scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-24 02:05:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
dcbd8103376589dac48f896f3654a93b6943584c
OpenCellular/firmware/include/tpm2_tss_constants.h
Stephen Barber 5d99669608 tlcl: add implementations for GetOwnership and Read/WriteLock 
mount-encrypted needs to be aware of TPM ownership status, and
will also want to issue a read lock for the early access NVRAM
index.

BRANCH=none
BUG=chromium:625037
TEST=mount-encrypted shows ownership at boot with kevin

Change-Id: I42f43f91d892137e1c46c7cacd88e3b749ce7f04
Reviewed-on: https://chromium-review.googlesource.com/366443
Commit-Ready: Andrey Pronin <apronin@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
2016-08-21 14:04:08 -07:00

223 lines
5.5 KiB
C
Raw Blame History

/*
* Copyright 2016 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* Some TPM constants and type definitions for standalone compilation for use
* in the firmware
*/
#ifndef __VBOOT_REFERENCE_FIRMWARE_INCLUDE_TPM2_TSS_CONSTANTS_H
#define __VBOOT_REFERENCE_FIRMWARE_INCLUDE_TPM2_TSS_CONSTANTS_H
#define TPM_BUFFER_SIZE 256
/* Tpm2 command tags. */
#define TPM_ST_NO_SESSIONS 0x8001
#define TPM_ST_SESSIONS 0x8002
/* TPM2 command codes. */
#define TPM2_Hierarchy_Control ((TPM_CC)0x00000121)
#define TPM2_Clear ((TPM_CC)0x00000126)
#define TPM2_NV_Write ((TPM_CC)0x00000137)
#define TPM2_NV_WriteLock ((TPM_CC)0x00000138)
#define TPM2_SelfTest ((TPM_CC)0x00000143)
#define TPM2_Startup ((TPM_CC)0x00000144)
#define TPM2_Shutdown ((TPM_CC)0x00000145)
#define TPM2_NV_Read ((TPM_CC)0x0000014E)
#define TPM2_NV_ReadLock ((TPM_CC)0x0000014F)
#define TPM2_GetCapability ((TPM_CC)0x0000017A)
/* TCG Spec defined, verify for TPM2.
* TODO(apronin): find TPM2 RC substitutes for TPM1.2 error codes.
*/
#define TPM_E_BADINDEX ((uint32_t) 0x00000002)
#define TPM_E_INVALID_POSTINIT ((uint32_t) 0x00000026)
#define TPM_E_BADTAG ((uint32_t) 0x0000001E)
#define TPM_E_IOERROR ((uint32_t) 0x0000001F)
#define TPM_E_MAXNVWRITES ((uint32_t) 0x00000048)
#define HR_SHIFT 24
#define TPM_HT_NV_INDEX 0x01
#define HR_NV_INDEX (TPM_HT_NV_INDEX << HR_SHIFT)
#define TPM_RH_PLATFORM 0x4000000C
#define TPM_RS_PW 0x40000009
/* TPM2 capabilities. */
#define TPM_CAP_FIRST ((TPM_CAP)0x00000000)
#define TPM_CAP_TPM_PROPERTIES ((TPM_CAP)0x00000006)
/* TPM properties */
#define TPM_PT_NONE ((TPM_PT)0x00000000)
#define PT_GROUP ((TPM_PT)0x00000100)
#define PT_FIXED PT_GROUP
#define PT_VAR (PT_GROUP * 2)
#define TPM_PT_PERMANENT (PT_VAR + 0)
#define TPM_PT_STARTUP_CLEAR (PT_VAR + 1)
/* TPM startup types. */
#define TPM_SU_CLEAR ((TPM_SU)0x0000)
#define TPM_SU_STATE ((TPM_SU)0x0001)
typedef uint8_t TPMI_YES_NO;
typedef uint32_t TPM_CC;
typedef uint32_t TPM_HANDLE;
typedef TPM_HANDLE TPMI_RH_NV_INDEX;
typedef TPM_HANDLE TPMI_RH_ENABLES;
typedef uint32_t TPM_CAP;
typedef uint32_t TPM_PT;
typedef uint16_t TPM_SU;
typedef struct {
uint16_t size;
uint8_t *buffer;
} TPM2B;
typedef union {
struct {
uint16_t size;
const uint8_t *buffer;
} t;
TPM2B b;
} TPM2B_MAX_NV_BUFFER;
typedef struct {
TPM_PT property;
uint32_t value;
} TPMS_TAGGED_PROPERTY;
typedef struct {
uint32_t count;
TPMS_TAGGED_PROPERTY tpm_property[1];
} TPML_TAGGED_TPM_PROPERTY;
typedef union {
TPML_TAGGED_TPM_PROPERTY tpm_properties;
} TPMU_CAPABILITIES;
typedef struct {
TPM_CAP capability;
TPMU_CAPABILITIES data;
} TPMS_CAPABILITY_DATA;
struct tpm2_nv_read_cmd {
TPMI_RH_NV_INDEX nvIndex;
uint16_t size;
uint16_t offset;
};
struct tpm2_nv_write_cmd {
TPMI_RH_NV_INDEX nvIndex;
TPM2B_MAX_NV_BUFFER data;
uint16_t offset;
};
struct tpm2_nv_read_lock_cmd {
TPMI_RH_NV_INDEX nvIndex;
};
struct tpm2_nv_write_lock_cmd {
TPMI_RH_NV_INDEX nvIndex;
};
struct tpm2_hierarchy_control_cmd {
TPMI_RH_ENABLES enable;
TPMI_YES_NO state;
};
struct tpm2_get_capability_cmd {
TPM_CAP capability;
uint32_t property;
uint32_t property_count;
};
struct tpm2_self_test_cmd {
TPMI_YES_NO full_test;
};
struct tpm2_startup_cmd {
TPM_SU startup_type;
};
struct tpm2_shutdown_cmd {
TPM_SU shutdown_type;
};
/* Common command/response header. */
struct tpm_header {
uint16_t tpm_tag;
uint32_t tpm_size;
TPM_CC tpm_code;
} __attribute__((packed));
struct nv_read_response {
uint32_t params_size;
TPM2B_MAX_NV_BUFFER buffer;
};
struct tpm2_session_attrs {
uint8_t continueSession : 1;
uint8_t auditExclusive : 1;
uint8_t auditReset : 1;
uint8_t reserved3_4 : 2;
uint8_t decrypt : 1;
uint8_t encrypt : 1;
uint8_t audit : 1;
};
struct tpm2_session_header {
uint32_t session_handle;
uint16_t nonce_size;
uint8_t *nonce;
union {
struct tpm2_session_attrs session_attr_bits;
uint8_t session_attrs;
} __attribute__((packed));
uint16_t auth_size;
uint8_t *auth;
};
struct get_capability_response {
TPMI_YES_NO more_data;
TPMS_CAPABILITY_DATA capability_data;
} __attribute__((packed));
struct tpm2_response {
struct tpm_header hdr;
union {
struct nv_read_response nvr;
struct tpm2_session_header def_space;
struct get_capability_response cap;
};
};
typedef struct {
uint32_t ownerAuthSet : 1;
uint32_t endorsementAuthSet : 1;
uint32_t lockoutAuthSet : 1;
uint32_t reserved3_7 : 5;
uint32_t disableClear : 1;
uint32_t inLockout : 1;
uint32_t tpmGeneratedEPS : 1;
uint32_t reserved11_31 : 21;
} TPM_PERMANENT_FLAGS;
typedef struct {
uint32_t phEnable : 1;
uint32_t shEnable : 1;
uint32_t ehEnable : 1;
uint32_t phEnableNV : 1;
uint32_t reserved4_30 : 27;
uint32_t orderly : 1;
} TPM_STCLEAR_FLAGS;
/* TODO(apronin): For TPM2 certain properties must be received using
* TPM2_GetCapability instead of being hardcoded as they are now:
* TPM_MAX_COMMAND_SIZE -> use TPM_PT_MAX_COMMAND_SIZE for TPM2.
* TPM_PCR_DIGEST -> use TPM_PT_MAX_DIGEST for TPM2.
*/
#define TPM_MAX_COMMAND_SIZE 4096
#define TPM_PCR_DIGEST 32
#endif /* ! __VBOOT_REFERENCE_FIRMWARE_INCLUDE_TPM2_TSS_CONSTANTS_H */
Reference in New Issue View Git Blame Copy Permalink