treewide: Adopt TCG standard naming
Adopt TCG standard naming and definitions for TPM Return codes. BUG=b:296439237 TEST=Build and boot to OS on skyrim BRANCH=None Change-Id: I60755723262ec205a4c134948b0250aac4974d35 Signed-off-by: Jon Murphy <jpmurphy@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/77665 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit is contained in:
parent
3e4f586ec0
commit
056952ef14
|
@ -63,8 +63,8 @@ void mainboard_after_memory_init(void)
|
|||
*
|
||||
* @param[in] activePcr bitmap of the support
|
||||
*
|
||||
* @retval TPM_SUCCESS Operation completed successfully.
|
||||
* @retval TPM_E_IOERROR Unexpected device behavior.
|
||||
* @retval TPM_SUCCESS Operation completed successfully.
|
||||
* @retval TPM_IOERROR Unexpected device behavior.
|
||||
*/
|
||||
|
||||
static const uint8_t crtm_version[] =
|
||||
|
@ -73,7 +73,7 @@ static const uint8_t crtm_version[] =
|
|||
|
||||
int mb_crtm(void)
|
||||
{
|
||||
int rc = TPM_E_IOERROR;
|
||||
int rc = TPM_IOERROR;
|
||||
TCG_PCR_EVENT2_HDR tcgEventHdr;
|
||||
|
||||
/* Use FirmwareVersion string to represent CRTM version. */
|
||||
|
|
|
@ -45,7 +45,7 @@ static uint32_t tpm1_invoke_state_machine(void)
|
|||
}
|
||||
|
||||
deactivated = !deactivated;
|
||||
rc = TPM_E_MUST_REBOOT;
|
||||
rc = TPM_CB_MUST_REBOOT;
|
||||
}
|
||||
|
||||
return rc;
|
||||
|
@ -61,7 +61,7 @@ static uint32_t tpm_setup_s3_helper(void)
|
|||
case TPM_SUCCESS:
|
||||
break;
|
||||
|
||||
case TPM_E_INVALID_POSTINIT:
|
||||
case TPM_INVALID_POSTINIT:
|
||||
/*
|
||||
* We're on a platform where the TPM maintains power
|
||||
* in S3, so it's already initialized.
|
||||
|
@ -151,7 +151,7 @@ uint32_t tpm_setup(int s3flag)
|
|||
|
||||
rc = tlcl_startup();
|
||||
if (CONFIG(TPM_STARTUP_IGNORE_POSTINIT)
|
||||
&& rc == TPM_E_INVALID_POSTINIT) {
|
||||
&& rc == TPM_INVALID_POSTINIT) {
|
||||
printk(BIOS_DEBUG, "TPM: ignoring invalid POSTINIT\n");
|
||||
rc = TPM_SUCCESS;
|
||||
}
|
||||
|
@ -224,7 +224,7 @@ uint32_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo,
|
|||
uint32_t rc;
|
||||
|
||||
if (!digest)
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
|
||||
if (tspi_tpm_is_setup()) {
|
||||
rc = tlcl_lib_init();
|
||||
|
@ -262,14 +262,14 @@ uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr,
|
|||
struct vb2_digest_context ctx;
|
||||
|
||||
if (!rdev || !rname)
|
||||
return TPM_E_INVALID_ARG;
|
||||
return TPM_CB_INVALID_ARG;
|
||||
|
||||
digest_len = vb2_digest_size(TPM_MEASURE_ALGO);
|
||||
assert(digest_len <= sizeof(digest));
|
||||
if (vb2_digest_init(&ctx, vboot_hwcrypto_allowed(), TPM_MEASURE_ALGO,
|
||||
region_device_sz(rdev))) {
|
||||
printk(BIOS_ERR, "TPM: Error initializing hash.\n");
|
||||
return TPM_E_HASH_ERROR;
|
||||
return TPM_CB_HASH_ERROR;
|
||||
}
|
||||
/*
|
||||
* Though one can mmap the full needed region on x86 this is not the
|
||||
|
@ -281,16 +281,16 @@ uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr,
|
|||
if (rdev_readat(rdev, buf, offset, len) < 0) {
|
||||
printk(BIOS_ERR, "TPM: Not able to read region %s.\n",
|
||||
rname);
|
||||
return TPM_E_READ_FAILURE;
|
||||
return TPM_CB_READ_FAILURE;
|
||||
}
|
||||
if (vb2_digest_extend(&ctx, buf, len)) {
|
||||
printk(BIOS_ERR, "TPM: Error extending hash.\n");
|
||||
return TPM_E_HASH_ERROR;
|
||||
return TPM_CB_HASH_ERROR;
|
||||
}
|
||||
}
|
||||
if (vb2_digest_finalize(&ctx, digest, digest_len)) {
|
||||
printk(BIOS_ERR, "TPM: Error finalizing hash.\n");
|
||||
return TPM_E_HASH_ERROR;
|
||||
return TPM_CB_HASH_ERROR;
|
||||
}
|
||||
return tpm_extend_pcr(pcr, TPM_MEASURE_ALGO, digest, digest_len, rname);
|
||||
}
|
||||
|
|
|
@ -108,7 +108,7 @@ uint32_t tlcl_send_receive(const uint8_t *request, uint8_t *response,
|
|||
max_length);
|
||||
/* If the command fails because the self test has not completed, try it
|
||||
* again after attempting to ensure that the self test has completed. */
|
||||
if (rc == TPM_E_NEEDS_SELFTEST || rc == TPM_E_DOING_SELFTEST) {
|
||||
if (rc == TPM_NEEDS_SELFTEST || rc == TPM_DOING_SELFTEST) {
|
||||
rc = tlcl_continue_self_test();
|
||||
if (rc != TPM_SUCCESS)
|
||||
return rc;
|
||||
|
@ -125,7 +125,7 @@ uint32_t tlcl_send_receive(const uint8_t *request, uint8_t *response,
|
|||
do {
|
||||
rc = tlcl_send_receive_no_retry(request, response,
|
||||
max_length);
|
||||
} while (rc == TPM_E_DOING_SELFTEST);
|
||||
} while (rc == TPM_DOING_SELFTEST);
|
||||
#endif
|
||||
}
|
||||
return rc;
|
||||
|
@ -238,7 +238,7 @@ uint32_t tlcl_read(uint32_t index, void *data, uint32_t length)
|
|||
uint8_t *nv_read_cursor = response + kTpmResponseHeaderLength;
|
||||
from_tpm_uint32(nv_read_cursor, &result_length);
|
||||
if (result_length > length)
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
nv_read_cursor += sizeof(uint32_t);
|
||||
memcpy(data, nv_read_cursor, result_length);
|
||||
}
|
||||
|
@ -301,7 +301,7 @@ uint32_t tlcl_get_permanent_flags(TPM_PERMANENT_FLAGS *pflags)
|
|||
return rc;
|
||||
from_tpm_uint32(response + kTpmResponseHeaderLength, &size);
|
||||
if (size != sizeof(TPM_PERMANENT_FLAGS))
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
memcpy(pflags, response + kTpmResponseHeaderLength + sizeof(size),
|
||||
sizeof(TPM_PERMANENT_FLAGS));
|
||||
return rc;
|
||||
|
@ -338,7 +338,7 @@ uint32_t tlcl_extend(int pcr_num, const uint8_t *digest_data,
|
|||
uint8_t response[kTpmResponseHeaderLength + kPcrDigestLength];
|
||||
|
||||
if (digest_algo != VB2_HASH_SHA1)
|
||||
return TPM_E_INVALID_ARG;
|
||||
return TPM_CB_INVALID_ARG;
|
||||
|
||||
memcpy(&cmd, &tpm_extend_cmd, sizeof(cmd));
|
||||
to_tpm_uint32(cmd.buffer + tpm_extend_cmd.pcrNum, pcr_num);
|
||||
|
|
|
@ -57,7 +57,7 @@ static uint32_t tlcl_send_startup(TPM_SU type)
|
|||
/* IO error, tpm2_response pointer is empty. */
|
||||
if (!response) {
|
||||
printk(BIOS_ERR, "%s: TPM communication error\n", __func__);
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
}
|
||||
|
||||
printk(BIOS_INFO, "%s: Startup return code is %x\n",
|
||||
|
@ -66,13 +66,13 @@ static uint32_t tlcl_send_startup(TPM_SU type)
|
|||
switch (response->hdr.tpm_code) {
|
||||
case TPM_RC_INITIALIZE:
|
||||
/* TPM already initialized. */
|
||||
return TPM_E_INVALID_POSTINIT;
|
||||
return TPM_INVALID_POSTINIT;
|
||||
case TPM2_RC_SUCCESS:
|
||||
return TPM_SUCCESS;
|
||||
}
|
||||
|
||||
/* Collapse any other errors into TPM_E_IOERROR. */
|
||||
return TPM_E_IOERROR;
|
||||
/* Collapse any other errors into TPM_IOERROR. */
|
||||
return TPM_IOERROR;
|
||||
}
|
||||
|
||||
uint32_t tlcl_resume(void)
|
||||
|
@ -91,7 +91,7 @@ static uint32_t tlcl_send_shutdown(TPM_SU type)
|
|||
/* IO error, tpm2_response pointer is empty. */
|
||||
if (!response) {
|
||||
printk(BIOS_ERR, "%s: TPM communication error\n", __func__);
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
}
|
||||
|
||||
printk(BIOS_INFO, "%s: Shutdown return code is %x\n",
|
||||
|
@ -100,8 +100,8 @@ static uint32_t tlcl_send_shutdown(TPM_SU type)
|
|||
if (response->hdr.tpm_code == TPM2_RC_SUCCESS)
|
||||
return TPM_SUCCESS;
|
||||
|
||||
/* Collapse any other errors into TPM_E_IOERROR. */
|
||||
return TPM_E_IOERROR;
|
||||
/* Collapse any other errors into TPM_IOERROR. */
|
||||
return TPM_IOERROR;
|
||||
}
|
||||
|
||||
uint32_t tlcl_save_state(void)
|
||||
|
@ -144,7 +144,7 @@ uint32_t tlcl_extend(int pcr_num, const uint8_t *digest_data,
|
|||
|
||||
alg = tpmalg_from_vb2_hash(digest_type);
|
||||
if (alg == TPM_ALG_ERROR)
|
||||
return TPM_E_HASH_ERROR;
|
||||
return TPM_CB_HASH_ERROR;
|
||||
|
||||
pcr_ext_cmd.pcrHandle = HR_PCR + pcr_num;
|
||||
pcr_ext_cmd.digests.count = 1;
|
||||
|
@ -158,7 +158,7 @@ uint32_t tlcl_extend(int pcr_num, const uint8_t *digest_data,
|
|||
printk(BIOS_INFO, "%s: response is %x\n",
|
||||
__func__, response ? response->hdr.tpm_code : -1);
|
||||
if (!response || response->hdr.tpm_code)
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
|
||||
return TPM_SUCCESS;
|
||||
}
|
||||
|
@ -179,7 +179,7 @@ uint32_t tlcl_force_clear(void)
|
|||
__func__, response ? response->hdr.tpm_code : -1);
|
||||
|
||||
if (!response || response->hdr.tpm_code)
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
|
||||
return TPM_SUCCESS;
|
||||
}
|
||||
|
@ -196,7 +196,7 @@ uint32_t tlcl_clear_control(bool disable)
|
|||
__func__, response ? response->hdr.tpm_code : -1);
|
||||
|
||||
if (!response || response->hdr.tpm_code)
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
|
||||
return TPM_SUCCESS;
|
||||
}
|
||||
|
@ -244,7 +244,7 @@ uint32_t tlcl_read(uint32_t index, void *data, uint32_t length)
|
|||
|
||||
/* Need to map tpm error codes into internal values. */
|
||||
if (!response)
|
||||
return TPM_E_READ_FAILURE;
|
||||
return TPM_CB_READ_FAILURE;
|
||||
|
||||
printk(BIOS_INFO, "%s:%d index %#x return code %x\n",
|
||||
__FILE__, __LINE__, index, response->hdr.tpm_code);
|
||||
|
@ -259,20 +259,20 @@ uint32_t tlcl_read(uint32_t index, void *data, uint32_t length)
|
|||
* hasn't been defined.
|
||||
*/
|
||||
case TPM_RC_CR50_NV_UNDEFINED:
|
||||
return TPM_E_BADINDEX;
|
||||
return TPM_BADINDEX;
|
||||
|
||||
case TPM_RC_NV_RANGE:
|
||||
return TPM_E_RANGE;
|
||||
return TPM_CB_RANGE;
|
||||
|
||||
default:
|
||||
return TPM_E_READ_FAILURE;
|
||||
return TPM_CB_READ_FAILURE;
|
||||
}
|
||||
|
||||
if (length > response->nvr.buffer.t.size)
|
||||
return TPM_E_RESPONSE_TOO_LARGE;
|
||||
return TPM_CB_RESPONSE_TOO_LARGE;
|
||||
|
||||
if (length < response->nvr.buffer.t.size)
|
||||
return TPM_E_READ_EMPTY;
|
||||
return TPM_CB_READ_EMPTY;
|
||||
|
||||
memcpy(data, response->nvr.buffer.t.buffer, length);
|
||||
|
||||
|
@ -306,7 +306,7 @@ uint32_t tlcl_lock_nv_write(uint32_t index)
|
|||
__func__, response ? response->hdr.tpm_code : -1);
|
||||
|
||||
if (!response || response->hdr.tpm_code)
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
|
||||
return TPM_SUCCESS;
|
||||
}
|
||||
|
@ -334,7 +334,7 @@ uint32_t tlcl_write(uint32_t index, const void *data, uint32_t length)
|
|||
|
||||
/* Need to map tpm error codes into internal values. */
|
||||
if (!response || response->hdr.tpm_code)
|
||||
return TPM_E_WRITE_FAILURE;
|
||||
return TPM_CB_WRITE_FAILURE;
|
||||
|
||||
return TPM_SUCCESS;
|
||||
}
|
||||
|
@ -357,7 +357,7 @@ uint32_t tlcl_set_bits(uint32_t index, uint64_t bits)
|
|||
|
||||
/* Need to map tpm error codes into internal values. */
|
||||
if (!response || response->hdr.tpm_code)
|
||||
return TPM_E_WRITE_FAILURE;
|
||||
return TPM_CB_WRITE_FAILURE;
|
||||
|
||||
return TPM_SUCCESS;
|
||||
}
|
||||
|
@ -392,16 +392,16 @@ uint32_t tlcl_define_space(uint32_t space_index, size_t space_size,
|
|||
response ? response->hdr.tpm_code : -1);
|
||||
|
||||
if (!response)
|
||||
return TPM_E_NO_DEVICE;
|
||||
return TPM_CB_NO_DEVICE;
|
||||
|
||||
/* Map TPM2 return codes into common vboot representation. */
|
||||
switch (response->hdr.tpm_code) {
|
||||
case TPM2_RC_SUCCESS:
|
||||
return TPM_SUCCESS;
|
||||
case TPM2_RC_NV_DEFINED:
|
||||
return TPM_E_NV_DEFINED;
|
||||
return TPM_CB_NV_DEFINED;
|
||||
default:
|
||||
return TPM_E_INTERNAL_INCONSISTENCY;
|
||||
return TPM_CB_INTERNAL_INCONSISTENCY;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -448,7 +448,7 @@ uint32_t tlcl_disable_platform_hierarchy(void)
|
|||
response = tpm_process_command(TPM2_Hierarchy_Control, &hc);
|
||||
|
||||
if (!response || response->hdr.tpm_code)
|
||||
return TPM_E_INTERNAL_INCONSISTENCY;
|
||||
return TPM_CB_INTERNAL_INCONSISTENCY;
|
||||
|
||||
return TPM_SUCCESS;
|
||||
}
|
||||
|
@ -467,14 +467,14 @@ uint32_t tlcl_get_capability(TPM_CAP capability, uint32_t property,
|
|||
if (property_count > 1) {
|
||||
printk(BIOS_ERR, "%s: property_count more than one not "
|
||||
"supported yet\n", __func__);
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
}
|
||||
|
||||
response = tpm_process_command(TPM2_GetCapability, &cmd);
|
||||
|
||||
if (!response) {
|
||||
printk(BIOS_ERR, "%s: Command Failed\n", __func__);
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
}
|
||||
|
||||
memcpy(capability_data, &response->gc.cd, sizeof(TPMS_CAPABILITY_DATA));
|
||||
|
|
|
@ -24,7 +24,7 @@ uint32_t tlcl_cr50_enable_nvcommits(void)
|
|||
response->hdr.tpm_code);
|
||||
else
|
||||
printk(BIOS_INFO, "%s: failed\n", __func__);
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
}
|
||||
return TPM_SUCCESS;
|
||||
}
|
||||
|
@ -42,7 +42,7 @@ uint32_t tlcl_cr50_enable_update(uint16_t timeout_ms,
|
|||
response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND, command_body);
|
||||
|
||||
if (!response || response->hdr.tpm_code)
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
|
||||
*num_restored_headers = response->vcr.num_restored_headers;
|
||||
return TPM_SUCCESS;
|
||||
|
@ -58,7 +58,7 @@ uint32_t tlcl_cr50_get_recovery_button(uint8_t *recovery_button_state)
|
|||
response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND, &sub_command);
|
||||
|
||||
if (!response || response->hdr.tpm_code)
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
|
||||
*recovery_button_state = response->vcr.recovery_button_state;
|
||||
return TPM_SUCCESS;
|
||||
|
@ -75,7 +75,7 @@ uint32_t tlcl_cr50_get_tpm_mode(uint8_t *tpm_mode)
|
|||
response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND, &mode_command);
|
||||
|
||||
if (!response)
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
|
||||
if (response->hdr.tpm_code == VENDOR_RC_INTERNAL_ERROR) {
|
||||
/*
|
||||
|
@ -83,7 +83,7 @@ uint32_t tlcl_cr50_get_tpm_mode(uint8_t *tpm_mode)
|
|||
* is disabled. The Cr50 requires a reboot to re-enable the key
|
||||
* ladder.
|
||||
*/
|
||||
return TPM_E_MUST_REBOOT;
|
||||
return TPM_CB_MUST_REBOOT;
|
||||
}
|
||||
|
||||
if (response->hdr.tpm_code == VENDOR_RC_NO_SUCH_COMMAND ||
|
||||
|
@ -91,12 +91,12 @@ uint32_t tlcl_cr50_get_tpm_mode(uint8_t *tpm_mode)
|
|||
/*
|
||||
* Explicitly inform caller when command is not supported
|
||||
*/
|
||||
return TPM_E_NO_SUCH_COMMAND;
|
||||
return TPM_CB_NO_SUCH_COMMAND;
|
||||
}
|
||||
|
||||
if (response->hdr.tpm_code) {
|
||||
/* Unexpected return code from Cr50 */
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
}
|
||||
|
||||
/* TPM command completed without error */
|
||||
|
@ -115,16 +115,16 @@ uint32_t tlcl_cr50_get_boot_mode(uint8_t *boot_mode)
|
|||
response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND, &mode_command);
|
||||
|
||||
if (!response)
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
|
||||
if (response->hdr.tpm_code == VENDOR_RC_NO_SUCH_COMMAND ||
|
||||
response->hdr.tpm_code == VENDOR_RC_NO_SUCH_SUBCOMMAND)
|
||||
/* Explicitly inform caller when command is not supported */
|
||||
return TPM_E_NO_SUCH_COMMAND;
|
||||
return TPM_CB_NO_SUCH_COMMAND;
|
||||
|
||||
if (response->hdr.tpm_code)
|
||||
/* Unexpected return code from Cr50 */
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
|
||||
*boot_mode = response->vcr.boot_mode;
|
||||
|
||||
|
@ -145,7 +145,7 @@ uint32_t tlcl_cr50_immediate_reset(uint16_t timeout_ms)
|
|||
&reset_command_body);
|
||||
|
||||
if (!response)
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
|
||||
return TPM_SUCCESS;
|
||||
}
|
||||
|
@ -160,16 +160,16 @@ uint32_t tlcl_cr50_reset_ec(void)
|
|||
response = tpm_process_command(TPM2_CR50_VENDOR_COMMAND, &reset_cmd);
|
||||
|
||||
if (!response)
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
|
||||
if (response->hdr.tpm_code == VENDOR_RC_NO_SUCH_COMMAND ||
|
||||
response->hdr.tpm_code == VENDOR_RC_NO_SUCH_SUBCOMMAND)
|
||||
/* Explicitly inform caller when command is not supported */
|
||||
return TPM_E_NO_SUCH_COMMAND;
|
||||
return TPM_CB_NO_SUCH_COMMAND;
|
||||
|
||||
if (response->hdr.tpm_code)
|
||||
/* Unexpected return code from Cr50 */
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
|
||||
printk(BIOS_DEBUG, "EC reset coming up...\n");
|
||||
halt();
|
||||
|
|
|
@ -72,9 +72,9 @@ uint32_t tlcl_cr50_get_recovery_button(uint8_t *recovery_button_state);
|
|||
*
|
||||
* Returns TPM_SUCCESS if TPM mode command completed, the Cr50 does not need a
|
||||
* reboot, and the tpm_mode parameter is set to the current TPM mode.
|
||||
* Returns TPM_E_MUST_REBOOT if TPM mode command completed, but the Cr50
|
||||
* Returns TPM_CB_MUST_REBOOT if TPM mode command completed, but the Cr50
|
||||
* requires a reboot.
|
||||
* Returns TPM_E_NO_SUCH_COMMAND if the Cr50 does not support the command.
|
||||
* Returns TPM_CB_NO_SUCH_COMMAND if the Cr50 does not support the command.
|
||||
* Other returns value indicate a failure accessing the TPM.
|
||||
*/
|
||||
uint32_t tlcl_cr50_get_tpm_mode(uint8_t *tpm_mode);
|
||||
|
@ -83,7 +83,7 @@ uint32_t tlcl_cr50_get_tpm_mode(uint8_t *tpm_mode);
|
|||
* CR50 specific TPM command sequence to query the current boot mode.
|
||||
*
|
||||
* Returns TPM_SUCCESS if boot mode is successfully retrieved.
|
||||
* Returns TPM_E_* for errors.
|
||||
* Returns TPM_* for errors.
|
||||
*/
|
||||
uint32_t tlcl_cr50_get_boot_mode(uint8_t *boot_mode);
|
||||
|
||||
|
@ -99,7 +99,7 @@ uint32_t tlcl_cr50_immediate_reset(uint16_t timeout_ms);
|
|||
/**
|
||||
* CR50 specific TPM command sequence to issue an EC reset.
|
||||
*
|
||||
* Returns TPM_E_* for errors.
|
||||
* Returns TPM_* for errors.
|
||||
* On Success, this function invokes halt() and does not return.
|
||||
*/
|
||||
uint32_t tlcl_cr50_reset_ec(void);
|
||||
|
|
|
@ -12,36 +12,49 @@
|
|||
|
||||
#include <stdint.h>
|
||||
|
||||
#define TPM_E_BASE 0x0
|
||||
#define TPM_E_NON_FATAL 0x800
|
||||
typedef uint32_t tpm_result_t;
|
||||
#define TPM_Vendor_Specific32 0x400
|
||||
|
||||
#define TPM_SUCCESS ((uint32_t)0x00000000)
|
||||
#define TPM_E_AREA_LOCKED ((uint32_t)0x0000003c)
|
||||
#define TPM_E_BADINDEX ((uint32_t)0x00000002)
|
||||
#define TPM_E_BAD_PRESENCE ((uint32_t)0x0000002d)
|
||||
#define TPM_E_IOERROR ((uint32_t)0x0000001f)
|
||||
#define TPM_E_INVALID_POSTINIT ((uint32_t)0x00000026)
|
||||
#define TPM_E_MAXNVWRITES ((uint32_t)0x00000048)
|
||||
#define TPM_E_OWNER_SET ((uint32_t)0x00000014)
|
||||
#define TPM_BASE 0x0
|
||||
|
||||
#define TPM_E_NEEDS_SELFTEST ((uint32_t)(TPM_E_NON_FATAL + 1))
|
||||
#define TPM_E_DOING_SELFTEST ((uint32_t)(TPM_E_NON_FATAL + 2))
|
||||
#define TPM_NON_FATAL 0x800
|
||||
#define TPM_CB_ERROR TPM_Vendor_Specific32
|
||||
|
||||
#define TPM_E_ALREADY_INITIALIZED ((uint32_t)0x00005000) /* vboot local */
|
||||
#define TPM_E_INTERNAL_INCONSISTENCY ((uint32_t)0x00005001) /* vboot local */
|
||||
#define TPM_E_MUST_REBOOT ((uint32_t)0x00005002) /* vboot local */
|
||||
#define TPM_E_CORRUPTED_STATE ((uint32_t)0x00005003) /* vboot local */
|
||||
#define TPM_E_COMMUNICATION_ERROR ((uint32_t)0x00005004) /* vboot local */
|
||||
#define TPM_E_RESPONSE_TOO_LARGE ((uint32_t)0x00005005) /* vboot local */
|
||||
#define TPM_E_NO_DEVICE ((uint32_t)0x00005006) /* vboot local */
|
||||
#define TPM_E_INPUT_TOO_SMALL ((uint32_t)0x00005007) /* vboot local */
|
||||
#define TPM_E_WRITE_FAILURE ((uint32_t)0x00005008) /* vboot local */
|
||||
#define TPM_E_READ_EMPTY ((uint32_t)0x00005009) /* vboot local */
|
||||
#define TPM_E_READ_FAILURE ((uint32_t)0x0000500a) /* vboot local */
|
||||
#define TPM_E_NV_DEFINED ((uint32_t)0x0000500b) /* vboot local */
|
||||
#define TPM_E_INVALID_ARG ((uint32_t)0x0000500c)
|
||||
#define TPM_E_HASH_ERROR ((uint32_t)0x0000500d)
|
||||
#define TPM_E_NO_SUCH_COMMAND ((uint32_t)0x0000500e)
|
||||
#define TPM_E_RANGE ((uint32_t)0x0000500f)
|
||||
#define TPM_SUCCESS ((tpm_result_t) (TPM_BASE + 0x00))
|
||||
#define TPM_BADINDEX ((tpm_result_t) (TPM_BASE + 0x02))
|
||||
#define TPM_OWNER_SET ((tpm_result_t) (TPM_BASE + 0x14))
|
||||
#define TPM_IOERROR ((tpm_result_t) (TPM_BASE + 0x1F))
|
||||
#define TPM_INVALID_POSTINIT ((tpm_result_t) (TPM_BASE + 0x26))
|
||||
#define TPM_BAD_PRESENCE ((tpm_result_t) (TPM_BASE + 0x2D))
|
||||
#define TPM_AREA_LOCKED ((tpm_result_t) (TPM_BASE + 0x3C))
|
||||
#define TPM_MAXNVWRITES ((tpm_result_t) (TPM_BASE + 0x48))
|
||||
|
||||
#define TPM_NEEDS_SELFTEST ((tpm_result_t) (TPM_NON_FATAL + 0x01))
|
||||
#define TPM_DOING_SELFTEST ((tpm_result_t) (TPM_NON_FATAL + 0x02))
|
||||
|
||||
/* The following values are defind at the offset 0x480 which is a combination
|
||||
* of the 32-bit vendor specific value from the TCG standard(0x400) and an
|
||||
* offset of 0x80 to assist in identifying these return values when the 8-bit
|
||||
* truncated value is used.
|
||||
*
|
||||
* Valid offset range is 128-255(0x80-0xFF)
|
||||
*/
|
||||
|
||||
#define TPM_CB_ALREADY_INITIALIZED ((tpm_result_t) (TPM_CB_ERROR + 0x80))
|
||||
#define TPM_CB_INTERNAL_INCONSISTENCY ((tpm_result_t) (TPM_CB_ERROR + 0x81))
|
||||
#define TPM_CB_MUST_REBOOT ((tpm_result_t) (TPM_CB_ERROR + 0x82))
|
||||
#define TPM_CB_CORRUPTED_STATE ((tpm_result_t) (TPM_CB_ERROR + 0x83))
|
||||
#define TPM_CB_COMMUNICATION_ERROR ((tpm_result_t) (TPM_CB_ERROR + 0x84))
|
||||
#define TPM_CB_RESPONSE_TOO_LARGE ((tpm_result_t) (TPM_CB_ERROR + 0x85))
|
||||
#define TPM_CB_NO_DEVICE ((tpm_result_t) (TPM_CB_ERROR + 0x86))
|
||||
#define TPM_CB_INPUT_TOO_SMALL ((tpm_result_t) (TPM_CB_ERROR + 0x87))
|
||||
#define TPM_CB_WRITE_FAILURE ((tpm_result_t) (TPM_CB_ERROR + 0x88))
|
||||
#define TPM_CB_READ_EMPTY ((tpm_result_t) (TPM_CB_ERROR + 0x89))
|
||||
#define TPM_CB_READ_FAILURE ((tpm_result_t) (TPM_CB_ERROR + 0x8A))
|
||||
#define TPM_CB_NV_DEFINED ((tpm_result_t) (TPM_CB_ERROR + 0x8B))
|
||||
#define TPM_CB_INVALID_ARG ((tpm_result_t) (TPM_CB_ERROR + 0x8C))
|
||||
#define TPM_CB_HASH_ERROR ((tpm_result_t) (TPM_CB_ERROR + 0x8D))
|
||||
#define TPM_CB_NO_SUCH_COMMAND ((tpm_result_t) (TPM_CB_ERROR + 0x8E))
|
||||
#define TPM_CB_RANGE ((tpm_result_t) (TPM_CB_ERROR + 0x8F))
|
||||
|
||||
#endif /* TSS_ERRORS_H_ */
|
||||
|
|
|
@ -46,7 +46,7 @@ uint32_t antirollback_read_space_kernel(struct vb2_context *ctx)
|
|||
if (perms != TPM_NV_PER_PPWRITE) {
|
||||
printk(BIOS_ERR,
|
||||
"TPM: invalid secdata_kernel permissions\n");
|
||||
return TPM_E_CORRUPTED_STATE;
|
||||
return TPM_CB_CORRUPTED_STATE;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -55,7 +55,7 @@ uint32_t antirollback_read_space_kernel(struct vb2_context *ctx)
|
|||
|
||||
/* Start with the version 1.0 size used by all modern Cr50/Ti50 boards. */
|
||||
rc = tlcl_read(KERNEL_NV_INDEX, ctx->secdata_kernel, size);
|
||||
if (rc == TPM_E_RANGE) {
|
||||
if (rc == TPM_CB_RANGE) {
|
||||
/* Fallback to version 0.2(minimum) size and re-read. */
|
||||
VBDEBUG("Antirollback: NV read out of range, trying min size\n");
|
||||
size = VB2_SECDATA_KERNEL_MIN_SIZE;
|
||||
|
@ -210,11 +210,11 @@ static uint32_t define_space(const char *name, uint32_t index, uint32_t length,
|
|||
|
||||
rc = tlcl_define_space(index, length, nv_attributes, nv_policy,
|
||||
nv_policy_size);
|
||||
if (rc == TPM_E_NV_DEFINED) {
|
||||
if (rc == TPM_CB_NV_DEFINED) {
|
||||
/*
|
||||
* Continue with writing: it may be defined, but not written
|
||||
* to. In that case a subsequent tlcl_read() would still return
|
||||
* TPM_E_BADINDEX on TPM 2.0. The cases when some non-firmware
|
||||
* TPM_BADINDEX on TPM 2.0. The cases when some non-firmware
|
||||
* space is defined while the firmware space is not there
|
||||
* should be rare (interrupted initialization), so no big harm
|
||||
* in writing once again even if it was written already.
|
||||
|
@ -439,7 +439,7 @@ uint32_t antirollback_read_space_mrc_hash(uint32_t index, uint8_t *data, uint32_
|
|||
VBDEBUG("TPM: Incorrect buffer size for hash idx 0x%x. "
|
||||
"(Expected=0x%x Actual=0x%x).\n", index, HASH_NV_SIZE,
|
||||
size);
|
||||
return TPM_E_READ_FAILURE;
|
||||
return TPM_CB_READ_FAILURE;
|
||||
}
|
||||
return read_space_mrc_hash(index, data);
|
||||
}
|
||||
|
@ -453,11 +453,11 @@ uint32_t antirollback_write_space_mrc_hash(uint32_t index, const uint8_t *data,
|
|||
VBDEBUG("TPM: Incorrect buffer size for hash idx 0x%x. "
|
||||
"(Expected=0x%x Actual=0x%x).\n", index, HASH_NV_SIZE,
|
||||
size);
|
||||
return TPM_E_WRITE_FAILURE;
|
||||
return TPM_CB_WRITE_FAILURE;
|
||||
}
|
||||
|
||||
rc = read_space_mrc_hash(index, spc_data);
|
||||
if (rc == TPM_E_BADINDEX) {
|
||||
if (rc == TPM_BADINDEX) {
|
||||
/*
|
||||
* If space is not defined already for hash, define
|
||||
* new space.
|
||||
|
@ -489,7 +489,7 @@ uint32_t antirollback_read_space_vbios_hash(uint8_t *data, uint32_t size)
|
|||
VBDEBUG("TPM: Incorrect buffer size for hash idx 0x%x. "
|
||||
"(Expected=0x%x Actual=0x%x).\n", VBIOS_CACHE_NV_INDEX, HASH_NV_SIZE,
|
||||
size);
|
||||
return TPM_E_READ_FAILURE;
|
||||
return TPM_CB_READ_FAILURE;
|
||||
}
|
||||
return read_space_vbios_hash(data);
|
||||
}
|
||||
|
@ -503,11 +503,11 @@ uint32_t antirollback_write_space_vbios_hash(const uint8_t *data, uint32_t size)
|
|||
VBDEBUG("TPM: Incorrect buffer size for hash idx 0x%x. "
|
||||
"(Expected=0x%x Actual=0x%x).\n", VBIOS_CACHE_NV_INDEX, HASH_NV_SIZE,
|
||||
size);
|
||||
return TPM_E_WRITE_FAILURE;
|
||||
return TPM_CB_WRITE_FAILURE;
|
||||
}
|
||||
|
||||
rc = read_space_vbios_hash(spc_data);
|
||||
if (rc == TPM_E_BADINDEX) {
|
||||
if (rc == TPM_BADINDEX) {
|
||||
/*
|
||||
* If space is not defined already for hash, define
|
||||
* new space.
|
||||
|
@ -535,7 +535,7 @@ uint32_t antirollback_write_space_vbios_hash(const uint8_t *data, uint32_t size)
|
|||
static uint32_t safe_write(uint32_t index, const void *data, uint32_t length)
|
||||
{
|
||||
uint32_t rc = tlcl_write(index, data, length);
|
||||
if (rc == TPM_E_MAXNVWRITES) {
|
||||
if (rc == TPM_MAXNVWRITES) {
|
||||
RETURN_ON_FAILURE(tpm_clear_and_reenable());
|
||||
return tlcl_write(index, data, length);
|
||||
} else {
|
||||
|
@ -552,7 +552,7 @@ static uint32_t safe_write(uint32_t index, const void *data, uint32_t length)
|
|||
static uint32_t safe_define_space(uint32_t index, uint32_t perm, uint32_t size)
|
||||
{
|
||||
uint32_t rc = tlcl_define_space(index, perm, size);
|
||||
if (rc == TPM_E_MAXNVWRITES) {
|
||||
if (rc == TPM_MAXNVWRITES) {
|
||||
RETURN_ON_FAILURE(tpm_clear_and_reenable());
|
||||
return tlcl_define_space(index, perm, size);
|
||||
} else {
|
||||
|
@ -669,13 +669,13 @@ uint32_t antirollback_read_space_firmware(struct vb2_context *ctx)
|
|||
uint32_t rc;
|
||||
|
||||
rc = tlcl_read(FIRMWARE_NV_INDEX, ctx->secdata_firmware, VB2_SECDATA_FIRMWARE_SIZE);
|
||||
if (rc == TPM_E_BADINDEX) {
|
||||
if (rc == TPM_BADINDEX) {
|
||||
/* This seems the first time we've run. Initialize the TPM. */
|
||||
VBDEBUG("TPM: Not initialized yet\n");
|
||||
RETURN_ON_FAILURE(factory_initialize_tpm(ctx));
|
||||
} else if (rc != TPM_SUCCESS) {
|
||||
printk(BIOS_ERR, "TPM: Failed to read firmware space: %#x\n", rc);
|
||||
return TPM_E_CORRUPTED_STATE;
|
||||
return TPM_CB_CORRUPTED_STATE;
|
||||
}
|
||||
|
||||
return TPM_SUCCESS;
|
||||
|
|
|
@ -14,7 +14,7 @@ uint32_t vboot_setup_tpm(struct vb2_context *ctx)
|
|||
uint32_t rc;
|
||||
|
||||
rc = tpm_setup(ctx->flags & VB2_CONTEXT_S3_RESUME);
|
||||
if (rc == TPM_E_MUST_REBOOT)
|
||||
if (rc == TPM_CB_MUST_REBOOT)
|
||||
ctx->flags |= VB2_CONTEXT_SECDATA_WANTS_REBOOT;
|
||||
|
||||
return rc;
|
||||
|
|
|
@ -214,7 +214,7 @@ static void check_boot_mode(struct vb2_context *ctx)
|
|||
|
||||
rc = tlcl_cr50_get_boot_mode(&boot_mode);
|
||||
switch (rc) {
|
||||
case TPM_E_NO_SUCH_COMMAND:
|
||||
case TPM_CB_NO_SUCH_COMMAND:
|
||||
printk(BIOS_WARNING, "GSC does not support GET_BOOT_MODE.\n");
|
||||
/* Proceed to legacy boot model. */
|
||||
return;
|
||||
|
|
|
@ -73,7 +73,7 @@ EFI_TCG2_EVENT_ALGORITHM_BITMAP tpm2_get_active_pcrs(void)
|
|||
* @param[out] Pcrs The Pcr Selection
|
||||
*
|
||||
* @retval TPM_SUCCESS Operation completed successfully.
|
||||
* @retval TPM_E_IOERROR The command was unsuccessful.
|
||||
* @retval TPM_IOERROR The command was unsuccessful.
|
||||
*/
|
||||
int tpm2_get_capability_pcrs(TPML_PCR_SELECTION *Pcrs)
|
||||
{
|
||||
|
@ -113,7 +113,7 @@ int tpm2_get_capability_pcrs(TPML_PCR_SELECTION *Pcrs)
|
|||
* @param[in] eventLog description of the event.
|
||||
*
|
||||
* @retval TPM_SUCCESS Operation completed successfully.
|
||||
* @retval TPM_E_IOERROR Unexpected device behavior.
|
||||
* @retval TPM_IOERROR Unexpected device behavior.
|
||||
*/
|
||||
int mboot_hash_extend_log(uint64_t flags, uint8_t *hashData, uint32_t hashDataLen,
|
||||
TCG_PCR_EVENT2_HDR *newEventHdr, uint8_t *eventLog)
|
||||
|
@ -130,7 +130,7 @@ int mboot_hash_extend_log(uint64_t flags, uint8_t *hashData, uint32_t hashDataLe
|
|||
} else {
|
||||
struct vb2_hash tmp;
|
||||
if (vb2_hash_calculate(false, hashData, hashDataLen, VB2_HASH_SHA256, &tmp))
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
memcpy(digest->digest.sha256, tmp.sha256, sizeof(tmp.sha256));
|
||||
}
|
||||
|
||||
|
@ -225,7 +225,7 @@ void mboot_print_buffer(uint8_t *buffer, uint32_t bufferSize)
|
|||
* @param[in] event_msg description of the event.
|
||||
*
|
||||
* @retval TPM_SUCCESS Operation completed successfully.
|
||||
* @retval TPM_E_IOERROR Unexpected device behavior.
|
||||
* @retval TPM_IOERROR Unexpected device behavior.
|
||||
*/
|
||||
int mb_measure_log_worker(const char *name, uint32_t type, uint32_t pcr,
|
||||
TCG_EVENTTYPE eventType, const char *event_msg)
|
||||
|
@ -268,7 +268,7 @@ int mb_measure_log_worker(const char *name, uint32_t type, uint32_t pcr,
|
|||
* @param[in] wake_from_s3 1 if we are waking from S3, 0 standard boot
|
||||
*
|
||||
* @retval TPM_SUCCESS Operation completed successfully.
|
||||
* @retval TPM_E_IOERROR Unexpected device behavior.
|
||||
* @retval TPM_IOERROR Unexpected device behavior.
|
||||
**/
|
||||
|
||||
__weak int mb_entry(int wake_from_s3)
|
||||
|
@ -279,7 +279,7 @@ __weak int mb_entry(int wake_from_s3)
|
|||
printk(BIOS_DEBUG, "%s: tlcl_lib_init\n", __func__);
|
||||
if (tlcl_lib_init() != VB2_SUCCESS) {
|
||||
printk(BIOS_ERR, "%s: TPM driver initialization failed.\n", __func__);
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
}
|
||||
|
||||
if (wake_from_s3) {
|
||||
|
@ -312,7 +312,7 @@ __weak int mb_entry(int wake_from_s3)
|
|||
* @param[in] wake_from_s3 1 if we are waking from S3, 0 standard boot
|
||||
*
|
||||
* @retval TPM_SUCCESS Operation completed successfully.
|
||||
* @retval TPM_E_IOERROR Unexpected device behavior.
|
||||
* @retval TPM_IOERROR Unexpected device behavior.
|
||||
*/
|
||||
|
||||
__weak int mb_measure(int wake_from_s3)
|
||||
|
@ -355,7 +355,7 @@ __weak int mb_measure(int wake_from_s3)
|
|||
* @param[in] none
|
||||
*
|
||||
* @retval TPM_SUCCESS Operation completed successfully.
|
||||
* @retval TPM_E_IOERROR Unexpected device behavior.
|
||||
* @retval TPM_IOERROR Unexpected device behavior.
|
||||
*/
|
||||
__weak int mb_measure_log_start(void)
|
||||
{
|
||||
|
@ -365,7 +365,7 @@ __weak int mb_measure_log_start(void)
|
|||
if ((tpm2_get_active_pcrs() & EFI_TCG2_BOOT_HASH_ALG_SHA256) == 0x0) {
|
||||
printk(BIOS_DEBUG, "%s: SHA256 PCR Bank not active in TPM.\n",
|
||||
__func__);
|
||||
return TPM_E_IOERROR;
|
||||
return TPM_IOERROR;
|
||||
}
|
||||
|
||||
rc = mb_crtm();
|
||||
|
@ -412,7 +412,7 @@ static const uint8_t crtm_version[] =
|
|||
* function with the same name there.
|
||||
*
|
||||
* @retval TPM_SUCCESS Operation completed successfully.
|
||||
* @retval TPM_E_IOERROR Unexpected device behavior.
|
||||
* @retval TPM_IOERROR Unexpected device behavior.
|
||||
**/
|
||||
__weak int mb_crtm(void)
|
||||
{
|
||||
|
@ -440,7 +440,7 @@ __weak int mb_crtm(void)
|
|||
rc = get_intel_me_hash(hash);
|
||||
if (rc) {
|
||||
printk(BIOS_DEBUG, "get_intel_me_hash returned 0x%x\n", rc);
|
||||
rc = TPM_E_IOERROR;
|
||||
rc = TPM_IOERROR;
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
|
|
@ -113,7 +113,7 @@ fail:
|
|||
* @param[in] eventType Event type to use when logging
|
||||
|
||||
* @retval TPM_SUCCESS Operation completed successfully.
|
||||
* @retval TPM_E_IOERROR Unexpected device behavior.
|
||||
* @retval TPM_IOERROR Unexpected device behavior.
|
||||
*/
|
||||
static int measure_item(uint32_t pcr, uint8_t *hashData, uint32_t hashDataLen,
|
||||
int8_t *event_msg, TCG_EVENTTYPE eventType)
|
||||
|
|
|
@ -30,14 +30,14 @@ static int cr50_is_reset_needed(void)
|
|||
|
||||
rc = tlcl_cr50_get_tpm_mode(&tpm_mode);
|
||||
|
||||
if (rc == TPM_E_NO_SUCH_COMMAND) {
|
||||
if (rc == TPM_CB_NO_SUCH_COMMAND) {
|
||||
printk(BIOS_INFO,
|
||||
"Cr50 does not support TPM mode command\n");
|
||||
/* Older Cr50 firmware, assume no Cr50 reset is required */
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (rc == TPM_E_MUST_REBOOT) {
|
||||
if (rc == TPM_CB_MUST_REBOOT) {
|
||||
/*
|
||||
* Cr50 indicated a reboot is required to restore TPM
|
||||
* functionality.
|
||||
|
|
Loading…
Reference in New Issue