Make an NV Ram location read_only.
The TPM error code is returned.
Definition at line 276 of file tss.c.
References BIOS_INFO, tpm2_response::hdr, HR_NV_INDEX, tpm2_nv_write_lock_cmd::nvIndex, printk, TPM2_NV_WriteLock, tpm_header::tpm_code, TPM_E_IOERROR, tpm_process_command(), and TPM_SUCCESS.
Enable the physical presence command.
The TPM error code is returned.
Definition at line 255 of file tss.c.
References BIOS_INFO, s_tpm_ppenable_cmd::buffer, printk, send(), tpm_ppenable_cmd, TPM_SUCCESS, and VBDEBUG.
Referenced by tpm_setup().
Read [length] bytes from space at [index] into [data].
The TPM error code is returned.
Definition at line 224 of file tss.c.
References BIOS_INFO, s_tpm_nv_read_cmd::buffer, TPM2B_MAX_NV_BUFFER::buffer, nv_read_response::buffer, from_tpm_uint32(), tpm2_response::hdr, HR_NV_INDEX, s_tpm_nv_read_cmd::index, kTpmResponseHeaderLength, length, s_tpm_nv_read_cmd::length, memcpy(), memset(), tpm2_nv_read_cmd::nvIndex, tpm2_response::nvr, printk, TPM2B_MAX_NV_BUFFER::size, tpm2_nv_read_cmd::size, TPM2B_MAX_NV_BUFFER::t, tlcl_send_receive(), to_tpm_uint32(), TPM2_NV_Read, tpm_header::tpm_code, TPM_E_BADINDEX, TPM_E_IOERROR, TPM_E_RANGE, TPM_E_READ_EMPTY, TPM_E_READ_FAILURE, TPM_E_RESPONSE_TOO_LARGE, TPM_LARGE_ENOUGH_COMMAND_SIZE, tpm_nv_read_cmd, tpm_process_command(), TPM_RC_CR50_NV_UNDEFINED, TPM_RC_NV_RANGE, TPM_RC_NV_UNINITIALIZED, TPM_SUCCESS, and VBDEBUG.
Referenced by antirollback_read_space_kernel(), and read_space_firmware().
Resume by sending a TPM_Startup(ST_STATE).
The TPM error code is returned (0 for success).
Definition at line 166 of file tss.c.
References s_tpm_resume_cmd::buffer, send(), tlcl_send_startup(), tpm_resume_cmd, TPM_SU_STATE, and VBDEBUG.
Referenced by tpm_setup_s3_helper().
Save TPM state by sending either TPM_SaveState() (TPM1.2) or TPM_Shutdown(ST_STATE) (TPM2.0).
The TPM error code is returned (0 for success).
Definition at line 172 of file tss.c.
References s_tpm_savestate_cmd::buffer, send(), tlcl_send_shutdown(), tpm_savestate_cmd, TPM_SU_STATE, and VBDEBUG.
Run the self test.
Note—this is synchronous. To run this in parallel with other firmware, use ContinueSelfTest(). The TPM error code is returned.
Definition at line 178 of file tss.c.
References BIOS_INFO, s_tpm_selftestfull_cmd::buffer, tpm2_response::hdr, printk, send(), TPM2_SelfTest, tpm_header::tpm_code, tpm_process_command(), tpm_selftestfull_cmd, TPM_SUCCESS, VBDEBUG, and tpm2_self_test::yes_no.
Referenced by factory_initialize_tpm().
Perform a raw TPM request/response transaction.
Definition at line 104 of file tss.c.
References tlcl_continue_self_test(), tlcl_send_receive_no_retry(), TPM_E_DOING_SELFTEST, TPM_E_NEEDS_SELFTEST, and TPM_SUCCESS.
Referenced by send(), tlcl_extend(), tlcl_get_permanent_flags(), tlcl_get_permissions(), tlcl_read(), and tlcl_write().
Set the bGlobalLock flag, which only a reboot can clear.
The TPM error code is returned.
Definition at line 328 of file tss.c.
References NULL, tlcl_write(), TPM_NV_INDEX0, and VBDEBUG.
Referenced by antirollback_lock_space_firmware().
Set the nvLocked bit.
The TPM error code is returned.
Definition at line 267 of file tss.c.
References tlcl_define_space(), TPM_NV_INDEX_LOCK, and VBDEBUG.
Referenced by _factory_initialize_tpm().
Send a TPM_Startup(ST_CLEAR).
The TPM error code is returned (0 for success).
Definition at line 160 of file tss.c.
References s_tpm_startup_cmd::buffer, send(), tlcl_send_startup(), tpm_startup_cmd, TPM_SU_CLEAR, and VBDEBUG.
Referenced by tpm_setup().
Write [length] bytes of [data] to space at [index].
The TPM error code is returned.
Definition at line 204 of file tss.c.
References assert, BIOS_INFO, s_tpm_nv_write_cmd::buffer, TPM2B_MAX_NV_BUFFER::buffer, s_tpm_nv_write_cmd::data, tpm2_nv_write_cmd::data, tpm2_response::hdr, HR_NV_INDEX, s_tpm_nv_write_cmd::index, kTpmRequestHeaderLength, kWriteInfoLength, length, s_tpm_nv_write_cmd::length, memcpy(), memset(), tpm2_nv_write_cmd::nvIndex, printk, set_tpm_command_size(), TPM2B_MAX_NV_BUFFER::size, TPM2B_MAX_NV_BUFFER::t, tlcl_send_receive(), to_tpm_uint32(), TPM2_NV_Write, tpm_header::tpm_code, TPM_E_WRITE_FAILURE, TPM_LARGE_ENOUGH_COMMAND_SIZE, tpm_nv_write_cmd, tpm_process_command(), TPM_SUCCESS, and VBDEBUG.
Referenced by safe_write(), and tlcl_set_global_lock().
1.9.1