Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 1 | /* Copyright (c) 2013 The Chromium OS Authors. All rights reserved. |
| 2 | * Use of this source code is governed by a BSD-style license that can be |
| 3 | * found in the LICENSE file. |
| 4 | * |
| 5 | * Functions for querying, manipulating and locking rollback indices |
| 6 | * stored in the TPM NVRAM. |
| 7 | */ |
| 8 | |
Daisuke Nojiri | 5799097 | 2014-07-15 19:47:32 -0700 | [diff] [blame] | 9 | #ifndef ANTIROLLBACK_H_ |
| 10 | #define ANTIROLLBACK_H_ |
Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 11 | |
Daisuke Nojiri | 5799097 | 2014-07-15 19:47:32 -0700 | [diff] [blame] | 12 | #include "tpm_lite/tss_constants.h" |
Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 13 | |
Randall Spangler | 144c228 | 2014-12-03 17:35:53 -0800 | [diff] [blame] | 14 | struct vb2_context; |
Julius Werner | 76e3303 | 2015-01-30 18:45:27 -0800 | [diff] [blame] | 15 | enum vb2_pcr_digest; |
Randall Spangler | 144c228 | 2014-12-03 17:35:53 -0800 | [diff] [blame] | 16 | |
Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 17 | /* TPM NVRAM location indices. */ |
| 18 | #define FIRMWARE_NV_INDEX 0x1007 |
Daisuke Nojiri | 97ea9c0 | 2014-09-29 13:02:29 -0700 | [diff] [blame] | 19 | #define KERNEL_NV_INDEX 0x1008 |
Daisuke Nojiri | 03bf301 | 2016-10-07 13:59:36 -0700 | [diff] [blame] | 20 | /* 0x1009 used to be used as a backup space. Think of conflicts if you |
| 21 | * want to use 0x1009 for something else. */ |
Furquan Shaikh | 4b2fed5 | 2016-11-07 23:50:12 -0800 | [diff] [blame] | 22 | #define BACKUP_NV_INDEX 0x1009 |
| 23 | #define FWMP_NV_INDEX 0x100a |
Furquan Shaikh | b038f41 | 2016-11-07 23:47:11 -0800 | [diff] [blame] | 24 | #define REC_HASH_NV_INDEX 0x100b |
| 25 | #define REC_HASH_NV_SIZE VB2_SHA256_DIGEST_SIZE |
Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 26 | |
| 27 | /* Structure definitions for TPM spaces */ |
| 28 | |
Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 29 | /* Flags for firmware space */ |
Daisuke Nojiri | 5799097 | 2014-07-15 19:47:32 -0700 | [diff] [blame] | 30 | |
Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 31 | /* |
| 32 | * Last boot was developer mode. TPM ownership is cleared when transitioning |
| 33 | * to/from developer mode. |
| 34 | */ |
| 35 | #define FLAG_LAST_BOOT_DEVELOPER 0x01 |
Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 36 | |
| 37 | /* All functions return TPM_SUCCESS (zero) if successful, non-zero if error */ |
| 38 | |
Daisuke Nojiri | 5799097 | 2014-07-15 19:47:32 -0700 | [diff] [blame] | 39 | uint32_t antirollback_read_space_firmware(struct vb2_context *ctx); |
Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 40 | |
| 41 | /** |
| 42 | * Write may be called if the versions change. |
| 43 | */ |
Daisuke Nojiri | 5799097 | 2014-07-15 19:47:32 -0700 | [diff] [blame] | 44 | uint32_t antirollback_write_space_firmware(struct vb2_context *ctx); |
Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 45 | |
| 46 | /** |
| 47 | * Lock must be called. |
| 48 | */ |
Daisuke Nojiri | 5799097 | 2014-07-15 19:47:32 -0700 | [diff] [blame] | 49 | uint32_t antirollback_lock_space_firmware(void); |
Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 50 | |
Furquan Shaikh | b038f41 | 2016-11-07 23:47:11 -0800 | [diff] [blame] | 51 | /* Read recovery hash data from TPM. */ |
| 52 | uint32_t antirollback_read_space_rec_hash(uint8_t *data, uint32_t size); |
| 53 | /* Write new hash data to recovery space in TPM. */ |
| 54 | uint32_t antirollback_write_space_rec_hash(const uint8_t *data, uint32_t size); |
| 55 | /* Lock down recovery hash space in TPM. */ |
| 56 | uint32_t antirollback_lock_space_rec_hash(void); |
| 57 | |
Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 58 | /****************************************************************************/ |
| 59 | |
| 60 | /* |
| 61 | * The following functions are internal apis, listed here for use by unit tests |
| 62 | * only. |
| 63 | */ |
| 64 | |
| 65 | /** |
Julius Werner | 76e3303 | 2015-01-30 18:45:27 -0800 | [diff] [blame] | 66 | * Ask vboot for a digest and extend a TPM PCR with it. |
| 67 | */ |
| 68 | uint32_t tpm_extend_pcr(struct vb2_context *ctx, int pcr, |
| 69 | enum vb2_pcr_digest which_digest); |
| 70 | |
| 71 | /** |
Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 72 | * Issue a TPM_Clear and reenable/reactivate the TPM. |
| 73 | */ |
Daisuke Nojiri | 5799097 | 2014-07-15 19:47:32 -0700 | [diff] [blame] | 74 | uint32_t tpm_clear_and_reenable(void); |
Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 75 | |
| 76 | /** |
Daisuke Nojiri | 5799097 | 2014-07-15 19:47:32 -0700 | [diff] [blame] | 77 | * Start the TPM and establish the root of trust for the antirollback mechanism. |
Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 78 | */ |
Daisuke Nojiri | 5799097 | 2014-07-15 19:47:32 -0700 | [diff] [blame] | 79 | uint32_t setup_tpm(struct vb2_context *ctx); |
Daisuke Nojiri | efb5cde | 2014-07-02 08:37:23 -0700 | [diff] [blame] | 80 | |
Daisuke Nojiri | 5799097 | 2014-07-15 19:47:32 -0700 | [diff] [blame] | 81 | #endif /* ANTIROLLBACK_H_ */ |