Refactor TPM calls into vboot wrapper

Try #2, now that ARM has the fix from http://gerrit.chromium.org/gerrit/4667 This cleans up the TPM calls inside vboot_reference. * TPM calls share mode code between boot modes. * Better handling for TPM_E_MUST_REBOOT, particularly in recovery mode. * TAB screen shows current TPM versions. No changes required to the wrapper API; these changes are internal to vboot. BUG=chromium-os:18084 TEST=make && make runtests; built for both alex and tegra2-seaboard Original-Change-Id: I2a52066f2889210af83409872b10f9d6380470af (cherry picked from commit da55560cddcf7a1aa8a881cdf52792a21a01e766) Change-Id: I120797145772116f09b8125b9e56fdbb11dc16b3 Reviewed-on: http://gerrit.chromium.org/gerrit/4671 Tested-by: Randall Spangler <rspangler@chromium.org> Reviewed-by: Randall Spangler <rspangler@chromium.org>
2025-11-24 02:05:01 +00:00 · 2011-07-22 14:06:51 -07:00
parent e11860ea47
commit 22e7bb2b8e
11 changed files with 257 additions and 339 deletions
--- a/firmware/lib/include/rollback_index.h
+++ b/firmware/lib/include/rollback_index.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
 * Use of this source code is governed by a BSD-style license that can be
 * found in the LICENSE file.
 *
@@ -55,34 +55,6 @@ __pragma(pack(pop)) /* Support packing for MSVC. */

 /* All functions return TPM_SUCCESS (zero) if successful, non-zero if error */

-/*
-
-Call from LoadFirmware()
-  Normal or developer mode (not recovery)
-  Wants firmware versions
-  Must send in developer flag
-
-  RollbackFirmwareSetup(IN devmode)
-  (maybe) RollbackFirmwareRead()
-  (maybe) RollbackFirmwareWrite()
-  RollbackFirmwareLock()
-
-Call from LoadKernel()
-
-  RollbackKernelRecovery(IN devmode)
-     (implies LockFirmwareVersions() inside the setup)
-
-  RollbackKernelRead(OUT kernel versions)
-  (maybe) RollbackKernelWrite()
-  RollbackKernelLock()
-
-  Any mode
-    If recovery mode, this is the first time we've been called
-      Must send in developer flag
-    If not recovery mode, wants kernel versions
-  Must send in developer and recovery flags
-*/
-
 /* These functions are called from S3Resume().  They cannot use
 * global variables. */
 uint32_t RollbackS3Resume(void);
@@ -90,14 +62,11 @@ uint32_t RollbackS3Resume(void);
 /* These functions are callable from LoadFirmware().  They cannot use
 * global variables. */

-/* Setup must be called.  Pass developer_mode=nonzero if in developer
+/* Setup must be called.  Pass recovery_mode=nonzero if in recovery
+ * mode.  Pass developer_mode=nonzero if in developer
 * mode. */
-uint32_t RollbackFirmwareSetup(int developer_mode, uint32_t* version);
-
-/* Read may be called to get the version.  This is not necessary in
- * the normal boot path, because RollbackFirmwareSetup() provides the
- * same information.  It may be used in the recovery path. */
-uint32_t RollbackFirmwareRead(uint32_t* version);
+uint32_t RollbackFirmwareSetup(int recovery_mode, int developer_mode,
+                               uint32_t* version);

 /* Write may be called if the versions change */
 uint32_t RollbackFirmwareWrite(uint32_t version);
@@ -108,12 +77,6 @@ uint32_t RollbackFirmwareLock(void);
 /* These functions are callable from LoadKernel().  They may use global
 * variables. */

-/* Recovery may be called.  If it is, this is the first time a
- * rollback function has been called this boot, so it needs to know if
- * we're in developer mode.  Pass developer_mode=nonzero if in developer
- * mode. */
-uint32_t RollbackKernelRecovery(int developer_mode);
-
 /* Read and write may be called to read and write the kernel version. */
 uint32_t RollbackKernelRead(uint32_t* version);
 uint32_t RollbackKernelWrite(uint32_t version);