scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-24 18:25:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Enable TPM in developer mode again.

Browse Source 
Also fix a few comments, and make extra debugging work when compiled
in firmware.

BUG=none
TEST=make && make runtests; all pass

Review URL: http://codereview.chromium.org/3007036
This commit is contained in:
Randall Spangler
2010-08-05 15:13:14 -07:00
parent 97a122817d
commit 63dffcb52b
5 changed files with 59 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
firmware/lib/rollback_index.c
View File

@@ -230,7 +230,7 @@ static uint32_t BackupKernelSpace(void) {
} }
/* Checks for transitions between protected mode to developer mode. When going /* Checks for transitions between protected mode to developer mode. When going
* into developer mode, clear the TPM. * into or out of developer mode, clear the TPM.
*/ */
static uint32_t CheckDeveloperModeTransition(uint32_t current_developer) { static uint32_t CheckDeveloperModeTransition(uint32_t current_developer) {
uint32_t past_developer; uint32_t past_developer;
@@ -337,6 +337,7 @@ uint32_t RollbackFirmwareSetup(int developer_mode) {
* environment, don't even talk to the TPM. */ * environment, don't even talk to the TPM. */
TlclLibInit(); TlclLibInit();
TlclStartup(); TlclStartup();
TlclSelfTestFull();
#endif #endif
return TPM_SUCCESS; return TPM_SUCCESS;
} }
@@ -360,6 +361,7 @@ uint32_t RollbackKernelRecovery(int developer_mode) {
* environment, don't even talk to the TPM. */ * environment, don't even talk to the TPM. */
TlclLibInit(); TlclLibInit();
TlclStartup(); TlclStartup();
TlclSelfTestFull();
#endif #endif
return TPM_SUCCESS; return TPM_SUCCESS;
} }

20
firmware/lib/tpm_lite/tlcl.c
View File

@@ -21,12 +21,6 @@
#include "tss_constants.h" #include "tss_constants.h"
#include "utility.h" #include "utility.h"
#define EXTRA_LOGGING 0
#if EXTRA_LOGGING
#include <stdio.h>
#endif
/* Sets the size field of a TPM command. */ /* Sets the size field of a TPM command. */
static INLINE void SetTpmCommandSize(uint8_t* buffer, uint32_t size) { static INLINE void SetTpmCommandSize(uint8_t* buffer, uint32_t size) {
ToTpmUint32(buffer + sizeof(uint16_t), size); ToTpmUint32(buffer + sizeof(uint16_t), size);
@@ -67,19 +61,21 @@ static void CheckResult(uint8_t* request, uint8_t* response, int warn_only) {
static void TlclSendReceive(uint8_t* request, uint8_t* response, static void TlclSendReceive(uint8_t* request, uint8_t* response,
int max_length) { int max_length) {
#if EXTRA_LOGGING #ifdef EXTRA_LOGGING
printf("command: %x%x %x%x%x%x %x%x%x%x\n", VBDEBUG(("TPM: command: %x%x %x%x%x%x %x%x%x%x\n",
request[0], request[1], request[0], request[1],
request[2], request[3], request[4], request[5], request[2], request[3], request[4], request[5],
request[6], request[7], request[8], request[9]); request[6], request[7], request[8], request[9]));
#endif #endif
TlclStubSendReceive(request, TpmCommandSize(request), TlclStubSendReceive(request, TpmCommandSize(request),
response, max_length); response, max_length);
#if EXTRA_LOGGING
printf("response: %x%x %x%x%x%x %x%x%x%x\n", #ifdef EXTRA_LOGGING
VBDEBUG(("TPM: response: %x%x %x%x%x%x %x%x%x%x\n",
response[0], response[1], response[0], response[1],
response[2], response[3], response[4], response[5], response[2], response[3], response[4], response[5],
response[6], response[7], response[8], response[9]); response[6], response[7], response[8], response[9]));
#endif #endif
#ifdef VBOOT_DEBUG #ifdef VBOOT_DEBUG

13
firmware/lib/vboot_firmware.c
View File

@@ -41,7 +41,6 @@ int LoadFirmware(LoadFirmwareParams* params) {
uint64_t lowest_key_version = 0xFFFF; uint64_t lowest_key_version = 0xFFFF;
uint64_t lowest_fw_version = 0xFFFF; uint64_t lowest_fw_version = 0xFFFF;
uint32_t status; uint32_t status;
int is_dev = (BOOT_FLAG_DEVELOPER & params->boot_flags ? 1 : 0);
int good_index = -1; int good_index = -1;
int index; int index;
@@ -62,9 +61,6 @@ int LoadFirmware(LoadFirmwareParams* params) {
} }
/* Initialize the TPM and read rollback indices. */ /* Initialize the TPM and read rollback indices. */
if (!is_dev) {
/* TODO: should use the TPM all the time; for now, only use when
* not in developer mode. */
status = RollbackFirmwareSetup(params->boot_flags & BOOT_FLAG_DEVELOPER); status = RollbackFirmwareSetup(params->boot_flags & BOOT_FLAG_DEVELOPER);
if (0 != status) { if (0 != status) {
VBDEBUG(("Unable to setup TPM.\n")); VBDEBUG(("Unable to setup TPM.\n"));
@@ -77,7 +73,6 @@ int LoadFirmware(LoadFirmwareParams* params) {
return (status == TPM_E_MUST_REBOOT ? return (status == TPM_E_MUST_REBOOT ?
LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY);
} }
}
/* Allocate our internal data */ /* Allocate our internal data */
lfi = (VbLoadFirmwareInternal*)Malloc(sizeof(VbLoadFirmwareInternal)); lfi = (VbLoadFirmwareInternal*)Malloc(sizeof(VbLoadFirmwareInternal));
@@ -230,9 +225,6 @@ int LoadFirmware(LoadFirmwareParams* params) {
(lowest_key_version == tpm_key_version && (lowest_key_version == tpm_key_version &&
lowest_fw_version > tpm_fw_version)) { lowest_fw_version > tpm_fw_version)) {
if (!is_dev) {
/* TODO: should use the TPM all the time; for now, only use
* when not in developer mode. */
status = RollbackFirmwareWrite((uint16_t)lowest_key_version, status = RollbackFirmwareWrite((uint16_t)lowest_key_version,
(uint16_t)lowest_fw_version); (uint16_t)lowest_fw_version);
if (0 != status) { if (0 != status) {
@@ -241,11 +233,7 @@ int LoadFirmware(LoadFirmwareParams* params) {
LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY);
} }
} }
}
if (!is_dev) {
/* TODO: should use the TPM all the time; for now, only use
* when not in developer mode. */
/* Lock firmware versions in TPM */ /* Lock firmware versions in TPM */
status = RollbackFirmwareLock(); status = RollbackFirmwareLock();
if (0 != status) { if (0 != status) {
@@ -253,7 +241,6 @@ int LoadFirmware(LoadFirmwareParams* params) {
return (status == TPM_E_MUST_REBOOT ? return (status == TPM_E_MUST_REBOOT ?
LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY);
} }
}
/* Success */ /* Success */
VBDEBUG(("Will boot firmware index %d\n", (int)params->firmware_index)); VBDEBUG(("Will boot firmware index %d\n", (int)params->firmware_index));

12
firmware/lib/vboot_kernel.c
View File

@@ -152,18 +152,14 @@ int LoadKernel(LoadKernelParams* params) {
params->bootloader_address = 0; params->bootloader_address = 0;
params->bootloader_size = 0; params->bootloader_size = 0;
if (!is_dev) {
/* TODO: should use the TPM all the time; for now, only use when
* not in developer mode. */
/* Let the TPM know if we're in recovery mode */ /* Let the TPM know if we're in recovery mode */
if (is_rec) { if (is_rec) {
if (0 != RollbackKernelRecovery(is_dev ? 1 : 0)) { if (0 != RollbackKernelRecovery(is_dev)) {
VBDEBUG(("Error setting up TPM for recovery kernel\n")); VBDEBUG(("Error setting up TPM for recovery kernel\n"));
/* Ignore return code, since we need to boot recovery mode to /* Ignore return code, since we need to boot recovery mode to
* fix the TPM. */ * fix the TPM. */
} }
} }
}
if (is_normal) { if (is_normal) {
/* Read current kernel key index from TPM. Assumes TPM is already /* Read current kernel key index from TPM. Assumes TPM is already
@@ -350,6 +346,8 @@ int LoadKernel(LoadKernelParams* params) {
good_partition = gpt.current_kernel + 1; good_partition = gpt.current_kernel + 1;
params->partition_number = gpt.current_kernel + 1; params->partition_number = gpt.current_kernel + 1;
GetCurrentKernelUniqueGuid(&gpt, &params->partition_guid); GetCurrentKernelUniqueGuid(&gpt, &params->partition_guid);
/* TODO: GetCurrentKernelUniqueGuid() should take a destination size, or
* the dest should be a struct, so we know it's big enough. */
params->bootloader_address = preamble->bootloader_address; params->bootloader_address = preamble->bootloader_address;
params->bootloader_size = preamble->bootloader_size; params->bootloader_size = preamble->bootloader_size;
/* If we're in developer or recovery mode, there's no rollback /* If we're in developer or recovery mode, there's no rollback
@@ -406,9 +404,6 @@ int LoadKernel(LoadKernelParams* params) {
} }
} }
if (!is_dev) {
/* TODO: should use the TPM all the time; for now, only use when
* not in developer mode. */
/* Lock the kernel versions */ /* Lock the kernel versions */
status = RollbackKernelLock(); status = RollbackKernelLock();
if (0 != status) { if (0 != status) {
@@ -418,7 +413,6 @@ int LoadKernel(LoadKernelParams* params) {
return (status == TPM_E_MUST_REBOOT ? return (status == TPM_E_MUST_REBOOT ?
LOAD_KERNEL_REBOOT : LOAD_KERNEL_RECOVERY); LOAD_KERNEL_REBOOT : LOAD_KERNEL_RECOVERY);
} }
}
/* Success! */ /* Success! */
return LOAD_KERNEL_SUCCESS; return LOAD_KERNEL_SUCCESS;

2
firmware/version.c
View File

@@ -1 +1 @@
char* VbootVersion = "VBOOv=be9554d8"; char* VbootVersion = "VBOOv=468176d7";