diff --git a/firmware/lib/rollback_index.c b/firmware/lib/rollback_index.c index 8e9436bdd0..ba6e21c06f 100644 --- a/firmware/lib/rollback_index.c +++ b/firmware/lib/rollback_index.c @@ -13,14 +13,23 @@ #include "utility.h" /* TPM PCR to use for storing dev mode measurements */ -#define DEV_MODE_PCR 0 +#define DEV_REC_MODE_PCR 0 /* Input digests for PCR extend */ -#define DEV_MODE_ON_SHA1_DIGEST ((uint8_t*) "\xbf\x8b\x45\x30\xd8\xd2\x46\xdd" \ - "\x74\xac\x53\xa1\x34\x71\xbb\xa1\x79\x41" \ - "\xdf\xf7") /* SHA1("\x01") */ -#define DEV_MODE_OFF_SHA1_DIGEST ((uint8_t*) "\x5b\xa9\x3c\x9d\xb0\xcf\xf9\x3f"\ - "\x52\xb5\x21\xd7\x42\x0e\x43\xf6\xed\xa2" \ - "\x78\x4f") /* SHA1("\x00") */ +#define DEV_OFF_REC_OFF_SHA1_DIGEST ((uint8_t*) "\x14\x89\xf9\x23\xc4\xdc\xa7" \ + "\x29\x17\x8b\x3e\x32\x33\x45\x85\x50" \ + "\xd8\xdd\xdf\x29") /* SHA1("\x00\x00") */ + +#define DEV_OFF_REC_ON_SHA1_DIGEST ((uint8_t*) "\x3f\x29\x54\x64\x53\x67\x8b" \ + "\x85\x59\x31\xc1\x74\xa9\x7d\x6c\x08" \ + "\x94\xb8\xf5\x46") /* SHA1("\x00\x01") */ + +#define DEV_ON_REC_OFF_SHA1_DIGEST ((uint8_t*) "\x0e\x35\x6b\xa5\x05\x63\x1f" \ + "\xbf\x71\x57\x58\xbe\xd2\x7d\x50\x3f" \ + "\x8b\x26\x0e\x3a") /* SHA1("\x01\x00") */ + +#define DEV_ON_REC_ON_SHA1_DIGEST ((uint8_t*) "\x91\x59\xcb\x8b\xce\xe7\xfc" \ + "\xb9\x55\x82\xf1\x40\x96\x0c\xda\xe7" \ + "\x27\x88\xd3\x26") /* SHA1("\x01\x01") */ static int g_rollback_recovery_mode = 0; @@ -353,10 +362,10 @@ uint32_t RollbackFirmwareSetup(int developer_mode, uint32_t* version) { *version = rsf.fw_versions; VBDEBUG(("TPM: RollbackFirmwareSetup %x\n", (int)rsf.fw_versions)); if (developer_mode) - RETURN_ON_FAILURE(TlclExtend(DEV_MODE_PCR, DEV_MODE_ON_SHA1_DIGEST, + RETURN_ON_FAILURE(TlclExtend(DEV_REC_MODE_PCR, DEV_ON_REC_OFF_SHA1_DIGEST, out_digest)); else - RETURN_ON_FAILURE(TlclExtend(DEV_MODE_PCR, DEV_MODE_OFF_SHA1_DIGEST, + RETURN_ON_FAILURE(TlclExtend(DEV_REC_MODE_PCR, DEV_OFF_REC_OFF_SHA1_DIGEST, out_digest)); VBDEBUG(("TPM: RollbackFirmwareSetup dev mode PCR out_digest %02x %02x %02x " "%02x\n", out_digest, out_digest+1, out_digest+2, out_digest+3)); @@ -379,14 +388,23 @@ uint32_t RollbackFirmwareLock(void) { } uint32_t RollbackKernelRecovery(int developer_mode) { + uint32_t rvs, rve; RollbackSpaceFirmware rsf; + uint8_t out_digest[20]; /* For PCR extend output */ /* In recovery mode we ignore TPM malfunctions or corruptions, and * * leave the TPM complelely unlocked; we call neither * TlclSetGlobalLock() nor TlclLockPhysicalPresence(). The recovery * kernel will fix the TPM (if needed) and lock it ASAP. We leave * Physical Presence on in either case. */ - return SetupTPM(1, developer_mode, &rsf); + rvs = SetupTPM(1, developer_mode, &rsf); + if (developer_mode) + rve = TlclExtend(DEV_REC_MODE_PCR, DEV_ON_REC_ON_SHA1_DIGEST, out_digest); + else + rve = TlclExtend(DEV_REC_MODE_PCR, DEV_OFF_REC_ON_SHA1_DIGEST, out_digest); + VBDEBUG(("TPM: RollbackKernelRecovery dev mode PCR out_digest %02x %02x %02x " + "%02x\n", out_digest, out_digest+1, out_digest+2, out_digest+3)); + return (TPM_SUCCESS == rvs) ? rve : rvs; } uint32_t RollbackKernelRead(uint32_t* version) { diff --git a/firmware/version.c b/firmware/version.c index d93a1d4102..d490278857 100644 --- a/firmware/version.c +++ b/firmware/version.c @@ -1 +1 @@ -char* VbootVersion = "VBOOv=faf463e2"; +char* VbootVersion = "VBOOv=08ac6493";