<p>Philipp Deppenwiese has uploaded this change for <strong>review</strong>.</p><p><a href="https://review.coreboot.org/22106">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;">security/tpm: Setup generic TSPI<br><br>* Remove second software stack from driver level<br> (src/drivers/pc80/tpm/romstage.c)<br>* Re-implement init_tpm() and fix includes.<br>* Move antirollback.h to the vboot directory.<br>* Split antirollback and tspi functions.<br><br>Change-Id: I883c489801fce88e13952fe24b67315ab6bb1afb<br>Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org><br>---<br>M src/cpu/intel/haswell/romstage.c<br>M src/drivers/intel/fsp2_0/memory_init.c<br>M src/drivers/pc80/tpm/Kconfig<br>M src/drivers/pc80/tpm/Makefile.inc<br>D src/drivers/pc80/tpm/romstage.c<br>M src/mainboard/asus/kgpe-d16/romstage.c<br>M src/mainboard/google/link/romstage.c<br>M src/mainboard/google/parrot/romstage.c<br>M src/mainboard/google/stout/romstage.c<br>M src/mainboard/intel/emeraldlake2/romstage.c<br>M src/mainboard/lenovo/x201/romstage.c<br>M src/mainboard/pcengines/apu2/romstage.c<br>M src/mainboard/samsung/lumpy/romstage.c<br>M src/mainboard/samsung/stumpy/romstage.c<br>M src/northbridge/intel/sandybridge/romstage.c<br>M src/security/tpm/Kconfig<br>M src/security/tpm/Makefile.inc<br>M src/security/tpm/tddl.h<br>A src/security/tpm/tspi.h<br>A src/security/tpm/tspi/generic.c<br>M src/security/tpm/tss/tcg-2.0/tss.c<br>R src/security/vboot/antirollback.h<br>M src/security/vboot/secdata_mock.c<br>M src/security/vboot/secdata_tpm.c<br>M src/security/vboot/vboot_logic.c<br>M src/soc/intel/baytrail/romstage/romstage.c<br>M src/soc/intel/broadwell/romstage/romstage.c<br>27 files changed, 242 insertions(+), 320 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">git pull ssh://review.coreboot.org:29418/coreboot refs/changes/06/22106/1</pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">diff --git a/src/cpu/intel/haswell/romstage.c b/src/cpu/intel/haswell/romstage.c<br>index 4d9f1a3..a2a38f7 100644<br>--- a/src/cpu/intel/haswell/romstage.c<br>+++ b/src/cpu/intel/haswell/romstage.c<br>@@ -42,7 +42,7 @@<br> #include "northbridge/intel/haswell/raminit.h"<br> #include "southbridge/intel/lynxpoint/pch.h"<br> #include "southbridge/intel/lynxpoint/me.h"<br>-#include <security/tpm/tddl.h><br>+#include <security/tpm/tspi.h><br> <br> static inline void reset_system(void)<br> {<br>diff --git a/src/drivers/intel/fsp2_0/memory_init.c b/src/drivers/intel/fsp2_0/memory_init.c<br>index 61b070a..726cc0c 100644<br>--- a/src/drivers/intel/fsp2_0/memory_init.c<br>+++ b/src/drivers/intel/fsp2_0/memory_init.c<br>@@ -12,7 +12,7 @@<br> */<br> <br> #include <compiler.h><br>-#include <security/tpm/antirollback.h><br>+#include <security/vboot/antirollback.h><br> #include <arch/io.h><br> #include <arch/cpu.h><br> #include <arch/symbols.h><br>diff --git a/src/drivers/pc80/tpm/Kconfig b/src/drivers/pc80/tpm/Kconfig<br>index 3bd9083..ba8dbeb 100644<br>--- a/src/drivers/pc80/tpm/Kconfig<br>+++ b/src/drivers/pc80/tpm/Kconfig<br>@@ -24,25 +24,3 @@<br> help<br> This can be used to specify a PIRQ to use instead of SERIRQ,<br> which is needed for SPI TPM interrupt support on x86.<br>-<br>-config TPM_INIT_FAILURE_IS_FATAL<br>- bool<br>- default n<br>- depends on LPC_TPM<br>- help<br>- What to do if TPM init failed. If true, force a hard reset,<br>- otherwise just log error message to console.<br>-<br>-config SKIP_TPM_STARTUP_ON_NORMAL_BOOT<br>- bool<br>- default n<br>- depends on LPC_TPM<br>- help<br>- Skip TPM init on normal boot. Useful if payload does TPM init.<br>-<br>-config TPM_DEACTIVATE<br>- bool "Deactivate TPM"<br>- default n<br>- depends on LPC_TPM<br>- help<br>- Deactivate TPM by issuing deactivate command.<br>diff --git a/src/drivers/pc80/tpm/Makefile.inc b/src/drivers/pc80/tpm/Makefile.inc<br>index b15207c..0e614e8 100644<br>--- a/src/drivers/pc80/tpm/Makefile.inc<br>+++ b/src/drivers/pc80/tpm/Makefile.inc<br>@@ -3,6 +3,5 @@<br> verstage-$(CONFIG_LPC_TPM) += tddl.c<br> romstage-$(CONFIG_LPC_TPM) += tddl.c<br> ramstage-$(CONFIG_LPC_TPM) += tddl.c<br>-romstage-$(CONFIG_LPC_TPM) += romstage.c<br> <br> endif<br>diff --git a/src/drivers/pc80/tpm/romstage.c b/src/drivers/pc80/tpm/romstage.c<br>deleted file mode 100644<br>index f33dec8..0000000<br>--- a/src/drivers/pc80/tpm/romstage.c<br>+++ /dev/null<br>@@ -1,253 +0,0 @@<br>-/*<br>- * This file is part of the coreboot project.<br>- *<br>- * Copyright (C) 2011 The ChromiumOS Authors. All rights reserved.<br>- *<br>- * This program is free software; you can redistribute it and/or modify<br>- * it under the terms of the GNU General Public License as published by<br>- * the Free Software Foundation; version 2 of the License.<br>- *<br>- * This program is distributed in the hope that it will be useful,<br>- * but WITHOUT ANY WARRANTY; without even the implied warranty of<br>- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the<br>- * GNU General Public License for more details.<br>- */<br>-<br>-#include <types.h><br>-#include <console/cbmem_console.h><br>-#include <console/console.h><br>-#include <arch/acpi.h><br>-#include <security/tpm/tddl.h><br>-#include <reset.h><br>-<br>-//#define EXTRA_LOGGING<br>-<br>-#define TPM_LARGE_ENOUGH_COMMAND_SIZE 256 /* saves space in the firmware */<br>-<br>-#define TPM_SUCCESS ((u32)0x00000000)<br>-<br>-#define TPM_E_IOERROR ((u32)0x0000001f)<br>-#define TPM_E_COMMUNICATION_ERROR ((u32)0x00005004)<br>-#define TPM_E_NON_FATAL ((u32)0x00000800)<br>-#define TPM_E_INVALID_POSTINIT ((u32)0x00000026)<br>-<br>-#define TPM_E_NEEDS_SELFTEST ((u32)(TPM_E_NON_FATAL + 1))<br>-#define TPM_E_DOING_SELFTEST ((u32)(TPM_E_NON_FATAL + 2))<br>-<br>-static const struct {<br>- u8 buffer[12];<br>-} tpm_resume_cmd = {<br>- { 0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x2 }<br>-};<br>-<br>-static const struct {<br>- u8 buffer[12];<br>-} tpm_startup_cmd = {<br>- {0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x1 }<br>-};<br>-<br>-static const struct {<br>- u8 buffer[12];<br>-} tpm_deactivate_cmd = {<br>- {0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x3 }<br>-};<br>-<br>-static const struct {<br>- u8 buffer[10];<br>-} tpm_continueselftest_cmd = {<br>- { 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x53 }<br>-};<br>-<br>-static inline void FromTpmUint32(const u8 * buffer, u32 * x)<br>-{<br>- *x = ((buffer[0] << 24) |<br>- (buffer[1] << 16) | (buffer[2] << 8) | buffer[3]);<br>-}<br>-<br>-static inline int TpmCommandSize(const u8 * buffer)<br>-{<br>- u32 size;<br>- FromTpmUint32(buffer + sizeof(u16), &size);<br>- return (int)size;<br>-}<br>-<br>-/* Gets the code field of a TPM command. */<br>-static inline int TpmCommandCode(const u8 * buffer)<br>-{<br>- u32 code;<br>- FromTpmUint32(buffer + sizeof(u16) + sizeof(u32), &code);<br>- return code;<br>-}<br>-<br>-/* Gets the return code field of a TPM result. */<br>-static inline int TpmReturnCode(const u8 * buffer)<br>-{<br>- return TpmCommandCode(buffer);<br>-}<br>-<br>-/* Like TlclSendReceive below, but do not retry if NEEDS_SELFTEST or<br>- * DOING_SELFTEST errors are returned.<br>- */<br>-static u32 TlclSendReceiveNoRetry(const u8 * request,<br>- u8 * response, int max_length)<br>-{<br>- size_t response_length = max_length;<br>- u32 result;<br>-<br>-#ifdef EXTRA_LOGGING<br>- printk(BIOS_DEBUG, "TPM: command: %x%x %x%x%x%x %x%x%x%x\n",<br>- request[0], request[1],<br>- request[2], request[3], request[4], request[5],<br>- request[6], request[7], request[8], request[9]);<br>-#endif<br>-<br>- result = TPM_SUCCESS;<br>- if (tis_sendrecv<br>- (request, TpmCommandSize(request), response, &response_length))<br>- result = TPM_E_IOERROR;<br>-<br>- if (0 != result) {<br>- /* Communication with TPM failed, so response is garbage */<br>- printk(BIOS_DEBUG,<br>- "TPM: command 0x%x send/receive failed: 0x%x\n",<br>- TpmCommandCode(request), result);<br>- return TPM_E_COMMUNICATION_ERROR;<br>- }<br>- /* Otherwise, use the result code from the response */<br>- result = TpmReturnCode(response);<br>-<br>-/* TODO: add paranoia about returned response_length vs. max_length<br>- * (and possibly expected length from the response header). See<br>- * crosbug.com/17017 */<br>-<br>-#ifdef EXTRA_LOGGING<br>- printk(BIOS_DEBUG, "TPM: response: %x%x %x%x%x%x %x%x%x%x\n",<br>- response[0], response[1],<br>- response[2], response[3], response[4], response[5],<br>- response[6], response[7], response[8], response[9]);<br>-#endif<br>-<br>- printk(BIOS_DEBUG, "TPM: command 0x%x returned 0x%x\n",<br>- TpmCommandCode(request), result);<br>-<br>- return result;<br>-}<br>-<br>-static inline u32 TlclContinueSelfTest(void)<br>-{<br>- u8 response[TPM_LARGE_ENOUGH_COMMAND_SIZE];<br>- printk(BIOS_DEBUG, "TPM: Continue self test\n");<br>- /* Call the No Retry version of SendReceive to avoid recursion. */<br>- return TlclSendReceiveNoRetry(tpm_continueselftest_cmd.buffer,<br>- response, sizeof(response));<br>-}<br>-<br>-/* Sends a TPM command and gets a response. Returns 0 if success or the TPM<br>- * error code if error. In the firmware, waits for the self test to complete<br>- * if needed. In the host, reports the first error without retries. */<br>-static u32 TlclSendReceive(const u8 * request, u8 * response, int max_length)<br>-{<br>- u32 result = TlclSendReceiveNoRetry(request, response, max_length);<br>- /* When compiling for the firmware, hide command failures due to the self<br>- * test not having run or completed. */<br>- /* If the command fails because the self test has not completed, try it<br>- * again after attempting to ensure that the self test has completed. */<br>- if (result == TPM_E_NEEDS_SELFTEST || result == TPM_E_DOING_SELFTEST) {<br>- result = TlclContinueSelfTest();<br>- if (result != TPM_SUCCESS) {<br>- return result;<br>- }<br>-#if defined(TPM_BLOCKING_CONTINUESELFTEST) || defined(VB_RECOVERY_MODE)<br>- /* Retry only once */<br>- result = TlclSendReceiveNoRetry(request, response, max_length);<br>-#else<br>- /* This needs serious testing. The TPM specification says:<br>- * "iii. The caller MUST wait for the actions of<br>- * TPM_ContinueSelfTest to complete before reissuing the<br>- * command C1." But, if ContinueSelfTest is non-blocking, how<br>- * do we know that the actions have completed other than trying<br>- * again? */<br>- do {<br>- result =<br>- TlclSendReceiveNoRetry(request, response,<br>- max_length);<br>- } while (result == TPM_E_DOING_SELFTEST);<br>-#endif<br>- }<br>-<br>- return result;<br>-}<br>-<br>-void init_tpm(int s3resume)<br>-{<br>- u32 result;<br>- u8 response[TPM_LARGE_ENOUGH_COMMAND_SIZE];<br>-<br>- if (IS_ENABLED(CONFIG_TPM_DEACTIVATE)) {<br>- printk(BIOS_SPEW, "TPM: Deactivate\n");<br>- result = TlclSendReceive(tpm_deactivate_cmd.buffer,<br>- response, sizeof(response));<br>- if (result == TPM_SUCCESS) {<br>- printk(BIOS_SPEW, "TPM: OK.\n");<br>- return;<br>- }<br>-<br>- printk(BIOS_ERR, "TPM: Error code 0x%x.\n", result);<br>- return;<br>- }<br>-<br>- /* Doing TPM startup when we're not coming in on the S3 resume path<br>- * saves us roughly 20ms in boot time only. This does not seem to<br>- * be worth an API change to vboot_reference-firmware right now, so<br>- * let's keep the code around, but just bail out early:<br>- */<br>- if (s3resume ? CONFIG_NO_TPM_RESUME<br>- : CONFIG_SKIP_TPM_STARTUP_ON_NORMAL_BOOT)<br>- return;<br>-<br>- printk(BIOS_DEBUG, "TPM initialization.\n");<br>-<br>- printk(BIOS_SPEW, "TPM: Init\n");<br>- if (tis_init())<br>- return;<br>-<br>- printk(BIOS_SPEW, "TPM: Open\n");<br>- if (tis_open())<br>- return;<br>-<br>- if (s3resume) {<br>- /* S3 Resume */<br>- printk(BIOS_SPEW, "TPM: Resume\n");<br>- result = TlclSendReceive(tpm_resume_cmd.buffer,<br>- response, sizeof(response));<br>- if (result == TPM_E_INVALID_POSTINIT) {<br>- /* We're on a platform where the TPM maintains power<br>- * in S3, so it's already initialized.<br>- */<br>- printk(BIOS_DEBUG, "TPM: Already initialized.\n");<br>- tis_close();<br>- return;<br>- }<br>- } else {<br>- printk(BIOS_SPEW, "TPM: Startup\n");<br>- result = TlclSendReceive(tpm_startup_cmd.buffer,<br>- response, sizeof(response));<br>- }<br>-<br>- tis_close();<br>-<br>- if (result == TPM_SUCCESS) {<br>- printk(BIOS_SPEW, "TPM: OK.\n");<br>- return;<br>- }<br>-<br>- printk(BIOS_ERR, "TPM: Error code 0x%x.\n", result);<br>-<br>- if (IS_ENABLED(CONFIG_TPM_INIT_FAILURE_IS_FATAL)) {<br>- printk(BIOS_ERR, "Hard reset!\n");<br>- post_code(POST_TPM_FAILURE);<br>- if (IS_ENABLED(CONFIG_CONSOLE_CBMEM_DUMP_TO_UART))<br>- cbmem_dump_console();<br>- hard_reset();<br>- }<br>-}<br>diff --git a/src/mainboard/asus/kgpe-d16/romstage.c b/src/mainboard/asus/kgpe-d16/romstage.c<br>index f1a6984..3e01b5c 100644<br>--- a/src/mainboard/asus/kgpe-d16/romstage.c<br>+++ b/src/mainboard/asus/kgpe-d16/romstage.c<br>@@ -46,7 +46,7 @@<br> #include <cpu/amd/family_10h-family_15h/init_cpus.h><br> #include <arch/early_variables.h><br> #include <cbmem.h><br>-#include <security/tpm/tddl.h><br>+#include <security/tpm/tspi.h><br> <br> #include "resourcemap.c"<br> #include "cpu/amd/quadcore/quadcore.c"<br>diff --git a/src/mainboard/google/link/romstage.c b/src/mainboard/google/link/romstage.c<br>index 4c83790..9cf2cc8 100644<br>--- a/src/mainboard/google/link/romstage.c<br>+++ b/src/mainboard/google/link/romstage.c<br>@@ -35,7 +35,7 @@<br> #include <arch/cpu.h><br> #include <cpu/x86/msr.h><br> #include <halt.h><br>-#include <security/tpm/tddl.h><br>+#include <security/tpm/tspi.h><br> #include <cbfs.h><br> <br> #include <southbridge/intel/bd82x6x/chip.h><br>diff --git a/src/mainboard/google/parrot/romstage.c b/src/mainboard/google/parrot/romstage.c<br>index d845f4a..9e68493 100644<br>--- a/src/mainboard/google/parrot/romstage.c<br>+++ b/src/mainboard/google/parrot/romstage.c<br>@@ -35,7 +35,7 @@<br> #include <cpu/x86/msr.h><br> #include <halt.h><br> #include <cbfs.h><br>-#include <security/tpm/tddl.h><br>+#include <security/tpm/tspi.h><br> #include "ec/compal/ene932/ec.h"<br> <br> void pch_enable_lpc(void)<br>diff --git a/src/mainboard/google/stout/romstage.c b/src/mainboard/google/stout/romstage.c<br>index 8951d06..387ed76 100644<br>--- a/src/mainboard/google/stout/romstage.c<br>+++ b/src/mainboard/google/stout/romstage.c<br>@@ -35,7 +35,7 @@<br> #include <cpu/x86/msr.h><br> #include <halt.h><br> #include <bootmode.h><br>-#include <security/tpm/tddl.h><br>+#include <security/tpm/tspi.h><br> #include <cbfs.h><br> #include <ec/quanta/it8518/ec.h><br> #include "ec.h"<br>diff --git a/src/mainboard/intel/emeraldlake2/romstage.c b/src/mainboard/intel/emeraldlake2/romstage.c<br>index 5048621..9ecfeec 100644<br>--- a/src/mainboard/intel/emeraldlake2/romstage.c<br>+++ b/src/mainboard/intel/emeraldlake2/romstage.c<br>@@ -35,7 +35,7 @@<br> #include <arch/cpu.h><br> #include <cpu/x86/msr.h><br> #include <halt.h><br>-#include <security/tpm/tddl.h><br>+#include <security/tpm/tspi.h><br> <br> #define SIO_PORT 0x164e<br> <br>diff --git a/src/mainboard/lenovo/x201/romstage.c b/src/mainboard/lenovo/x201/romstage.c<br>index efd3d09..1848c4b 100644<br>--- a/src/mainboard/lenovo/x201/romstage.c<br>+++ b/src/mainboard/lenovo/x201/romstage.c<br>@@ -35,7 +35,7 @@<br> #include <timestamp.h><br> #include <arch/acpi.h><br> #include <cbmem.h><br>-#include <security/tpm/tddl.h><br>+#include <security/tpm/tspi.h><br> <br> #include "dock.h"<br> #include "arch/early_variables.h"<br>diff --git a/src/mainboard/pcengines/apu2/romstage.c b/src/mainboard/pcengines/apu2/romstage.c<br>index b068cdf..08dba40 100644<br>--- a/src/mainboard/pcengines/apu2/romstage.c<br>+++ b/src/mainboard/pcengines/apu2/romstage.c<br>@@ -32,7 +32,7 @@<br> #include <cpu/x86/lapic.h><br> #include <southbridge/amd/pi/hudson/hudson.h><br> #include <Fch/Fch.h><br>-#include <security/tpm/tddl.h><br>+#include <security/tpm/tspi.h><br> <br> #include "gpio_ftns.h"<br> <br>diff --git a/src/mainboard/samsung/lumpy/romstage.c b/src/mainboard/samsung/lumpy/romstage.c<br>index 35ebd56..c066ca4 100644<br>--- a/src/mainboard/samsung/lumpy/romstage.c<br>+++ b/src/mainboard/samsung/lumpy/romstage.c<br>@@ -28,7 +28,7 @@<br> #include <cbmem.h><br> #include <console/console.h><br> #include <bootmode.h><br>-#include <security/tpm/tddl.h><br>+#include <security/tpm/tspi.h><br> #include <northbridge/intel/sandybridge/sandybridge.h><br> #include <northbridge/intel/sandybridge/raminit.h><br> #include <northbridge/intel/sandybridge/raminit_native.h><br>diff --git a/src/mainboard/samsung/stumpy/romstage.c b/src/mainboard/samsung/stumpy/romstage.c<br>index d8728d3..2572d77 100644<br>--- a/src/mainboard/samsung/stumpy/romstage.c<br>+++ b/src/mainboard/samsung/stumpy/romstage.c<br>@@ -37,7 +37,7 @@<br> #include <arch/cpu.h><br> #include <cpu/x86/msr.h><br> #include <halt.h><br>-#include <security/tpm/tddl.h><br>+#include <security/tpm/tspi.h><br> #if IS_ENABLED(CONFIG_DRIVERS_UART_8250IO)<br> #include <superio/smsc/lpc47n207/lpc47n207.h><br> #endif<br>diff --git a/src/northbridge/intel/sandybridge/romstage.c b/src/northbridge/intel/sandybridge/romstage.c<br>index 6f700db..01af408 100644<br>--- a/src/northbridge/intel/sandybridge/romstage.c<br>+++ b/src/northbridge/intel/sandybridge/romstage.c<br>@@ -28,7 +28,7 @@<br> #include <device/pci_def.h><br> #include <device/device.h><br> #include <halt.h><br>-#include <security/tpm/tddl.h><br>+#include <security/tpm/tspi.h><br> #include <northbridge/intel/sandybridge/chip.h><br> #include "southbridge/intel/bd82x6x/pch.h"<br> #include <southbridge/intel/common/gpio.h><br>diff --git a/src/security/tpm/Kconfig b/src/security/tpm/Kconfig<br>index 111f91a..578eac1 100644<br>--- a/src/security/tpm/Kconfig<br>+++ b/src/security/tpm/Kconfig<br>@@ -66,4 +66,26 @@<br> compliant with version 2 TCG TPM specification. Could be connected<br> over LPC, SPI or I2C.<br> <br>+config TPM_INIT_FAILURE_IS_FATAL<br>+ bool<br>+ default n<br>+ depends on LPC_TPM<br>+ help<br>+ What to do if TPM init failed. If true, force a hard reset,<br>+ otherwise just log error message to console.<br>+<br>+config SKIP_TPM_STARTUP_ON_NORMAL_BOOT<br>+ bool<br>+ default n<br>+ depends on LPC_TPM<br>+ help<br>+ Skip TPM init on normal boot. Useful if payload does TPM init.<br>+<br>+config TPM_DEACTIVATE<br>+ bool "Deactivate TPM"<br>+ default n<br>+ depends on LPC_TPM<br>+ help<br>+ Deactivate TPM by issuing deactivate command.<br>+<br> endmenu # Trusted Platform Module (tpm)<br>diff --git a/src/security/tpm/Makefile.inc b/src/security/tpm/Makefile.inc<br>index 2385635..bf7954b 100644<br>--- a/src/security/tpm/Makefile.inc<br>+++ b/src/security/tpm/Makefile.inc<br>@@ -12,3 +12,12 @@<br> <br> ramstage-$(CONFIG_TPM2) += tss/tcg-2.0/tss_marshaling.c<br> ramstage-$(CONFIG_TPM2) += tss/tcg-2.0/tss.c<br>+<br>+## TSPI<br>+<br>+verstage-$(CONFIG_TPM) += tspi/generic.c<br>+romstage-$(CONFIG_TPM) += tspi/generic.c<br>+ramstage-$(CONFIG_TPM) += tspi/generic.c<br>+verstage-$(CONFIG_TPM2) += tspi/generic.c<br>+romstage-$(CONFIG_TPM2) += tspi/generic.c<br>+ramstage-$(CONFIG_TPM2) += tspi/generic.c<br>diff --git a/src/security/tpm/tddl.h b/src/security/tpm/tddl.h<br>index 051da0c..e9be92c 100644<br>--- a/src/security/tpm/tddl.h<br>+++ b/src/security/tpm/tddl.h<br>@@ -88,8 +88,6 @@<br> int tis_sendrecv(const u8 *sendbuf, size_t send_size, u8 *recvbuf,<br> size_t *recv_len);<br> <br>-void init_tpm(int s3resume);<br>-<br> /*<br> * tis_plat_irq_status()<br> *<br>diff --git a/src/security/tpm/tspi.h b/src/security/tpm/tspi.h<br>new file mode 100644<br>index 0000000..eed225f<br>--- /dev/null<br>+++ b/src/security/tpm/tspi.h<br>@@ -0,0 +1,49 @@<br>+/*<br>+ * This file is part of the coreboot project.<br>+ *<br>+ * Copyright 2017 Facebook Inc.<br>+ *<br>+ * This program is free software; you can redistribute it and/or modify<br>+ * it under the terms of the GNU General Public License as published by<br>+ * the Free Software Foundation; version 2 of the License.<br>+ *<br>+ * This program is distributed in the hope that it will be useful,<br>+ * but WITHOUT ANY WARRANTY; without even the implied warranty of<br>+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the<br>+ * GNU General Public License for more details.<br>+ */<br>+<br>+#ifndef TSPI_H_<br>+#define TSPI_H_<br>+<br>+/**<br>+ * Start the TPM and establish the root of trust for the antirollback mechanism.<br>+ */<br>+uint32_t init_tpm(int s3resume);<br>+<br>+<br>+// TODO: Squash and crush them into the new stack.<br>+/*******************************************************************************<br>+ * Vboot2 related functions, Non generic..<br>+ */<br>+<br>+struct vb2_context;<br>+enum vb2_pcr_digest;<br>+<br>+/**<br>+ * Ask vboot for a digest and extend a TPM PCR with it.<br>+ */<br>+uint32_t tpm_extend_pcr(struct vb2_context *ctx, int pcr,<br>+ enum vb2_pcr_digest which_digest);<br>+<br>+/**<br>+ * Issue a TPM_Clear and reenable/reactivate the TPM.<br>+ */<br>+uint32_t tpm_clear_and_reenable(void);<br>+<br>+/**<br>+ * Start the TPM and establish the root of trust for the antirollback mechanism.<br>+ */<br>+uint32_t setup_tpm(struct vb2_context *ctx);<br>+<br>+#endif /* TSPI_H_ */<br>diff --git a/src/security/tpm/tspi/generic.c b/src/security/tpm/tspi/generic.c<br>new file mode 100644<br>index 0000000..3bc596c<br>--- /dev/null<br>+++ b/src/security/tpm/tspi/generic.c<br>@@ -0,0 +1,140 @@<br>+/*<br>+ * This file is part of the coreboot project.<br>+ *<br>+ * Copyright (c) 2013 The Chromium OS Authors. All rights reserved.<br>+ * Copyright 2017 Facebook Inc.<br>+ *<br>+ * This program is free software; you can redistribute it and/or modify<br>+ * it under the terms of the GNU General Public License as published by<br>+ * the Free Software Foundation; version 2 of the License.<br>+ *<br>+ * This program is distributed in the hope that it will be useful,<br>+ * but WITHOUT ANY WARRANTY; without even the implied warranty of<br>+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the<br>+ * GNU General Public License for more details.<br>+ */<br>+<br>+#include <stdlib.h><br>+#include <string.h><br>+#include <security/tpm/tss.h><br>+#include <security/tpm/tspi.h><br>+#include <console/console.h><br>+#include <console/cbmem_console.h><br>+#include <reset.h><br>+<br>+/*<br>+ * SetupTPM starts the TPM and establishes the root of trust for the<br>+ * anti-rollback mechanism. SetupTPM can fail for three reasons. 1 A bug. 2 a<br>+ * TPM hardware failure. 3 An unexpected TPM state due to some attack. In<br>+ * general we cannot easily distinguish the kind of failure, so our strategy is<br>+ * to reboot in recovery mode in all cases. The recovery mode calls SetupTPM<br>+ * again, which executes (almost) the same sequence of operations. There is a<br>+ * good chance that, if recovery mode was entered because of a TPM failure, the<br>+ * failure will repeat itself. (In general this is impossible to guarantee<br>+ * because we have no way of creating the exact TPM initial state at the<br>+ * previous boot.) In recovery mode, we ignore the failure and continue, thus<br>+ * giving the recovery kernel a chance to fix things (that's why we don't set<br>+ * bGlobalLock). The choice is between a knowingly insecure device and a<br>+ * bricked device.<br>+ *<br>+ * As a side note, observe that we go through considerable hoops to avoid using<br>+ * the STCLEAR permissions for the index spaces. We do this to avoid writing<br>+ * to the TPM flashram at every reboot or wake-up, because of concerns about<br>+ * the durability of the NVRAM.<br>+ */<br>+static uint32_t __init_tpm(int s3resume)<br>+{<br>+ uint8_t disable;<br>+ uint8_t deactivated;<br>+ uint32_t result;<br>+<br>+ result = tlcl_lib_init();<br>+ if (result != TPM_SUCCESS) {<br>+ printk(BIOS_ERR, "TPM: Can't initialize.\n");<br>+ return result;<br>+ }<br>+<br>+ /* Handle special init for S3 resume path */<br>+ if (s3resume) {<br>+ result = tlcl_resume();<br>+ if (result == TPM_E_INVALID_POSTINIT)<br>+ printk(BIOS_INFO, "TPM: Already initialized.\n");<br>+ return TPM_SUCCESS;<br>+ }<br>+<br>+ result = tlcl_startup();<br>+ if (result != TPM_SUCCESS) {<br>+ printk(BIOS_ERR, "TPM: Can't run startup command.\n");<br>+ return result;<br>+ }<br>+<br>+ result = tlcl_assert_physical_presence();<br>+ if (result != TPM_SUCCESS) {<br>+ /*<br>+ * It is possible that the TPM was delivered with the physical<br>+ * presence command disabled. This tries enabling it, then<br>+ * tries asserting PP again.<br>+ */<br>+ result = tlcl_physical_presence_cmd_enable();<br>+ if (result != TPM_SUCCESS) {<br>+ printk(BIOS_ERR, "TPM: Can't enable physical presence command.\n");<br>+ return result;<br>+ }<br>+<br>+ result = tlcl_assert_physical_presence();<br>+ if (result != TPM_SUCCESS) {<br>+ printk(BIOS_ERR, "TPM: Can't assert physical presence.\n");<br>+ return result;<br>+ }<br>+ }<br>+<br>+ /* Check that the TPM is enabled and activated. */<br>+ result = tlcl_get_flags(&disable, &deactivated, NULL);<br>+ if (result != TPM_SUCCESS) {<br>+ printk(BIOS_ERR, "TPM: Can't read capabilities.\n");<br>+ return result;<br>+ }<br>+<br>+ if (disable || deactivated) {<br>+ printk(BIOS_INFO, "TPM: disabled (%d) or deactivated (%d). Fixing...\n",<br>+ disable, deactivated);<br>+<br>+ result = tlcl_set_enable();<br>+ if (result != TPM_SUCCESS) {<br>+ printk(BIOS_ERR, "TPM: Can't set enabled state.\n");<br>+ return result;<br>+ }<br>+<br>+ if (IS_ENABLED(CONFIG_TPM_DEACTIVATE))<br>+ result = tlcl_set_deactivated(1);<br>+ else<br>+ result = tlcl_set_deactivated(0);<br>+<br>+ if (result != TPM_SUCCESS) {<br>+ printk(BIOS_ERR, "TPM: Can't set deactivated state.\n");<br>+ return result;<br>+ }<br>+<br>+ printk(BIOS_INFO, "TPM: Must reboot to re-enable\n");<br>+ return TPM_E_MUST_REBOOT;<br>+ }<br>+<br>+ printk(BIOS_INFO, "TPM: setup succeeded\n");<br>+ return TPM_SUCCESS;<br>+}<br>+<br>+uint32_t init_tpm(int s3resume)<br>+{<br>+ uint32_t result = __init_tpm(s3resume);<br>+<br>+ if (IS_ENABLED(CONFIG_TPM_INIT_FAILURE_IS_FATAL) &&<br>+ result != TPM_SUCCESS) {<br>+ printk(BIOS_ERR, "Hard reset!\n");<br>+ post_code(POST_TPM_FAILURE);<br>+ if (IS_ENABLED(CONFIG_CONSOLE_CBMEM_DUMP_TO_UART))<br>+ cbmem_dump_console();<br>+ hard_reset();<br>+ }<br>+<br>+ return result;<br>+}<br>diff --git a/src/security/tpm/tss/tcg-2.0/tss.c b/src/security/tpm/tss/tcg-2.0/tss.c<br>index 533fd7e..86b115d 100644<br>--- a/src/security/tpm/tss/tcg-2.0/tss.c<br>+++ b/src/security/tpm/tss/tcg-2.0/tss.c<br>@@ -10,7 +10,6 @@<br> #include <string.h><br> #include <vb2_api.h><br> #include <security/tpm/tddl.h><br>-#include <security/tpm/antirollback.h><br> <br> #include "tss_structures.h"<br> #include "tss_marshaling.h"<br>diff --git a/src/security/tpm/antirollback.h b/src/security/vboot/antirollback.h<br>similarity index 74%<br>rename from src/security/tpm/antirollback.h<br>rename to src/security/vboot/antirollback.h<br>index d1bc433..17abc60 100644<br>--- a/src/security/tpm/antirollback.h<br>+++ b/src/security/vboot/antirollback.h<br>@@ -9,7 +9,8 @@<br> #ifndef ANTIROLLBACK_H_<br> #define ANTIROLLBACK_H_<br> <br>-#include "tss_constants.h"<br>+#include <security/tpm/tss_constants.h><br>+#include <security/tpm/tspi.h><br> <br> struct vb2_context;<br> enum vb2_pcr_digest;<br>@@ -54,28 +55,5 @@<br> uint32_t antirollback_write_space_rec_hash(const uint8_t *data, uint32_t size);<br> /* Lock down recovery hash space in TPM. */<br> uint32_t antirollback_lock_space_rec_hash(void);<br>-<br>-/****************************************************************************/<br>-<br>-/*<br>- * The following functions are internal apis, listed here for use by unit tests<br>- * only.<br>- */<br>-<br>-/**<br>- * Ask vboot for a digest and extend a TPM PCR with it.<br>- */<br>-uint32_t tpm_extend_pcr(struct vb2_context *ctx, int pcr,<br>- enum vb2_pcr_digest which_digest);<br>-<br>-/**<br>- * Issue a TPM_Clear and reenable/reactivate the TPM.<br>- */<br>-uint32_t tpm_clear_and_reenable(void);<br>-<br>-/**<br>- * Start the TPM and establish the root of trust for the antirollback mechanism.<br>- */<br>-uint32_t setup_tpm(struct vb2_context *ctx);<br> <br> #endif /* ANTIROLLBACK_H_ */<br>diff --git a/src/security/vboot/secdata_mock.c b/src/security/vboot/secdata_mock.c<br>index 4ea5355..41b42d7 100644<br>--- a/src/security/vboot/secdata_mock.c<br>+++ b/src/security/vboot/secdata_mock.c<br>@@ -32,11 +32,12 @@<br> * stored in the TPM NVRAM.<br> */<br> <br>-#include <security/tpm/antirollback.h><br> #include <stdlib.h><br> #include <security/tpm/tss.h><br> #include <vb2_api.h><br> <br>+#include "antirollback.h"<br>+<br> uint32_t tpm_extend_pcr(struct vb2_context *ctx, int pcr,<br> enum vb2_pcr_digest which_digest)<br> {<br>diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c<br>index 04162b0..bd43293 100644<br>--- a/src/security/vboot/secdata_tpm.c<br>+++ b/src/security/vboot/secdata_tpm.c<br>@@ -32,13 +32,14 @@<br> * stored in the TPM NVRAM.<br> */<br> <br>-#include <security/tpm/antirollback.h><br> #include <stdlib.h><br> #include <string.h><br> #include <security/tpm/tss.h><br> #include <vb2_api.h><br> #include <console/console.h><br> <br>+#include "antirollback.h"<br>+<br> #ifndef offsetof<br> #define offsetof(A,B) __builtin_offsetof(A,B)<br> #endif<br>diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c<br>index c76739a..4cda699 100644<br>--- a/src/security/vboot/vboot_logic.c<br>+++ b/src/security/vboot/vboot_logic.c<br>@@ -13,7 +13,6 @@<br> * GNU General Public License for more details.<br> */<br> <br>-#include <security/tpm/antirollback.h><br> #include <arch/exception.h><br> #include <assert.h><br> #include <bootmode.h><br>@@ -26,6 +25,8 @@<br> #include <security/vboot/misc.h><br> #include <security/vboot/vbnv.h><br> <br>+#include "antirollback.h"<br>+<br> /* The max hash size to expect is for SHA512. */<br> #define VBOOT_MAX_HASH_SIZE VB2_SHA512_DIGEST_SIZE<br> <br>diff --git a/src/soc/intel/baytrail/romstage/romstage.c b/src/soc/intel/baytrail/romstage/romstage.c<br>index dece7cb..c2b266b 100644<br>--- a/src/soc/intel/baytrail/romstage/romstage.c<br>+++ b/src/soc/intel/baytrail/romstage/romstage.c<br>@@ -30,7 +30,7 @@<br> #include <stage_cache.h><br> #include <string.h><br> #include <timestamp.h><br>-#include <security/tpm/tddl.h><br>+#include <security/tpm/tspi.h><br> #include <vendorcode/google/chromeos/chromeos.h><br> #include <soc/gpio.h><br> #include <soc/iomap.h><br>diff --git a/src/soc/intel/broadwell/romstage/romstage.c b/src/soc/intel/broadwell/romstage/romstage.c<br>index ac6f76a..2b0e169 100644<br>--- a/src/soc/intel/broadwell/romstage/romstage.c<br>+++ b/src/soc/intel/broadwell/romstage/romstage.c<br>@@ -25,7 +25,7 @@<br> #include <cbmem.h><br> #include <cpu/x86/mtrr.h><br> #include <elog.h><br>-#include <security/tpm/tddl.h><br>+#include <security/tpm/tspi.h><br> #include <program_loading.h><br> #include <romstage_handoff.h><br> #include <stage_cache.h><br></pre><p>To view, visit <a href="https://review.coreboot.org/22106">change 22106</a>. To unsubscribe, visit <a href="https://review.coreboot.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://review.coreboot.org/22106"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: coreboot </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-MessageType: newchange </div>
<div style="display:none"> Gerrit-Change-Id: I883c489801fce88e13952fe24b67315ab6bb1afb </div>
<div style="display:none"> Gerrit-Change-Number: 22106 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Philipp Deppenwiese <zaolin.daisuki@gmail.com> </div>