Stub tlcl implementation for tpm2 case

Build a special version of TPM Lightweight Command Library in libvboot_host for TPM2. Create the framework for implementation, stub functions for now. libvboot_host is used by tpmc and other user-space utilities that talk directly to tpm bypassing trunks/trousers. BRANCH=none BUG=chrome-os-partner:54981 BUG=chrome-os-partner:55210 TEST=Boot on kevin, verify that 'tpmc read' works. Change-Id: I4cc41028041193041defc319687697eb9edb1f3e Reviewed-on: https://chromium-review.googlesource.com/358623 Commit-Ready: Andrey Pronin <apronin@chromium.org> Tested-by: Stephen Barber <smbarber@chromium.org> Tested-by: Andrey Pronin <apronin@chromium.org> Reviewed-by: Stephen Barber <smbarber@chromium.org>
2025-11-24 10:14:55 +00:00 · 2016-07-06 19:10:46 -07:00
parent d5820a79fc
commit 1becb0dabe
6 changed files with 218 additions and 19 deletions
--- a/firmware/lib/rollback_index.c
+++ b/firmware/lib/rollback_index.c
@@ -353,8 +353,10 @@ uint32_t SetupTPM(int developer_mode, int disable_dev_request,
                  int clear_tpm_owner_request, RollbackSpaceFirmware* rsf)
 {
 	uint8_t in_flags;
+#ifndef TPM2_MODE
 	uint8_t disable;
 	uint8_t deactivated;
+#endif
 	uint32_t result;
 	uint32_t versions;

@@ -396,6 +398,7 @@ uint32_t SetupTPM(int developer_mode, int disable_dev_request,
 #endif
 	RETURN_ON_FAILURE(TlclContinueSelfTest());
 #endif
+#ifndef TPM2_MODE
 	result = TlclAssertPhysicalPresence();
 	if (result != TPM_SUCCESS) {
 		/*
@@ -417,6 +420,7 @@ uint32_t SetupTPM(int developer_mode, int disable_dev_request,
 		VBDEBUG(("TPM: Must reboot to re-enable\n"));
 		return TPM_E_MUST_REBOOT;
 	}
+#endif

 	/* Read the firmware space. */
 	result = ReadSpaceFirmware(rsf);
--- a/firmware/lib/tpm2_lite/tlcl.c
+++ b/firmware/lib/tpm2_lite/tlcl.c
@@ -42,6 +42,65 @@ static struct tpm2_response *tpm_process_command(TPM_CC command,
 	return response;
 }

+uint32_t TlclLibInit(void)
+{
+	return VbExTpmInit();
+}
+
+uint32_t TlclLibClose(void)
+{
+	return VbExTpmClose();
+}
+
+uint32_t TlclSendReceive(const uint8_t *request, uint8_t *response,
+                         int max_length)
+{
+        VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+        return TPM_SUCCESS;
+}
+
+int TlclPacketSize(const uint8_t *packet)
+{
+        VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+        return 0;
+}
+
+uint32_t TlclStartup(void)
+{
+	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	return TPM_SUCCESS;
+}
+
+uint32_t TlclSaveState(void)
+{
+	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	return TPM_SUCCESS;
+}
+
+uint32_t TlclResume(void)
+{
+	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	return TPM_SUCCESS;
+}
+
+uint32_t TlclSelfTestFull(void)
+{
+	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	return TPM_SUCCESS;
+}
+
+uint32_t TlclContinueSelfTest(void)
+{
+	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	return TPM_SUCCESS;
+}
+
+int32_t TlclDefineSpace(uint32_t index, uint32_t perm, uint32_t size)
+{
+	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	return TPM_SUCCESS;
+}
+
 /**
 * Issue a ForceClear.  The TPM error code is returned.
 */
@@ -63,6 +122,31 @@ uint32_t TlclSetEnable(void)
 	return TPM_SUCCESS;
 }

+uint32_t TlclGetFlags(uint8_t* disable,
+                      uint8_t* deactivated,
+                      uint8_t *nvlocked)
+{
+	/* For TPM2 the flags are always the same */
+	if (disable)
+		*disable = 0;
+	if (deactivated)
+		*deactivated = 0;
+	if (nvlocked)
+		*nvlocked = 1;
+	return TPM_SUCCESS;
+}
+
+int TlclIsOwned(void)
+{
+	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	return 0;
+}
+
+uint32_t TlclExtend(int pcr_num, const uint8_t *in_digest, uint8_t *out_digest)
+{
+	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	return TPM_SUCCESS;
+}

 /**
 * Get the permission bits for the NVRAM space with |index|.
@@ -74,6 +158,25 @@ uint32_t TlclGetPermissions(uint32_t index, uint32_t *permissions)
 	return TPM_SUCCESS;
 }

+uint32_t TlclGetPermanentFlags(TPM_PERMANENT_FLAGS *pflags)
+{
+	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	return TPM_SUCCESS;
+}
+
+uint32_t TlclGetSTClearFlags(TPM_STCLEAR_FLAGS *pflags)
+{
+	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	return TPM_SUCCESS;
+}
+
+uint32_t TlclGetOwnership(uint8_t *owned)
+{
+	*owned = 0;
+	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	return TPM_SUCCESS;
+}
+
 static uint32_t tlcl_lock_nv_write(uint32_t index)
 {
 	struct tpm2_response *response;
@@ -184,3 +287,28 @@ uint32_t TlclWrite(uint32_t index, const void *data, uint32_t length)

 	return TPM_SUCCESS;
 }
+
+int32_t TlclPCRRead(uint32_t index, void *data, uint32_t length)
+{
+	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	return TPM_SUCCESS;
+}
+
+uint32_t TlclWriteLock(uint32_t index)
+{
+	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	return TPM_SUCCESS;
+}
+
+uint32_t TlclReadLock(uint32_t index)
+{
+	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	return TPM_SUCCESS;
+}
+
+uint32_t TlclGetRandom(uint8_t *data, uint32_t length, uint32_t *size)
+{
+	*size = 0;
+	VBDEBUG(("%s called, NOT YET IMPLEMENTED\n", __func__));
+	return TPM_E_IOERROR;
+}