(In the right repository this time.)

Do not directly manipulate global structs. Work on the local copy instead.

In firmware-land, globals are a bad idea.

Review URL: http://codereview.chromium.org/3027011

firmware/lib/tpm_lite/include/tlcl_structures.h

@@ -1,96 +1,96 @@
 /* This file is automatically generated */
 
-struct {
+struct s_tpm_extend_cmd{
   uint8_t buffer[34];
-  uint8_t* pcrNum;
-  uint8_t* inDigest;
+  uint16_t pcrNum;
+  uint16_t inDigest;
 } tpm_extend_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x14, },
-tpm_extend_cmd.buffer + 10, tpm_extend_cmd.buffer + 14, };
+10, 14, };
 
-struct {
+struct s_tpm_getpermissions_cmd{
   uint8_t buffer[22];
-  uint8_t* index;
+  uint16_t index;
 } tpm_getpermissions_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0x65, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x4, },
-tpm_getpermissions_cmd.buffer + 18, };
+18, };
 
-struct {
+struct s_tpm_getflags_cmd{
   uint8_t buffer[22];
 } tpm_getflags_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0x65, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x8, },
 };
 
-struct {
+struct s_tpm_physicalsetdeactivated_cmd{
   uint8_t buffer[11];
-  uint8_t* deactivated;
+  uint16_t deactivated;
 } tpm_physicalsetdeactivated_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x72, },
-tpm_physicalsetdeactivated_cmd.buffer + 10, };
+10, };
 
-struct {
+struct s_tpm_physicalenable_cmd{
   uint8_t buffer[10];
 } tpm_physicalenable_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6f, },
 };
 
-struct {
+struct s_tpm_physicaldisable_cmd{
   uint8_t buffer[10];
 } tpm_physicaldisable_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x70, },
 };
 
-struct {
+struct s_tpm_forceclear_cmd{
   uint8_t buffer[10];
 } tpm_forceclear_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5d, },
 };
 
-struct {
+struct s_tpm_readpubek_cmd{
   uint8_t buffer[30];
 } tpm_readpubek_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x7c, },
 };
 
-struct {
+struct s_tpm_continueselftest_cmd{
   uint8_t buffer[10];
 } tpm_continueselftest_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x53, },
 };
 
-struct {
+struct s_tpm_selftestfull_cmd{
   uint8_t buffer[10];
 } tpm_selftestfull_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x50, },
 };
 
-struct {
+struct s_tpm_startup_cmd{
   uint8_t buffer[12];
 } tpm_startup_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x1, },
 };
 
-struct {
+struct s_tpm_pplock_cmd{
   uint8_t buffer[12];
 } tpm_pplock_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x40, 0x0, 0x0, 0xa, 0x0, 0x4, },
 };
 
-struct {
+struct s_tpm_ppassert_cmd{
   uint8_t buffer[12];
 } tpm_ppassert_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x40, 0x0, 0x0, 0xa, 0x0, 0x8, },
 };
 
-struct {
+struct s_tpm_nv_read_cmd{
   uint8_t buffer[22];
-  uint8_t* index;
-  uint8_t* length;
+  uint16_t index;
+  uint16_t length;
 } tpm_nv_read_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0xcf, },
-tpm_nv_read_cmd.buffer + 10, tpm_nv_read_cmd.buffer + 18, };
+10, 18, };
 
-struct {
+struct s_tpm_nv_write_cmd{
   uint8_t buffer[256];
-  uint8_t* index;
-  uint8_t* length;
-  uint8_t* data;
+  uint16_t index;
+  uint16_t length;
+  uint16_t data;
 } tpm_nv_write_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd, },
-tpm_nv_write_cmd.buffer + 10, tpm_nv_write_cmd.buffer + 18, tpm_nv_write_cmd.buffer + 22, };
+10, 18, 22, };
 
-struct {
+struct s_tpm_nv_definespace_cmd{
   uint8_t buffer[101];
-  uint8_t* index;
-  uint8_t* perm;
-  uint8_t* size;
+  uint16_t index;
+  uint16_t perm;
+  uint16_t size;
 } tpm_nv_definespace_cmd = {{0x0, 0xc1, 0x0, 0x0, 0x0, 0x65, 0x0, 0x0, 0x0, 0xcc, 0x0, 0x18, 0, 0, 0, 0, 0x0, 0x3, 0, 0, 0, 0x1f, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x0, 0x3, 0, 0, 0, 0x1f, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x0, 0x17, },
-tpm_nv_definespace_cmd.buffer + 12, tpm_nv_definespace_cmd.buffer + 70, tpm_nv_definespace_cmd.buffer + 77, };
+12, 70, 77, };
 
 const int kWriteInfoLength = 12;
 const int kNvDataPublicPermissionsOffset = 60;

firmware/lib/tpm_lite/tlcl.c

@@ -104,42 +104,48 @@ uint32_t TlclContinueSelfTest(void) {
 }
 
 uint32_t TlclDefineSpace(uint32_t index, uint32_t perm, uint32_t size) {
+  struct s_tpm_nv_definespace_cmd cmd;
   VBDEBUG(("TPM: TlclDefineSpace(0x%x, 0x%x, %d)\n", index, perm, size));
-  ToTpmUint32(tpm_nv_definespace_cmd.index, index);
-  ToTpmUint32(tpm_nv_definespace_cmd.perm, perm);
-  ToTpmUint32(tpm_nv_definespace_cmd.size, size);
-  return Send(tpm_nv_definespace_cmd.buffer);
+  Memcpy(&cmd, &tpm_nv_definespace_cmd, sizeof(cmd));
+  ToTpmUint32(cmd.buffer + tpm_nv_definespace_cmd.index, index);
+  ToTpmUint32(cmd.buffer + tpm_nv_definespace_cmd.perm, perm);
+  ToTpmUint32(cmd.buffer + tpm_nv_definespace_cmd.size, size);
+  return Send(cmd.buffer);
 }
 
 uint32_t TlclWrite(uint32_t index, uint8_t* data, uint32_t length) {
+  struct s_tpm_nv_write_cmd cmd;
   uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
   const int total_length =
     kTpmRequestHeaderLength + kWriteInfoLength + length;
 
   VBDEBUG(("TPM: TlclWrite(0x%x, %d)\n", index, length));
+  Memcpy(&cmd, &tpm_nv_write_cmd, sizeof(cmd));
   assert(total_length <= TPM_LARGE_ENOUGH_COMMAND_SIZE);
   SetTpmCommandSize(tpm_nv_write_cmd.buffer, total_length);
 
-  ToTpmUint32(tpm_nv_write_cmd.index, index);
-  ToTpmUint32(tpm_nv_write_cmd.length, length);
-  Memcpy(tpm_nv_write_cmd.data, data, length);
+  ToTpmUint32(cmd.buffer + tpm_nv_write_cmd.index, index);
+  ToTpmUint32(cmd.buffer + tpm_nv_write_cmd.length, length);
+  Memcpy(cmd.buffer + tpm_nv_write_cmd.data, data, length);
 
-  TlclSendReceive(tpm_nv_write_cmd.buffer, response, sizeof(response));
-  CheckResult(tpm_nv_write_cmd.buffer, response, 1);
+  TlclSendReceive(cmd.buffer, response, sizeof(response));
+  CheckResult(cmd.buffer, response, 1);
 
   return TpmReturnCode(response);
 }
 
 uint32_t TlclRead(uint32_t index, uint8_t* data, uint32_t length) {
+  struct s_tpm_nv_read_cmd cmd;
   uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
   uint32_t result_length;
   uint32_t result;
 
   VBDEBUG(("TPM: TlclRead(0x%x, %d)\n", index, length));
-  ToTpmUint32(tpm_nv_read_cmd.index, index);
-  ToTpmUint32(tpm_nv_read_cmd.length, length);
+  Memcpy(&cmd, &tpm_nv_read_cmd, sizeof(cmd));
+  ToTpmUint32(cmd.buffer + tpm_nv_read_cmd.index, index);
+  ToTpmUint32(cmd.buffer + tpm_nv_read_cmd.length, length);
 
-  TlclSendReceive(tpm_nv_read_cmd.buffer, response, sizeof(response));
+  TlclSendReceive(cmd.buffer, response, sizeof(response));
   result = TpmReturnCode(response);
   if (result == TPM_SUCCESS && length > 0) {
     uint8_t* nv_read_cursor = response + kTpmResponseHeaderLength;
@@ -206,9 +212,11 @@ uint32_t TlclClearEnable(void) {
 }
 
 uint32_t TlclSetDeactivated(uint8_t flag) {
+  struct s_tpm_physicalsetdeactivated_cmd cmd;
   VBDEBUG(("TPM: SetDeactivated(%d)\n", flag));
-  *((uint8_t*)tpm_physicalsetdeactivated_cmd.deactivated) = flag;
-  return Send(tpm_physicalsetdeactivated_cmd.buffer);
+  Memcpy(&cmd, &tpm_physicaldisable_cmd, sizeof(cmd));
+  *(cmd.buffer + cmd.deactivated) = flag;
+  return Send(cmd.buffer);
 }
 
 uint32_t TlclGetFlags(uint8_t* disable, uint8_t* deactivated, uint8_t *nvlocked) {
@@ -227,7 +235,7 @@ uint32_t TlclGetFlags(uint8_t* disable, uint8_t* deactivated, uint8_t *nvlocked)
   assert(size == sizeof(TPM_PERMANENT_FLAGS));
   pflags =
     (TPM_PERMANENT_FLAGS*) (response + kTpmResponseHeaderLength + sizeof(size));
-  VBDEBUG(("TPM: Got flags disable=%d, deactivated=%d, nvlocked=%d\n", 
+  VBDEBUG(("TPM: Got flags disable=%d, deactivated=%d, nvlocked=%d\n",
            pflags->disable, pflags->deactivated, pflags->nvLocked));
   if (disable)
     *disable = pflags->disable;
@@ -245,21 +253,25 @@ uint32_t TlclSetGlobalLock(void) {
 }
 
 uint32_t TlclExtend(int pcr_num, uint8_t* in_digest, uint8_t* out_digest) {
+  struct s_tpm_extend_cmd cmd;
+  Memcpy(&cmd, &tpm_extend_cmd, sizeof(cmd));
   uint8_t response[kTpmResponseHeaderLength + kPcrDigestLength];
-  ToTpmUint32(tpm_extend_cmd.pcrNum, pcr_num);
-  Memcpy(tpm_extend_cmd.inDigest, in_digest, kPcrDigestLength);
-  TlclSendReceive(tpm_extend_cmd.buffer, response, sizeof(response));
+  ToTpmUint32(cmd.buffer + tpm_extend_cmd.pcrNum, pcr_num);
+  Memcpy(cmd.buffer + cmd.inDigest, in_digest, kPcrDigestLength);
+  TlclSendReceive(cmd.buffer, response, sizeof(response));
   Memcpy(out_digest, response + kTpmResponseHeaderLength, kPcrDigestLength);
   return TpmReturnCode(response);
 }
 
 uint32_t TlclGetPermissions(uint32_t index, uint32_t* permissions) {
+  struct s_tpm_getpermissions_cmd cmd;
   uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
   uint8_t* nvdata;
   uint32_t result;
   uint32_t size;
 
-  ToTpmUint32(tpm_getpermissions_cmd.index, index);
+  Memcpy(&cmd, &tpm_getpermissions_cmd, sizeof(cmd));
+  ToTpmUint32(cmd.buffer + tpm_getpermissions_cmd.index, index);
   TlclSendReceive(tpm_getpermissions_cmd.buffer, response, sizeof(response));
   result = TpmReturnCode(response);
   if (result != TPM_SUCCESS) {

firmware/version.c

@@ -1 +1 @@
-char* VbootVersion = "VBOOv=e5373ca7";
+char* VbootVersion = "VBOOv=a398a91e";

utility/Makefile

@@ -48,8 +48,8 @@ ${BUILD_ROOT}/load_kernel_test: load_kernel_test.c $(LIBS)
 ${BUILD_ROOT}/signature_digest_utility: signature_digest_utility.c $(LIBS)
 	$(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) -lcrypto
 
-${BUILD_ROOT}/tlcl_generator: tlcl_generator.c $(LIBS)
-	$(CC) $(CFLAGS) $(INCLUDES) -fpack-struct $< -o $@ $(LIBS) -lcrypto
+${BUILD_ROOT}/tlcl_generator: tlcl_generator.c
+	$(CC) $(CFLAGS) $(INCLUDES) -fpack-struct $< -o $@
 
 ${BUILD_ROOT}/vbutil_firmware: vbutil_firmware.c $(LIBS)
 	$(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) -lcrypto

utility/tlcl_generator.c

@@ -11,6 +11,7 @@
  * (see PCR_SELECTION_FIX below).
  */
 
+#include <assert.h>
 #include <stddef.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -19,7 +20,6 @@
 #include "tlcl.h"
 #include "tlcl_internal.h"
 #include "tpmextras.h"
-#include "utility.h"
 
 /* See struct Command below.  This structure represent a field in a TPM
  * command.  [name] is the field name.  [visible] is 1 if the field is
@@ -54,9 +54,8 @@ typedef struct Command {
  * added at increasing offsets.
  */
 static void AddVisibleField(Command* cmd, const char* name, int offset) {
-  Field* fld = (Field*) Malloc(sizeof(Field));
+  Field* fld = (Field*) malloc(sizeof(Field));
   if (cmd->fields != NULL) {
-    Field* fn = cmd->fields;
     assert(offset > fn->offset);
   }
   fld->next = cmd->fields;
@@ -71,7 +70,7 @@ static void AddVisibleField(Command* cmd, const char* name, int offset) {
  */
 static void AddInitializedField(Command* cmd, int offset,
                                 int size, uint32_t value) {
-  Field* fld = (Field*) Malloc(sizeof(Field));
+  Field* fld = (Field*) malloc(sizeof(Field));
   fld->next = cmd->fields;
   cmd->fields = fld;
   fld->name = NULL;
@@ -84,7 +83,7 @@ static void AddInitializedField(Command* cmd, int offset,
 /* Create a structure representing a TPM command datagram.
  */
 Command* newCommand(TPM_COMMAND_CODE code, int size) {
-  Command* cmd = (Command*) Malloc(sizeof(Command));
+  Command* cmd = (Command*) malloc(sizeof(Command));
   cmd->size = size;
   AddInitializedField(cmd, 0, sizeof(TPM_TAG), TPM_TAG_RQU_COMMAND);
   AddInitializedField(cmd, sizeof(TPM_TAG), sizeof(uint32_t), size);
@@ -306,7 +305,7 @@ void OutputFields(Field* fld) {
   if (fld != NULL) {
     OutputFields(fld->next);
     if (fld->visible) {
-      printf("  uint8_t* %s;\n", fld->name);
+      printf("  uint16_t %s;\n", fld->name);
     }
   }
 }
@@ -350,7 +349,8 @@ int OutputBytes_(Command* cmd, Field* fld) {
       cursor += 4;
       break;
     default:
-      error("invalid field size %d\n", fld->size);
+      fprintf(stderr, "invalid field size %d\n", fld->size);
+      exit(1);
       break;
     }
   }
@@ -369,7 +369,7 @@ void OutputFieldPointers(Command* cmd, Field* fld) {
   } else {
     OutputFieldPointers(cmd, fld->next);
     if (fld->visible) {
-      printf("%s.buffer + %d, ", cmd->name, fld->offset);
+      printf("%d, ", fld->offset);
     }
   }
 }
@@ -380,8 +380,8 @@ void OutputCommands(Command* cmd) {
   if (cmd == NULL) {
     return;
   } else {
-    printf("struct {\n  uint8_t buffer[%d];\n",
-           cmd->size == 0 ? cmd->max_size : cmd->size);
+    printf("struct s_%s{\n  uint8_t buffer[%d];\n",
+           cmd->name, cmd->size == 0 ? cmd->max_size : cmd->size);
     OutputFields(cmd->fields);
     printf("} %s = {{", cmd->name);
     OutputBytes(cmd);
@@ -414,7 +414,7 @@ Command* (*builders[])(void) = {
 static void FreeFields(Field* fld) {
   if (fld != NULL) {
     Field* next_field = fld->next;
-    Free(fld);
+    free(fld);
     FreeFields(next_field);
   }
 }
@@ -422,7 +422,7 @@ static void FreeFields(Field* fld) {
 static void FreeCommands(Command* cmd) {
   if (cmd != NULL) {
     Command* next_command = cmd->next;
-    Free(cmd);
+    free(cmd);
     FreeFields(cmd->fields);
     FreeCommands(next_command);
   }