Added new commands and reactivated full rebuild after fixing for ARM ebuild.
Review URL: http://codereview.chromium.org/3116025
Change-Id: Ideb82562f6b1c3ce5cd9e0b79de250d0a7bd976e
diff --git a/Makefile b/Makefile
index a7175bd..a9445e7 100644
--- a/Makefile
+++ b/Makefile
@@ -33,7 +33,8 @@
if [ ! -d $$newdir ]; then \
mkdir -p $$newdir; \
fi; \
- done && \
+ done; \
+ make -C utility update_tlcl_structures; \
for i in $(SUBDIRS); do \
make -C $$i; \
done
diff --git a/firmware/lib/tpm_lite/include/tlcl.h b/firmware/lib/tpm_lite/include/tlcl.h
index e7bb4bf..cb0c1e6 100644
--- a/firmware/lib/tpm_lite/include/tlcl.h
+++ b/firmware/lib/tpm_lite/include/tlcl.h
@@ -12,6 +12,7 @@
#define TPM_LITE_TLCL_H_
#include "sysincludes.h"
+#include "tss_constants.h"
/*****************************************************************************/
/* Functions to be implemented by the stub library */
@@ -134,4 +135,12 @@
*/
uint32_t TlclGetPermissions(uint32_t index, uint32_t* permissions);
+/* Gets the entire set of permanent flags.
+ */
+uint32_t TlclGetPermanentFlags(TPM_PERMANENT_FLAGS* pflags);
+
+/* Gets the entire set of volatile (ST_CLEAR) flags.
+ */
+uint32_t TlclGetSTClearFlags(TPM_STCLEAR_FLAGS* pflags);
+
#endif /* TPM_LITE_TLCL_H_ */
diff --git a/firmware/lib/tpm_lite/include/tlcl_structures.h b/firmware/lib/tpm_lite/include/tlcl_structures.h
index b2ba29d..039ee37 100644
--- a/firmware/lib/tpm_lite/include/tlcl_structures.h
+++ b/firmware/lib/tpm_lite/include/tlcl_structures.h
@@ -13,6 +13,11 @@
} tpm_getpermissions_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0x65, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x4, },
18, };
+struct s_tpm_getstclearflags_cmd{
+ uint8_t buffer[22];
+} tpm_getstclearflags_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0x65, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x9, },
+};
+
struct s_tpm_getflags_cmd{
uint8_t buffer[22];
} tpm_getflags_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0x65, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x8, },
diff --git a/firmware/lib/tpm_lite/include/tss_constants.h b/firmware/lib/tpm_lite/include/tss_constants.h
index cf2062b..6475adb 100644
--- a/firmware/lib/tpm_lite/include/tss_constants.h
+++ b/firmware/lib/tpm_lite/include/tss_constants.h
@@ -14,11 +14,19 @@
#define TPM_MAX_COMMAND_SIZE 4096
#define TPM_LARGE_ENOUGH_COMMAND_SIZE 256 /* saves space in the firmware */
+#define TPM_E_NON_FATAL 0x800
+
#define TPM_SUCCESS ((uint32_t)0x00000000)
+
+#define TPM_E_AREA_LOCKED ((uint32_t)0x00000003c)
#define TPM_E_BADINDEX ((uint32_t)0x00000002)
+#define TPM_E_BAD_PRESENCE ((uint32_t)0x00000002d)
#define TPM_E_MAXNVWRITES ((uint32_t)0x00000048)
#define TPM_E_OWNER_SET ((uint32_t)0x00000014)
+#define TPM_E_NEEDS_SELFTEST ((uint32_t)(TPM_E_NON_FATAL + 1))
+#define TPM_E_DOING_SELFTEST ((uint32_t)(TPM_E_NON_FATAL + 2))
+
#define TPM_E_ALREADY_INITIALIZED ((uint32_t)0x00005000) /* vboot local */
#define TPM_E_INTERNAL_INCONSISTENCY ((uint32_t)0x00005001) /* vboot local */
#define TPM_E_MUST_REBOOT ((uint32_t)0x00005002) /* vboot local */
@@ -27,19 +35,22 @@
#define TPM_NV_INDEX0 ((uint32_t)0x00000000)
#define TPM_NV_INDEX_LOCK ((uint32_t)0xffffffff)
-#define TPM_NV_PER_WRITE_STCLEAR (((uint32_t)1)<<14)
-#define TPM_NV_PER_PPWRITE (((uint32_t)1)<<0)
#define TPM_NV_PER_GLOBALLOCK (((uint32_t)1)<<15)
+#define TPM_NV_PER_PPWRITE (((uint32_t)1)<<0)
+#define TPM_NV_PER_READ_STCLEAR (((uint32_t)1)<<31)
+#define TPM_NV_PER_WRITE_STCLEAR (((uint32_t)1)<<14)
+
+#define TPM_TAG_RQU_COMMAND ((uint16_t) 0xc1)
+#define TPM_TAG_RQU_AUTH1_COMMAND ((uint16_t) 0xc2)
+#define TPM_TAG_RQU_AUTH2_COMMAND ((uint16_t) 0xc3)
+
+#define TPM_TAG_RSP_COMMAND ((uint16_t) 0xc4)
+#define TPM_TAG_RSP_AUTH1_COMMAND ((uint16_t) 0xc5)
+#define TPM_TAG_RSP_AUTH2_COMMAND ((uint16_t) 0xc6)
typedef uint8_t TSS_BOOL;
typedef uint16_t TPM_STRUCTURE_TAG;
-typedef struct tdTPM_WRITE_INFO {
- uint32_t nvIndex;
- uint32_t offset;
- uint32_t dataSize;
-} TPM_WRITE_INFO;
-
typedef struct tdTPM_PERMANENT_FLAGS
{
TPM_STRUCTURE_TAG tag;
@@ -65,10 +76,13 @@
TSS_BOOL disableFullDALogicInfo;
} TPM_PERMANENT_FLAGS;
-#define TPM_ALL_LOCALITIES (TPM_LOC_ZERO | TPM_LOC_ONE | TPM_LOC_TWO \
- | TPM_LOC_THREE | TPM_LOC_FOUR) /* 0x1f */
-
-#define TPM_ENCAUTH_SIZE 20
-#define TPM_PUBEK_SIZE 256
+typedef struct tdTPM_STCLEAR_FLAGS{
+ TPM_STRUCTURE_TAG tag;
+ TSS_BOOL deactivated;
+ TSS_BOOL disableForceClear;
+ TSS_BOOL physicalPresence;
+ TSS_BOOL physicalPresenceLock;
+ TSS_BOOL bGlobalLock;
+} TPM_STCLEAR_FLAGS;
#endif /* TPM_LITE_TSS_CONSTANTS_H_ */
diff --git a/firmware/lib/tpm_lite/tlcl.c b/firmware/lib/tpm_lite/tlcl.c
index 4bbd7a4..09b07e6 100644
--- a/firmware/lib/tpm_lite/tlcl.c
+++ b/firmware/lib/tpm_lite/tlcl.c
@@ -18,7 +18,7 @@
#include "tlcl.h"
#include "tlcl_internal.h"
#include "tlcl_structures.h"
-#include "tss_constants.h"
+#include "tpmextras.h"
#include "utility.h"
/* Sets the size field of a TPM command. */
@@ -221,32 +221,55 @@
return Send(cmd.buffer);
}
-uint32_t TlclGetFlags(uint8_t* disable, uint8_t* deactivated, uint8_t *nvlocked) {
+uint32_t TlclGetPermanentFlags(TPM_PERMANENT_FLAGS* pflags) {
uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
- TPM_PERMANENT_FLAGS* pflags;
- uint32_t result;
uint32_t size;
- VBDEBUG(("TPM: Get flags\n"));
-
- result = TlclSendReceive(tpm_getflags_cmd.buffer, response, sizeof(response));
+ uint32_t result =
+ TlclSendReceive(tpm_getflags_cmd.buffer, response, sizeof(response));
if (result != TPM_SUCCESS)
return result;
-
FromTpmUint32(response + kTpmResponseHeaderLength, &size);
assert(size == sizeof(TPM_PERMANENT_FLAGS));
- pflags =
- (TPM_PERMANENT_FLAGS*) (response + kTpmResponseHeaderLength + sizeof(size));
- VBDEBUG(("TPM: Got flags disable=%d, deactivated=%d, nvlocked=%d\n",
- pflags->disable, pflags->deactivated, pflags->nvLocked));
- if (disable)
- *disable = pflags->disable;
- if (deactivated)
- *deactivated = pflags->deactivated;
- if (nvlocked)
- *nvlocked = pflags->nvLocked;
+ Memcpy(pflags,
+ response + kTpmResponseHeaderLength + sizeof(size),
+ sizeof(TPM_PERMANENT_FLAGS));
return result;
}
+uint32_t TlclGetSTClearFlags(TPM_STCLEAR_FLAGS* vflags) {
+ uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
+ uint32_t size;
+ uint32_t result =
+ TlclSendReceive(tpm_getstclearflags_cmd.buffer, response, sizeof(response));
+ if (result != TPM_SUCCESS)
+ return result;
+ FromTpmUint32(response + kTpmResponseHeaderLength, &size);
+ /* Ugly assertion, but the struct is padded up by one byte. */
+ assert(size == 7 && sizeof(TPM_STCLEAR_FLAGS) - 1 == 7);
+ Memcpy(vflags,
+ response + kTpmResponseHeaderLength + sizeof(size),
+ sizeof(TPM_STCLEAR_FLAGS));
+ return result;
+}
+
+uint32_t TlclGetFlags(uint8_t* disable,
+ uint8_t* deactivated,
+ uint8_t *nvlocked) {
+ TPM_PERMANENT_FLAGS pflags;
+ uint32_t result = TlclGetPermanentFlags(&pflags);
+ if (result == TPM_SUCCESS) {
+ if (disable)
+ *disable = pflags.disable;
+ if (deactivated)
+ *deactivated = pflags.deactivated;
+ if (nvlocked)
+ *nvlocked = pflags.nvLocked;
+ VBDEBUG(("TPM: Got flags disable=%d, deactivated=%d, nvlocked=%d\n",
+ pflags.disable, pflags.deactivated, pflags.nvLocked));
+ }
+ return result;
+}
+
uint32_t TlclSetGlobalLock(void) {
uint32_t x;
VBDEBUG(("TPM: Set global lock\n"));
diff --git a/firmware/stub/include/tpmextras.h b/firmware/stub/include/tpmextras.h
index abd5837..0fe0982 100644
--- a/firmware/stub/include/tpmextras.h
+++ b/firmware/stub/include/tpmextras.h
@@ -10,10 +10,13 @@
#ifndef TPM_LITE_TPMEXTRAS_H_
#define TPM_LITE_TPMEXTRAS_H_
-#include <tss/tcs.h>
-
#define TPM_MAX_COMMAND_SIZE 4096
#define TPM_LARGE_ENOUGH_COMMAND_SIZE 256 /* saves space in the firmware */
+#define TPM_ENCAUTH_SIZE 20
+#define TPM_PUBEK_SIZE 256
+
+#define TPM_ALL_LOCALITIES (TPM_LOC_ZERO | TPM_LOC_ONE | TPM_LOC_TWO \
+ | TPM_LOC_THREE | TPM_LOC_FOUR) /* 0x1f */
typedef struct tdTPM_WRITE_INFO {
uint32_t nvIndex;
@@ -21,10 +24,4 @@
uint32_t dataSize;
} TPM_WRITE_INFO;
-#define TPM_ALL_LOCALITIES (TPM_LOC_ZERO | TPM_LOC_ONE | TPM_LOC_TWO \
- | TPM_LOC_THREE | TPM_LOC_FOUR) /* 0x1f */
-
-#define TPM_ENCAUTH_SIZE 20
-#define TPM_PUBEK_SIZE 256
-
#endif
diff --git a/firmware/stub/tpm_lite_stub.c b/firmware/stub/tpm_lite_stub.c
index e91069b..3dc3dfe 100644
--- a/firmware/stub/tpm_lite_stub.c
+++ b/firmware/stub/tpm_lite_stub.c
@@ -21,7 +21,7 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>
-#include <tss/tcs.h>
+
#include "tpmextras.h"
#define TPM_DEVICE_PATH "/dev/tpm0"
diff --git a/firmware/version.c b/firmware/version.c
index 35789a8..73f10a5 100644
--- a/firmware/version.c
+++ b/firmware/version.c
@@ -1 +1 @@
-char* VbootVersion = "VBOOv=866c0f20";
+char* VbootVersion = "VBOOv=8dd12638";
diff --git a/tests/tpm_lite/earlyextend.c b/tests/tpm_lite/earlyextend.c
index 5826809..b46f17f 100644
--- a/tests/tpm_lite/earlyextend.c
+++ b/tests/tpm_lite/earlyextend.c
@@ -9,7 +9,6 @@
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
-#include <tss/tcs.h>
#include "tlcl.h"
diff --git a/tests/tpm_lite/earlynvram.c b/tests/tpm_lite/earlynvram.c
index 24d381c..c34a3ad 100644
--- a/tests/tpm_lite/earlynvram.c
+++ b/tests/tpm_lite/earlynvram.c
@@ -9,7 +9,6 @@
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
-#include <tss/tcs.h>
#include "tlcl.h"
#include "utility.h"
diff --git a/tests/tpm_lite/earlynvram2.c b/tests/tpm_lite/earlynvram2.c
index 2372551..91b8d2e 100644
--- a/tests/tpm_lite/earlynvram2.c
+++ b/tests/tpm_lite/earlynvram2.c
@@ -9,7 +9,6 @@
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
-#include <tss/tcs.h>
#include "tlcl.h"
#include "utility.h"
diff --git a/tests/tpm_lite/fastenable.c b/tests/tpm_lite/fastenable.c
index 5b11e2e..14995da 100644
--- a/tests/tpm_lite/fastenable.c
+++ b/tests/tpm_lite/fastenable.c
@@ -13,7 +13,6 @@
*/
#include <stdio.h>
-#include <tss/tcs.h>
#include "tlcl.h"
#include "utility.h"
diff --git a/tests/tpm_lite/globallock.c b/tests/tpm_lite/globallock.c
index 0fd455a..5442fea 100644
--- a/tests/tpm_lite/globallock.c
+++ b/tests/tpm_lite/globallock.c
@@ -9,7 +9,6 @@
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
-#include <tss/tcs.h>
#include "tlcl.h"
#include "utility.h"
diff --git a/tests/tpm_lite/readonly.c b/tests/tpm_lite/readonly.c
index 454a75e..7e85623 100644
--- a/tests/tpm_lite/readonly.c
+++ b/tests/tpm_lite/readonly.c
@@ -12,7 +12,6 @@
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
-#include <tss/tcs.h>
#include "tlcl.h"
#include "utility.h"
diff --git a/tests/tpm_lite/redefine.c b/tests/tpm_lite/redefine.c
index eafded1..b4c9868 100644
--- a/tests/tpm_lite/redefine.c
+++ b/tests/tpm_lite/redefine.c
@@ -13,7 +13,6 @@
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
-#include <tss/tcs.h>
#include "tlcl.h"
#include "utility.h"
diff --git a/tests/tpm_lite/spaceperm.c b/tests/tpm_lite/spaceperm.c
index f211ca4..a580dc8 100644
--- a/tests/tpm_lite/spaceperm.c
+++ b/tests/tpm_lite/spaceperm.c
@@ -10,7 +10,6 @@
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
-#include <tss/tcs.h>
#include "tlcl.h"
#include "utility.h"
diff --git a/tests/tpm_lite/writelimit.c b/tests/tpm_lite/writelimit.c
index 552cbd6..f7d087c 100644
--- a/tests/tpm_lite/writelimit.c
+++ b/tests/tpm_lite/writelimit.c
@@ -9,7 +9,6 @@
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
-#include <tss/tcs.h>
#include "tlcl.h"
#include "utility.h"
diff --git a/utility/Makefile b/utility/Makefile
index 5a78c90..745cc9c 100644
--- a/utility/Makefile
+++ b/utility/Makefile
@@ -11,6 +11,7 @@
CFLAGS += $(INCLUDES)
CFLAGS += -MMD -MF $@.d
LIBS = $(HOSTLIB) $(FWLIB)
+HOSTCC = cc
BUILD_ROOT = ${BUILD}/utility
@@ -53,7 +54,7 @@
$(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) -lcrypto
${BUILD_ROOT}/tlcl_generator: tlcl_generator.c
- $(CC) $(CFLAGS) $(INCLUDES) -fpack-struct $< -o $@
+ $(HOSTCC) $(CFLAGS) $(INCLUDES) -fpack-struct $< -o $@
${BUILD_ROOT}/vbutil_firmware: vbutil_firmware.c $(LIBS)
$(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) -lcrypto
diff --git a/utility/tlcl_generator.c b/utility/tlcl_generator.c
index 927014d..0b8258b 100644
--- a/utility/tlcl_generator.c
+++ b/utility/tlcl_generator.c
@@ -17,7 +17,7 @@
#include <stdlib.h>
#include <tss/tcs.h>
-#include "tlcl.h"
+#include "sysincludes.h"
#include "tlcl_internal.h"
#include "tpmextras.h"
@@ -278,6 +278,25 @@
return cmd;
}
+Command* BuildGetSTClearFlagsCommand(void) {
+ int size = (kTpmRequestHeaderLength +
+ sizeof(TPM_CAPABILITY_AREA) + /* capArea */
+ sizeof(uint32_t) + /* subCapSize */
+ sizeof(uint32_t)); /* subCap */
+
+ Command* cmd = newCommand(TPM_ORD_GetCapability, size);
+ cmd->name = "tpm_getstclearflags_cmd";
+ AddInitializedField(cmd, kTpmRequestHeaderLength,
+ sizeof(TPM_CAPABILITY_AREA), TPM_CAP_FLAG);
+ AddInitializedField(cmd, kTpmRequestHeaderLength +
+ sizeof(TPM_CAPABILITY_AREA),
+ sizeof(uint32_t), sizeof(uint32_t));
+ AddInitializedField(cmd, kTpmRequestHeaderLength +
+ sizeof(TPM_CAPABILITY_AREA) + sizeof(uint32_t),
+ sizeof(uint32_t), TPM_CAP_FLAG_VOLATILE);
+ return cmd;
+}
+
Command* BuildGetPermissionsCommand(void) {
int size = (kTpmRequestHeaderLength +
sizeof(TPM_CAPABILITY_AREA) + /* capArea */
@@ -407,6 +426,7 @@
BuildPhysicalEnableCommand,
BuildPhysicalSetDeactivatedCommand,
BuildGetFlagsCommand,
+ BuildGetSTClearFlagsCommand,
BuildGetPermissionsCommand,
BuildExtendCommand,
};
diff --git a/utility/tpmc.c b/utility/tpmc.c
index b74bf1c..0213b4b 100644
--- a/utility/tpmc.c
+++ b/utility/tpmc.c
@@ -200,6 +200,52 @@
return result;
}
+static uint32_t HandlerGetPermanentFlags(void) {
+ TPM_PERMANENT_FLAGS pflags;
+ uint32_t result = TlclGetPermanentFlags(&pflags);
+ if (result == 0) {
+#define P(name) printf("%s %d\n", #name, pflags.name)
+ P(disable);
+ P(ownership);
+ P(deactivated);
+ P(readPubek);
+ P(disableOwnerClear);
+ P(allowMaintenance);
+ P(physicalPresenceLifetimeLock);
+ P(physicalPresenceHWEnable);
+ P(physicalPresenceCMDEnable);
+ P(CEKPUsed);
+ P(TPMpost);
+ P(TPMpostLock);
+ P(FIPS);
+ P(Operator);
+ P(enableRevokeEK);
+ P(nvLocked);
+ P(readSRKPub);
+ P(tpmEstablished);
+ P(maintenanceDone);
+ P(disableFullDALogicInfo);
+#undef P
+ }
+ return result;
+}
+
+static uint32_t HandlerGetSTClearFlags(void) {
+ TPM_STCLEAR_FLAGS vflags;
+ uint32_t result = TlclGetSTClearFlags(&vflags);
+ if (result == 0) {
+#define P(name) printf("%s %d\n", #name, vflags.name)
+ P(deactivated);
+ P(disableForceClear);
+ P(physicalPresence);
+ P(physicalPresenceLock);
+ P(bGlobalLock);
+#undef P
+ }
+ return result;
+}
+
+
/* Table of TPM commands.
*/
command_record command_table[] = {
@@ -232,6 +278,10 @@
HandlerRead },
{ "getpermissions", "getp", "print space permissions (getp <index>)",
HandlerGetPermissions },
+ { "getpermanentflags", "getpf", "print all permanent flags",
+ HandlerGetPermanentFlags },
+ { "getstclearflags", "getvf", "print all volatile (ST_CLEAR) flags",
+ HandlerGetSTClearFlags },
};
static int n_commands = sizeof(command_table) / sizeof(command_table[0]);