[coreboot-gerrit] [M] Change in coreboot[master]: treewide: Adopt TCG standard naming

5 Sep 2023

Attention is currently required from: Christian Walter, Erik van den Bogaert, Frans Hendriks, Julius Werner, Yu-Ping Wu.
Jon Murphy has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/77665?usp=email )
Change subject: treewide: Adopt TCG standard naming
......................................................................
treewide: Adopt TCG standard naming
Adopt TCG standard naming and definitions for TPM Return codes.
BUG=b:296439237
TEST=Build and boot to OS on skyrim
BRANCH=firmware-skyrim-15390.B
Change-Id: I60755723262ec205a4c134948b0250aac4974d35
Signed-off-by: Jon Murphy jpmurphy@google.com
---
M src/mainboard/facebook/fbg1701/romstage.c
M src/security/tpm/tspi/tspi.c
M src/security/tpm/tss/tcg-1.2/tss.c
M src/security/tpm/tss/tcg-2.0/tss.c
M src/security/tpm/tss/vendor/cr50/cr50.c
M src/security/tpm/tss/vendor/cr50/cr50.h
M src/security/tpm/tss_errors.h
M src/security/vboot/secdata_tpm.c
M src/security/vboot/tpm_common.c
M src/security/vboot/vboot_logic.c
M src/vendorcode/eltan/security/mboot/mboot.c
M src/vendorcode/eltan/security/verified_boot/vboot_check.c
M src/vendorcode/google/chromeos/cr50_enable_update.c
13 files changed, 121 insertions(+), 117 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/65/77665/1

diff --git a/src/mainboard/facebook/fbg1701/romstage.c b/src/mainboard/facebook/fbg1701/romstage.c
index 7a31309..38d8053 100644
--- a/src/mainboard/facebook/fbg1701/romstage.c
+++ b/src/mainboard/facebook/fbg1701/romstage.c
@@ -64,7 +64,7 @@
  * @param[in]  activePcr	bitmap of the support
  *
  * @retval TPM_SUCCESS		Operation completed successfully.
- * @retval TPM_E_IOERROR	Unexpected device behavior.
+ * @retval TPM_IOERROR	Unexpected device behavior.
  */
static const uint8_t crtm_version[] =
@@ -73,7 +73,7 @@
int mb_crtm(void)
 {
-	int status = TPM_E_IOERROR;
+	int status = TPM_IOERROR;
    TCG_PCR_EVENT2_HDR tcgEventHdr;
/* Use FirmwareVersion string to represent CRTM version. */
diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c
index 49b2968..0088913 100644
--- a/src/security/tpm/tspi/tspi.c
+++ b/src/security/tpm/tspi/tspi.c
@@ -45,7 +45,7 @@
    	}
deactivated = !deactivated;
-		rc = TPM_E_MUST_REBOOT;
+		rc = TPM_MUST_REBOOT;
    }
return rc;
@@ -61,7 +61,7 @@
    case TPM_SUCCESS:
    	break;
-	case TPM_E_INVALID_POSTINIT:
+	case TPM_INVALID_POSTINIT:
    	/*
    	 * We're on a platform where the TPM maintains power
    	 * in S3, so it's already initialized.
@@ -151,7 +151,7 @@
rc = tlcl_startup();
    if (CONFIG(TPM_STARTUP_IGNORE_POSTINIT)
-	    && rc == TPM_E_INVALID_POSTINIT) {
+	    && rc == TPM_INVALID_POSTINIT) {
    	printk(BIOS_DEBUG, "TPM: ignoring invalid POSTINIT\n");
    	rc = TPM_SUCCESS;
    }
@@ -224,7 +224,7 @@
    uint32_t rc;
if (!digest)
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
if (tspi_tpm_is_setup()) {
    	rc = tlcl_lib_init();
@@ -262,14 +262,14 @@
    struct vb2_digest_context ctx;
if (!rdev || !rname)
-		return TPM_E_INVALID_ARG;
+		return TPM_INVALID_ARG;
digest_len = vb2_digest_size(TPM_MEASURE_ALGO);
    assert(digest_len <= sizeof(digest));
    if (vb2_digest_init(&ctx, vboot_hwcrypto_allowed(), TPM_MEASURE_ALGO,
    		    region_device_sz(rdev))) {
    	printk(BIOS_ERR, "TPM: Error initializing hash.\n");
-		return TPM_E_HASH_ERROR;
+		return TPM_HASH_ERROR;
    }
    /*
     * Though one can mmap the full needed region on x86 this is not the
@@ -281,16 +281,16 @@
    	if (rdev_readat(rdev, buf, offset, len) < 0) {
    		printk(BIOS_ERR, "TPM: Not able to read region %s.\n",
    		       rname);
-			return TPM_E_READ_FAILURE;
+			return TPM_READ_FAILURE;
    	}
    	if (vb2_digest_extend(&ctx, buf, len)) {
    		printk(BIOS_ERR, "TPM: Error extending hash.\n");
-			return TPM_E_HASH_ERROR;
+			return TPM_HASH_ERROR;
    	}
    }
    if (vb2_digest_finalize(&ctx, digest, digest_len)) {
    	printk(BIOS_ERR, "TPM: Error finalizing hash.\n");
-		return TPM_E_HASH_ERROR;
+		return TPM_HASH_ERROR;
    }
    return tpm_extend_pcr(pcr, TPM_MEASURE_ALGO, digest, digest_len, rname);
 }
diff --git a/src/security/tpm/tss/tcg-1.2/tss.c b/src/security/tpm/tss/tcg-1.2/tss.c
index da92143..8f22894 100644
--- a/src/security/tpm/tss/tcg-1.2/tss.c
+++ b/src/security/tpm/tss/tcg-1.2/tss.c
@@ -108,7 +108,7 @@
    					     max_length);
    /* If the command fails because the self test has not completed, try it
     * again after attempting to ensure that the self test has completed. */
-	if (rc == TPM_E_NEEDS_SELFTEST || rc == TPM_E_DOING_SELFTEST) {
+	if (rc == TPM_NEEDS_SELFTEST || rc == TPM_DOING_SELFTEST) {
    	rc = tlcl_continue_self_test();
    	if (rc != TPM_SUCCESS)
    		return rc;
@@ -125,7 +125,7 @@
    	do {
    		rc = tlcl_send_receive_no_retry(request, response,
    						    max_length);
-		} while (rc == TPM_E_DOING_SELFTEST);
+		} while (rc == TPM_DOING_SELFTEST);
 #endif
    }
    return rc;
@@ -238,7 +238,7 @@
    	uint8_t *nv_read_cursor = response + kTpmResponseHeaderLength;
    	from_tpm_uint32(nv_read_cursor, &result_length);
    	if (result_length > length)
-			return TPM_E_IOERROR;
+			return TPM_IOERROR;
    	nv_read_cursor += sizeof(uint32_t);
    	memcpy(data, nv_read_cursor, result_length);
    }
@@ -301,7 +301,7 @@
    	return rc;
    from_tpm_uint32(response + kTpmResponseHeaderLength, &size);
    if (size != sizeof(TPM_PERMANENT_FLAGS))
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
    memcpy(pflags, response + kTpmResponseHeaderLength + sizeof(size),
           sizeof(TPM_PERMANENT_FLAGS));
    return rc;
@@ -338,7 +338,7 @@
    uint8_t response[kTpmResponseHeaderLength + kPcrDigestLength];
if (digest_algo != VB2_HASH_SHA1)
-		return TPM_E_INVALID_ARG;
+		return TPM_INVALID_ARG;
memcpy(&cmd, &tpm_extend_cmd, sizeof(cmd));
    to_tpm_uint32(cmd.buffer + tpm_extend_cmd.pcrNum, pcr_num);
diff --git a/src/security/tpm/tss/tcg-2.0/tss.c b/src/security/tpm/tss/tcg-2.0/tss.c
index d228c7f..b219c83 100644
--- a/src/security/tpm/tss/tcg-2.0/tss.c
+++ b/src/security/tpm/tss/tcg-2.0/tss.c
@@ -57,7 +57,7 @@
    /* IO error, tpm2_response pointer is empty. */
    if (!response) {
    	printk(BIOS_ERR, "%s: TPM communication error\n", __func__);
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
    }
printk(BIOS_INFO, "%s: Startup return code is %x\n",
@@ -66,13 +66,13 @@
    switch (response->hdr.tpm_code) {
    case TPM_RC_INITIALIZE:
    	/* TPM already initialized. */
-		return TPM_E_INVALID_POSTINIT;
+		return TPM_INVALID_POSTINIT;
    case TPM2_RC_SUCCESS:
    	return TPM_SUCCESS;
    }
-	/* Collapse any other errors into TPM_E_IOERROR. */
-	return TPM_E_IOERROR;
+	/* Collapse any other errors into TPM_IOERROR. */
+	return TPM_IOERROR;
 }
uint32_t tlcl_resume(void)
@@ -91,7 +91,7 @@
    /* IO error, tpm2_response pointer is empty. */
    if (!response) {
    	printk(BIOS_ERR, "%s: TPM communication error\n", __func__);
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
    }
printk(BIOS_INFO, "%s: Shutdown return code is %x\n",
@@ -100,8 +100,8 @@
    if (response->hdr.tpm_code == TPM2_RC_SUCCESS)
    	return TPM_SUCCESS;
-	/* Collapse any other errors into TPM_E_IOERROR. */
-	return TPM_E_IOERROR;
+	/* Collapse any other errors into TPM_IOERROR. */
+	return TPM_IOERROR;
 }
uint32_t tlcl_save_state(void)
@@ -144,7 +144,7 @@
alg = tpmalg_from_vb2_hash(digest_type);
    if (alg == TPM_ALG_ERROR)
-		return TPM_E_HASH_ERROR;
+		return TPM_HASH_ERROR;
pcr_ext_cmd.pcrHandle = HR_PCR + pcr_num;
    pcr_ext_cmd.digests.count = 1;
@@ -158,7 +158,7 @@
    printk(BIOS_INFO, "%s: response is %x\n",
           __func__, response ? response->hdr.tpm_code : -1);
    if (!response || response->hdr.tpm_code)
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
return TPM_SUCCESS;
 }
@@ -179,7 +179,7 @@
           __func__, response ? response->hdr.tpm_code : -1);
if (!response || response->hdr.tpm_code)
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
return TPM_SUCCESS;
 }
@@ -196,7 +196,7 @@
    	__func__, response ? response->hdr.tpm_code : -1);
if (!response || response->hdr.tpm_code)
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
return TPM_SUCCESS;
 }
@@ -244,7 +244,7 @@
/* Need to map tpm error codes into internal values. */
    if (!response)
-		return TPM_E_READ_FAILURE;
+		return TPM_READ_FAILURE;
printk(BIOS_INFO, "%s:%d index %#x return code %x\n",
           __FILE__, __LINE__, index, response->hdr.tpm_code);
@@ -259,20 +259,20 @@
    	 * hasn't been defined.
    	 */
    case TPM_RC_CR50_NV_UNDEFINED:
-		return TPM_E_BADINDEX;
+		return TPM_BADINDEX;
case TPM_RC_NV_RANGE:
-		return TPM_E_RANGE;
+		return TPM_RANGE;
default:
-		return TPM_E_READ_FAILURE;
+		return TPM_READ_FAILURE;
    }
if (length > response->nvr.buffer.t.size)
-		return TPM_E_RESPONSE_TOO_LARGE;
+		return TPM_RESPONSE_TOO_LARGE;
if (length < response->nvr.buffer.t.size)
-		return TPM_E_READ_EMPTY;
+		return TPM_READ_EMPTY;
memcpy(data, response->nvr.buffer.t.buffer, length);
@@ -306,7 +306,7 @@
           __func__, response ? response->hdr.tpm_code : -1);
if (!response || response->hdr.tpm_code)
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
return TPM_SUCCESS;
 }
@@ -334,7 +334,7 @@
/* Need to map tpm error codes into internal values. */
    if (!response || response->hdr.tpm_code)
-		return TPM_E_WRITE_FAILURE;
+		return TPM_WRITE_FAILURE;
return TPM_SUCCESS;
 }
@@ -357,7 +357,7 @@
/* Need to map tpm error codes into internal values. */
    if (!response || response->hdr.tpm_code)
-		return TPM_E_WRITE_FAILURE;
+		return TPM_WRITE_FAILURE;
return TPM_SUCCESS;
 }
@@ -392,16 +392,16 @@
           response ? response->hdr.tpm_code : -1);
if (!response)
-		return TPM_E_NO_DEVICE;
+		return TPM_NO_DEVICE;
/* Map TPM2 return codes into common vboot representation. */
    switch (response->hdr.tpm_code) {
    case TPM2_RC_SUCCESS:
    	return TPM_SUCCESS;
    case TPM2_RC_NV_DEFINED:
-		return TPM_E_NV_DEFINED;
+		return TPM_NV_DEFINED;
    default:
-		return TPM_E_INTERNAL_INCONSISTENCY;
+		return TPM_INTERNAL_INCONSISTENCY;
    }
 }
@@ -448,7 +448,7 @@
    response = tpm_process_command(TPM2_Hierarchy_Control, &hc);
if (!response || response->hdr.tpm_code)
-		return TPM_E_INTERNAL_INCONSISTENCY;
+		return TPM_INTERNAL_INCONSISTENCY;
return TPM_SUCCESS;
 }
@@ -467,14 +467,14 @@
    if (property_count > 1) {
    	printk(BIOS_ERR, "%s: property_count more than one not "
    	       "supported yet\n", __func__);
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
    }
response = tpm_process_command(TPM2_GetCapability, &cmd);
if (!response) {
    	printk(BIOS_ERR, "%s: Command Failed\n", __func__);
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
    }
memcpy(capability_data, &response->gc.cd, sizeof(TPMS_CAPABILITY_DATA));
diff --git a/src/security/tpm/tss/vendor/cr50/cr50.c b/src/security/tpm/tss/vendor/cr50/cr50.c
index 57d0b61..f52c41f 100644
--- a/src/security/tpm/tss/vendor/cr50/cr50.c
+++ b/src/security/tpm/tss/vendor/cr50/cr50.c
@@ -24,7 +24,7 @@
    		       response->hdr.tpm_code);
    	else
    		printk(BIOS_INFO, "%s: failed\n", __func__);
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
    }
    return TPM_SUCCESS;
 }
@@ -42,7 +42,7 @@
    response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND, command_body);
if (!response || response->hdr.tpm_code)
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
*num_restored_headers = response->vcr.num_restored_headers;
    return TPM_SUCCESS;
@@ -58,7 +58,7 @@
    response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND, &sub_command);
if (!response || response->hdr.tpm_code)
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
*recovery_button_state = response->vcr.recovery_button_state;
    return TPM_SUCCESS;
@@ -75,7 +75,7 @@
    response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND, &mode_command);
if (!response)
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
if (response->hdr.tpm_code == VENDOR_RC_INTERNAL_ERROR) {
    	/*
@@ -83,7 +83,7 @@
    	 * is disabled. The Cr50 requires a reboot to re-enable the key
    	 * ladder.
    	 */
-		return TPM_E_MUST_REBOOT;
+		return TPM_MUST_REBOOT;
    }
if (response->hdr.tpm_code == VENDOR_RC_NO_SUCH_COMMAND ||
@@ -91,12 +91,12 @@
    	/*
    	 * Explicitly inform caller when command is not supported
    	 */
-		return TPM_E_NO_SUCH_COMMAND;
+		return TPM_NO_SUCH_COMMAND;
    }
if (response->hdr.tpm_code) {
    	/* Unexpected return code from Cr50 */
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
    }
/* TPM command completed without error */
@@ -115,16 +115,16 @@
    response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND, &mode_command);
if (!response)
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
if (response->hdr.tpm_code == VENDOR_RC_NO_SUCH_COMMAND ||
        response->hdr.tpm_code == VENDOR_RC_NO_SUCH_SUBCOMMAND)
    	/* Explicitly inform caller when command is not supported */
-		return TPM_E_NO_SUCH_COMMAND;
+		return TPM_NO_SUCH_COMMAND;
if (response->hdr.tpm_code)
    	/* Unexpected return code from Cr50 */
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
*boot_mode = response->vcr.boot_mode;
@@ -145,7 +145,7 @@
    			       &reset_command_body);
if (!response)
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
return TPM_SUCCESS;
 }
@@ -160,16 +160,16 @@
    response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND, &reset_cmd);
if (!response)
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
if (response->hdr.tpm_code == VENDOR_RC_NO_SUCH_COMMAND ||
        response->hdr.tpm_code == VENDOR_RC_NO_SUCH_SUBCOMMAND)
    	/* Explicitly inform caller when command is not supported */
-		return TPM_E_NO_SUCH_COMMAND;
+		return TPM_NO_SUCH_COMMAND;
if (response->hdr.tpm_code)
    	/* Unexpected return code from Cr50 */
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
printk(BIOS_DEBUG, "EC reset coming up...\n");
    halt();
diff --git a/src/security/tpm/tss/vendor/cr50/cr50.h b/src/security/tpm/tss/vendor/cr50/cr50.h
index 0028e80..02d1ea1 100644
--- a/src/security/tpm/tss/vendor/cr50/cr50.h
+++ b/src/security/tpm/tss/vendor/cr50/cr50.h
@@ -72,9 +72,9 @@
  *
  * Returns TPM_SUCCESS if TPM mode command completed, the Cr50 does not need a
  * reboot, and the tpm_mode parameter is set to the current TPM mode.
- * Returns TPM_E_MUST_REBOOT if TPM mode command completed, but the Cr50
+ * Returns TPM_MUST_REBOOT if TPM mode command completed, but the Cr50
  * requires a reboot.
- * Returns TPM_E_NO_SUCH_COMMAND if the Cr50 does not support the command.
+ * Returns TPM_NO_SUCH_COMMAND if the Cr50 does not support the command.
  * Other returns value indicate a failure accessing the TPM.
  */
 uint32_t tlcl_cr50_get_tpm_mode(uint8_t *tpm_mode);
@@ -83,7 +83,7 @@
  * CR50 specific TPM command sequence to query the current boot mode.
  *
  * Returns TPM_SUCCESS if boot mode is successfully retrieved.
- * Returns TPM_E_* for errors.
+ * Returns TPM_* for errors.
  */
 uint32_t tlcl_cr50_get_boot_mode(uint8_t *boot_mode);
@@ -99,7 +99,7 @@
 /**
  * CR50 specific TPM command sequence to issue an EC reset.
  *
- * Returns TPM_E_* for errors.
+ * Returns TPM_* for errors.
  * On Success, this function invokes halt() and does not return.
  */
 uint32_t tlcl_cr50_reset_ec(void);
diff --git a/src/security/tpm/tss_errors.h b/src/security/tpm/tss_errors.h
index 49a7405..48e49c6 100644
--- a/src/security/tpm/tss_errors.h
+++ b/src/security/tpm/tss_errors.h
@@ -12,35 +12,39 @@
#include <stdint.h>
-#define TPM_E_BASE 0x0
-#define TPM_E_NON_FATAL 0x800
+typedef uint32_t TPM_RESULT;
-#define TPM_E_AREA_LOCKED           ((uint32_t)0x0000003c)
-#define TPM_E_BADINDEX              ((uint32_t)0x00000002)
-#define TPM_E_BAD_PRESENCE          ((uint32_t)0x0000002d)
-#define TPM_E_IOERROR               ((uint32_t)0x0000001f)
-#define TPM_E_INVALID_POSTINIT      ((uint32_t)0x00000026)
-#define TPM_E_MAXNVWRITES           ((uint32_t)0x00000048)
-#define TPM_E_OWNER_SET             ((uint32_t)0x00000014)
+#define TPM_BASE 0x0
-#define TPM_E_NEEDS_SELFTEST ((uint32_t)(TPM_E_NON_FATAL + 1))
-#define TPM_E_DOING_SELFTEST ((uint32_t)(TPM_E_NON_FATAL + 2))
+#define TPM_NON_FATAL 0x800
+#define TPM_VENDOR_ERROR 0x5000
-#define TPM_E_ALREADY_INITIALIZED    ((uint32_t)0x00005000)  /* vboot local */
-#define TPM_E_INTERNAL_INCONSISTENCY ((uint32_t)0x00005001)  /* vboot local */
-#define TPM_E_MUST_REBOOT            ((uint32_t)0x00005002)  /* vboot local */
-#define TPM_E_CORRUPTED_STATE        ((uint32_t)0x00005003)  /* vboot local */
-#define TPM_E_COMMUNICATION_ERROR    ((uint32_t)0x00005004)  /* vboot local */
-#define TPM_E_RESPONSE_TOO_LARGE     ((uint32_t)0x00005005)  /* vboot local */
-#define TPM_E_NO_DEVICE              ((uint32_t)0x00005006)  /* vboot local */
-#define TPM_E_INPUT_TOO_SMALL        ((uint32_t)0x00005007)  /* vboot local */
-#define TPM_E_WRITE_FAILURE          ((uint32_t)0x00005008)  /* vboot local */
-#define TPM_E_READ_EMPTY             ((uint32_t)0x00005009)  /* vboot local */
-#define TPM_E_READ_FAILURE           ((uint32_t)0x0000500a)  /* vboot local */
-#define TPM_E_NV_DEFINED             ((uint32_t)0x0000500b)  /* vboot local */
-#define TPM_E_INVALID_ARG            ((uint32_t)0x0000500c)
-#define TPM_E_HASH_ERROR             ((uint32_t)0x0000500d)
-#define TPM_E_NO_SUCH_COMMAND        ((uint32_t)0x0000500e)
-#define TPM_E_RANGE                  ((uint32_t)0x0000500f)
+#define TPM_BADINDEX              ((TPM_RESULT) (TPM_BASE + 2))
+#define TPM_OWNER_SET             ((TPM_RESULT) (TPM_BASE + 20))
+#define TPM_IOERROR               ((TPM_RESULT) (TPM_BASE + 31))
+#define TPM_INVALID_POSTINIT      ((TPM_RESULT) (TPM_BASE + 38))
+#define TPM_BAD_PRESENCE          ((TPM_RESULT) (TPM_BASE + 45))
+#define TPM_AREA_LOCKED           ((TPM_RESULT) (TPM_BASE + 60))
+#define TPM_MAXNVWRITES           ((TPM_RESULT) (TPM_BASE + 72))
+
+#define TPM_NEEDS_SELFTEST ((TPM_RESULT) (TPM_NON_FATAL + 1))
+#define TPM_DOING_SELFTEST ((TPM_RESULT) (TPM_NON_FATAL + 2))
+
+#define TPM_ALREADY_INITIALIZED    ((TPM_RESULT) (TPM_VENDOR_ERROR + 0))
+#define TPM_INTERNAL_INCONSISTENCY ((TPM_RESULT) (TPM_VENDOR_ERROR + 1))
+#define TPM_MUST_REBOOT            ((TPM_RESULT) (TPM_VENDOR_ERROR + 2))
+#define TPM_CORRUPTED_STATE        ((TPM_RESULT) (TPM_VENDOR_ERROR + 3))
+#define TPM_COMMUNICATION_ERROR    ((TPM_RESULT) (TPM_VENDOR_ERROR + 4))
+#define TPM_RESPONSE_TOO_LARGE     ((TPM_RESULT) (TPM_VENDOR_ERROR + 5))
+#define TPM_NO_DEVICE              ((TPM_RESULT) (TPM_VENDOR_ERROR + 6))
+#define TPM_INPUT_TOO_SMALL        ((TPM_RESULT) (TPM_VENDOR_ERROR + 7))
+#define TPM_WRITE_FAILURE          ((TPM_RESULT) (TPM_VENDOR_ERROR + 8))
+#define TPM_READ_EMPTY             ((TPM_RESULT) (TPM_VENDOR_ERROR + 9))
+#define TPM_READ_FAILURE           ((TPM_RESULT) (TPM_VENDOR_ERROR + 10))
+#define TPM_NV_DEFINED             ((TPM_RESULT) (TPM_VENDOR_ERROR + 11))
+#define TPM_INVALID_ARG            ((TPM_RESULT) (TPM_VENDOR_ERROR + 12))
+#define TPM_HASH_ERROR             ((TPM_RESULT) (TPM_VENDOR_ERROR + 13))
+#define TPM_NO_SUCH_COMMAND        ((TPM_RESULT) (TPM_VENDOR_ERROR + 14))
+#define TPM_RANGE                  ((TPM_RESULT) (TPM_VENDOR_ERROR + 15))
#endif /* TSS_ERRORS_H_ */
diff --git a/src/security/vboot/secdata_tpm.c b/src/security/vboot/secdata_tpm.c
index 27d16e1..c17b717 100644
--- a/src/security/vboot/secdata_tpm.c
+++ b/src/security/vboot/secdata_tpm.c
@@ -46,7 +46,7 @@
    	if (perms != TPM_NV_PER_PPWRITE) {
    		printk(BIOS_ERR,
    		       "TPM: invalid secdata_kernel permissions\n");
-			return TPM_E_CORRUPTED_STATE;
+			return TPM_CORRUPTED_STATE;
    	}
    }
@@ -55,7 +55,7 @@
/* Start with the version 1.0 size used by all modern Cr50/Ti50 boards. */
    rc = tlcl_read(KERNEL_NV_INDEX, ctx->secdata_kernel, size);
-	if (rc == TPM_E_RANGE) {
+	if (rc == TPM_RANGE) {
    	/* Fallback to version 0.2(minimum) size and re-read. */
    	VBDEBUG("Antirollback: NV read out of range, trying min size\n");
    	size = VB2_SECDATA_KERNEL_MIN_SIZE;
@@ -210,11 +210,11 @@
rc = tlcl_define_space(index, length, nv_attributes, nv_policy,
    		       nv_policy_size);
-	if (rc == TPM_E_NV_DEFINED) {
+	if (rc == TPM_NV_DEFINED) {
    	/*
    	 * Continue with writing: it may be defined, but not written
    	 * to. In that case a subsequent tlcl_read() would still return
-		 * TPM_E_BADINDEX on TPM 2.0. The cases when some non-firmware
+		 * TPM_BADINDEX on TPM 2.0. The cases when some non-firmware
    	 * space is defined while the firmware space is not there
    	 * should be rare (interrupted initialization), so no big harm
    	 * in writing once again even if it was written already.
@@ -439,7 +439,7 @@
    	VBDEBUG("TPM: Incorrect buffer size for hash idx 0x%x. "
    		"(Expected=0x%x Actual=0x%x).\n", index, HASH_NV_SIZE,
    		size);
-		return TPM_E_READ_FAILURE;
+		return TPM_READ_FAILURE;
    }
    return read_space_mrc_hash(index, data);
 }
@@ -453,11 +453,11 @@
    	VBDEBUG("TPM: Incorrect buffer size for hash idx 0x%x. "
    		"(Expected=0x%x Actual=0x%x).\n", index, HASH_NV_SIZE,
    		size);
-		return TPM_E_WRITE_FAILURE;
+		return TPM_WRITE_FAILURE;
    }
rc = read_space_mrc_hash(index, spc_data);
-	if (rc == TPM_E_BADINDEX) {
+	if (rc == TPM_BADINDEX) {
    	/*
    	 * If space is not defined already for hash, define
    	 * new space.
@@ -489,7 +489,7 @@
    	VBDEBUG("TPM: Incorrect buffer size for hash idx 0x%x. "
    		"(Expected=0x%x Actual=0x%x).\n", VBIOS_CACHE_NV_INDEX, HASH_NV_SIZE,
    		size);
-		return TPM_E_READ_FAILURE;
+		return TPM_READ_FAILURE;
    }
    return read_space_vbios_hash(data);
 }
@@ -503,11 +503,11 @@
    	VBDEBUG("TPM: Incorrect buffer size for hash idx 0x%x. "
    		"(Expected=0x%x Actual=0x%x).\n", VBIOS_CACHE_NV_INDEX, HASH_NV_SIZE,
    		size);
-		return TPM_E_WRITE_FAILURE;
+		return TPM_WRITE_FAILURE;
    }
rc = read_space_vbios_hash(spc_data);
-	if (rc == TPM_E_BADINDEX) {
+	if (rc == TPM_BADINDEX) {
    	/*
    	 * If space is not defined already for hash, define
    	 * new space.
@@ -535,7 +535,7 @@
 static uint32_t safe_write(uint32_t index, const void *data, uint32_t length)
 {
    uint32_t rc = tlcl_write(index, data, length);
-	if (rc == TPM_E_MAXNVWRITES) {
+	if (rc == TPM_MAXNVWRITES) {
    	RETURN_ON_FAILURE(tpm_clear_and_reenable());
    	return tlcl_write(index, data, length);
    } else {
@@ -552,7 +552,7 @@
 static uint32_t safe_define_space(uint32_t index, uint32_t perm, uint32_t size)
 {
    uint32_t rc = tlcl_define_space(index, perm, size);
-	if (rc == TPM_E_MAXNVWRITES) {
+	if (rc == TPM_MAXNVWRITES) {
    	RETURN_ON_FAILURE(tpm_clear_and_reenable());
    	return tlcl_define_space(index, perm, size);
    } else {
@@ -669,13 +669,13 @@
    uint32_t rc;
rc = tlcl_read(FIRMWARE_NV_INDEX, ctx->secdata_firmware, VB2_SECDATA_FIRMWARE_SIZE);
-	if (rc == TPM_E_BADINDEX) {
+	if (rc == TPM_BADINDEX) {
    	/* This seems the first time we've run. Initialize the TPM. */
    	VBDEBUG("TPM: Not initialized yet\n");
    	RETURN_ON_FAILURE(factory_initialize_tpm(ctx));
    } else if (rc != TPM_SUCCESS) {
    	printk(BIOS_ERR, "TPM: Failed to read firmware space: %#x\n", rc);
-		return TPM_E_CORRUPTED_STATE;
+		return TPM_CORRUPTED_STATE;
    }
return TPM_SUCCESS;
diff --git a/src/security/vboot/tpm_common.c b/src/security/vboot/tpm_common.c
index ad333c6..146494f 100644
--- a/src/security/vboot/tpm_common.c
+++ b/src/security/vboot/tpm_common.c
@@ -13,7 +13,7 @@
    uint32_t rc;
rc = tpm_setup(ctx->flags & VB2_CONTEXT_S3_RESUME);
-	if (rc == TPM_E_MUST_REBOOT)
+	if (rc == TPM_MUST_REBOOT)
    	ctx->flags |= VB2_CONTEXT_SECDATA_WANTS_REBOOT;
return rc;
diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c
index b59b6dd..8a6514a 100644
--- a/src/security/vboot/vboot_logic.c
+++ b/src/security/vboot/vboot_logic.c
@@ -211,7 +211,7 @@
rc = tlcl_cr50_get_boot_mode(&boot_mode);
    switch (rc) {
-	case TPM_E_NO_SUCH_COMMAND:
+	case TPM_NO_SUCH_COMMAND:
    	printk(BIOS_WARNING, "GSC does not support GET_BOOT_MODE.\n");
    	/* Proceed to legacy boot model. */
    	return;
diff --git a/src/vendorcode/eltan/security/mboot/mboot.c b/src/vendorcode/eltan/security/mboot/mboot.c
index e8a2f80..39c7db6 100644
--- a/src/vendorcode/eltan/security/mboot/mboot.c
+++ b/src/vendorcode/eltan/security/mboot/mboot.c
@@ -73,7 +73,7 @@
  * @param[out] Pcrs		The Pcr Selection
  *
  * @retval TPM_SUCCESS		Operation completed successfully.
- * @retval TPM_E_IOERROR	The command was unsuccessful.
+ * @retval TPM_IOERROR	The command was unsuccessful.
  */
 int tpm2_get_capability_pcrs(TPML_PCR_SELECTION *Pcrs)
 {
@@ -113,7 +113,7 @@
  * @param[in] eventLog		description of the event.
  *
  * @retval TPM_SUCCESS		Operation completed successfully.
- * @retval TPM_E_IOERROR	Unexpected device behavior.
+ * @retval TPM_IOERROR	Unexpected device behavior.
  */
 int mboot_hash_extend_log(uint64_t flags, uint8_t *hashData, uint32_t hashDataLen,
    TCG_PCR_EVENT2_HDR *newEventHdr, uint8_t *eventLog)
@@ -130,7 +130,7 @@
    } else {
    	struct vb2_hash tmp;
    	if (vb2_hash_calculate(false, hashData, hashDataLen, VB2_HASH_SHA256, &tmp))
-			return TPM_E_IOERROR;
+			return TPM_IOERROR;
    	memcpy(digest->digest.sha256, tmp.sha256, sizeof(tmp.sha256));
    }
@@ -225,7 +225,7 @@
  * @param[in] event_msg		description of the event.
  *
  * @retval TPM_SUCCESS		Operation completed successfully.
- * @retval TPM_E_IOERROR	Unexpected device behavior.
+ * @retval TPM_IOERROR	Unexpected device behavior.
  */
 int mb_measure_log_worker(const char *name, uint32_t type, uint32_t pcr,
    		  TCG_EVENTTYPE eventType, const char *event_msg)
@@ -268,7 +268,7 @@
  * @param[in] wake_from_s3	1 if we are waking from S3, 0 standard boot
  *
  * @retval TPM_SUCCESS		Operation completed successfully.
- * @retval TPM_E_IOERROR	Unexpected device behavior.
+ * @retval TPM_IOERROR	Unexpected device behavior.
 **/
int __attribute__((weak)) mb_entry(int wake_from_s3)
@@ -279,7 +279,7 @@
    printk(BIOS_DEBUG, "%s: tlcl_lib_init\n", __func__);
    if (tlcl_lib_init() != VB2_SUCCESS) {
    	printk(BIOS_ERR, "%s: TPM driver initialization failed.\n", __func__);
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
    }
if (wake_from_s3) {
@@ -312,7 +312,7 @@
  * @param[in] wake_from_s3	1 if we are waking from S3, 0 standard boot
  *
  * @retval TPM_SUCCESS		Operation completed successfully.
- * @retval TPM_E_IOERROR	Unexpected device behavior.
+ * @retval TPM_IOERROR	Unexpected device behavior.
  */
int __attribute__((weak))mb_measure(int wake_from_s3)
@@ -355,7 +355,7 @@
  * @param[in]  none
  *
  * @retval TPM_SUCCESS		Operation completed successfully.
- * @retval TPM_E_IOERROR	Unexpected device behavior.
+ * @retval TPM_IOERROR	Unexpected device behavior.
  */
 int __attribute__((weak))mb_measure_log_start(void)
 {
@@ -365,7 +365,7 @@
    if ((tpm2_get_active_pcrs() & EFI_TCG2_BOOT_HASH_ALG_SHA256) == 0x0) {
    	printk(BIOS_DEBUG, "%s: SHA256 PCR Bank not active in TPM.\n",
    		__func__);
-		return TPM_E_IOERROR;
+		return TPM_IOERROR;
    }
status = mb_crtm();
@@ -412,7 +412,7 @@
  * function with the same name there.
  *
  * @retval TPM_SUCCESS		Operation completed successfully.
- * @retval TPM_E_IOERROR	Unexpected device behavior.
+ * @retval TPM_IOERROR	Unexpected device behavior.
 **/
 int __attribute__((weak))mb_crtm(void)
 {
@@ -440,7 +440,7 @@
    status = get_intel_me_hash(hash);
    if (status) {
    	printk(BIOS_DEBUG, "get_intel_me_hash returned 0x%x\n", status);
-		status = TPM_E_IOERROR;
+		status = TPM_IOERROR;
    	return status;
    }
diff --git a/src/vendorcode/eltan/security/verified_boot/vboot_check.c b/src/vendorcode/eltan/security/verified_boot/vboot_check.c
index 649adc2..64b5dc5 100644
--- a/src/vendorcode/eltan/security/verified_boot/vboot_check.c
+++ b/src/vendorcode/eltan/security/verified_boot/vboot_check.c
@@ -113,7 +113,7 @@
  * @param[in] eventType		Event type to use when logging
* @retval TPM_SUCCESS		Operation completed successfully.
- * @retval TPM_E_IOERROR	Unexpected device behavior.
+ * @retval TPM_IOERROR	Unexpected device behavior.
  */
 static int measure_item(uint32_t pcr, uint8_t *hashData, uint32_t hashDataLen,
    	int8_t *event_msg, TCG_EVENTTYPE eventType)
diff --git a/src/vendorcode/google/chromeos/cr50_enable_update.c b/src/vendorcode/google/chromeos/cr50_enable_update.c
index ac39c39..3c77bf3 100644
--- a/src/vendorcode/google/chromeos/cr50_enable_update.c
+++ b/src/vendorcode/google/chromeos/cr50_enable_update.c
@@ -30,14 +30,14 @@
rc = tlcl_cr50_get_tpm_mode(&tpm_mode);
-	if (rc == TPM_E_NO_SUCH_COMMAND) {
+	if (rc == TPM_NO_SUCH_COMMAND) {
    	printk(BIOS_INFO,
    	       "Cr50 does not support TPM mode command\n");
    	/* Older Cr50 firmware, assume no Cr50 reset is required */
    	return 0;
    }
-	if (rc == TPM_E_MUST_REBOOT) {
+	if (rc == TPM_MUST_REBOOT) {
    	/*
    	 * Cr50 indicated a reboot is required to restore TPM
    	 * functionality.
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/77665?usp=email
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I60755723262ec205a4c134948b0250aac4974d35
Gerrit-Change-Number: 77665
Gerrit-PatchSet: 1
Gerrit-Owner: Jon Murphy jpmurphy@google.com
Gerrit-Reviewer: Christian Walter christian.walter@9elements.com
Gerrit-Reviewer: Erik van den Bogaert ebogaert@eltan.com
Gerrit-Reviewer: Frans Hendriks fhendriks@eltan.com
Gerrit-Reviewer: Julius Werner jwerner@chromium.org
Gerrit-Reviewer: Yu-Ping Wu yupingso@google.com
Gerrit-Attention: Erik van den Bogaert ebogaert@eltan.com
Gerrit-Attention: Frans Hendriks fhendriks@eltan.com
Gerrit-Attention: Christian Walter christian.walter@9elements.com
Gerrit-Attention: Julius Werner jwerner@chromium.org
Gerrit-Attention: Yu-Ping Wu yupingso@google.com
Gerrit-MessageType: newchange



    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

[coreboot-gerrit] [M] Change in coreboot[master]: treewide: Adopt TCG standard naming