rollback_index: Remove recovery_mode parameter to SetupTPM.

SetupTPM no longer uses recovery_mode parameter for anything other than
a debug print. This change moves the debug print to a caller function,
then removes recovery_mode from SetupTPM and some caller functions that
no longer have a use for it.

BUG=chrome-os-partner:20913.
TEST=Manual. Boot factory install shim in recovery mode and verify TPM
clear operations succeed. Boot in dev mode and verify "Lock physical
presence" print on UART.
BRANCH=None.

Signed-off-by: Shawn Nematbakhsh <shawnn@chromium.org>
Change-Id: I2f671f6680a6e67cf722855e659e99752bc0783c
Reviewed-on: https://gerrit.chromium.org/gerrit/62916
Reviewed-by: Randall Spangler <rspangler@chromium.org>

firmware/lib/include/rollback_index.h

@@ -83,7 +83,7 @@ uint32_t RollbackS3Resume(void);
 /**
  * This must be called.
  */
-uint32_t RollbackFirmwareSetup(int recovery_mode, int is_hw_dev,
+uint32_t RollbackFirmwareSetup(int is_hw_dev,
                                int disable_dev_request,
                                int clear_tpm_owner_request,
                                /* two outputs on success */
@@ -161,9 +161,8 @@ uint32_t OneTimeInitializeTPM(RollbackSpaceFirmware *rsf,
  * Start the TPM and establish the root of trust for the anti-rollback
  * mechanism.
  */
-uint32_t SetupTPM(int recovery_mode, int developer_mode,
+uint32_t SetupTPM(int developer_mode, int disable_dev_request,
-                  int disable_dev_request, int clear_tpm_owner_request,
+                  int clear_tpm_owner_request, RollbackSpaceFirmware *rsf);
-                  RollbackSpaceFirmware *rsf);
 
 /**
  * Utility function to turn the virtual dev-mode flag on or off. 0=off, 1=on.

firmware/lib/mocked_rollback_index.c

@@ -23,9 +23,8 @@ uint32_t TPMClearAndReenable(void) {
 }
 
 
-uint32_t SetupTPM(int recovery_mode, int developer_mode,
+uint32_t SetupTPM(int developer_mode, int disable_dev_request,
-                  int disable_dev_request, int clear_tpm_owner_request,
+                  int clear_tpm_owner_request, RollbackSpaceFirmware* rsf) {
-                  RollbackSpaceFirmware* rsf) {
   return TPM_SUCCESS;
 }
 
@@ -35,7 +34,7 @@ uint32_t RollbackS3Resume(void) {
 }
 
 
-uint32_t RollbackFirmwareSetup(int recovery_mode, int is_hw_dev,
+uint32_t RollbackFirmwareSetup(int is_hw_dev,
                                int disable_dev_request,
                                int clear_tpm_owner_request,
                                int *is_virt_dev, uint32_t *version) {

firmware/lib/rollback_index.c

@@ -341,9 +341,8 @@ uint32_t OneTimeInitializeTPM(RollbackSpaceFirmware *rsf,
  * to the TPM flashram at every reboot or wake-up, because of concerns about
  * the durability of the NVRAM.
  */
-uint32_t SetupTPM(int recovery_mode, int developer_mode,
+uint32_t SetupTPM(int developer_mode, int disable_dev_request,
-                  int disable_dev_request, int clear_tpm_owner_request,
+                  int clear_tpm_owner_request, RollbackSpaceFirmware* rsf)
-                  RollbackSpaceFirmware* rsf)
 {
 	uint8_t in_flags;
 	uint8_t disable;
@@ -351,8 +350,6 @@ uint32_t SetupTPM(int recovery_mode, int developer_mode,
 	uint32_t result;
 	uint32_t versions;
 
-	VBDEBUG(("TPM: SetupTPM(r%d, d%d)\n", recovery_mode, developer_mode));
-
 	RETURN_ON_FAILURE(TlclLibInit());
 
 #ifdef TEGRA_SOFT_REBOOT_WORKAROUND
@@ -494,7 +491,7 @@ uint32_t RollbackS3Resume(void)
 	return TPM_SUCCESS;
 }
 
-uint32_t RollbackFirmwareSetup(int recovery_mode, int is_hw_dev,
+uint32_t RollbackFirmwareSetup(int is_hw_dev,
                                int disable_dev_request,
                                int clear_tpm_owner_request,
                                int *is_virt_dev, uint32_t *version)
@@ -556,7 +553,7 @@ uint32_t RollbackS3Resume(void)
 	return result;
 }
 
-uint32_t RollbackFirmwareSetup(int recovery_mode, int is_hw_dev,
+uint32_t RollbackFirmwareSetup(int is_hw_dev,
                                int disable_dev_request,
                                int clear_tpm_owner_request,
                                int *is_virt_dev, uint32_t *version)
@@ -566,8 +563,7 @@ uint32_t RollbackFirmwareSetup(int recovery_mode, int is_hw_dev,
 	/* Set version to 0 in case we fail */
 	*version = 0;
 
-	RETURN_ON_FAILURE(SetupTPM(recovery_mode, is_hw_dev,
+	RETURN_ON_FAILURE(SetupTPM(is_hw_dev, disable_dev_request,
-				   disable_dev_request,
 				   clear_tpm_owner_request, &rsf));
 	Memcpy(version, &rsf.fw_versions, sizeof(*version));
 	*is_virt_dev = (rsf.flags & FLAG_VIRTUAL_DEV_MODE_ON) ? 1 : 0;

firmware/lib/vboot_api_init.c

@@ -175,7 +175,9 @@ VbError_t VbInit(VbCommonParams *cparams, VbInitParams *iparams)
 		 * TPM space is initialized by this call, the virtual
 		 * dev-switch will be disabled by default)
 		 */
-		tpm_status = RollbackFirmwareSetup(recovery, is_hw_dev,
+		VBDEBUG(("TPM: Call RollbackFirmwareSetup(r%d, d%d)\n",
+			recovery, is_hw_dev));
+		tpm_status = RollbackFirmwareSetup(is_hw_dev,
 						   disable_dev_request,
 						   clear_tpm_owner_request,
 						   /* two outputs on success */

firmware/linktest/main.c

@@ -31,7 +31,7 @@ int main(void)
 
   /* rollback_index.h */
   RollbackS3Resume();
-  RollbackFirmwareSetup(0, 0, 0, 0, 0, 0);
+  RollbackFirmwareSetup(0, 0, 0, 0, 0);
   RollbackFirmwareWrite(0);
   RollbackFirmwareLock();
   RollbackKernelRead(0);

tests/rollback_index2_tests.c

@@ -598,7 +598,7 @@ static void SetupTpmTest(void)
 
 	/* Complete setup */
 	ResetMocks(0, 0);
-	TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), 0, "SetupTPM()");
+	TEST_EQ(SetupTPM(0, 0, 0, &rsf), 0, "SetupTPM()");
 	TEST_STR_EQ(mock_calls,
 		    "TlclLibInit()\n"
 		    "TlclStartup()\n"
@@ -610,7 +610,7 @@ static void SetupTpmTest(void)
 	/* If TPM is disabled or deactivated, must enable it */
 	ResetMocks(0, 0);
 	mock_pflags.disable = 1;
-	TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), TPM_E_MUST_REBOOT,
+	TEST_EQ(SetupTPM(0, 0, 0, &rsf), TPM_E_MUST_REBOOT,
 		"SetupTPM() disabled");
 	TEST_STR_EQ(mock_calls,
 		    "TlclLibInit()\n"
@@ -623,7 +623,7 @@ static void SetupTpmTest(void)
 
 	ResetMocks(0, 0);
 	mock_pflags.deactivated = 1;
-	TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), TPM_E_MUST_REBOOT,
+	TEST_EQ(SetupTPM(0, 0, 0, &rsf), TPM_E_MUST_REBOOT,
 		"SetupTPM() deactivated");
 	TEST_STR_EQ(mock_calls,
 		    "TlclLibInit()\n"
@@ -636,7 +636,7 @@ static void SetupTpmTest(void)
 
 	/* If physical presence command isn't enabled, try to enable it */
 	ResetMocks(3, TPM_E_IOERROR);
-	TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), 0, "SetupTPM() pp cmd");
+	TEST_EQ(SetupTPM(0, 0, 0, &rsf), 0, "SetupTPM() pp cmd");
 	TEST_STR_EQ(mock_calls,
 		    "TlclLibInit()\n"
 		    "TlclStartup()\n"
@@ -651,7 +651,7 @@ static void SetupTpmTest(void)
 	ResetMocks(5, TPM_E_BADINDEX);
 	mock_pflags.physicalPresenceLifetimeLock = 1;
 	mock_pflags.nvLocked = 1;
-	TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), 0, "SetupTPM() no firmware space");
+	TEST_EQ(SetupTPM(0, 0, 0, &rsf), 0, "SetupTPM() no firmware space");
 	TEST_STR_EQ(mock_calls,
 		    "TlclLibInit()\n"
 		    "TlclStartup()\n"
@@ -674,7 +674,7 @@ static void SetupTpmTest(void)
 
 	/* Other firmware space error is passed through */
 	ResetMocks(5, TPM_E_IOERROR);
-	TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), TPM_E_CORRUPTED_STATE,
+	TEST_EQ(SetupTPM(0, 0, 0, &rsf), TPM_E_CORRUPTED_STATE,
 		"SetupTPM() bad firmware space");
 	TEST_STR_EQ(mock_calls,
 		    "TlclLibInit()\n"
@@ -686,7 +686,7 @@ static void SetupTpmTest(void)
 
 	/* If developer flag has toggled, clear ownership and write new flag */
 	ResetMocks(0, 0);
-	TEST_EQ(SetupTPM(0, 1, 0, 0, &rsf), 0, "SetupTPM() to dev");
+	TEST_EQ(SetupTPM(1, 0, 0, &rsf), 0, "SetupTPM() to dev");
 	TEST_STR_EQ(mock_calls,
 		    "TlclLibInit()\n"
 		    "TlclStartup()\n"
@@ -704,7 +704,7 @@ static void SetupTpmTest(void)
 
 	ResetMocks(0, 0);
 	mock_rsf.flags = FLAG_LAST_BOOT_DEVELOPER;
-	TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), 0, "SetupTPM() from dev");
+	TEST_EQ(SetupTPM(0, 0, 0, &rsf), 0, "SetupTPM() from dev");
 	TEST_STR_EQ(mock_calls,
 		    "TlclLibInit()\n"
 		    "TlclStartup()\n"
@@ -721,7 +721,7 @@ static void SetupTpmTest(void)
 
 	/* If TPM clear request, clear ownership also */
 	ResetMocks(0, 0);
-	TEST_EQ(SetupTPM(0, 0, 0, 1, &rsf), 0, "SetupTPM() clear owner");
+	TEST_EQ(SetupTPM(0, 0, 1, &rsf), 0, "SetupTPM() clear owner");
 	TEST_STR_EQ(mock_calls,
 		    "TlclLibInit()\n"
 		    "TlclStartup()\n"
@@ -736,13 +736,13 @@ static void SetupTpmTest(void)
 	/* Handle request to clear virtual dev switch */
 	ResetMocks(0, 0);
 	mock_rsf.flags = FLAG_VIRTUAL_DEV_MODE_ON | FLAG_LAST_BOOT_DEVELOPER;
-	TEST_EQ(SetupTPM(0, 0, 1, 0, &rsf), 0, "SetupTPM() clear virtual dev");
+	TEST_EQ(SetupTPM(0, 1, 0, &rsf), 0, "SetupTPM() clear virtual dev");
 	TEST_EQ(mock_rsf.flags, 0, "Clear virtual dev");
 
 	/* If virtual dev switch is on, that should set last boot developer */
 	ResetMocks(0, 0);
 	mock_rsf.flags = FLAG_VIRTUAL_DEV_MODE_ON;
-	SetupTPM(0, 0, 0, 0, &rsf);
+	SetupTPM(0, 0, 0, &rsf);
 	TEST_EQ(mock_rsf.flags,
 		FLAG_VIRTUAL_DEV_MODE_ON | FLAG_LAST_BOOT_DEVELOPER,
 		"virtual dev sets last boot");
@@ -767,7 +767,7 @@ static void RollbackFirmwareTest(void)
 	dev_mode = 0;
 	version = 123;
 	mock_rsf.fw_versions = 0x12345678;
-	TEST_EQ(RollbackFirmwareSetup(0, 0, dev_mode, 0, &dev_mode, &version),
+	TEST_EQ(RollbackFirmwareSetup(0, dev_mode, 0, &dev_mode, &version),
 		0, "RollbackFirmwareSetup()");
 	TEST_STR_EQ(mock_calls,
 		    "TlclLibInit()\n"
@@ -783,7 +783,7 @@ static void RollbackFirmwareTest(void)
 	dev_mode = 0;
 	version = 123;
 	mock_rsf.fw_versions = 0x12345678;
-	TEST_EQ(RollbackFirmwareSetup(0, 0, dev_mode, 0, &dev_mode, &version),
+	TEST_EQ(RollbackFirmwareSetup(0, dev_mode, 0, &dev_mode, &version),
 		TPM_E_IOERROR,
 		"RollbackFirmwareSetup() error");
 	TEST_STR_EQ(mock_calls,
@@ -794,7 +794,7 @@ static void RollbackFirmwareTest(void)
 	/* Developer mode flag gets passed properly */
 	ResetMocks(0, 0);
 	dev_mode = 1;
-	TEST_EQ(RollbackFirmwareSetup(0, dev_mode, 0, 0, &dev_mode, &version),
+	TEST_EQ(RollbackFirmwareSetup(dev_mode, 0, 0, &dev_mode, &version),
 		0, "RollbackFirmwareSetup() to dev");
 	TEST_STR_EQ(mock_calls,
 		    "TlclLibInit()\n"
@@ -814,7 +814,7 @@ static void RollbackFirmwareTest(void)
 	/* So does clear-TPM request */
 	ResetMocks(0, 0);
 	dev_mode = 0;
-	TEST_EQ(RollbackFirmwareSetup(0, dev_mode, 0, 1, &dev_mode, &version),
+	TEST_EQ(RollbackFirmwareSetup(dev_mode, 0, 1, &dev_mode, &version),
 		0, "RollbackFirmwareSetup() clear owner");
 	TEST_STR_EQ(mock_calls,
 		    "TlclLibInit()\n"
@@ -886,7 +886,7 @@ static void RollbackKernelTest(void)
 	 * rollback_index.c based on recovery mode, which is set by SetupTPM().
 	 * Clear the flag for the first set of tests.
 	 */
-	TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), 0, "SetupTPM()");
+	TEST_EQ(SetupTPM(0, 0, 0, &rsf), 0, "SetupTPM()");
 
 	/* Normal read */
 	ResetMocks(0, 0);
@@ -948,7 +948,7 @@ static void RollbackKernelTest(void)
 		"RollbackKernelLock() error");
 
 	/* Test lock with recovery on; shouldn't lock PP */
-	SetupTPM(1, 0, 0, 0, &rsf);
+	SetupTPM(0, 0, 0, &rsf);
 	ResetMocks(0, 0);
 	TEST_EQ(RollbackKernelLock(1), 0, "RollbackKernelLock() in recovery");
 	TEST_STR_EQ(mock_calls, "", "no tlcl calls");

tests/rollback_index3_tests.c

@@ -24,7 +24,7 @@ int main(int argc, char* argv[])
 
 	is_virt_dev = 1;
 	version = 1;
-	TEST_EQ(RollbackFirmwareSetup(0, 0, 0, 0, &is_virt_dev, &version),
+	TEST_EQ(RollbackFirmwareSetup(0, 0, 0, &is_virt_dev, &version),
 		0, "RollbackFirmwareSetup()");
 	TEST_EQ(is_virt_dev, 0, "rfs is_virt_dev");
 	TEST_EQ(version, 0, "rfs version");

tests/vboot_api_init_tests.c

@@ -100,7 +100,7 @@ uint32_t RollbackS3Resume(void)
 	return rollback_s3_retval;
 }
 
-uint32_t RollbackFirmwareSetup(int recovery_mode, int is_hw_dev,
+uint32_t RollbackFirmwareSetup(int is_hw_dev,
                                int disable_dev_request,
                                int clear_tpm_owner_request,
                                /* two outputs on success */