diff --git a/firmware/lib/include/rollback_index.h b/firmware/lib/include/rollback_index.h index 513454b287..df132e76c6 100644 --- a/firmware/lib/include/rollback_index.h +++ b/firmware/lib/include/rollback_index.h @@ -22,12 +22,14 @@ #define RW_NORMAL_MODE 2 /* TPM NVRAM location indices. */ +#define FIRST_ROLLBACK_NV_INDEX 0x1001 /* First index used here */ #define FIRMWARE_VERSIONS_NV_INDEX 0x1001 #define KERNEL_VERSIONS_NV_INDEX 0x1002 #define TPM_IS_INITIALIZED_NV_INDEX 0x1003 #define KERNEL_VERSIONS_BACKUP_NV_INDEX 0x1004 #define KERNEL_MUST_USE_BACKUP_NV_INDEX 0x1005 #define DEVELOPER_MODE_NV_INDEX 0x1006 +#define LAST_ROLLBACK_NV_INDEX 0x1006 /* Last index used here */ /* Unique ID to detect kernel space redefinition */ #define KERNEL_SPACE_UID "GRWL" /* unique ID with secret meaning */ diff --git a/firmware/lib/rollback_index.c b/firmware/lib/rollback_index.c index 5cbb83787b..312950e1a2 100644 --- a/firmware/lib/rollback_index.c +++ b/firmware/lib/rollback_index.c @@ -26,9 +26,11 @@ __pragma(warning (disable: 4127)) } while (0) uint32_t TPMClearAndReenable(void) { + VBDEBUG(("TPM: Clear and re-enable\n")); RETURN_ON_FAILURE(TlclForceClear()); RETURN_ON_FAILURE(TlclSetEnable()); RETURN_ON_FAILURE(TlclSetDeactivated(0)); + return TPM_SUCCESS; } @@ -96,10 +98,32 @@ uint32_t GetSpacesInitialized(int* initialized) { static uint32_t InitializeSpaces(void) { uint32_t zero = 0; uint32_t firmware_perm = TPM_NV_PER_GLOBALLOCK | TPM_NV_PER_PPWRITE; + uint8_t nvlocked = 0; + uint32_t i; - VBDEBUG(("Initializing spaces\n")); + VBDEBUG(("TPM: Initializing spaces\n")); - RETURN_ON_FAILURE(TlclSetNvLocked()); +#ifdef FORCE_CLEAR_ON_INIT + /* Force the TPM clear, in case it previously had an owner, so that we can + * redefine the NVRAM spaces. */ + RETURN_ON_FAILURE(TPMClearAndReenable()); +#endif + + /* The TPM will not enforce the NV authorization restrictions until the + * execution of a TPM_NV_DefineSpace with the handle of TPM_NV_INDEX_LOCK. + * Create that space if it doesn't already exist. */ + RETURN_ON_FAILURE(TlclGetFlags(NULL, NULL, &nvlocked)); + VBDEBUG(("TPM: nvlocked=%d\n", nvlocked)); + if (!nvlocked) { + VBDEBUG(("TPM: Enabling NV locking\n")); + RETURN_ON_FAILURE(TlclSetNvLocked()); + } + + /* If the spaces were previously defined, we need to undefine them before we + * can redefine them. Undefine by setting size=0. Ignore these return codes, + * since they fail if the spaces aren't actually defined? */ + for (i = FIRST_ROLLBACK_NV_INDEX; i <= LAST_ROLLBACK_NV_INDEX; i++) + SafeDefineSpace(i, firmware_perm, 0); RETURN_ON_FAILURE(SafeDefineSpace(FIRMWARE_VERSIONS_NV_INDEX, firmware_perm, sizeof(uint32_t))); @@ -156,10 +180,14 @@ uint32_t RecoverKernelSpace(void) { uint32_t must_use_backup; uint32_t zero = 0; + VBDEBUG(("TPM: RecoverKernelSpace()\n")); + RETURN_ON_FAILURE(TlclRead(KERNEL_MUST_USE_BACKUP_NV_INDEX, (uint8_t*) &must_use_backup, sizeof(uint32_t))); /* must_use_backup is true if the previous boot entered recovery mode. */ + VBDEBUG(("TPM: must_use_backup = %d\n", must_use_backup)); + /* If we can't read the kernel space, or it has the wrong permission, or it * doesn't contain the right identifier, we give up. This will need to be * fixed by the recovery kernel. We have to worry about this because at any @@ -194,6 +222,7 @@ uint32_t RecoverKernelSpace(void) { static uint32_t BackupKernelSpace(void) { uint32_t kernel_versions; uint32_t backup_versions; + VBDEBUG(("TPM: BackupKernelSpace()\n")); RETURN_ON_FAILURE(TlclRead(KERNEL_VERSIONS_NV_INDEX, (uint8_t*) &kernel_versions, sizeof(uint32_t))); RETURN_ON_FAILURE(TlclRead(KERNEL_VERSIONS_BACKUP_NV_INDEX, @@ -250,15 +279,27 @@ uint32_t SetupTPM(int recovery_mode, int developer_mode) { uint8_t deactivated; uint32_t result; + VBDEBUG(("TPM: SetupTPM(r%d, d%d)\n", recovery_mode, developer_mode)); + + /* TODO: TlclLibInit() should be able to return failure */ TlclLibInit(); + RETURN_ON_FAILURE(TlclStartup()); +#ifdef USE_CONTINUE_SELF_TEST + /* TODO: ContinueSelfTest() should be faster than SelfTestFull, but may also + * not work properly in older TPM firmware. For now, do the full self test. */ RETURN_ON_FAILURE(TlclContinueSelfTest()); +#else + RETURN_ON_FAILURE(TlclSelfTestFull()); +#endif RETURN_ON_FAILURE(TlclAssertPhysicalPresence()); /* Checks that the TPM is enabled and activated. */ - RETURN_ON_FAILURE(TlclGetFlags(&disable, &deactivated)); + RETURN_ON_FAILURE(TlclGetFlags(&disable, &deactivated, NULL)); if (disable || deactivated) { + VBDEBUG(("TPM: disabled (%d) or deactivated (%d). Fixing...\n", disable, deactivated)); RETURN_ON_FAILURE(TlclSetEnable()); RETURN_ON_FAILURE(TlclSetDeactivated(0)); + VBDEBUG(("TPM: Must reboot to re-enable\n")); return TPM_E_MUST_REBOOT; } result = RecoverKernelSpace(); @@ -267,11 +308,15 @@ uint32_t SetupTPM(int recovery_mode, int developer_mode) { * initialized yet. */ int initialized = 0; + VBDEBUG(("TPM: RecoverKernelSpace() failed\n")); RETURN_ON_FAILURE(GetSpacesInitialized(&initialized)); if (initialized) { + VBDEBUG(("TPM: Already initialized, so give up\n")); return result; } else { + VBDEBUG(("TPM: Need to initialize spaces.\n")); RETURN_ON_FAILURE(InitializeSpaces()); + VBDEBUG(("TPM: Retrying RecoverKernelSpace() now that spaces are initialized.\n")); RETURN_ON_FAILURE(RecoverKernelSpace()); } } @@ -283,6 +328,7 @@ uint32_t SetupTPM(int recovery_mode, int developer_mode) { /* In recovery mode global variables are usable. */ g_rollback_recovery_mode = 1; } + VBDEBUG(("TPM: SetupTPM() succeeded\n")); return TPM_SUCCESS; } diff --git a/firmware/lib/tpm_lite/include/tlcl.h b/firmware/lib/tpm_lite/include/tlcl.h index 5dfd7ef799..6875619e6d 100644 --- a/firmware/lib/tpm_lite/include/tlcl.h +++ b/firmware/lib/tpm_lite/include/tlcl.h @@ -53,7 +53,7 @@ uint32_t TlclStartup(void); /* Run the self test. Note---this is synchronous. To run this in parallel * with other firmware, use ContinueSelfTest. The TPM error code is returned. */ -uint32_t TlclSelftestfull(void); +uint32_t TlclSelfTestFull(void); /* Runs the self test in the background. */ @@ -64,11 +64,6 @@ uint32_t TlclContinueSelfTest(void); */ uint32_t TlclDefineSpace(uint32_t index, uint32_t perm, uint32_t size); -/* Defines a space with permission [perm]. [index] is the index for the space, - * [size] the usable data size. Returns the TPM error code. - */ -uint32_t TlclDefineSpaceResult(uint32_t index, uint32_t perm, uint32_t size); - /* Writes [length] bytes of [data] to space at [index]. The TPM error code is * returned. */ @@ -120,10 +115,10 @@ uint32_t TlclClearEnable(void); */ uint32_t TlclSetDeactivated(uint8_t flag); -/* Gets flags of interest. (Add more here as needed.) The TPM error code is - * returned. +/* Gets flags of interest. Pointers for flags you aren't interested in may + * be NULL. The TPM error code is returned. */ -uint32_t TlclGetFlags(uint8_t* disable, uint8_t* deactivated); +uint32_t TlclGetFlags(uint8_t* disable, uint8_t* deactivated, uint8_t* nvlocked); /* Sets the bGlobalLock flag, which only a reboot can clear. The TPM error * code is returned. diff --git a/firmware/lib/tpm_lite/tlcl.c b/firmware/lib/tpm_lite/tlcl.c index 4ca8b87e48..edcc1ebbf0 100644 --- a/firmware/lib/tpm_lite/tlcl.c +++ b/firmware/lib/tpm_lite/tlcl.c @@ -52,19 +52,26 @@ static void CheckResult(uint8_t* request, uint8_t* response, int warn_only) { int result = TpmReturnCode(response); if (result != TPM_SUCCESS) { if (warn_only) - VBDEBUG(("TPM command %d 0x%x failed: %d 0x%x\n", - command, command, result, result)); + VBDEBUG(("TPM: command 0x%x failed: 0x%x\n", command, result)); else - error("TPM command %d 0x%x failed: %d 0x%x\n", - command, command, result, result); + error("TPM: command 0x%x failed: 0x%x\n", command, result); } } /* Sends a TPM command and gets a response. */ static void TlclSendReceive(uint8_t* request, uint8_t* response, int max_length) { + TlclStubSendReceive(request, TpmCommandSize(request), response, max_length); + +#ifdef VBOOT_DEBUG + { + int command = TpmCommandCode(request); + int result = TpmReturnCode(response); + VBDEBUG(("TPM: command 0x%x returned 0x%x\n", command, result)); + } +#endif } @@ -82,18 +89,22 @@ void TlclLibInit(void) { } uint32_t TlclStartup(void) { + VBDEBUG(("TPM: Startup\n")); return Send(tpm_startup_cmd.buffer); } -uint32_t TlclSelftestfull(void) { +uint32_t TlclSelfTestFull(void) { + VBDEBUG(("TPM: Self test full\n")); return Send(tpm_selftestfull_cmd.buffer); } uint32_t TlclContinueSelfTest(void) { + VBDEBUG(("TPM: Continue self test\n")); return Send(tpm_continueselftest_cmd.buffer); } uint32_t TlclDefineSpace(uint32_t index, uint32_t perm, uint32_t size) { + VBDEBUG(("TPM: TlclDefineSpace(0x%x, 0x%x, %d)\n", index, perm, size)); ToTpmUint32(tpm_nv_definespace_cmd.index, index); ToTpmUint32(tpm_nv_definespace_cmd.perm, perm); ToTpmUint32(tpm_nv_definespace_cmd.size, size); @@ -105,6 +116,7 @@ uint32_t TlclWrite(uint32_t index, uint8_t* data, uint32_t length) { const int total_length = kTpmRequestHeaderLength + kWriteInfoLength + length; + VBDEBUG(("TPM: TlclWrite(0x%x, %d)\n", index, length)); assert(total_length <= TPM_LARGE_ENOUGH_COMMAND_SIZE); SetTpmCommandSize(tpm_nv_write_cmd.buffer, total_length); @@ -123,6 +135,7 @@ uint32_t TlclRead(uint32_t index, uint8_t* data, uint32_t length) { uint32_t result_length; uint32_t result; + VBDEBUG(("TPM: TlclRead(0x%x, %d)\n", index, length)); ToTpmUint32(tpm_nv_read_cmd.index, index); ToTpmUint32(tpm_nv_read_cmd.length, length); @@ -139,14 +152,17 @@ uint32_t TlclRead(uint32_t index, uint8_t* data, uint32_t length) { } uint32_t TlclWriteLock(uint32_t index) { + VBDEBUG(("TPM: Write lock 0x%x\n", index)); return TlclWrite(index, NULL, 0); } uint32_t TlclReadLock(uint32_t index) { + VBDEBUG(("TPM: Read lock 0x%x\n", index)); return TlclRead(index, NULL, 0); } uint32_t TlclAssertPhysicalPresence(void) { + VBDEBUG(("TPM: Asserting physical presence\n")); return Send(tpm_ppassert_cmd.buffer); } @@ -157,10 +173,12 @@ uint32_t TlclAssertPhysicalPresenceResult(void) { } uint32_t TlclLockPhysicalPresence(void) { + VBDEBUG(("TPM: Lock physical presence\n")); return Send(tpm_pplock_cmd.buffer); } uint32_t TlclSetNvLocked(void) { + VBDEBUG(("TPM: Set NV locked\n")); return TlclDefineSpace(TPM_NV_INDEX_LOCK, 0, 0); } @@ -173,27 +191,32 @@ int TlclIsOwned(void) { } uint32_t TlclForceClear(void) { + VBDEBUG(("TPM: Force clear\n")); return Send(tpm_forceclear_cmd.buffer); } uint32_t TlclSetEnable(void) { + VBDEBUG(("TPM: Enabling TPM\n")); return Send(tpm_physicalenable_cmd.buffer); } uint32_t TlclClearEnable(void) { + VBDEBUG(("TPM: Disabling TPM\n")); return Send(tpm_physicaldisable_cmd.buffer); } uint32_t TlclSetDeactivated(uint8_t flag) { + VBDEBUG(("TPM: SetDeactivated(%d)\n", flag)); *((uint8_t*)tpm_physicalsetdeactivated_cmd.deactivated) = flag; return Send(tpm_physicalsetdeactivated_cmd.buffer); } -uint32_t TlclGetFlags(uint8_t* disable, uint8_t* deactivated) { +uint32_t TlclGetFlags(uint8_t* disable, uint8_t* deactivated, uint8_t *nvlocked) { uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE]; TPM_PERMANENT_FLAGS* pflags; uint32_t result; uint32_t size; + VBDEBUG(("TPM: Get flags\n")); TlclSendReceive(tpm_getflags_cmd.buffer, response, sizeof(response)); result = TpmReturnCode(response); @@ -204,13 +227,20 @@ uint32_t TlclGetFlags(uint8_t* disable, uint8_t* deactivated) { assert(size == sizeof(TPM_PERMANENT_FLAGS)); pflags = (TPM_PERMANENT_FLAGS*) (response + kTpmResponseHeaderLength + sizeof(size)); - *disable = pflags->disable; - *deactivated = pflags->deactivated; + VBDEBUG(("TPM: Got flags disable=%d, deactivated=%d, nvlocked=%d\n", + pflags->disable, pflags->deactivated, pflags->nvLocked)); + if (disable) + *disable = pflags->disable; + if (deactivated) + *deactivated = pflags->deactivated; + if (nvlocked) + *nvlocked = pflags->nvLocked; return result; } uint32_t TlclSetGlobalLock(void) { uint32_t x; + VBDEBUG(("TPM: Set Set global lock\n")); return TlclWrite(TPM_NV_INDEX0, (uint8_t*) &x, 0); } diff --git a/firmware/lib/vboot_firmware.c b/firmware/lib/vboot_firmware.c index b88dc20942..e5d6f79e5a 100644 --- a/firmware/lib/vboot_firmware.c +++ b/firmware/lib/vboot_firmware.c @@ -41,6 +41,7 @@ int LoadFirmware(LoadFirmwareParams* params) { uint64_t lowest_key_version = 0xFFFF; uint64_t lowest_fw_version = 0xFFFF; uint32_t status; + int is_dev = (BOOT_FLAG_DEVELOPER & params->boot_flags ? 1 : 0); int good_index = -1; int index; @@ -61,17 +62,21 @@ int LoadFirmware(LoadFirmwareParams* params) { } /* Initialize the TPM and read rollback indices. */ - status = RollbackFirmwareSetup(params->boot_flags & BOOT_FLAG_DEVELOPER); - if (0 != status) { - VBDEBUG(("Unable to setup TPM.\n")); - return (status == TPM_E_MUST_REBOOT ? - LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); - } - status = RollbackFirmwareRead(&tpm_key_version, &tpm_fw_version); - if (0 != status) { - VBDEBUG(("Unable to read stored versions.\n")); - return (status == TPM_E_MUST_REBOOT ? - LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); + if (!is_dev) { + /* TODO: should use the TPM all the time; for now, only use when + * not in developer mode. */ + status = RollbackFirmwareSetup(params->boot_flags & BOOT_FLAG_DEVELOPER); + if (0 != status) { + VBDEBUG(("Unable to setup TPM.\n")); + return (status == TPM_E_MUST_REBOOT ? + LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); + } + status = RollbackFirmwareRead(&tpm_key_version, &tpm_fw_version); + if (0 != status) { + VBDEBUG(("Unable to read stored versions.\n")); + return (status == TPM_E_MUST_REBOOT ? + LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); + } } /* Allocate our internal data */ @@ -225,22 +230,29 @@ int LoadFirmware(LoadFirmwareParams* params) { (lowest_key_version == tpm_key_version && lowest_fw_version > tpm_fw_version)) { - - status = RollbackFirmwareWrite((uint16_t)lowest_key_version, - (uint16_t)lowest_fw_version); - if (0 != status) { - VBDEBUG(("Unable to write stored versions.\n")); - return (status == TPM_E_MUST_REBOOT ? - LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); + if (!is_dev) { + /* TODO: should use the TPM all the time; for now, only use + * when not in developer mode. */ + status = RollbackFirmwareWrite((uint16_t)lowest_key_version, + (uint16_t)lowest_fw_version); + if (0 != status) { + VBDEBUG(("Unable to write stored versions.\n")); + return (status == TPM_E_MUST_REBOOT ? + LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); + } } } - /* Lock firmware versions in TPM */ - status = RollbackFirmwareLock(); - if (0 != status) { - VBDEBUG(("Unable to lock firmware versions.\n")); - return (status == TPM_E_MUST_REBOOT ? - LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); + if (!is_dev) { + /* TODO: should use the TPM all the time; for now, only use + * when not in developer mode. */ + /* Lock firmware versions in TPM */ + status = RollbackFirmwareLock(); + if (0 != status) { + VBDEBUG(("Unable to lock firmware versions.\n")); + return (status == TPM_E_MUST_REBOOT ? + LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); + } } /* Success */ diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c index ddbceed6e3..03e4da81cb 100644 --- a/firmware/lib/vboot_kernel.c +++ b/firmware/lib/vboot_kernel.c @@ -136,12 +136,16 @@ int LoadKernel(LoadKernelParams* params) { params->bootloader_address = 0; params->bootloader_size = 0; - /* Let the TPM know if we're in recovery mode */ - if (is_rec) { - if (0 != RollbackKernelRecovery(is_dev ? 1 : 0)) { - VBDEBUG(("Error setting up TPM for recovery kernel\n")); - /* Ignore return code, since we need to boot recovery mode to - * fix the TPM. */ + if (!is_dev) { + /* TODO: should use the TPM all the time; for now, only use when + * not in developer mode. */ + /* Let the TPM know if we're in recovery mode */ + if (is_rec) { + if (0 != RollbackKernelRecovery(is_dev ? 1 : 0)) { + VBDEBUG(("Error setting up TPM for recovery kernel\n")); + /* Ignore return code, since we need to boot recovery mode to + * fix the TPM. */ + } } } @@ -381,14 +385,18 @@ int LoadKernel(LoadKernelParams* params) { } } - /* Lock the kernel versions */ - status = RollbackKernelLock(); - if (0 != status) { - VBDEBUG(("Error locking kernel versions.\n")); - /* Don't reboot to recovery mode if we're already there */ - if (!is_rec) - return (status == TPM_E_MUST_REBOOT ? - LOAD_KERNEL_REBOOT : LOAD_KERNEL_RECOVERY); + if (!is_dev) { + /* TODO: should use the TPM all the time; for now, only use when + * not in developer mode. */ + /* Lock the kernel versions */ + status = RollbackKernelLock(); + if (0 != status) { + VBDEBUG(("Error locking kernel versions.\n")); + /* Don't reboot to recovery mode if we're already there */ + if (!is_rec) + return (status == TPM_E_MUST_REBOOT ? + LOAD_KERNEL_REBOOT : LOAD_KERNEL_RECOVERY); + } } /* Success! */ diff --git a/firmware/linktest/main.c b/firmware/linktest/main.c index e726db324d..bff8f0067a 100644 --- a/firmware/linktest/main.c +++ b/firmware/linktest/main.c @@ -39,7 +39,7 @@ int main(void) TlclCloseDevice(); TlclOpenDevice(); TlclStartup(); - TlclSelftestfull(); + TlclSelfTestFull(); TlclContinueSelfTest(); TlclDefineSpace(0, 0, 0); TlclWrite(0, 0, 0); @@ -53,7 +53,7 @@ int main(void) TlclSetEnable(); TlclClearEnable(); TlclSetDeactivated(0); - TlclGetFlags(0, 0); + TlclGetFlags(0, 0, 0); /* vboot_common.h */ OffsetOf(0, 0); diff --git a/firmware/stub/utility_stub.c b/firmware/stub/utility_stub.c index 3e17f77347..ed58e0b24c 100644 --- a/firmware/stub/utility_stub.c +++ b/firmware/stub/utility_stub.c @@ -26,7 +26,7 @@ void error(const char *format, ...) { void debug(const char *format, ...) { va_list ap; va_start(ap, format); - fprintf(stderr, "WARNING: "); + fprintf(stderr, "DEBUG: "); vfprintf(stderr, format, ap); va_end(ap); } @@ -53,7 +53,7 @@ void* Memcpy(void* dest, const void* src, uint64_t n) { } void* Memset(void* d, const uint8_t c, uint64_t n) { - uint8_t *dest = d; /* the only way to keep both cl and gcc happy */ + uint8_t* dest = d; /* the only way to keep both cl and gcc happy */ while (n--) { *dest++ = c; } diff --git a/firmware/version.c b/firmware/version.c index f3aaaa27fd..978e65ec24 100644 --- a/firmware/version.c +++ b/firmware/version.c @@ -1 +1 @@ -char* VbootVersion = "VBOOv=de3135df"; +char* VbootVersion = "VBOOv=5f9c5921"; diff --git a/tests/tpm_lite/clear.c b/tests/tpm_lite/clear.c index f9caab5a2f..3bb30c8a98 100644 --- a/tests/tpm_lite/clear.c +++ b/tests/tpm_lite/clear.c @@ -15,7 +15,7 @@ int main(int argc, char** argv) { TlclLibInit(); TlclStartup(); - TlclSelftestfull(); + TlclSelfTestFull(); TlclAssertPhysicalPresence(); owned = TlclIsOwned(); diff --git a/tests/tpm_lite/enable.c b/tests/tpm_lite/enable.c index 15099849bd..a9172ba9dd 100644 --- a/tests/tpm_lite/enable.c +++ b/tests/tpm_lite/enable.c @@ -12,7 +12,7 @@ int main(int argc, char** argv) { TlclLibInit(); TlclStartup(); - TlclSelftestfull(); + TlclSelfTestFull(); TlclAssertPhysicalPresence(); TlclSetEnable(); diff --git a/tests/tpm_lite/fastenable.c b/tests/tpm_lite/fastenable.c index e9f58938bf..5b11e2e02e 100644 --- a/tests/tpm_lite/fastenable.c +++ b/tests/tpm_lite/fastenable.c @@ -28,12 +28,12 @@ int main(int argc, char** argv) { TlclLibInit(); CHECK(TlclStartup()); - CHECK(TlclSelftestfull()); + CHECK(TlclSelfTestFull()); CHECK(TlclAssertPhysicalPresence()); printf("PP asserted\n"); - CHECK(TlclGetFlags(&disable, &deactivated)); + CHECK(TlclGetFlags(&disable, &deactivated, NULL)); printf("disable is %d, deactivated is %d\n", disable, deactivated); for (i = 0; i < 2; i++) { @@ -41,19 +41,19 @@ int main(int argc, char** argv) { CHECK(TlclForceClear()); printf("tpm is cleared\n"); - CHECK(TlclGetFlags(&disable, &deactivated)); + CHECK(TlclGetFlags(&disable, &deactivated, NULL)); printf("disable is %d, deactivated is %d\n", disable, deactivated); CHECK(TlclSetEnable()); printf("disable flag is cleared\n"); - CHECK(TlclGetFlags(&disable, &deactivated)); + CHECK(TlclGetFlags(&disable, &deactivated, NULL)); printf("disable is %d, deactivated is %d\n", disable, deactivated); CHECK(TlclSetDeactivated(0)); printf("deactivated flag is cleared\n"); - CHECK(TlclGetFlags(&disable, &deactivated)); + CHECK(TlclGetFlags(&disable, &deactivated, NULL)); printf("disable is %d, deactivated is %d\n", disable, deactivated); } diff --git a/tests/tpm_lite/globallock.c b/tests/tpm_lite/globallock.c index ab287a4467..0fd455a2d6 100644 --- a/tests/tpm_lite/globallock.c +++ b/tests/tpm_lite/globallock.c @@ -26,7 +26,7 @@ int main(int argc, char** argv) { TlclLibInit(); TlclStartup(); - TlclSelftestfull(); + TlclSelfTestFull(); TlclAssertPhysicalPresence(); diff --git a/tests/tpm_lite/lock.c b/tests/tpm_lite/lock.c index c3ed0af152..2fd21b7e27 100644 --- a/tests/tpm_lite/lock.c +++ b/tests/tpm_lite/lock.c @@ -18,7 +18,7 @@ int main(int argc, char** argv) { TlclLibInit(); TlclStartup(); - TlclSelftestfull(); + TlclSelfTestFull(); TlclAssertPhysicalPresence(); diff --git a/tests/tpm_lite/readonly.c b/tests/tpm_lite/readonly.c index 9c49ec1d40..454a75e349 100644 --- a/tests/tpm_lite/readonly.c +++ b/tests/tpm_lite/readonly.c @@ -69,7 +69,7 @@ int main(int argc, char** argv) { TlclLibInit(); TlclStartup(); - TlclSelftestfull(); + TlclSelfTestFull(); TlclAssertPhysicalPresence(); diff --git a/tests/tpm_lite/redefine.c b/tests/tpm_lite/redefine.c index 030abb6755..eafded16e3 100644 --- a/tests/tpm_lite/redefine.c +++ b/tests/tpm_lite/redefine.c @@ -28,7 +28,7 @@ int main(int argc, char** argv) { TlclLibInit(); TlclStartup(); - TlclSelftestfull(); + TlclSelfTestFull(); TlclAssertPhysicalPresence(); result = TlclRead(INDEX0, (uint8_t*) &x, sizeof(x)); diff --git a/tests/tpm_lite/writelimit.c b/tests/tpm_lite/writelimit.c index 5daef76b63..552cbd66d5 100644 --- a/tests/tpm_lite/writelimit.c +++ b/tests/tpm_lite/writelimit.c @@ -25,11 +25,11 @@ int main(int argc, char** argv) { TlclLibInit(); TlclStartup(); - TlclSelftestfull(); + TlclSelfTestFull(); TlclAssertPhysicalPresence(); - result = TlclGetFlags(&disable, &deactivated); + result = TlclGetFlags(&disable, &deactivated, NULL); printf("disable is %d, deactivated is %d\n", disable, deactivated); if (disable || deactivated) { diff --git a/utility/load_kernel_test.c b/utility/load_kernel_test.c index a55c3db5b3..72c3921cff 100644 --- a/utility/load_kernel_test.c +++ b/utility/load_kernel_test.c @@ -21,7 +21,7 @@ #include "vboot_kernel.h" #define LBA_BYTES 512 -#define KERNEL_BUFFER_SIZE 0x600000 +#define KERNEL_BUFFER_SIZE 0xA00000 /* Global variables for stub functions */ static LoadKernelParams lkp;