| Miquel Raynal | f3b4350 | 2018-05-15 11:57:08 +0200 | [diff] [blame] | 1 | // SPDX-License-Identifier: GPL-2.0+ |
| 2 | /* |
| 3 | * Copyright (c) 2018 Bootlin |
| 4 | * Author: Miquel Raynal <miquel.raynal@bootlin.com> |
| 5 | */ |
| 6 | |
| 7 | #include <common.h> |
| 8 | #include <dm.h> |
| 9 | #include <tpm-common.h> |
| 10 | #include <tpm-v2.h> |
| 11 | #include "tpm-utils.h" |
| Miquel Raynal | 65a1a6c | 2018-05-15 11:57:12 +0200 | [diff] [blame] | 12 | |
| 13 | u32 tpm2_startup(enum tpm2_startup_types mode) |
| 14 | { |
| 15 | const u8 command_v2[12] = { |
| 16 | tpm_u16(TPM2_ST_NO_SESSIONS), |
| 17 | tpm_u32(12), |
| 18 | tpm_u32(TPM2_CC_STARTUP), |
| 19 | tpm_u16(mode), |
| 20 | }; |
| 21 | int ret; |
| 22 | |
| 23 | /* |
| 24 | * Note TPM2_Startup command will return RC_SUCCESS the first time, |
| 25 | * but will return RC_INITIALIZE otherwise. |
| 26 | */ |
| 27 | ret = tpm_sendrecv_command(command_v2, NULL, NULL); |
| 28 | if (ret && ret != TPM2_RC_INITIALIZE) |
| 29 | return ret; |
| 30 | |
| 31 | return 0; |
| 32 | } |
| Miquel Raynal | 39c7608 | 2018-05-15 11:57:13 +0200 | [diff] [blame] | 33 | |
| 34 | u32 tpm2_self_test(enum tpm2_yes_no full_test) |
| 35 | { |
| 36 | const u8 command_v2[12] = { |
| 37 | tpm_u16(TPM2_ST_NO_SESSIONS), |
| 38 | tpm_u32(11), |
| 39 | tpm_u32(TPM2_CC_SELF_TEST), |
| 40 | full_test, |
| 41 | }; |
| 42 | |
| 43 | return tpm_sendrecv_command(command_v2, NULL, NULL); |
| 44 | } |
| Miquel Raynal | 8df6f8d | 2018-05-15 11:57:14 +0200 | [diff] [blame] | 45 | |
| 46 | u32 tpm2_clear(u32 handle, const char *pw, const ssize_t pw_sz) |
| 47 | { |
| 48 | u8 command_v2[COMMAND_BUFFER_SIZE] = { |
| 49 | tpm_u16(TPM2_ST_SESSIONS), /* TAG */ |
| 50 | tpm_u32(27 + pw_sz), /* Length */ |
| 51 | tpm_u32(TPM2_CC_CLEAR), /* Command code */ |
| 52 | |
| 53 | /* HANDLE */ |
| 54 | tpm_u32(handle), /* TPM resource handle */ |
| 55 | |
| 56 | /* AUTH_SESSION */ |
| 57 | tpm_u32(9 + pw_sz), /* Authorization size */ |
| 58 | tpm_u32(TPM2_RS_PW), /* Session handle */ |
| 59 | tpm_u16(0), /* Size of <nonce> */ |
| 60 | /* <nonce> (if any) */ |
| 61 | 0, /* Attributes: Cont/Excl/Rst */ |
| 62 | tpm_u16(pw_sz), /* Size of <hmac/password> */ |
| 63 | /* STRING(pw) <hmac/password> (if any) */ |
| 64 | }; |
| 65 | unsigned int offset = 27; |
| 66 | int ret; |
| 67 | |
| 68 | /* |
| 69 | * Fill the command structure starting from the first buffer: |
| 70 | * - the password (if any) |
| 71 | */ |
| 72 | ret = pack_byte_string(command_v2, sizeof(command_v2), "s", |
| 73 | offset, pw, pw_sz); |
| 74 | offset += pw_sz; |
| 75 | if (ret) |
| 76 | return TPM_LIB_ERROR; |
| 77 | |
| 78 | return tpm_sendrecv_command(command_v2, NULL, NULL); |
| 79 | } |
| Miquel Raynal | 14d7235 | 2018-05-15 11:57:15 +0200 | [diff] [blame] | 80 | |
| 81 | u32 tpm2_pcr_extend(u32 index, const uint8_t *digest) |
| 82 | { |
| 83 | u8 command_v2[COMMAND_BUFFER_SIZE] = { |
| 84 | tpm_u16(TPM2_ST_SESSIONS), /* TAG */ |
| 85 | tpm_u32(33 + TPM2_DIGEST_LEN), /* Length */ |
| 86 | tpm_u32(TPM2_CC_PCR_EXTEND), /* Command code */ |
| 87 | |
| 88 | /* HANDLE */ |
| 89 | tpm_u32(index), /* Handle (PCR Index) */ |
| 90 | |
| 91 | /* AUTH_SESSION */ |
| 92 | tpm_u32(9), /* Authorization size */ |
| 93 | tpm_u32(TPM2_RS_PW), /* Session handle */ |
| 94 | tpm_u16(0), /* Size of <nonce> */ |
| 95 | /* <nonce> (if any) */ |
| 96 | 0, /* Attributes: Cont/Excl/Rst */ |
| 97 | tpm_u16(0), /* Size of <hmac/password> */ |
| 98 | /* <hmac/password> (if any) */ |
| 99 | tpm_u32(1), /* Count (number of hashes) */ |
| 100 | tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */ |
| 101 | /* STRING(digest) Digest */ |
| 102 | }; |
| 103 | unsigned int offset = 33; |
| 104 | int ret; |
| 105 | |
| 106 | /* |
| 107 | * Fill the command structure starting from the first buffer: |
| 108 | * - the digest |
| 109 | */ |
| 110 | ret = pack_byte_string(command_v2, sizeof(command_v2), "s", |
| 111 | offset, digest, TPM2_DIGEST_LEN); |
| 112 | offset += TPM2_DIGEST_LEN; |
| 113 | if (ret) |
| 114 | return TPM_LIB_ERROR; |
| 115 | |
| 116 | return tpm_sendrecv_command(command_v2, NULL, NULL); |
| 117 | } |
| Miquel Raynal | 4c1a585 | 2018-05-15 11:57:16 +0200 | [diff] [blame^] | 118 | |
| 119 | u32 tpm2_pcr_read(u32 idx, unsigned int idx_min_sz, void *data, |
| 120 | unsigned int *updates) |
| 121 | { |
| 122 | u8 idx_array_sz = max(idx_min_sz, DIV_ROUND_UP(idx, 8)); |
| 123 | u8 command_v2[COMMAND_BUFFER_SIZE] = { |
| 124 | tpm_u16(TPM2_ST_NO_SESSIONS), /* TAG */ |
| 125 | tpm_u32(17 + idx_array_sz), /* Length */ |
| 126 | tpm_u32(TPM2_CC_PCR_READ), /* Command code */ |
| 127 | |
| 128 | /* TPML_PCR_SELECTION */ |
| 129 | tpm_u32(1), /* Number of selections */ |
| 130 | tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */ |
| 131 | idx_array_sz, /* Array size for selection */ |
| 132 | /* bitmap(idx) Selected PCR bitmap */ |
| 133 | }; |
| 134 | size_t response_len = COMMAND_BUFFER_SIZE; |
| 135 | u8 response[COMMAND_BUFFER_SIZE]; |
| 136 | unsigned int pcr_sel_idx = idx / 8; |
| 137 | u8 pcr_sel_bit = BIT(idx % 8); |
| 138 | unsigned int counter = 0; |
| 139 | int ret; |
| 140 | |
| 141 | if (pack_byte_string(command_v2, COMMAND_BUFFER_SIZE, "b", |
| 142 | 17 + pcr_sel_idx, pcr_sel_bit)) |
| 143 | return TPM_LIB_ERROR; |
| 144 | |
| 145 | ret = tpm_sendrecv_command(command_v2, response, &response_len); |
| 146 | if (ret) |
| 147 | return ret; |
| 148 | |
| 149 | if (unpack_byte_string(response, response_len, "ds", |
| 150 | 10, &counter, |
| 151 | response_len - TPM2_DIGEST_LEN, data, |
| 152 | TPM2_DIGEST_LEN)) |
| 153 | return TPM_LIB_ERROR; |
| 154 | |
| 155 | if (updates) |
| 156 | *updates = counter; |
| 157 | |
| 158 | return 0; |
| 159 | } |