summaryrefslogtreecommitdiff
path: root/src/lib/tpm2_marshaling.c
AgeCommit message (Collapse)Author
2017-04-24drivers/i2c/tpm: use iobuf library for marshaling commandsAaron Durbin
Use the iobuf API instead of relying on own buffer management. It also provides consistency between marshaling and unmarshaling code paths for propagating return values instead of overloading the values of existing variables. BUG=b:36598499 Change-Id: Iec0bbff1312e8e6ec616d1528db8667f32e682c9 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/19063 Tested-by: build bot (Jenkins) Reviewed-by: Furquan Shaikh <furquan@google.com>
2017-03-23cr50: add unmarshaling of vendor commands and process 'enable_update'Vadim Bendebury
The upcoming Cr50 firmware changes will require the AP to enable the previously downloaded Cr50 firmware update(s). A new vendor command (TPM2_CR50_SUB_CMD_TURN_UPDATE_ON) is used for that. The command accepts one parameter - a timeout value in range of 0 to 1000 ms. When processing the command the Cr50 checks if the alternative RO or RW image(s) need to be enabled, and if so - enables them and returns to the host the number of enabled headers. If the vendor command requested a non-zero timeout, the Cr50 starts a timer to trigger system reboot after the requested timeout expires. The host acts on the number of enabled headers - if the number is nonzero, the host prepares the device to be reset and waits for the Cr50 to reboot the device after timeout expires. This patch also adds more formal vendor command marshaling/unmarshaling to make future additions easier. BRANCH=gru,reef BUG=b:35580805 TEST=with the actual user of this code in the next patch verified that the cr50 update is enabled as expected. Change-Id: Ic76d384d637c0eeaad206e0a8242cbb8e2b19b37 Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-on: https://review.coreboot.org/18945 Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-03-09vboot/tpm2: enable nvmem commits on cr50 when writing firmware secdataAaron Durbin
cr50 by default delays nvmem commits internally from the point of reset to accumulate change state. However, the factory process can put a board into dev mode through the recovery screen. This state is stored in the TPM's nvmem space. When the factory process is complete a disable_dev_request and battery_cutoff_request is performed. This leads to disabling the dev mode in TPM, but the battery is subsequently cut off so the nvmem contents never stick. Therefore, whenever antirollback_write_space_firmware() is called we know there was a change in secdata so request cr50 to immediately enable nvmem commits going forward. This allows state changes to happen immediately. The fallout from this is that when secdata is changed that current boot will take longer because every transaction that writes to TPM nvmem space will perform a write synchronously. All subsequent boots do not have that effect. It should also be noted that this approach to the implementation is a pretty severe layering violation. However, the current TPM APIs don't lend themselves well to extending commands or re-using code outside of the current routines which inherently assume all knowledge of every command (in conflict with vendor commands since those are vendor-specific by definition). BUG=b:35775104 BRANCH=reef TEST=Confirmed disablement of dev mode sticks in the presence of: crossystem disable_dev_request=1; crossystem battery_cutoff_request=1; reboot; Change-Id: I3395db9cbdfea45da1f5cb994c6570978593b944 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/18681 Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Tested-by: build bot (Jenkins)
2017-03-09lib/tpm2_marshaling: fix in correct buffer space semanticsAaron Durbin
marshal_blob() was setting an unsigned size (size_t) to a value of -1 when an error is determined. This is wrong for the current implementation of the code because the code assumes the buffer space gets set to 0. Setting an unsigned value to -1 effectively tells the library the buffer has unlimited amount of space. BUG=b:35775104 Change-Id: I677a1fd7528bef3ea7420d0a8d0a290e9b15cea3 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/18678 Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-by: Furquan Shaikh <furquan@google.com> Tested-by: build bot (Jenkins)
2017-01-12google/chromeos: disable platform hierarchy on resume for TPM2Aaron Durbin
On Chrome OS devices that use TPM2 parts the platform hierarchy is disabled by the boot loader, depthcharge. Since the bootloader isn't involved in resuming a suspended machine there's no equivalent action in coreboot to disable the platform hierarchy. Therefore, to ensure consistent state in resume the platform hierarchy in the TPM2 needs to be disabled as well. For systems that resume using the firmware the platform hierarchy is disabled when utilizing TPM2 devices. BUG=chrome-os-partner:61097 BRANCH=reef TEST=Suspend and resume. Confirmed 'stop trunksd; tpmc getvf; start trunksd' shows that phEnable is 0. Change-Id: I060252f338c8fd68389273224ee58caa99881de8 Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/18096 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
2016-09-06tpm2: Fix tlcl and marshaling code for CAR usageDuncan Laurie
Fix a few more instances of global variable usage in the tlcl and marshaling code for tpm2. For the tlcl case this buffer doesn't need to be static as it isn't used after this function exits. Change-Id: Ia739c81d79c6cee9046ae96061045fe4f7fb7c23 Signed-off-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: https://review.coreboot.org/16393 Tested-by: build bot (Jenkins) Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>
2016-08-31Provide CAR decoration for tpm2 staticsVictor Prupis
Decorated tpm2 statics with CAR_GLOBAL BUG=chrome-os-partner:55083 BRANCH=none TEST=none Change-Id: I85620d5c6ffddab5514c01c2c652670bf33b4e7e Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: ae43d3bb7fed5b891ed38cd268bfe4e1416b77e2 Original-Change-Id: I871442ec096836a86870f8d53a3058c9c040cff8 Original-Signed-off-by: Victor Prupis <vprupis@google.com> Original-Reviewed-on: https://chromium-review.googlesource.com/373243 Original-Commit-Ready: Stefan Reinauer <reinauer@google.com> Original-Tested-by: Stefan Reinauer <reinauer@google.com> Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/16366 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2016-07-14tpm2: implement and use pcr_extend commandVadim Bendebury
TPM PCRs are used in Chrome OS for two purposes: to communicate crucial information from RO firmware and to protect FW and kernel rollback counters from being deleted. As implemented in a TPM1 compatible way, the PCR extension command requires a prebuilt digest to calculate a new PCR value. TPM2 specification introduces a PCR_Event command, where the TPM itself calculates the digest of an arbitrary length string, and then uses the calculated digest for PCR extension. PCR_Event could be a better option for Chrome OS, this needs to be investigated separately. BRANCH=none BUG=chrome-os-partner:50645 TEST=verified that the two PCRs are successfully extended before the RW firmware is called. Change-Id: I38fc88172de8ec8bef56fec026f83058480c8010 Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: 73388139db3ffaf61a3d9027522c5ebecb3ad051 Original-Change-Id: I1a9bab7396fdb652e2e3bc8529b828ea3423d851 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/358098 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Original-Reviewed-by: Darren Krahn <dkrahn@chromium.org> Reviewed-on: https://review.coreboot.org/15639 Tested-by: build bot (Jenkins) Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>
2016-07-14tpm2: implement locking firmware rollback counterVadim Bendebury
TPM1.2 is using the somewhat misnamed tlcl_set_global_lock() command function to lock the hardware rollback counter. For TPM2 let's implement and use the TPM2 command to lock an NV Ram location (TPM2_NV_WriteLock). BRANCH=none BUG=chrome-os-partner:50645 TEST=verified that TPM2_NV_WriteLock command is invoked before RO firmware starts RW, and succeeds. Change-Id: I52aa8db95b908488ec4cf0843afeb6310dc7f38b Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: 2f859335dfccfeea900f15bbb8c6cb3fd5ec8c77 Original-Change-Id: I62f22b9991522d4309cccc44180a5ebd4dca488d Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/358097 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Original-Reviewed-by: Darren Krahn <dkrahn@chromium.org> Reviewed-on: https://review.coreboot.org/15638 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2016-07-13tpm2: add TPM_Clear command processingVadim Bendebury
The command is sent in session mode, but has no parameters associated with it. BRANCH=none BUG=chrome-os-partner:50645 TEST=with the following patches verified that TPM_Clear command is handled successfully by the TPM. Change-Id: I3c9151e336084160acd3bb1f36f45b4d5efd4a33 Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: 503ad5e72fd5bd902325d74fd680c17c7c590e36 Original-Change-Id: Ida19e75166e1282732810cf45be21e59515d88e2 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/357973 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/15634 Tested-by: build bot (Jenkins) Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>
2016-07-13tpm2: refactor session header marshallingVadim Bendebury
For coreboot TPM2 the use case session header is always the minimal possible size, the only difference is that some commands require one and some require two handles. Refactor common session header marshalling code into a separate function. This will be useful when more commands marshalling code is added. BRANCH=none BUG=chrome-os-partner:50645 TEST=flashed the TPM and rebooted the device a few times, it successfully loaded chrome os on every attempt. Change-Id: I9b1697c44f67aab32b9cd556b559a55d5050be06 Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: a97a7fa16ceeb484e90e2e1f0573e58a468350b2 Original-Change-Id: I86e6426be5200f28ebb2174b418254018e81da8e Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/357972 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/15633 Tested-by: build bot (Jenkins) Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>
2016-07-13tpm2: clean up tpm_marshal_command()Vadim Bendebury
The function is reusing some variables which confuses the reader as the variable names do not match their second function. This patch edits the code for readability without changing functionality. BRANCH=None BUG=chrome-os-partner:50465 TEST=with the rest of the patches applied Kevin still boots into chrome OS. Change-Id: I396206a64403229ba3921a47b5a08748d8a4b0a3 Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: 3cf02c365d098c9d2ca57def7cf349ef2291d140 Original-Change-Id: I95a07945d9d2b00a69d514014f848802b82dd90f Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/358915 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/15611 Tested-by: build bot (Jenkins) Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>
2016-07-13tpm2: avoid comparison between signed and unsigned intsVadim Bendebury
The marshaling/unmarshaling code is using integer values to represent room left in the buffer, to be able to communicate three conditions: positive number means there is room left in the buffer, zero means that the exact amount of data in the buffer was unmarshaled and negative value means that the result of the operation did not fit into the buffer. The implementation is wrong though, as it compares directly signed and unsigned values, which is illegal, as signed values get promoted to unsigned by the compiler. This patch changes the marshaling code to use size_t for the size, and use zero as marshaling failure indication - after all the buffer where the data is marshaled to should definitely be large enough, and it is reasonable to expect at least some room left in it after marshaling. The unmarshaling situation is different: we sure want to communicate errors to the caller, but do not want to propagate error return values through multiple layers. This patch keeps the size value in int, but checks if it is negative separately, before comparing with positive values. BRANCH=none BUG=chrome-os-partner:50645 TEST=with the rest of the patches applied kevin successfully boots up. Change-Id: Ibfbd1b351e35e37c8925a78d095e4e8492805bad Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: b1e862c2a650fa5f6cb25a01fe61e848a696cf17 Original-Change-Id: Ie7552b333afaff9a1234c948caf9d9a64447b2e1 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/358772 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/15610 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
2016-07-11tpm2: add marshaling/unmarshaling layerVadim Bendebury
TPM commands need to be serialized (marshaled) to be sent to the device, and the responses need to be de-serialized (unmarshaled) to be properly interpreted by upper layers. This layer does not exist in TPM1.2 coreboot implementation, all TPM commands used there were hardcoded as binary arrays. Availability of the marshaling/unmarshaling layer makes it much easier to add new TPM commands to the code. Command and response structures used in these functions are defined in Parts 2 and 3 of the TCG issued document Trusted Platform Module Library Family "2.0" Level 00 Revision 01.16 October 30, 2014 BRANCH=none BUG=chrome-os-partner:50645 TEST=with the rest of the patches applied it is possible to successfully initialize firmware and kernel TPM spaces. Change-Id: I80b3f971e347bb30ea08f820ec3dd27e1656c060 Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: 0782d9d452efb732e85d1503fccfcb4bf9f69a68 Original-Change-Id: I202276ef9a43c28b5f304f901ac5b91048878b76 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/353915 Original-Reviewed-by: Bill Richardson <wfrichar@chromium.org> Original-Reviewed-by: Darren Krahn <dkrahn@chromium.org> Reviewed-on: https://review.coreboot.org/15570 Tested-by: build bot (Jenkins) Reviewed-by: Furquan Shaikh <furquan@google.com> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@googlemail.com>