[coreboot-gerrit] Change in ...coreboot[master]: tss: implement tlcl_save_state

Philipp Deppenwiese (Code Review) gerrit at coreboot.org
Wed Nov 28 19:33:05 CET 2018 

Philipp Deppenwiese has submitted this change and it was merged. ( https://review.coreboot.org/c/coreboot/+/29646 )

Change subject: tss: implement tlcl_save_state
......................................................................

tss: implement tlcl_save_state

When an untrusted OS is running, we would like to use the Cr50
vendor-specific VENDOR_CC_TPM_MODE command to disable TPM.
Before doing this, we should save TPM state.  Implement
tlcl_save_state for this purpose.

This needs to live in coreboot codebase since on S3 resume path,
depthcharge is not reached.

Implement the function in both tcg-1.2 and tcg-2.0 for
completeness.

BUG=b:70681930,b:118202153
TEST=hack a call to tlcl_save_state into coreboot on S3 resume
     verify in AP console that it is called

Signed-off-by: Joel Kitching <kitching at google.com>
Change-Id: I8b51ca68456fc9b655e4dc2d0958b7c040d50510
Reviewed-on: https://review.coreboot.org/c/29646
Tested-by: build bot (Jenkins) <no-reply at coreboot.org>
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki at gmail.com>
---
M src/security/tpm/tss.h
M src/security/tpm/tss/tcg-1.2/tss.c
M src/security/tpm/tss/tcg-2.0/tss.c
M src/security/tpm/tss/tcg-2.0/tss_marshaling.c
M src/security/tpm/tss/tcg-2.0/tss_structures.h
5 files changed, 57 insertions(+), 0 deletions(-)

Approvals:
  build bot (Jenkins): Verified
  Philipp Deppenwiese: Looks good to me, approved



diff --git a/src/security/tpm/tss.h b/src/security/tpm/tss.h
index c053df9..c4f2608 100644
--- a/src/security/tpm/tss.h
+++ b/src/security/tpm/tss.h
@@ -102,6 +102,13 @@
 uint32_t tlcl_resume(void);
 
 /**
+ * Save TPM state by sending either TPM_SaveState() (TPM1.2) or
+ * TPM_Shutdown(ST_STATE) (TPM2.0).  The TPM error code is returned (0 for
+ * success).
+ */
+uint32_t tlcl_save_state(void);
+
+/**
  * Run the self test.
  *
  * Note---this is synchronous.  To run this in parallel with other firmware,
diff --git a/src/security/tpm/tss/tcg-1.2/tss.c b/src/security/tpm/tss/tcg-1.2/tss.c
index 0cb7eaa..b11d6a3 100644
--- a/src/security/tpm/tss/tcg-1.2/tss.c
+++ b/src/security/tpm/tss/tcg-1.2/tss.c
@@ -178,6 +178,12 @@
 	return send(tpm_resume_cmd.buffer);
 }
 
+uint32_t tlcl_save_state(void)
+{
+	VBDEBUG("TPM: Save state\n");
+	return send(tpm_savestate_cmd.buffer);
+}
+
 uint32_t tlcl_self_test_full(void)
 {
 	VBDEBUG("TPM: Self test full\n");
diff --git a/src/security/tpm/tss/tcg-2.0/tss.c b/src/security/tpm/tss/tcg-2.0/tss.c
index c67fdfa..e579bff 100644
--- a/src/security/tpm/tss/tcg-2.0/tss.c
+++ b/src/security/tpm/tss/tcg-2.0/tss.c
@@ -87,6 +87,35 @@
 	return tlcl_send_startup(TPM_SU_STATE);
 }
 
+static uint32_t tlcl_send_shutdown(TPM_SU type)
+{
+	struct tpm2_shutdown shutdown;
+	struct tpm2_response *response;
+
+	shutdown.shutdown_type = type;
+	response = tpm_process_command(TPM2_Shutdown, &shutdown);
+
+	/* IO error, tpm2_response pointer is empty. */
+	if (response == NULL) {
+		printk(BIOS_ERR, "%s: TPM communication error\n", __func__);
+		return TPM_E_IOERROR;
+	}
+
+	printk(BIOS_INFO, "%s: Shutdown return code is %x\n",
+	       __func__, response->hdr.tpm_code);
+
+	if (response->hdr.tpm_code == TPM2_RC_SUCCESS)
+		return TPM_SUCCESS;
+
+	/* Collapse any other errors into TPM_E_IOERROR. */
+	return TPM_E_IOERROR;
+}
+
+uint32_t tlcl_save_state(void)
+{
+	return tlcl_send_shutdown(TPM_SU_STATE);
+}
+
 uint32_t tlcl_assert_physical_presence(void)
 {
 	/*
diff --git a/src/security/tpm/tss/tcg-2.0/tss_marshaling.c b/src/security/tpm/tss/tcg-2.0/tss_marshaling.c
index ad23d9b..49ac5e8 100644
--- a/src/security/tpm/tss/tcg-2.0/tss_marshaling.c
+++ b/src/security/tpm/tss/tcg-2.0/tss_marshaling.c
@@ -28,6 +28,11 @@
 	return obuf_write_be16(ob, cmd_body->startup_type);
 }
 
+static int marshal_shutdown(struct obuf *ob, struct tpm2_shutdown *cmd_body)
+{
+	return obuf_write_be16(ob, cmd_body->shutdown_type);
+}
+
 static int marshal_get_capability(struct obuf *ob,
 				   struct tpm2_get_capability *cmd_body)
 {
@@ -302,6 +307,10 @@
 		rc |= marshal_startup(ob, tpm_command_body);
 		break;
 
+	case TPM2_Shutdown:
+		rc |= marshal_shutdown(ob, tpm_command_body);
+		break;
+
 	case TPM2_GetCapability:
 		rc |= marshal_get_capability(ob, tpm_command_body);
 		break;
@@ -497,6 +506,7 @@
 
 	switch (command) {
 	case TPM2_Startup:
+	case TPM2_Shutdown:
 		break;
 
 	case TPM2_GetCapability:
diff --git a/src/security/tpm/tss/tcg-2.0/tss_structures.h b/src/security/tpm/tss/tcg-2.0/tss_structures.h
index e902f3c..2bac633 100644
--- a/src/security/tpm/tss/tcg-2.0/tss_structures.h
+++ b/src/security/tpm/tss/tcg-2.0/tss_structures.h
@@ -71,6 +71,7 @@
 #define TPM2_NV_WriteLock      ((TPM_CC)0x00000138)
 #define TPM2_SelfTest          ((TPM_CC)0x00000143)
 #define TPM2_Startup           ((TPM_CC)0x00000144)
+#define TPM2_Shutdown          ((TPM_CC)0x00000145)
 #define TPM2_NV_Read           ((TPM_CC)0x0000014E)
 #define TPM2_GetCapability     ((TPM_CC)0x0000017A)
 #define TPM2_PCR_Extend        ((TPM_CC)0x00000182)
@@ -138,6 +139,10 @@
 	TPM_SU  startup_type;
 };
 
+struct tpm2_shutdown {
+	TPM_SU  shutdown_type;
+};
+
 /* Various TPM capability types to use when querying the device. */
 typedef uint32_t TPM_CAP;
 #define TPM_CAP_TPM_PROPERTIES   ((TPM_CAP)0x00000006)

-- 
To view, visit https://review.coreboot.org/c/coreboot/+/29646
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I8b51ca68456fc9b655e4dc2d0958b7c040d50510
Gerrit-Change-Number: 29646
Gerrit-PatchSet: 6
Gerrit-Owner: Joel Kitching <kitching at google.com>
Gerrit-Reviewer: Aaron Durbin <adurbin at chromium.org>
Gerrit-Reviewer: Hung-Te Lin <hungte at chromium.org>
Gerrit-Reviewer: Joel Kitching <kitching at google.com>
Gerrit-Reviewer: Julius Werner <jwerner at chromium.org>
Gerrit-Reviewer: Paul Menzel <paulepanter at users.sourceforge.net>
Gerrit-Reviewer: Philipp Deppenwiese <zaolin.daisuki at gmail.com>
Gerrit-Reviewer: Stefan Reinauer <stefan.reinauer at coreboot.org>
Gerrit-Reviewer: Vadim Bendebury <vbendeb at google.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply at coreboot.org>
Gerrit-CC: Vadim Bendebury <vbendeb at chromium.org>
Gerrit-MessageType: merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.coreboot.org/pipermail/coreboot-gerrit/attachments/20181128/c0bddec7/attachment.html>

More information about the coreboot-gerrit mailing list