The folowing series of patches cleans up some TPM related code.
Regards, Stefan
Stefan Berger (6): tpm: Introduce a #define for command tag tpm: Be consistent with array sizes in tcgbios.c tpm: use bool as return parameter tpm: clean up parameters to build_and_send_cmd tpm: Clean up in tcgbios.h tpm: Move call to tpm_option_rom into init_optionrom
src/optionroms.c | 3 ++- src/tcgbios.c | 58 +++++++++++++++++++++++++++----------------------------- src/tcgbios.h | 22 ++------------------- 3 files changed, 32 insertions(+), 51 deletions(-)
Introduce a #define for the TPM command tag 0x00c1.
Signed-off-by: Stefan Berger stefanb@linux.vnet.ibm.com --- src/tcgbios.c | 2 +- src/tcgbios.h | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/tcgbios.c b/src/tcgbios.c index 4bf6fe9..94d54d8 100644 --- a/src/tcgbios.c +++ b/src/tcgbios.c @@ -333,7 +333,7 @@ build_and_send_cmd_od(u8 locty, u32 ordinal, const u8 *append, u32 append_size, memset(ibuffer, 0x0, sizeof(ibuffer)); memset(obuffer, 0x0, sizeof(obuffer));
- trqh->tag = cpu_to_be16(0xc1); + trqh->tag = cpu_to_be16(TPM_TAG_RQU_CMD); trqh->totlen = cpu_to_be32(TPM_REQ_HEADER_SIZE + append_size + otherdata_size); trqh->ordinal = cpu_to_be32(ordinal); diff --git a/src/tcgbios.h b/src/tcgbios.h index 8b107bb..df89579 100644 --- a/src/tcgbios.h +++ b/src/tcgbios.h @@ -91,6 +91,8 @@ #define TPM_INVALID_POSTINIT 0x26 #define TPM_BAD_LOCALITY 0x3d
+/* TPM command tags */ +#define TPM_TAG_RQU_CMD 0x00c1
/* interrupt identifiers (al register) */ enum irq_ids {
Remove the array size from all arrays.
Replace the magic 12 with sizeof(GetCapability_Timeouts), which represents the maximum number of bytes that need to be reserved.
Signed-off-by: Stefan Berger stefanb@linux.vnet.ibm.com --- src/tcgbios.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/src/tcgbios.c b/src/tcgbios.c index 94d54d8..58170d7 100644 --- a/src/tcgbios.c +++ b/src/tcgbios.c @@ -26,23 +26,23 @@ #include "fw/paravirt.h" // runningOnXen #include "std/smbios.h"
-static const u8 Startup_ST_CLEAR[2] = { 0x00, TPM_ST_CLEAR }; -static const u8 Startup_ST_STATE[2] = { 0x00, TPM_ST_STATE }; +static const u8 Startup_ST_CLEAR[] = { 0x00, TPM_ST_CLEAR }; +static const u8 Startup_ST_STATE[] = { 0x00, TPM_ST_STATE };
-static const u8 PhysicalPresence_CMD_ENABLE[2] = { 0x00, 0x20 }; -static const u8 PhysicalPresence_CMD_DISABLE[2] = { 0x01, 0x00 }; -static const u8 PhysicalPresence_PRESENT[2] = { 0x00, 0x08 }; -static const u8 PhysicalPresence_NOT_PRESENT_LOCK[2] = { 0x00, 0x14 }; +static const u8 PhysicalPresence_CMD_ENABLE[] = { 0x00, 0x20 }; +static const u8 PhysicalPresence_CMD_DISABLE[] = { 0x01, 0x00 }; +static const u8 PhysicalPresence_PRESENT[] = { 0x00, 0x08 }; +static const u8 PhysicalPresence_NOT_PRESENT_LOCK[] = { 0x00, 0x14 };
static const u8 CommandFlag_FALSE[1] = { 0x00 }; static const u8 CommandFlag_TRUE[1] = { 0x01 };
-static const u8 GetCapability_Permanent_Flags[12] = { +static const u8 GetCapability_Permanent_Flags[] = { 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x01, 0x08 };
-static const u8 GetCapability_OwnerAuth[12] = { +static const u8 GetCapability_OwnerAuth[] = { 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x01, 0x11 }; @@ -301,7 +301,7 @@ build_and_send_cmd_od(u8 locty, u32 ordinal, const u8 *append, u32 append_size, const u8 *otherdata, u32 otherdata_size, enum tpmDurationType to_t) { -#define MAX_APPEND_SIZE 12 +#define MAX_APPEND_SIZE sizeof(GetCapability_Timeouts) #define MAX_RESPONSE_SIZE sizeof(struct tpm_res_getcap_perm_flags) u32 rc; u8 ibuffer[TPM_REQ_HEADER_SIZE + MAX_APPEND_SIZE];
Have is_tpm_present and has_working_tpm return bool.
Signed-off-by: Stefan Berger stefanb@linux.vnet.ibm.com --- src/tcgbios.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/src/tcgbios.c b/src/tcgbios.c index 58170d7..6c1a14f 100644 --- a/src/tcgbios.c +++ b/src/tcgbios.c @@ -12,6 +12,8 @@
#include "config.h"
+#include <stdbool.h> + #include "types.h" #include "byteorder.h" // cpu_to_* #include "hw/tpm_drivers.h" // tpm_drivers[] @@ -101,10 +103,10 @@ static tpm_state_t tpm_state = { *******************************************************/
-static u32 +static bool is_tpm_present(void) { - u32 rc = 0; + bool rc = false; unsigned int i;
for (i = 0; i < TPM_NUM_DRIVERS; i++) { @@ -112,7 +114,7 @@ is_tpm_present(void) if (td->probe() != 0) { td->init(); tpm_state.tpm_driver_to_use = i; - rc = 1; + rc = true; break; } } @@ -125,12 +127,12 @@ probe_tpm(void) { if (!tpm_state.tpm_probed) { tpm_state.tpm_probed = 1; - tpm_state.tpm_found = (is_tpm_present() != 0); + tpm_state.tpm_found = (is_tpm_present()); tpm_state.tpm_working = tpm_state.tpm_found; } }
-static int +static bool has_working_tpm(void) { probe_tpm(); @@ -1043,7 +1045,7 @@ tpm_interrupt_handler32(struct bregs *regs)
switch ((enum irq_ids)regs->al) { case TCG_StatusCheck: - if (is_tpm_present() == 0) { + if (!is_tpm_present()) { /* no TPM available */ regs->eax = TCG_PC_TPM_NOT_PRESENT; } else {
On Tue, Jun 09, 2015 at 07:56:30PM -0400, Stefan Berger wrote:
Have is_tpm_present and has_working_tpm return bool.
Thanks - this series looks good to me with the exception of this patch.
--- a/src/tcgbios.c +++ b/src/tcgbios.c @@ -12,6 +12,8 @@
#include "config.h"
+#include <stdbool.h>
SeaBIOS doesn't use any standard headers currently, and I don't think it's worthwhile to add that dependency for bool.
-Kevin
Clean up the parameters to the build_and_send_cmd function call. Use the sizeof() on the preceding buffer parameter. If the buffer is NULL, we pass 0.
Signed-off-by: Stefan Berger stefanb@linux.vnet.ibm.com --- src/tcgbios.c | 24 ++++++++++-------------- 1 file changed, 10 insertions(+), 14 deletions(-)
diff --git a/src/tcgbios.c b/src/tcgbios.c index 6c1a14f..13b3df3 100644 --- a/src/tcgbios.c +++ b/src/tcgbios.c @@ -381,8 +381,7 @@ determine_timeouts(void) rc = build_and_send_cmd(0, TPM_ORD_GetCapability, GetCapability_Timeouts, sizeof(GetCapability_Timeouts), - (u8 *)&timeouts, - sizeof(struct tpm_res_getcap_timeouts), + (u8 *)&timeouts, sizeof(timeouts), &returnCode, TPM_DURATION_TYPE_SHORT);
dprintf(DEBUG_tcg, "TCGBIOS: Return code from TPM_GetCapability(Timeouts)" @@ -394,8 +393,7 @@ determine_timeouts(void) rc = build_and_send_cmd(0, TPM_ORD_GetCapability, GetCapability_Durations, sizeof(GetCapability_Durations), - (u8 *)&durations, - sizeof(struct tpm_res_getcap_durations), + (u8 *)&durations, sizeof(durations), &returnCode, TPM_DURATION_TYPE_SHORT);
dprintf(DEBUG_tcg, "TCGBIOS: Return code from TPM_GetCapability(Durations)" @@ -448,7 +446,7 @@ tpm_startup(void) dprintf(DEBUG_tcg, "TCGBIOS: Starting with TPM_Startup(ST_CLEAR)\n"); rc = build_and_send_cmd(0, TPM_ORD_Startup, Startup_ST_CLEAR, sizeof(Startup_ST_CLEAR), - NULL, 10, &returnCode, TPM_DURATION_TYPE_SHORT); + NULL, 0, &returnCode, TPM_DURATION_TYPE_SHORT);
dprintf(DEBUG_tcg, "Return code from TPM_Startup = 0x%08x\n", returnCode); @@ -465,7 +463,7 @@ tpm_startup(void) goto err_exit;
rc = build_and_send_cmd(0, TPM_ORD_SelfTestFull, NULL, 0, - NULL, 10, &returnCode, TPM_DURATION_TYPE_LONG); + NULL, 0, &returnCode, TPM_DURATION_TYPE_LONG);
dprintf(DEBUG_tcg, "Return code from TPM_SelfTestFull = 0x%08x\n", returnCode); @@ -474,7 +472,7 @@ tpm_startup(void) goto err_exit;
rc = build_and_send_cmd(3, TSC_ORD_ResetEstablishmentBit, NULL, 0, - NULL, 10, &returnCode, TPM_DURATION_TYPE_SHORT); + NULL, 0, &returnCode, TPM_DURATION_TYPE_SHORT);
dprintf(DEBUG_tcg, "Return code from TSC_ResetEstablishmentBit = 0x%08x\n", returnCode); @@ -535,14 +533,14 @@ tpm_leave_bios(void) rc = build_and_send_cmd(0, TPM_ORD_PhysicalPresence, PhysicalPresence_CMD_ENABLE, sizeof(PhysicalPresence_CMD_ENABLE), - NULL, 10, &returnCode, TPM_DURATION_TYPE_SHORT); + NULL, 0, &returnCode, TPM_DURATION_TYPE_SHORT); if (rc || returnCode) goto err_exit;
rc = build_and_send_cmd(0, TPM_ORD_PhysicalPresence, PhysicalPresence_NOT_PRESENT_LOCK, sizeof(PhysicalPresence_NOT_PRESENT_LOCK), - NULL, 10, &returnCode, TPM_DURATION_TYPE_SHORT); + NULL, 0, &returnCode, TPM_DURATION_TYPE_SHORT); if (rc || returnCode) goto err_exit;
@@ -621,8 +619,7 @@ tpm_sha1_calc(const u8 *data, u32 length, u8 *hash)
rc = build_and_send_cmd(0, TPM_ORD_SHA1Start, NULL, 0, - (u8 *)&start, - sizeof(struct tpm_res_sha1start), + (u8 *)&start, sizeof(start), &returnCode, TPM_DURATION_TYPE_SHORT);
if (rc || returnCode) @@ -653,8 +650,7 @@ tpm_sha1_calc(const u8 *data, u32 length, u8 *hash)
rc = build_and_send_cmd_od(0, TPM_ORD_SHA1Complete, (u8 *)&numbytes_no, sizeof(numbytes_no), - (u8 *)&complete, - sizeof(struct tpm_res_sha1complete), + (u8 *)&complete, sizeof(complete), &returnCode, &data[offset], rest, TPM_DURATION_TYPE_SHORT);
@@ -1472,7 +1468,7 @@ tpm_s3_resume(void)
rc = build_and_send_cmd(0, TPM_ORD_Startup, Startup_ST_STATE, sizeof(Startup_ST_STATE), - NULL, 10, &returnCode, TPM_DURATION_TYPE_SHORT); + NULL, 0, &returnCode, TPM_DURATION_TYPE_SHORT);
dprintf(DEBUG_tcg, "TCGBIOS: ReturnCode from TPM_Startup = 0x%08x\n", returnCode);
Remove some unused #defines and remove comments pointing to sections in specs.
Signed-off-by: Stefan Berger stefanb@linux.vnet.ibm.com --- src/tcgbios.h | 20 -------------------- 1 file changed, 20 deletions(-)
diff --git a/src/tcgbios.h b/src/tcgbios.h index df89579..a3aa870 100644 --- a/src/tcgbios.h +++ b/src/tcgbios.h @@ -3,8 +3,6 @@
#include "types.h"
-#define TCG_MAGIC 0x41504354L - /* Define for section 12.3 */ #define TCG_PC_OK 0x0 #define TCG_PC_TPMERROR 0x1 @@ -51,21 +49,6 @@ #define TCG_PC_TPM_DEACTIVATED (TPM_RET_BASE + 0x23)
-#define TPM_INVALID_ADR_REQUEST TCG_INVALID_ADR_REQUEST -#define TPM_IS_LOCKED TCG_TPM_IS_LOCKED -#define TPM_INVALID_DEVICE_ID TCG_INVALID_DEVICE_ID -#define TPM_INVALID_VENDOR_ID TCG_INVALID_VENDOR_ID -//define TPM_RESERVED_REG_INVALID -#define TPM_FIRMWARE_ERROR TCG_FIRMWARE_ERROR -#define TPM_UNABLE_TO_OPEN TCG_UNABLE_TO_OPEN -#define TPM_UNABLE_TO_CLOSE TCG_UNABLE_TO_CLOSE -#define TPM_INVALID_RESPONSE TCG_INVALID_RESPONSE -#define TPM_RESPONSE_TIMEOUT TCG_RESPONSE_TIMEOUT -#define TPM_INVALID_ACCESS_REQUEST TCG_INVALID_ACCESS_REQUEST -#define TPM_TRANSFER_ABORT TCG_TRANSFER_ABORT -#define TPM_GENERAL_ERROR TCG_GENERAL_ERROR - - #define TPM_ORD_SelfTestFull 0x00000050 #define TPM_ORD_ForceClear 0x0000005d #define TPM_ORD_GetCapability 0x00000065 @@ -240,8 +223,6 @@ struct pcpes u32 event; } PACKED;
- -/* 10.4.2.1 */ struct pcctes { u32 eventid; @@ -249,7 +230,6 @@ struct pcctes u8 digest[SHA1_BUFSIZE]; } PACKED;
-/* 10.4.2.1 w/ 10.4.2.2.1 embedded */ struct pcctes_romex { u32 eventid;
Move the call to measure the option ROM 'tpm_option_rom' into init_optionrom.
Signed-off-by: Stefan Berger stefanb@linux.vnet.ibm.com --- src/optionroms.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/optionroms.c b/src/optionroms.c index 7906908..a24c539 100644 --- a/src/optionroms.c +++ b/src/optionroms.c @@ -81,7 +81,6 @@ is_valid_rom(struct rom_header *rom) if (EnforceChecksum) return 0; } - tpm_option_rom(rom, len); return 1; }
@@ -134,6 +133,8 @@ init_optionrom(struct rom_header *rom, u16 bdf, int isvga) if (newrom != rom) memmove(newrom, rom, rom->size * 512);
+ tpm_option_rom(newrom, rom->size * 512); + if (isvga || get_pnp_rom(newrom)) // Only init vga and PnP roms here. callrom(newrom, bdf);
-
Kevin O'Connor -
Stefan Berger