tpm: Add optional event logging

Allow TPM to log events in a circular buffer through tpm_log_event(). Logs can be retrieved through a new vendor command VENDOR_CC_POP_LOG_ENTRY. BUG=b:63760920 TEST=On eve, store TPM logs through 'logentry' cr50 console command, verify logs are fetched correctly through 'trunks_send --pop_logentry'. BRANCH=None Signed-off-by: Shawn Nematbakhsh <shawnn@chromium.org> Change-Id: Idbc405728c0ba68078447fb59717d6115830e3d8 Reviewed-on: https://chromium-review.googlesource.com/599352 Commit-Ready: Shawn N <shawnn@chromium.org> Tested-by: Shawn N <shawnn@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
2025-12-28 10:45:22 +00:00 · 2017-08-02 17:30:54 -07:00
parent 76a64e7c82
commit fe6a06fbf6
5 changed files with 104 additions and 0 deletions
--- a/common/build.mk
+++ b/common/build.mk
@@ -107,6 +107,7 @@ common-$(CONFIG_TABLET_MODE)+=tablet_mode.o
 common-$(CONFIG_TEMP_SENSOR)+=temp_sensor.o
 common-$(CONFIG_THROTTLE_AP)+=thermal.o throttle_ap.o
 common-$(CONFIG_TPM_I2CS)+=i2cs_tpm.o
+common-$(CONFIG_TPM_LOGGING)+=event_log.o tpm_log.o
 common-$(CONFIG_U2F)+=u2f.o
 common-$(CONFIG_USB_I2C)+=usb_i2c.o
 common-$(CONFIG_USB_CHARGER)+=usb_charger.o
--- a/common/tpm_log.c
+++ b/common/tpm_log.c
@@ -0,0 +1,79 @@
+/* Copyright 2017 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#include "console.h"
+#include "endian.h"
+#include "extension.h"
+#include "host_command.h"
+#include "timer.h"
+#include "tpm_log.h"
+#include "tpm_vendor_cmds.h"
+#include "usb_pd.h"
+#include "util.h"
+
+/*
+ * TPM event logging uses the standard 'event_log_entry' as its storage,
+ * with no additional payload bytes.
+ */
+#define TPM_EVENT_LOG_SIZE sizeof(struct event_log_entry)
+
+void tpm_log_event(enum tpm_event type, uint16_t data)
+{
+	uint32_t timestamp = get_time().val >> EVENT_LOG_TIMESTAMP_SHIFT;
+
+	log_add_event(type, 0, data, NULL, timestamp);
+}
+
+static enum vendor_cmd_rc vc_pop_log_entry(enum vendor_cmd_cc code,
+					   void *buf,
+					   size_t input_size,
+					   size_t *response_size)
+{
+	struct event_log_entry *entry = buf;
+	int byte_size = log_dequeue_event(entry);
+
+	if (entry->type == EVENT_LOG_NO_ENTRY) {
+		*response_size = 0;
+		return VENDOR_RC_SUCCESS;
+	}
+	if (byte_size != TPM_EVENT_LOG_SIZE)
+		return VENDOR_RC_INTERNAL_ERROR;
+
+	entry->timestamp = htobe32(entry->timestamp);
+	entry->data = htobe16(entry->data);
+	*response_size = byte_size;
+
+	return VENDOR_RC_SUCCESS;
+}
+DECLARE_VENDOR_COMMAND(VENDOR_CC_POP_LOG_ENTRY, vc_pop_log_entry);
+
+#ifdef CONFIG_CMD_TPM_LOG
+/* Store an entry in the TPM event log, for testing. */
+int command_tpm_log(int argc, char **argv)
+{
+	enum tpm_event type = 0;
+	uint16_t data = 0;
+	char *e;
+
+	if (argc >= 2) {
+		type = strtoi(argv[1], &e, 10);
+		if (*e)
+			return EC_ERROR_PARAM1;
+	}
+
+	if (argc >= 3) {
+		data = strtoi(argv[2], &e, 10);
+		if (*e)
+			return EC_ERROR_PARAM2;
+	}
+
+	tpm_log_event(type, data);
+	return EC_SUCCESS;
+}
+DECLARE_CONSOLE_COMMAND(tpm_log,
+			command_tpm_log,
+			"<type> <data>",
+			"Write an entry to TPM log");
+#endif /* CONFIG_CMD_TPM_LOG */
--- a/include/config.h
+++ b/include/config.h
@@ -759,6 +759,7 @@
 #undef  CONFIG_CMD_TASKREADY
 #define CONFIG_CMD_TEMP_SENSOR
 #define CONFIG_CMD_TIMERINFO
+#undef  CONFIG_CMD_TPM_LOG
 #define CONFIG_CMD_TYPEC
 #undef  CONFIG_CMD_USART_INFO
 #define CONFIG_CMD_USBMUX
@@ -2303,6 +2304,8 @@
 #undef CONFIG_TPM_SPS
 /* Speak to the TPM 2.0 hardware protocol on the I2C slave interface */
 #undef CONFIG_TPM_I2CS
+/* Record TPM events in circular buffer */
+#undef CONFIG_TPM_LOGGING

 /*****************************************************************************/
 /* USART stream config */
--- a/include/tpm_log.h
+++ b/include/tpm_log.h
@@ -0,0 +1,19 @@
+/* Copyright 2017 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#ifndef __CROS_EC_TPM_LOG_H
+#define __CROS_EC_TPM_LOG_H
+
+#include "event_log.h"
+
+enum tpm_event {
+	TPM_EVENT_INIT,
+	/* TODO: Add log events */
+};
+
+/* Log TPM event of given type with data payload. */
+void tpm_log_event(enum tpm_event type, uint16_t data);
+
+#endif /* __CROS_EC_TPM_LOG_H */
--- a/include/tpm_vendor_cmds.h
+++ b/include/tpm_vendor_cmds.h
@@ -41,6 +41,7 @@ enum vendor_cmd_cc {
 	VENDOR_CC_GET_BOARD_ID = 25,
 	VENDOR_CC_SET_BOARD_ID = 26,
 	VENDOR_CC_U2F_APDU = 27,
+	VENDOR_CC_POP_LOG_ENTRY = 28,

 	LAST_VENDOR_COMMAND = 65535,
 };
@@ -61,6 +62,7 @@ enum vendor_cmd_rc {
 	VENDOR_RC_WRITE_FLASH_FAIL = 3,
 	VENDOR_RC_REQUEST_TOO_BIG = 4,
 	VENDOR_RC_RESPONSE_TOO_BIG = 5,
+	VENDOR_RC_INTERNAL_ERROR = 6,
 	/* Only 7 bits available; max is 127 */
 	VENDOR_RC_NO_SUCH_COMMAND = 127,
 };