[coreboot-gerrit] Change in coreboot[master]: src/security: Convert to 96 characters line length

12 Aug 2020

HAOUAS Elyes has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/44412 )
Change subject: src/security: Convert to 96 characters line length
......................................................................
src/security: Convert to 96 characters line length
Change-Id: I1adaae4c9eeee1b8cb1a2d9467712762f7ccc6be
Signed-off-by: Elyes HAOUAS ehaouas@noos.fr
---
M src/security/tpm/tis.h
M src/security/tpm/tspi.h
M src/security/tpm/tspi/crtm.c
M src/security/tpm/tspi/crtm.h
M src/security/tpm/tspi/log.c
M src/security/tpm/tspi/tspi.c
M src/security/tpm/tss.h
M src/security/tpm/tss/tcg-1.2/tss.c
M src/security/tpm/tss/tcg-1.2/tss_internal.h
M src/security/tpm/tss/tcg-1.2/tss_structures.h
M src/security/tpm/tss/tcg-2.0/tss.c
M src/security/tpm/tss/tcg-2.0/tss_marshaling.c
M src/security/tpm/tss/tcg-2.0/tss_marshaling.h
M src/security/tpm/tss/tcg-2.0/tss_structures.h
M src/security/tpm/tss/vendor/cr50/cr50.c
15 files changed, 216 insertions(+), 332 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/12/44412/1

diff --git a/src/security/tpm/tis.h b/src/security/tpm/tis.h
index 5b2c001..c6b519f 100644
--- a/src/security/tpm/tis.h
+++ b/src/security/tpm/tis.h
@@ -35,16 +35,16 @@
 /*
  * tis_init()
  *
- * Initialize the TPM device. Returns 0 on success or -1 on
- * failure (in case device probing did not succeed).
+ * Initialize the TPM device. Returns 0 on success or -1 on failure (in case device probing did
+ * not succeed).
  */
 int tis_init(void);
/*
  * tis_open()
  *
- * Requests access to locality 0 for the caller. After all commands have been
- * completed the caller is supposed to call tis_close().
+ * Requests access to locality 0 for the caller. After all commands have been completed the
+ * caller is supposed to call tis_close().
  *
  * Returns 0 on success, -1 on failure.
  */
@@ -53,9 +53,8 @@
 /*
  * tis_close()
  *
- * terminate the current session with the TPM by releasing the locked
- * locality. Returns 0 on success of -1 on failure (in case lock
- * removal did not succeed).
+ * terminate the current session with the TPM by releasing the locked locality.
+ * Returns 0 on success of -1 on failure (in case lock removal did not succeed).
  */
 int tis_close(void);
@@ -72,8 +71,7 @@
  * Returns 0 on success (and places the number of response bytes at recv_len)
  * or -1 on failure.
  */
-int tis_sendrecv(const u8 *sendbuf, size_t send_size, u8 *recvbuf,
-			size_t *recv_len);
+int tis_sendrecv(const u8 *sendbuf, size_t send_size, u8 *recvbuf, size_t *recv_len);
/*
  * tis_plat_irq_status()
diff --git a/src/security/tpm/tspi.h b/src/security/tpm/tspi.h
index a776a4d..077eece 100644
--- a/src/security/tpm/tspi.h
+++ b/src/security/tpm/tspi.h
@@ -12,14 +12,13 @@
 #define HASH_DATA_CHUNK_SIZE 1024
/**
- * Get the pointer to the single instance of global
- * tcpa log data, and initialize it when necessary
+ * Get the pointer to the single instance of global tcpa log data, and initialize it when
+ * necessary
  */
 struct tcpa_table *tcpa_log_init(void);
/**
- * Clears the pre-RAM tcpa log data and initializes
- * any content with default values
+ * Clears the pre-RAM tcpa log data and initializes any content with default values
  */
 void tcpa_preram_log_clear(void);
@@ -51,9 +50,8 @@
  * @param name sets additional info where the digest comes from
  * @return TPM_SUCCESS on success. If not a tpm error is returned
  */
-uint32_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo,
-			uint8_t *digest, size_t digest_len,
-			const char *name);
+uint32_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo, uint8_t *digest,
+			size_t digest_len, const char *name);
/**
  * Issue a TPM_Clear and reenable/reactivate the TPM.
@@ -75,7 +73,6 @@
  * @param *rname Name of the region that is measured
  * @return TPM error code in case of error otherwise TPM_SUCCESS
  */
-uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr,
-			    const char *rname);
+uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr, const char *rname);
#endif /* TSPI_H_ */
diff --git a/src/security/tpm/tspi/crtm.c b/src/security/tpm/tspi/crtm.c
index f5c788c..ff91fde 100644
--- a/src/security/tpm/tspi/crtm.c
+++ b/src/security/tpm/tspi/crtm.c
@@ -7,11 +7,10 @@
 #include <string.h>
/*
- * This function sets the TCPA log namespace
- * for the cbfs file (region) lookup.
+ * This function sets the TCPA log namespace for the cbfs file (region) lookup.
  */
-static int create_tcpa_metadata(const struct region_device *rdev,
-		const char *cbfs_name, char log_string[TCPA_PCR_HASH_NAME])
+static int create_tcpa_metadata(const struct region_device *rdev, const char *cbfs_name,
+				char log_string[TCPA_PCR_HASH_NAME])
 {
    int i;
    struct region_device fmap;
@@ -26,8 +25,7 @@
    	if (fmap_locate_area_as_rdev(fmap_cbfs_names[i], &fmap) == 0) {
    		if (region_is_subregion(region_device_region(&fmap),
    			region_device_region(rdev))) {
-				snprintf(log_string, TCPA_PCR_HASH_NAME,
-					"FMAP: %s CBFS: %s",
+				snprintf(log_string, TCPA_PCR_HASH_NAME, "FMAP: %s CBFS: %s",
    				fmap_cbfs_names[i], cbfs_name);
    			return 0;
    		}
@@ -63,19 +61,15 @@
    struct cbfsf bootblock_data;
    struct region_device bootblock_fmap;
    if (fmap_locate_area_as_rdev("BOOTBLOCK", &bootblock_fmap) == 0) {
-		if (tpm_measure_region(&bootblock_fmap,
-				       TPM_CRTM_PCR,
-				       "FMAP: BOOTBLOCK"))
+		if (tpm_measure_region(&bootblock_fmap, TPM_CRTM_PCR, "FMAP: BOOTBLOCK"))
    		return VB2_ERROR_UNKNOWN;
    } else {
-		if (cbfs_boot_locate(&bootblock_data,
-			prog_name(&bootblock), NULL)) {
+		if (cbfs_boot_locate(&bootblock_data, prog_name(&bootblock), NULL)) {
    		/*
    		 * measurement is done in
    		 * tspi_measure_cbfs_hook()
    		 */
-			printk(BIOS_INFO,
-			       "TSPI: Couldn't measure bootblock into CRTM!\n");
+			printk(BIOS_INFO, "TSPI: Couldn't measure bootblock into CRTM!\n");
    		return VB2_ERROR_UNKNOWN;
    	}
    }
@@ -111,8 +105,7 @@
if (!tcpa_log_available()) {
    	if (tspi_init_crtm() != VB2_SUCCESS) {
-			printk(BIOS_WARNING,
-			       "Initializing CRTM failed!");
+			printk(BIOS_WARNING, "Initializing CRTM failed!");
    		return 0;
    	}
    	printk(BIOS_DEBUG, "CRTM initialized.");
@@ -126,8 +119,7 @@
    	pcr_index = TPM_RUNTIME_DATA_PCR;
    	break;
    /*
-	 * mrc.bin is code executed on CPU, so it
-	 * should not be considered runtime data
+	 * mrc.bin is code executed on CPU, so it should not be considered runtime data
     */
    case CBFS_TYPE_MRC:
    case CBFS_TYPE_STAGE:
@@ -170,16 +162,12 @@
    for (i = 0; i < tclt->num_entries; i++) {
    	struct tcpa_entry *tce = &tclt->entries[i];
    	if (tce) {
-			printk(BIOS_DEBUG, "TPM: Write digest for"
-			       " %s into PCR %d\n",
+			printk(BIOS_DEBUG, "TPM: Write digest for %s into PCR %d\n",
    		       tce->name, tce->pcr);
-			int result = tlcl_extend(tce->pcr,
-						 tce->digest,
-						 NULL);
+			int result = tlcl_extend(tce->pcr, tce->digest, NULL);
    		if (result != TPM_SUCCESS) {
    			printk(BIOS_ERR, "TPM: Writing digest"
-				       " of %s into PCR failed with error"
-				       " %d\n",
+				       " of %s into PCR failed with error %d\n",
    			       tce->name, result);
    			return VB2_ERROR_UNKNOWN;
    		}
diff --git a/src/security/tpm/tspi/crtm.h b/src/security/tpm/tspi/crtm.h
index 1b29854..c3d55c9 100644
--- a/src/security/tpm/tspi/crtm.h
+++ b/src/security/tpm/tspi/crtm.h
@@ -11,25 +11,20 @@
 /* CRTM */
 #define TPM_CRTM_PCR 2
-/* PCR for measuring data which changes during runtime
- * e.g. CMOS, NVRAM...
- */
+/* PCR for measuring data which changes during runtime e.g. CMOS, NVRAM... */
 #define TPM_RUNTIME_DATA_PCR 3
/*
- * Initializes the Core Root of Trust for Measurements
- * in coreboot. The initial code in a chain of trust must measure
- * itself.
+ * Initializes the Core Root of Trust for Measurements in coreboot. The initial code in a chain
+ * of trust must measure itself.
  *
  * Summary:
  *  + Measures bootblock in CBFS or BOOTBLOCK FMAP partition.
- *  + If vboot starts in romstage, it measures the romstage
- *    in CBFS.
- *  + Measure the verstage if it is compiled as separate
- *    stage.
+ *  + If vboot starts in romstage, it measures the romstage in CBFS.
+ *  + Measure the verstage if it is compiled as separate stage.
  *
  * Takes the current vboot context as parameter for s3 checks.
- * returns on success VB2_SUCCESS, else a vboot error.
+ * Returns on success VB2_SUCCESS, else a vboot error.
  */
 uint32_t tspi_init_crtm(void);
diff --git a/src/security/tpm/tspi/log.c b/src/security/tpm/tspi/log.c
index 1d6f9ac..9ea6d33 100644
--- a/src/security/tpm/tspi/log.c
+++ b/src/security/tpm/tspi/log.c
@@ -36,11 +36,9 @@
/* We are dealing here with pre CBMEM environment.
     * If cbmem isn't available use CAR or SRAM */
-	if (!cbmem_possibly_online() &&
-		!CONFIG(VBOOT_RETURN_FROM_VERSTAGE))
+	if (!cbmem_possibly_online() && !CONFIG(VBOOT_RETURN_FROM_VERSTAGE))
    	return (struct tcpa_table *)_tpm_tcpa_log;
-	else if (ENV_ROMSTAGE &&
-		!CONFIG(VBOOT_RETURN_FROM_VERSTAGE)) {
+	else if (ENV_ROMSTAGE && !CONFIG(VBOOT_RETURN_FROM_VERSTAGE)) {
    	tclt = tcpa_cbmem_init();
    	if (!tclt)
    		return (struct tcpa_table *)_tpm_tcpa_log;
@@ -69,16 +67,14 @@
    		for (j = 0; j < tce->digest_length; j++)
    			printk(BIOS_INFO, "%02x", tce->digest[j]);
-			printk(BIOS_INFO, " %s [%s]\n",
-				   tce->digest_type, tce->name);
+			printk(BIOS_INFO, " %s [%s]\n", tce->digest_type, tce->name);
    	}
    }
    printk(BIOS_INFO, "\n");
 }
void tcpa_log_add_table_entry(const char *name, const uint32_t pcr,
-			enum vb2_hash_algorithm digest_algo,
-			const uint8_t *digest,
+			enum vb2_hash_algorithm digest_algo, const uint8_t *digest,
    		const size_t digest_len)
 {
    struct tcpa_table *tclt = tcpa_log_init();
@@ -106,8 +102,7 @@
    	return;
    }
-	strncpy(tce->digest_type,
-			vb2_get_hash_algorithm_name(digest_algo),
+	strncpy(tce->digest_type, vb2_get_hash_algorithm_name(digest_algo),
    		TCPA_PCR_HASH_LEN - 1);
    tce->digest_length = digest_len;
    memcpy(tce->digest, digest, tce->digest_length);
diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c
index 6ef0138..3cb5556 100644
--- a/src/security/tpm/tspi/tspi.c
+++ b/src/security/tpm/tspi/tspi.c
@@ -35,12 +35,10 @@
    }
if (!!deactivated != CONFIG(TPM_DEACTIVATE)) {
-		printk(BIOS_INFO,
-		       "TPM: Unexpected TPM deactivated state. Toggling...\n");
+		printk(BIOS_INFO, "TPM: Unexpected TPM deactivated state. Toggling...\n");
    	result = tlcl_set_deactivated(!deactivated);
    	if (result != TPM_SUCCESS) {
-			printk(BIOS_ERR,
-			       "TPM: Can't toggle deactivated state.\n");
+			printk(BIOS_ERR, "TPM: Can't toggle deactivated state.\n");
    		return result;
    	}
@@ -63,8 +61,8 @@
case TPM_E_INVALID_POSTINIT:
    	/*
-		 * We're on a platform where the TPM maintains power
-		 * in S3, so it's already initialized.
+		 * We're on a platform where the TPM maintains power in S3, so it's already
+		 * initialized.
    	 */
    	printk(BIOS_INFO, "TPM: Already initialized.\n");
    	result = TPM_SUCCESS;
@@ -92,11 +90,10 @@
 static inline int tspi_tpm_is_setup(void)
 {
    /*
-	 * vboot_logic_executed() only starts returning true at the end of
-	 * verstage, but the vboot logic itself already wants to extend PCRs
-	 * before that. So in the stage where verification actually runs, we
-	 * need to check tpm_is_setup. Skip that check in all other stages so
-	 * this whole function can be evaluated at compile time.
+	 * vboot_logic_executed() only starts returning true at the end of verstage, but the
+	 * vboot logic itself already wants to extend PCRs before that. So in the stage where
+	 * verification actually runs, we need to check tpm_is_setup. Skip that check in all
+	 * other stages so this whole function can be evaluated at compile time.
     */
    if (CONFIG(VBOOT)) {
    	if (verification_should_run())
@@ -111,24 +108,21 @@
 }
/*
- * tpm_setup starts the TPM and establishes the root of trust for the
- * anti-rollback mechanism.  tpm_setup can fail for three reasons.  1 A bug.
- * 2 a TPM hardware failure. 3 An unexpected TPM state due to some attack.  In
- * general we cannot easily distinguish the kind of failure, so our strategy is
- * to reboot in recovery mode in all cases.  The recovery mode calls tpm_setup
- * again, which executes (almost) the same sequence of operations.  There is a
- * good chance that, if recovery mode was entered because of a TPM failure, the
- * failure will repeat itself.  (In general this is impossible to guarantee
- * because we have no way of creating the exact TPM initial state at the
- * previous boot.)  In recovery mode, we ignore the failure and continue, thus
- * giving the recovery kernel a chance to fix things (that's why we don't set
- * bGlobalLock).  The choice is between a knowingly insecure device and a
- * bricked device.
+ * tpm_setup starts the TPM and establishes the root of trust for the anti-rollback mechanism.
+ * tpm_setup can fail for three reasons.  1 A bug.
+ * 2 a TPM hardware failure. 3 An unexpected TPM state due to some attack.  In general we cannot
+ * easily distinguish the kind of failure, so our strategy is to reboot in recovery mode in all
+ * cases.  The recovery mode calls tpm_setup again, which executes (almost) the same sequence of
+ * operations.  There is a good chance that, if recovery mode was entered because of a TPM
+ * failure, the failure will repeat itself.  (In general this is impossible to guarantee because
+ * we have no way of creating the exact TPM initial state at the previous boot.)  In recovery
+ * mode, we ignore the failure and continue, thus giving the recovery kernel a chance to fix
+ * things (that's why we don't set bGlobalLock).  The choice is between a knowingly insecure
+ * device and a bricked device.
  *
- * As a side note, observe that we go through considerable hoops to avoid using
- * the STCLEAR permissions for the index spaces.  We do this to avoid writing
- * to the TPM flashram at every reboot or wake-up, because of concerns about
- * the durability of the NVRAM.
+ * As a side note, observe that we go through considerable hoops to avoid using the STCLEAR
+ * permissions for the index spaces.  We do this to avoid writing to the TPM flashram at every
+ * reboot or wake-up, because of concerns about the durability of the NVRAM.
  */
 uint32_t tpm_setup(int s3flag)
 {
@@ -147,8 +141,7 @@
    }
result = tlcl_startup();
-	if (CONFIG(TPM_STARTUP_IGNORE_POSTINIT)
-	    && result == TPM_E_INVALID_POSTINIT) {
+	if (CONFIG(TPM_STARTUP_IGNORE_POSTINIT) && result == TPM_E_INVALID_POSTINIT) {
    	printk(BIOS_DEBUG, "TPM: ignoring invalid POSTINIT\n");
    	result = TPM_SUCCESS;
    }
@@ -160,9 +153,8 @@
    result = tlcl_assert_physical_presence();
    if (result != TPM_SUCCESS) {
    	/*
-		 * It is possible that the TPM was delivered with the physical
-		 * presence command disabled.  This tries enabling it, then
-		 * tries asserting PP again.
+		 * It is possible that the TPM was delivered with the physical presence command
+		 * disabled.  This tries enabling it, then tries asserting PP again.
    	 */
    	result = tlcl_physical_presence_cmd_enable();
    	if (result != TPM_SUCCESS) {
@@ -215,8 +207,8 @@
    return TPM_SUCCESS;
 }
-uint32_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo,
-			uint8_t *digest, size_t digest_len, const char *name)
+uint32_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo, uint8_t *digest,
+			size_t digest_len, const char *name)
 {
    uint32_t result;
@@ -237,15 +229,13 @@
    }
if (CONFIG(TPM_MEASURED_BOOT))
-		tcpa_log_add_table_entry(name, pcr, digest_algo,
-			digest, digest_len);
+		tcpa_log_add_table_entry(name, pcr, digest_algo, digest, digest_len);
return TPM_SUCCESS;
 }
#if CONFIG(VBOOT_LIB)
-uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr,
-			    const char *rname)
+uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr, const char *rname)
 {
    uint8_t digest[TPM_PCR_MAX_LEN], digest_len;
    uint8_t buf[HASH_DATA_CHUNK_SIZE];
@@ -270,15 +260,14 @@
    	return TPM_E_HASH_ERROR;
    }
    /*
-	 * Though one can mmap the full needed region on x86 this is not the
-	 * case for e.g. ARM. In order to make this code as universal as
-	 * possible across different platforms read the data to hash in chunks.
+	 * Though one can mmap the full needed region on x86 this is not the case for e.g. ARM.
+	 * In order to make this code as universal as possible across different platforms read
+	 * the data to hash in chunks.
     */
    for (offset = 0; offset < region_device_sz(rdev); offset += len) {
    	len = MIN(sizeof(buf), region_device_sz(rdev) - offset);
    	if (rdev_readat(rdev, buf, offset, len) < 0) {
-			printk(BIOS_ERR, "TPM: Not able to read region %s.\n",
-			       rname);
+			printk(BIOS_ERR, "TPM: Not able to read region %s.\n", rname);
    		return TPM_E_READ_FAILURE;
    	}
    	if (vb2_digest_extend(&ctx, buf, len)) {
@@ -295,8 +284,8 @@
    	printk(BIOS_ERR, "TPM: Extending hash into PCR failed.\n");
    	return result;
    }
-	printk(BIOS_DEBUG, "TPM: Digest of %s to PCR %d %s\n",
-	       rname, pcr, tspi_tpm_is_setup() ? "measured" : "logged");
+	printk(BIOS_DEBUG, "TPM: Digest of %s to PCR %d %s\n", rname, pcr,
+		tspi_tpm_is_setup() ? "measured" : "logged");
    return TPM_SUCCESS;
 }
 #endif /* VBOOT_LIB */
diff --git a/src/security/tpm/tss.h b/src/security/tpm/tss.h
index 4a8206d0..6d39d1b 100644
--- a/src/security/tpm/tss.h
+++ b/src/security/tpm/tss.h
@@ -20,8 +20,8 @@
 #include <security/tpm/tss/tcg-1.2/tss_structures.h>
/**
- * Define a space with permission [perm]. [index] is the index for the space,
- * [size] the usable data size. The TPM error code is returned.
+ * Define a space with permission [perm]. [index] is the index for the space, [size] the usable
+ * data size. The TPM error code is returned.
  */
 uint32_t tlcl_define_space(uint32_t index, uint32_t perm, uint32_t size);
@@ -36,11 +36,10 @@
 uint32_t tlcl_set_deactivated(uint8_t flag);
/**
- * Get flags of interest. Pointers for flags you aren't interested in may
- * be NULL. The TPM error code is returned.
+ * Get flags of interest. Pointers for flags you aren't interested in may be NULL.
+ * The TPM error code is returned.
  */
-uint32_t tlcl_get_flags(uint8_t *disable, uint8_t *deactivated,
-			uint8_t *nvlocked);
+uint32_t tlcl_get_flags(uint8_t *disable, uint8_t *deactivated, uint8_t *nvlocked);
/**
  * Get the entire set of permanent flags.
@@ -54,18 +53,16 @@
 #include <security/tpm/tss/tcg-2.0/tss_structures.h>
/*
- * Define a TPM2 space. The define space command TPM command used by the tlcl
- * layer offers the ability to use custom nv attributes and policies.
+ * Define a TPM2 space. The define space command TPM command used by the tlcl layer offers the
+ * ability to use custom nv attributes and policies.
  */
-uint32_t tlcl_define_space(uint32_t space_index, size_t space_size,
-			   const TPMA_NV nv_attributes,
+uint32_t tlcl_define_space(uint32_t space_index, size_t space_size, const TPMA_NV nv_attributes,
    		   const uint8_t *nv_policy, size_t nv_policy_size);
/*
  * Issue TPM2_GetCapability command
  */
-uint32_t tlcl_get_capability(TPM_CAP capability, uint32_t property,
-			     uint32_t property_count,
+uint32_t tlcl_get_capability(TPM_CAP capability, uint32_t property, uint32_t property_count,
    		     TPMS_CAPABILITY_DATA *capability_data);
/*
@@ -90,27 +87,23 @@
 /**
  * Perform a raw TPM request/response transaction.
  */
-uint32_t tlcl_send_receive(const uint8_t *request, uint8_t *response,
-			   int max_length);
+uint32_t tlcl_send_receive(const uint8_t *request, uint8_t *response, int max_length);
/* Commands */
/**
- * Send a TPM_Startup(ST_CLEAR).  The TPM error code is returned (0 for
- * success).
+ * Send a TPM_Startup(ST_CLEAR).  The TPM error code is returned (0 for success).
  */
 uint32_t tlcl_startup(void);
/**
- * Resume by sending a TPM_Startup(ST_STATE).  The TPM error code is returned
- * (0 for success).
+ * Resume by sending a TPM_Startup(ST_STATE).  The TPM error code is returned (0 for success).
  */
 uint32_t tlcl_resume(void);
/**
- * Save TPM state by sending either TPM_SaveState() (TPM1.2) or
- * TPM_Shutdown(ST_STATE) (TPM2.0).  The TPM error code is returned (0 for
- * success).
+ * Save TPM state by sending either TPM_SaveState() (TPM1.2) or TPM_Shutdown(ST_STATE) (TPM2.0).
+ * The TPM error code is returned (0 for success).
  */
 uint32_t tlcl_save_state(void);
@@ -128,14 +121,12 @@
 uint32_t tlcl_continue_self_test(void);
/**
- * Write [length] bytes of [data] to space at [index].  The TPM error code is
- * returned.
+ * Write [length] bytes of [data] to space at [index].  The TPM error code is returned.
  */
 uint32_t tlcl_write(uint32_t index, const void *data, uint32_t length);
/**
- * Read [length] bytes from space at [index] into [data].  The TPM error code
- * is returned.
+ * Read [length] bytes from space at [index] into [data].  The TPM error code is returned.
  */
 uint32_t tlcl_read(uint32_t index, void *data, uint32_t length);
@@ -150,8 +141,8 @@
 uint32_t tlcl_physical_presence_cmd_enable(void);
/**
- * Finalize the physical presence settings: software PP is enabled, hardware PP
- * is disabled, and the lifetime lock is set.  The TPM error code is returned.
+ * Finalize the physical presence settings: software PP is enabled, hardware PP is disabled,
+ * and the lifetime lock is set.  The TPM error code is returned.
  */
 uint32_t tlcl_finalize_physical_presence(void);
@@ -171,8 +162,7 @@
 uint32_t tlcl_clear_control(bool disable);
/**
- * Set the bGlobalLock flag, which only a reboot can clear.  The TPM error
- * code is returned.
+ * Set the bGlobalLock flag, which only a reboot can clear.  The TPM error code is returned.
  */
 uint32_t tlcl_set_global_lock(void);
@@ -184,8 +174,7 @@
 /**
  * Perform a TPM_Extend.
  */
-uint32_t tlcl_extend(int pcr_num, const uint8_t *in_digest,
-		     uint8_t *out_digest);
+uint32_t tlcl_extend(int pcr_num, const uint8_t *in_digest, uint8_t *out_digest);
/**
  * Disable platform hierarchy. Specific to TPM2. The TPM error code is returned.
diff --git a/src/security/tpm/tss/tcg-1.2/tss.c b/src/security/tpm/tss/tcg-1.2/tss.c
index 30cd1cc..3bb6530 100644
--- a/src/security/tpm/tss/tcg-1.2/tss.c
+++ b/src/security/tpm/tss/tcg-1.2/tss.c
@@ -3,13 +3,11 @@
 /*
  * A lightweight TPM command library.
  *
- * The general idea is that TPM commands are array of bytes whose
- * fields are mostly compile-time constant.  The goal is to build much
- * of the commands at compile time (or build time) and change some of
- * the fields at run time as needed.  The code in
- * utility/tlcl_generator.c builds structures containing the commands,
- * as well as the offsets of the fields that need to be set at run
- * time.
+ * The general idea is that TPM commands are array of bytes whose fields are mostly compile-time
+ * constant.  The goal is to build much of the commands at compile time (or build time) and
+ * change some of the fields at run time as needed.  The code in utility/tlcl_generator.c builds
+ * structures containing the commands, as well as the offsets of the fields that need to be set
+ * at run time.
  */
#include <assert.h>
@@ -24,10 +22,8 @@
 #include <console/console.h>
 #define VBDEBUG(format, args...) printk(BIOS_DEBUG, format, ## args)
-static int tpm_send_receive(const uint8_t *request,
-				uint32_t request_length,
-				uint8_t *response,
-				uint32_t *response_length)
+static int tpm_send_receive(const uint8_t *request, uint32_t request_length, uint8_t *response,
+			    uint32_t *response_length)
 {
    size_t len = *response_length;
    if (tis_sendrecv(request, request_length, response, &len))
@@ -69,11 +65,11 @@
 }
/*
- * Like TlclSendReceive below, but do not retry if NEEDS_SELFTEST or
- * DOING_SELFTEST errors are returned.
+ * Like TlclSendReceive below, but do not retry if NEEDS_SELFTEST or DOING_SELFTEST errors are
+ * returned.
  */
-static uint32_t tlcl_send_receive_no_retry(const uint8_t *request,
-					   uint8_t *response, int max_length)
+static uint32_t tlcl_send_receive_no_retry(const uint8_t *request, uint8_t *response,
+					   int max_length)
 {
    uint32_t response_length = max_length;
    uint32_t result;
@@ -89,43 +85,36 @@
    /* Otherwise, use the result code from the response */
    result = tpm_return_code(response);
-	/* TODO: add paranoia about returned response_length vs. max_length
-	 * (and possibly expected length from the response header).  See
-	 * crosbug.com/17017 */
+	/* TODO: add paranoia about returned response_length vs. max_length (and possibly
+	 * expected length from the response header).  See crosbug.com/17017 */
-	VBDEBUG("TPM: command 0x%x returned 0x%x\n",
-		tpm_command_code(request), result);
+	VBDEBUG("TPM: command 0x%x returned 0x%x\n", tpm_command_code(request), result);
return result;
 }
-/* Sends a TPM command and gets a response.  Returns 0 if success or the TPM
- * error code if error. Waits for the self test to complete if needed. */
-uint32_t tlcl_send_receive(const uint8_t *request, uint8_t *response,
-			   int max_length)
+/* Sends a TPM command and gets a response.  Returns 0 if success or the TPM error code if error.
+ * Waits for the self test to complete if needed. */
+uint32_t tlcl_send_receive(const uint8_t *request, uint8_t *response, int max_length)
 {
-	uint32_t result = tlcl_send_receive_no_retry(request, response,
-						     max_length);
-	/* If the command fails because the self test has not completed, try it
-	 * again after attempting to ensure that the self test has completed. */
+	uint32_t result = tlcl_send_receive_no_retry(request, response, max_length);
+	/* If the command fails because the self test has not completed, try it again after
+	 * attempting to ensure that the self test has completed. */
    if (result == TPM_E_NEEDS_SELFTEST || result == TPM_E_DOING_SELFTEST) {
    	result = tlcl_continue_self_test();
    	if (result != TPM_SUCCESS)
    		return result;
 #if defined(TPM_BLOCKING_CONTINUESELFTEST) || defined(VB_RECOVERY_MODE)
    	/* Retry only once */
-		result = tlcl_send_receive_no_retry(request, response,
-						    max_length);
+		result = tlcl_send_receive_no_retry(request, response, max_length);
 #else
    	/* This needs serious testing. The TPM specification says: "iii.
-		 * The caller MUST wait for the actions of TPM_ContinueSelfTest
-		 * to complete before reissuing the command C1."  But, if
-		 * ContinueSelfTest is non-blocking, how do we know that the
-		 * actions have completed other than trying again? */
+		 * The caller MUST wait for the actions of TPM_ContinueSelfTest to complete
+		 * before reissuing the command C1."  But, if ContinueSelfTest is non-blocking,
+		 * how do we know that the actions have completed other than trying again? */
    	do {
-			result = tlcl_send_receive_no_retry(request, response,
-							    max_length);
+			result = tlcl_send_receive_no_retry(request, response, max_length);
    	} while (result == TPM_E_DOING_SELFTEST);
 #endif
    }
@@ -206,8 +195,7 @@
 {
    struct s_tpm_nv_write_cmd cmd;
    uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
-	const int total_length =
-			kTpmRequestHeaderLength + kWriteInfoLength + length;
+	const int total_length = kTpmRequestHeaderLength + kWriteInfoLength + length;
VBDEBUG("TPM: tlcl_write(0x%x, %d)\n", index, length);
    memcpy(&cmd, &tpm_nv_write_cmd, sizeof(cmd));
@@ -296,8 +284,7 @@
 {
    uint8_t response[TPM_LARGE_ENOUGH_COMMAND_SIZE];
    uint32_t size;
-	uint32_t result = tlcl_send_receive(tpm_getflags_cmd.buffer, response,
-					    sizeof(response));
+	uint32_t result = tlcl_send_receive(tpm_getflags_cmd.buffer, response, sizeof(response));
    if (result != TPM_SUCCESS)
    	return result;
    from_tpm_uint32(response + kTpmResponseHeaderLength, &size);
@@ -308,8 +295,7 @@
    return result;
 }
-uint32_t tlcl_get_flags(uint8_t *disable, uint8_t *deactivated,
-			uint8_t *nvlocked)
+uint32_t tlcl_get_flags(uint8_t *disable, uint8_t *deactivated, uint8_t *nvlocked)
 {
    TPM_PERMANENT_FLAGS pflags;
    uint32_t result = tlcl_get_permanent_flags(&pflags);
@@ -333,8 +319,7 @@
    return tlcl_write(TPM_NV_INDEX0, (uint8_t *) &x, 0);
 }
-uint32_t tlcl_extend(int pcr_num, const uint8_t *in_digest,
-		     uint8_t *out_digest)
+uint32_t tlcl_extend(int pcr_num, const uint8_t *in_digest, uint8_t *out_digest)
 {
    struct s_tpm_extend_cmd cmd;
    uint8_t response[kTpmResponseHeaderLength + kPcrDigestLength];
@@ -349,8 +334,7 @@
    	return result;
if (out_digest)
-		memcpy(out_digest, response + kTpmResponseHeaderLength,
-		       kPcrDigestLength);
+		memcpy(out_digest, response + kTpmResponseHeaderLength, kPcrDigestLength);
    return result;
 }
diff --git a/src/security/tpm/tss/tcg-1.2/tss_internal.h b/src/security/tpm/tss/tcg-1.2/tss_internal.h
index 1f49f04..66b000f 100644
--- a/src/security/tpm/tss/tcg-1.2/tss_internal.h
+++ b/src/security/tpm/tss/tcg-1.2/tss_internal.h
@@ -6,8 +6,8 @@
 #include <stdint.h>
/*
- * These numbers derive from adding the sizes of command fields as shown in the
- * TPM commands manual.
+ * These numbers derive from adding the sizes of command fields as shown in the TPM commands
+ * manual.
  */
 #define kTpmRequestHeaderLength 10
 #define kTpmResponseHeaderLength 10
@@ -17,9 +17,8 @@
/*
- * Conversion functions.  to_tpm_TYPE puts a value of type TYPE into a TPM
- * command buffer. from_tpm_TYPE gets a value of type TYPE from a TPM command
- * buffer into a variable.
+ * Conversion functions.  to_tpm_TYPE puts a value of type TYPE into a TPM command buffer.
+ * from_tpm_TYPE gets a value of type TYPE from a TPM command buffer into a variable.
  */
 __attribute__((unused))
 static inline void to_tpm_uint32(uint8_t *buffer, uint32_t x)
@@ -36,10 +35,7 @@
 __attribute__((unused))
 static inline void from_tpm_uint32(const uint8_t *buffer, uint32_t *x)
 {
-	*x = ((buffer[0] << 24) |
-	      (buffer[1] << 16) |
-	      (buffer[2] << 8) |
-	      buffer[3]);
+	*x = ((buffer[0] << 24) | (buffer[1] << 16) | (buffer[2] << 8) | buffer[3]);
 }
/*
diff --git a/src/security/tpm/tss/tcg-1.2/tss_structures.h b/src/security/tpm/tss/tcg-1.2/tss_structures.h
index 4a976c8..a104665 100644
--- a/src/security/tpm/tss/tcg-1.2/tss_structures.h
+++ b/src/security/tpm/tss/tcg-1.2/tss_structures.h
@@ -1,8 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause */
/*
- * Some TPM constants and type definitions for standalone compilation for use
- * in the firmware
+ * Some TPM constants and type definitions for standalone compilation for use in the firmware
  */
 #ifndef TCG1_TSS_STRUCTURES_H_
 #define TCG1_TSS_STRUCTURES_H_
diff --git a/src/security/tpm/tss/tcg-2.0/tss.c b/src/security/tpm/tss/tcg-2.0/tss.c
index 79d8eb9..d138065 100644
--- a/src/security/tpm/tss/tcg-2.0/tss.c
+++ b/src/security/tpm/tss/tcg-2.0/tss.c
@@ -12,8 +12,7 @@
/*
  * This file provides interface between firmware and TPM2 device. The TPM1.2
- * API was copied as is and relevant functions modified to comply with the
- * TPM2 specification.
+ * API was copied as is and relevant functions modified to comply with the TPM2 specification.
  */
void *tpm_process_command(TPM_CC command, void *command_body)
@@ -112,18 +111,15 @@
 uint32_t tlcl_assert_physical_presence(void)
 {
    /*
-	 * Nothing to do on TPM2 for this, use platform hierarchy availability
-	 * instead.
+	 * Nothing to do on TPM2 for this, use platform hierarchy availability instead.
     */
    return TPM_SUCCESS;
 }
/*
- * The caller will provide the digest in a 32 byte buffer, let's consider it a
- * sha256 digest.
+ * The caller will provide the digest in a 32 byte buffer, let's consider it a sha256 digest.
  */
-uint32_t tlcl_extend(int pcr_num, const uint8_t *in_digest,
-		     uint8_t *out_digest)
+uint32_t tlcl_extend(int pcr_num, const uint8_t *in_digest, uint8_t *out_digest)
 {
    struct tpm2_pcr_extend_cmd pcr_ext_cmd;
    struct tpm2_response *response;
@@ -136,8 +132,8 @@
response = tpm_process_command(TPM2_PCR_Extend, &pcr_ext_cmd);
-	printk(BIOS_INFO, "%s: response is %x\n",
-	       __func__, response ? response->hdr.tpm_code : -1);
+	printk(BIOS_INFO, "%s: response is %x\n", __func__,
+	       response ? response->hdr.tpm_code : -1);
    if (!response || response->hdr.tpm_code)
    	return TPM_E_IOERROR;
@@ -156,8 +152,8 @@
    struct tpm2_response *response;
response = tpm_process_command(TPM2_Clear, NULL);
-	printk(BIOS_INFO, "%s: response is %x\n",
-	       __func__, response ? response->hdr.tpm_code : -1);
+	printk(BIOS_INFO, "%s: response is %x\n", __func__,
+	       response ? response->hdr.tpm_code : -1);
if (!response || response->hdr.tpm_code)
    	return TPM_E_IOERROR;
@@ -173,8 +169,8 @@
    };
response = tpm_process_command(TPM2_ClearControl, &cc);
-	printk(BIOS_INFO, "%s: response is %x\n",
-		__func__, response ? response->hdr.tpm_code : -1);
+	printk(BIOS_INFO, "%s: response is %x\n", __func__,
+	       response ? response->hdr.tpm_code : -1);
if (!response || response->hdr.tpm_code)
    	return TPM_E_IOERROR;
@@ -227,8 +223,8 @@
    if (!response)
    	return TPM_E_READ_FAILURE;
-	printk(BIOS_INFO, "%s:%d index %#x return code %x\n",
-	       __FILE__, __LINE__, index, response->hdr.tpm_code);
+	printk(BIOS_INFO, "%s:%d index %#x return code %x\n", __FILE__, __LINE__, index,
+	       response->hdr.tpm_code);
    switch (response->hdr.tpm_code) {
    case 0:
    	break;
@@ -236,8 +232,7 @@
    	/* Uninitialized, returned if the space hasn't been written. */
    case TPM_RC_NV_UNINITIALIZED:
    	/*
-		 * Bad index, cr50 specific value, returned if the space
-		 * hasn't been defined.
+		 * Bad index, cr50 specific value, returned if the space hasn't been defined.
    	 */
    case TPM_RC_CR50_NV_UNDEFINED:
    	return TPM_E_BADINDEX;
@@ -265,8 +260,8 @@
    st.yes_no = 1;
response = tpm_process_command(TPM2_SelfTest, &st);
-	printk(BIOS_INFO, "%s: response is %x\n",
-	       __func__, response ? response->hdr.tpm_code : -1);
+	printk(BIOS_INFO, "%s: response is %x\n", __func__,
+	       response ? response->hdr.tpm_code : -1);
    return TPM_SUCCESS;
 }
@@ -280,8 +275,8 @@
response = tpm_process_command(TPM2_NV_WriteLock, &nv_wl);
-	printk(BIOS_INFO, "%s: response is %x\n",
-	       __func__, response ? response->hdr.tpm_code : -1);
+	printk(BIOS_INFO, "%s: response is %x\n", __func__,
+	       response ? response->hdr.tpm_code : -1);
if (!response || response->hdr.tpm_code)
    	return TPM_E_IOERROR;
@@ -307,8 +302,8 @@
response = tpm_process_command(TPM2_NV_Write, &nv_writec);
-	printk(BIOS_INFO, "%s: response is %x\n",
-	       __func__, response ? response->hdr.tpm_code : -1);
+	printk(BIOS_INFO, "%s: response is %x\n", __func__,
+	       response ? response->hdr.tpm_code : -1);
/* Need to map tpm error codes into internal values. */
    if (!response || response->hdr.tpm_code)
@@ -317,8 +312,7 @@
    return TPM_SUCCESS;
 }
-uint32_t tlcl_define_space(uint32_t space_index, size_t space_size,
-			   const TPMA_NV nv_attributes,
+uint32_t tlcl_define_space(uint32_t space_index, size_t space_size, const TPMA_NV nv_attributes,
    		   const uint8_t *nv_policy, size_t nv_policy_size)
 {
    struct tpm2_nv_define_space_cmd nvds_cmd;
@@ -333,9 +327,8 @@
    nvds_cmd.publicInfo.attributes = nv_attributes;
/*
-	 * Use policy digest based on default pcr0 value. This makes
-	 * sure that the space can not be deleted as soon as PCR0
-	 * value has been extended from default.
+	 * Use policy digest based on default pcr0 value. This makes sure that the space can not
+	 * be deleted as soon as PCR0 value has been extended from default.
     */
    if (nv_policy && nv_policy_size) {
    	nvds_cmd.publicInfo.authPolicy.t.buffer = nv_policy;
@@ -384,8 +377,7 @@
    	value = SM3_256_DIGEST_SIZE;
    	break;
    default:
-		printk(BIOS_SPEW, "%s: unknown hash algorithm %d\n", __func__,
-		hash_algo);
+		printk(BIOS_SPEW, "%s: unknown hash algorithm %d\n", __func__, hash_algo);
    	value = 0;
    };
@@ -408,9 +400,8 @@
    return TPM_SUCCESS;
 }
-uint32_t tlcl_get_capability(TPM_CAP capability, uint32_t property,
-		uint32_t property_count,
-		TPMS_CAPABILITY_DATA *capability_data)
+uint32_t tlcl_get_capability(TPM_CAP capability, uint32_t property, uint32_t property_count,
+			     TPMS_CAPABILITY_DATA *capability_data)
 {
    struct tpm2_get_capability cmd;
    struct tpm2_response *response;
@@ -420,8 +411,8 @@
    cmd.propertyCount = property_count;
if (property_count > 1) {
-		printk(BIOS_ERR, "%s: property_count more than one not "
-		       "supported yet\n", __func__);
+		printk(BIOS_ERR, "%s: property_count more than one not supported yet\n",
+		       __func__);
    	return TPM_E_IOERROR;
    }
diff --git a/src/security/tpm/tss/tcg-2.0/tss_marshaling.c b/src/security/tpm/tss/tcg-2.0/tss_marshaling.c
index f31c7d0..11541e8 100644
--- a/src/security/tpm/tss/tcg-2.0/tss_marshaling.c
+++ b/src/security/tpm/tss/tcg-2.0/tss_marshaling.c
@@ -28,8 +28,7 @@
    return obuf_write_be16(ob, cmd_body->shutdown_type);
 }
-static int marshal_get_capability(struct obuf *ob,
-				   struct tpm2_get_capability *cmd_body)
+static int marshal_get_capability(struct obuf *ob, struct tpm2_get_capability *cmd_body)
 {
    int rc = 0;
@@ -116,8 +115,7 @@
    return rc;
 }
-static int marshal_session_header(struct obuf *ob,
-				   struct tpm2_session_header *session_header)
+static int marshal_session_header(struct obuf *ob, struct tpm2_session_header *session_header)
 {
    int rc = 0;
    struct obuf ob_sz;
@@ -147,11 +145,9 @@
 }
/*
- * Common session header can include one or two handles and an empty
- * session_header structure.
+ * Common session header can include one or two handles and an empty session_header structure.
  */
-static int marshal_common_session_header(struct obuf *ob,
-					  const uint32_t *handles,
+static int marshal_common_session_header(struct obuf *ob, const uint32_t *handles,
    				  size_t handle_count)
 {
    size_t i;
@@ -170,8 +166,7 @@
    return rc;
 }
-static int marshal_nv_define_space(struct obuf *ob,
-				    struct tpm2_nv_define_space_cmd *nvd_in)
+static int marshal_nv_define_space(struct obuf *ob, struct tpm2_nv_define_space_cmd *nvd_in)
 {
    const uint32_t handle[] = { TPM_RH_PLATFORM };
    struct obuf ob_sz;
@@ -197,8 +192,7 @@
    return rc;
 }
-static int marshal_nv_write(struct obuf *ob,
-			     struct tpm2_nv_write_cmd *command_body)
+static int marshal_nv_write(struct obuf *ob, struct tpm2_nv_write_cmd *command_body)
 {
    int rc = 0;
    uint32_t handles[] = { TPM_RH_PLATFORM, command_body->nvIndex };
@@ -210,16 +204,14 @@
    return rc;
 }
-static int marshal_nv_write_lock(struct obuf *ob,
-				  struct tpm2_nv_write_lock_cmd *command_body)
+static int marshal_nv_write_lock(struct obuf *ob, struct tpm2_nv_write_lock_cmd *command_body)
 {
    uint32_t handles[] = { TPM_RH_PLATFORM, command_body->nvIndex };
return marshal_common_session_header(ob, handles, ARRAY_SIZE(handles));
 }
-static int marshal_pcr_extend(struct obuf *ob,
-			       struct tpm2_pcr_extend_cmd *command_body)
+static int marshal_pcr_extend(struct obuf *ob, struct tpm2_pcr_extend_cmd *command_body)
 {
    int rc = 0;
    uint32_t handles[] = { command_body->pcrHandle };
@@ -230,8 +222,7 @@
    return rc;
 }
-static int marshal_nv_read(struct obuf *ob,
-			    struct tpm2_nv_read_cmd *command_body)
+static int marshal_nv_read(struct obuf *ob, struct tpm2_nv_read_cmd *command_body)
 {
    int rc = 0;
    uint32_t handles[] = { TPM_RH_PLATFORM, command_body->nvIndex };
@@ -251,8 +242,7 @@
    return marshal_common_session_header(ob, handle, ARRAY_SIZE(handle));
 }
-static int marshal_selftest(struct obuf *ob,
-			     struct tpm2_self_test *command_body)
+static int marshal_selftest(struct obuf *ob, struct tpm2_self_test *command_body)
 {
    return obuf_write_be8(ob, command_body->yes_no);
 }
@@ -276,8 +266,7 @@
    return rc;
 }
-static int marshal_clear_control(struct obuf *ob,
-			struct tpm2_clear_control_cmd *command_body)
+static int marshal_clear_control(struct obuf *ob, struct tpm2_clear_control_cmd *command_body)
 {
    int rc = 0;
    struct tpm2_session_header session_header;
@@ -301,9 +290,8 @@
switch (*sub_command) {
    case TPM2_CR50_SUB_CMD_IMMEDIATE_RESET:
-		/* The 16-bit timeout parameter is optional for the
-		 * IMMEDIATE_RESET command.  However in coreboot, the timeout
-		 * parameter must be specified.
+		/* The 16-bit timeout parameter is optional for the IMMEDIATE_RESET command.
+		 * However in coreboot, the timeout parameter must be specified.
    	 */
    	rc |= obuf_write_be16(ob, sub_command[0]);
    	rc |= obuf_write_be16(ob, sub_command[1]);
@@ -320,13 +308,12 @@
    	break;
    case TPM2_CR50_SUB_CMD_TPM_MODE:
    	/* The Cr50 TPM_MODE command supports an optional parameter.
-		 * When the parameter is present the Cr50 will attempt to change
-		 * the TPM state (enable or disable) and returns the new state
-		 * in the response.  When the parameter is absent, the Cr50
-		 * returns the current TPM state.
+		 * When the parameter is present the Cr50 will attempt to change the TPM state
+		 * (enable or disable) and returns the new state in the response.
+		 * When the parameter is absent, the Cr50 returns the current TPM state.
    	 *
-		 * coreboot currently only uses the TPM get capability and does
-		 * not set a new TPM state with the Cr50.
+		 * coreboot currently only uses the TPM get capability and does not set a new
+		 * TPM state with the Cr50.
    	 */
    	rc |= obuf_write_be16(ob, *sub_command);
    	break;
@@ -335,8 +322,7 @@
    	break;
    default:
    	/* Unsupported subcommand. */
-		printk(BIOS_WARNING, "Unsupported cr50 subcommand: 0x%04x\n",
-			*sub_command);
+		printk(BIOS_WARNING, "Unsupported cr50 subcommand: 0x%04x\n", *sub_command);
    	rc = -1;
    	break;
    }
@@ -431,8 +417,7 @@
    return rc;
 }
-static int unmarshal_get_capability(struct ibuf *ib,
-				     struct get_cap_response *gcr)
+static int unmarshal_get_capability(struct ibuf *ib, struct get_cap_response *gcr)
 {
    int i;
    int rc = 0;
@@ -473,14 +458,12 @@
    		return -1;
    	}
    	for (i = 0; i < gcr->cd.data.assignedPCR.count; i++) {
-			TPMS_PCR_SELECTION *pp =
-				&gcr->cd.data.assignedPCR.pcrSelections[i];
+			TPMS_PCR_SELECTION *pp = &gcr->cd.data.assignedPCR.pcrSelections[i];
    		rc |= ibuf_read(ib, pp, sizeof(TPMS_PCR_SELECTION));
    	}
    	break;
    default:
-		printk(BIOS_ERR,
-		       "%s:%d - unable to unmarshal capability response",
+		printk(BIOS_ERR, "%s:%d - unable to unmarshal capability response",
    	       __func__, __LINE__);
    	printk(BIOS_ERR, " for %d\n", gcr->cd.capability);
    	rc = -1;
@@ -490,8 +473,7 @@
    return rc;
 }
-static int unmarshal_TPM2B_MAX_NV_BUFFER(struct ibuf *ib,
-					  TPM2B_MAX_NV_BUFFER *nv_buffer)
+static int unmarshal_TPM2B_MAX_NV_BUFFER(struct ibuf *ib, TPM2B_MAX_NV_BUFFER *nv_buffer)
 {
    if (ibuf_read_be16(ib, &nv_buffer->t.size))
    	return -1;
@@ -499,10 +481,8 @@
    nv_buffer->t.buffer = ibuf_oob_drain(ib, nv_buffer->t.size);
if (nv_buffer->t.buffer == NULL) {
-		printk(BIOS_ERR, "%s:%d - "
-		       "size mismatch: expected %d, remaining %zd\n",
-		       __func__, __LINE__, nv_buffer->t.size,
-			ibuf_remaining(ib));
+		printk(BIOS_ERR, "%s:%d - size mismatch: expected %d, remaining %zd\n",
+		       __func__, __LINE__, nv_buffer->t.size, ibuf_remaining(ib));
    	return -1;
    }
@@ -520,20 +500,17 @@
if (nvr->params_size !=
        (nvr->buffer.t.size + sizeof(nvr->buffer.t.size))) {
-		printk(BIOS_ERR,
-		       "%s:%d - parameter/buffer %d/%d size mismatch",
-		       __func__, __LINE__, nvr->params_size,
-		       nvr->buffer.t.size);
+		printk(BIOS_ERR, "%s:%d - parameter/buffer %d/%d size mismatch",
+		       __func__, __LINE__, nvr->params_size, nvr->buffer.t.size);
    	return -1;
    }
/*
-	 * Let's ignore the authorization section. It should be 5 bytes total,
-	 * just confirm that this is the case and report any discrepancy.
+	 * Let's ignore the authorization section. It should be 5 bytes total, just confirm that
+	 * this is the case and report any discrepancy.
     */
    if (ibuf_remaining(ib) != 5)
-		printk(BIOS_ERR,
-		       "%s:%d - unexpected authorization section size %zd\n",
+		printk(BIOS_ERR, "%s:%d - unexpected authorization section size %zd\n",
    	       __func__, __LINE__, ibuf_remaining(ib));
ibuf_oob_drain(ib, ibuf_remaining(ib));
@@ -541,8 +518,7 @@
    return 0;
 }
-static int unmarshal_vendor_command(struct ibuf *ib,
-				     struct vendor_command_response *vcr)
+static int unmarshal_vendor_command(struct ibuf *ib, struct vendor_command_response *vcr)
 {
    if (ibuf_read_be16(ib, &vcr->vc_subcommand))
    	return -1;
@@ -561,9 +537,8 @@
    case TPM2_CR50_SUB_CMD_GET_BOOT_MODE:
    	return ibuf_read_be8(ib, &vcr->boot_mode);
    default:
-		printk(BIOS_ERR,
-		       "%s:%d - unsupported vendor command %#04x!\n",
-		       __func__, __LINE__, vcr->vc_subcommand);
+		printk(BIOS_ERR, "%s:%d - unsupported vendor command %#04x!\n", __func__,
+		       __LINE__, vcr->vc_subcommand);
    	return -1;
    }
@@ -583,15 +558,14 @@
    	return NULL;
if (ibuf_capacity(ib) != tpm2_static_resp.hdr.tpm_size) {
-		printk(BIOS_ERR,
-		       "%s: size mismatch in response to command %#x\n",
-		       __func__, command);
+		printk(BIOS_ERR, "%s: size mismatch in response to command %#x\n", __func__,
+		       command);
    	return NULL;
    }
-	/* On errors, we're not sure what the TPM is returning. None of the
-	   commands we use actually expect useful data payloads for errors, so
-	   just ignore any data after the header. */
+	/* On errors, we're not sure what the TPM is returning. None of the commands we use
+	 * actually expect useful data payloads for errors, so just ignore any data after the
+	 * header. */
    if (tpm2_static_resp.hdr.tpm_code != TPM2_RC_SUCCESS)
    	return &tpm2_static_resp;
@@ -630,10 +604,8 @@
    		size_t sz_left;
    		const uint8_t *data;
-			printk(BIOS_INFO, "%s:%d:"
-			       "Request to unmarshal unexpected command %#x,"
-			       " code %#x",
-			       __func__, __LINE__, command,
+			printk(BIOS_INFO, "%s:%d:Request to unmarshal unexpected command %#x,"
+			       " code %#x", __func__, __LINE__, command,
    		       tpm2_static_resp.hdr.tpm_code);
sz_left = ibuf_remaining(ib);
@@ -651,15 +623,13 @@
if (ibuf_remaining(ib)) {
    	printk(BIOS_INFO,
-		       "%s:%d got %d bytes back in response to %#x,"
-		       " failed to parse (%zd)\n",
-		       __func__, __LINE__, tpm2_static_resp.hdr.tpm_size,
-		       command, ibuf_remaining(ib));
+		       "%s:%d got %d bytes back in response to %#x, failed to parse (%zd)\n",
+		       __func__, __LINE__, tpm2_static_resp.hdr.tpm_size, command,
+		       ibuf_remaining(ib));
    	return NULL;
    }
    if (rc)
-		printk(BIOS_WARNING, "Warning: %s had one or more failures.\n",
-					__func__);
+		printk(BIOS_WARNING, "Warning: %s had one or more failures.\n", __func__);
/* The entire message have been parsed. */
    return &tpm2_static_resp;
diff --git a/src/security/tpm/tss/tcg-2.0/tss_marshaling.h b/src/security/tpm/tss/tcg-2.0/tss_marshaling.h
index 432cf5a3..76de5de 100644
--- a/src/security/tpm/tss/tcg-2.0/tss_marshaling.h
+++ b/src/security/tpm/tss/tcg-2.0/tss_marshaling.h
@@ -11,8 +11,7 @@
 /**
  * tpm_marshal_command
  *
- * Given a structure containing a TPM2 command, serialize the structure for
- * sending it to the TPM.
+ * Given a structure containing a TPM2 command, serialize the structure for sending it to the TPM.
  *
  * @command: code of the TPM2 command to marshal
  * @tpm_command_body: a pointer to the command specific structure
@@ -27,16 +26,15 @@
 /**
  * tpm_unmarshal_response
  *
- * Given a buffer received from the TPM in response to a certain command,
- * deserialize the buffer into the expeced response structure.
+ * Given a buffer received from the TPM in response to a certain command, deserialize the buffer
+ * into the expeced response structure.
  *
  * struct tpm2_response is a union of all possible responses.
  *
  * @command: code of the TPM2 command for which a response is unmarshaled
  * @ib: input buffer containing the serialized response.
  *
- * Returns a pointer to the deserialized response or NULL in case of
- * unmarshaling problems.
+ * Returns a pointer to the deserialized response or NULL in case of unmarshaling problems.
  */
 struct tpm2_response *tpm_unmarshal_response(TPM_CC command, struct ibuf *ib);
diff --git a/src/security/tpm/tss/tcg-2.0/tss_structures.h b/src/security/tpm/tss/tcg-2.0/tss_structures.h
index 1c7aa4b..0fa4d1a 100644
--- a/src/security/tpm/tss/tcg-2.0/tss_structures.h
+++ b/src/security/tpm/tss/tcg-2.0/tss_structures.h
@@ -4,8 +4,8 @@
 #define TCG2_TSS_STRUCTURES_H_
/*
- * This file includes a subset of definitions of TPM protocol version 2.x
- * constants and structures needed for functions used in coreboot.
+ * This file includes a subset of definitions of TPM protocol version 2.x constants and
+ * structures needed for functions used in coreboot.
  */
 #include <types.h>
 #include "../common/tss_common.h"
@@ -89,8 +89,8 @@
 #define TPM2_NV_Read           ((TPM_CC)0x0000014E)
 #define TPM2_GetCapability     ((TPM_CC)0x0000017A)
 #define TPM2_PCR_Extend        ((TPM_CC)0x00000182)
-/* TPM2 specifies vendor commands need to have this bit set. Vendor command
-   space is defined by the lower 16 bits. */
+/* TPM2 specifies vendor commands need to have this bit set. Vendor command space is defined by
+ * the lower 16 bits. */
 #define TPM_CC_VENDOR_BIT_MASK 0x20000000
/* Table 15 - TPM_RC Constants (Actions) */
@@ -146,10 +146,9 @@
 #define TPM_RC_NV_UNINITIALIZED	  ((TPM_RC)(RC_VER1 + 0x04A))
/*
- * Cr50 returns this code when an attempt is made to read an NV location which
- * has not yet been defined. This is an aggregation of various return code
- * extensions which may or may not match if a different TPM2 device is
- * used.
+ * Cr50 returns this code when an attempt is made to read an NV location which has not yet been
+ * defined. This is an aggregation of various return code extensions which may or may not match
+ * if a different TPM2 device is used.
  */
 #define TPM_RC_CR50_NV_UNDEFINED  0x28b
@@ -359,8 +358,8 @@
 };
/*
- * TPM session header for commands requiring session information. Also
- * included in the responses to those commands.
+ * TPM session header for commands requiring session information. Also included in the responses
+ * to those commands.
  */
 struct tpm2_session_header {
    uint32_t session_handle;
diff --git a/src/security/tpm/tss/vendor/cr50/cr50.c b/src/security/tpm/tss/vendor/cr50/cr50.c
index 3be1e5a..b6dff81 100644
--- a/src/security/tpm/tss/vendor/cr50/cr50.c
+++ b/src/security/tpm/tss/vendor/cr50/cr50.c
@@ -19,8 +19,7 @@
if (response == NULL || (response && response->hdr.tpm_code)) {
    	if (response)
-			printk(BIOS_INFO, "%s: failed %x\n", __func__,
-			       response->hdr.tpm_code);
+			printk(BIOS_INFO, "%s: failed %x\n", __func__, response->hdr.tpm_code);
    	else
    		printk(BIOS_INFO, "%s: failed\n", __func__);
    	return TPM_E_IOERROR;
@@ -28,8 +27,7 @@
    return TPM_SUCCESS;
 }
-uint32_t tlcl_cr50_enable_update(uint16_t timeout_ms,
-				 uint8_t *num_restored_headers)
+uint32_t tlcl_cr50_enable_update(uint16_t timeout_ms, uint8_t *num_restored_headers)
 {
    struct tpm2_response *response;
    uint16_t command_body[] = {
@@ -78,9 +76,8 @@
if (response->hdr.tpm_code == VENDOR_RC_INTERNAL_ERROR) {
    	/*
-		 * The Cr50 returns VENDOR_RC_INTERNAL_ERROR iff the key ladder
-		 * is disabled. The Cr50 requires a reboot to re-enable the key
-		 * ladder.
+		 * The Cr50 returns VENDOR_RC_INTERNAL_ERROR iff the key ladder is disabled.
+		 * The Cr50 requires a reboot to re-enable the key ladder.
    	 */
    	return TPM_E_MUST_REBOOT;
    }
@@ -140,8 +137,7 @@
     * Issue an immediate reset to the Cr50.
     */
    printk(BIOS_INFO, "Issuing cr50 reset\n");
-	response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND,
-				       &reset_command_body);
+	response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND, &reset_command_body);
if (!response)
    	return TPM_E_IOERROR;
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/44412
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I1adaae4c9eeee1b8cb1a2d9467712762f7ccc6be
Gerrit-Change-Number: 44412
Gerrit-PatchSet: 1
Gerrit-Owner: HAOUAS Elyes ehaouas@noos.fr
Gerrit-MessageType: newchange



    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

[coreboot-gerrit] Change in coreboot[master]: src/security: Convert to 96 characters line length