diff options
author | Chris Engel <cjengel@us.ibm.com> | 2015-11-19 11:37:23 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2016-03-27 23:15:23 -0400 |
commit | e3d766322fb0715c0def3ca6dd850deccbd9fbbc (patch) | |
tree | f7fe4125bb2e2a2e2b00b7d745b0c7968a14c47d /src/usr/secureboot/trusted/trustedTypes.H | |
parent | 6c5ba7c0b4d3d1694a2cdf2d6c5365027534ef5a (diff) | |
download | talos-hostboot-e3d766322fb0715c0def3ca6dd850deccbd9fbbc.tar.gz talos-hostboot-e3d766322fb0715c0def3ca6dd850deccbd9fbbc.zip |
Trustedboot support for PCR Read
cherry picked from commit 93cd77a2455e60f01b003f747368e69cfef1b844
RTC: 125287
ForwardPort: yes
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/701
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Change-Id: I37103173d417ce1f378ee3ce76646f1028339ee0
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/22496
Tested-by: Jenkins Server
Tested-by: FSP CI Jenkins
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot/trusted/trustedTypes.H')
-rw-r--r-- | src/usr/secureboot/trusted/trustedTypes.H | 75 |
1 files changed, 74 insertions, 1 deletions
diff --git a/src/usr/secureboot/trusted/trustedTypes.H b/src/usr/secureboot/trusted/trustedTypes.H index d3f98dec0..b74600652 100644 --- a/src/usr/secureboot/trusted/trustedTypes.H +++ b/src/usr/secureboot/trusted/trustedTypes.H @@ -78,7 +78,9 @@ namespace TRUSTEDBOOT MAX_TPM_LOG_MSG = 128, ///< Maximum log message size HASH_COUNT = 1, ///< Maximum # of digests - PCR_SELECT_MAX = ((PCR_MAX+7)/8), ///< PCR selection octet max + + PCR_SELECT_MAX = (IMPLEMENTATION_PCR+7)/8, ///< PCR selection octet max + }; typedef enum @@ -348,6 +350,77 @@ namespace TRUSTEDBOOT uint8_t* o_tpmBuf, size_t i_tpmBufSize, size_t* io_cmdSize); + struct _TPMS_PCR_SELECTION + { + uint16_t algorithmId; ///< ID of hashing algorithm + uint8_t sizeOfSelect; ///< Byte size of pcrSelect array + uint8_t pcrSelect[PCR_SELECT_MAX]; + } PACKED; + typedef struct _TPMS_PCR_SELECTION TPMS_PCR_SELECTION; + uint8_t* TPMS_PCR_SELECTION_marshal(TPMS_PCR_SELECTION* val, + uint8_t* o_tpmBuf, size_t i_tpmBufSize, + size_t* io_cmdSize); + uint8_t* TPMS_PCR_SELECTION_unmarshal(TPMS_PCR_SELECTION* val, + uint8_t* i_tpmBuf, + size_t* io_tpmBufSize); + + + struct _TPM2B_DIGEST + { + uint16_t size; + uint8_t buffer[sizeof(TPMU_HA)]; + } PACKED; + typedef struct _TPM2B_DIGEST TPM2B_DIGEST; + uint8_t* TPM2B_DIGEST_unmarshal(TPM2B_DIGEST* val, + uint8_t* i_tpmBuf, size_t* io_tpmBufSize); + + struct _TPML_DIGEST + { + uint32_t count; + TPM2B_DIGEST digests[HASH_COUNT]; + } PACKED; + typedef struct _TPML_DIGEST TPML_DIGEST; + uint8_t* TPML_DIGEST_unmarshal(TPML_DIGEST* val, + uint8_t* i_tpmBuf, size_t* io_tpmBufSize); + + struct _TPML_PCR_SELECTION + { + uint32_t count; + TPMS_PCR_SELECTION pcrSelections[HASH_COUNT]; + } PACKED; + typedef struct _TPML_PCR_SELECTION TPML_PCR_SELECTION; + uint8_t* TPML_PCR_SELECTION_marshal(TPML_PCR_SELECTION* val, + uint8_t* o_tpmBuf, size_t i_tpmBufSize, + size_t* io_cmdSize); + uint8_t* TPML_PCR_SELECTION_unmarshal(TPML_PCR_SELECTION* val, + uint8_t* i_tpmBuf, + size_t* io_tpmBufSize); + + /// Incoming PCR_Read structure + struct _TPM2_PcrReadIn + { + TPM2_BaseIn base; + TPML_PCR_SELECTION pcrSelectionIn; + } PACKED; + typedef struct _TPM2_PcrReadIn TPM2_PcrReadIn; + uint8_t* TPM2_PcrReadIn_marshal(TPM2_PcrReadIn* val, + uint8_t* o_tpmBuf, size_t i_tpmBufSize, + size_t* io_cmdSize); + + /// Outgoing Pcr_Read structure + struct _TPM2_PcrReadOut + { + TPM2_BaseOut base; + uint32_t pcrUpdateCounter; + TPML_PCR_SELECTION pcrSelectionOut; + TPML_DIGEST pcrValues; + } PACKED; + typedef struct _TPM2_PcrReadOut TPM2_PcrReadOut; + uint8_t* TPM2_PcrReadOut_unmarshal(TPM2_PcrReadOut* val, + uint8_t* i_tpmBuf, + size_t* io_tpmBufSize, + size_t i_outBufSize); + /// TPM Authorization structure /// This is not the full structure and only works for PW auth with NULL PW struct _TPMS_AUTH_COMMAND |