Trustedboot: Additional commands in trusted boot init sequence

- getCap FW Version - TPM Command marshal/unmarshal code Change-Id: Ia9a90b1160c9c3b5d818318771bff21eb013bdf4 RTC: 125287 Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/20056 Tested-by: Jenkins Server Tested-by: Jenkins OP Build CI Reviewed-by: STEPHEN M. CPREK <smcprek@us.ibm.com> Reviewed-by: Timothy R. Block <block@us.ibm.com> Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
author: Chris Engel <cjengel@us.ibm.com> 2015-08-03 16:01:14 -0500
committer: A. Patrick Williams III <iawillia@us.ibm.com> 2015-12-11 11:17:32 -0600
commit: e914974751a5125cff6fa7078399db6f3aac5641 (patch)
tree: 4f50b6677a2a0111f98884813ff7e028459bcca2 /src/usr/secureboot/trusted/trustedboot.H
parent: 0cbd52585b9013430efeaeed6b4c38f6122eea98 (diff)
download: talos-hostboot-e914974751a5125cff6fa7078399db6f3aac5641.tar.gz
talos-hostboot-e914974751a5125cff6fa7078399db6f3aac5641.zip
1 files changed, 64 insertions, 83 deletions
diff --git a/src/usr/secureboot/trusted/trustedboot.H b/src/usr/secureboot/trusted/trustedboot.H
index 3e3b43411..76630ba9a 100644
--- a/src/usr/secureboot/trusted/trustedboot.H
+++ b/src/usr/secureboot/trusted/trustedboot.H
@@ -34,110 +34,91 @@
 // Includes
 // -----------------------------------------------
 #include <secureboot/trustedbootif.H>
+#include <i2c/tpmddif.H>
+#include "trustedTypes.H"
 
 namespace TRUSTEDBOOT
 {
 
 enum
 {
-    MAX_SYSTEM_TPMS = 2,
     BUFSIZE         = 256,
-    TPM_MASTER_INDEX = 0,     ///< Index into tpmTargets array for master chip
-    TPM_BACKUP_INDEX = 1,     ///< Index for backup chip TPM
+    MAX_TRANSMIT_SIZE = 1024, ///< Maximum send/receive transmit size
 };
 
-
 /**
  * @brief Initialize the targetted TPM
  * @param[in/out] io_target Current TPM target structure
  * @param[in] i_nodeTarget Node Target
  * @param[in] i_chip Chip to initialize
 */
-    void tpmInitialize(TRUSTEDBOOT::TpmTarget & io_target,
-                       TARGETING::Target* i_nodeTarget,
-                       TPMDD::tpm_chip_types_t i_chip);
-
-/// Class object to store system TPM information
-class SystemTpms
-{
-public:
-    SystemTpms();
-
-    TpmTarget tpm[MAX_SYSTEM_TPMS];
-};
-
-// Command structures taken from Trusted Platform Module Library Part 3:
-//    Commands Family "2.0"
-struct TPM2_BaseIn {
-    uint16_t      tag;       ///< Type TPM_ST_xx
-    uint32_t      commandSize; ///< Total # output bytes incl cmdSize and tag
-    uint32_t      commandCode;   ///< Type TPM_CC_xx
-} PACKED;
-
-/// Base of all outgoing messages
-struct TPM2_BaseOut {
-    uint16_t      tag;       ///< Type TPM_ST_xx
-    uint32_t      responseSize; ///< Total # output bytes incl paramSize and tag
-    uint32_t      responseCode;///< The return code of the operation
-} PACKED;
-
-/// Generic TPM Input Command structure with a 2 byte param
-struct TPM2_2ByteIn {
-    TPM2_BaseIn  base;
-    uint16_t     param;
-} PACKED;
-
-/// Generic TPM Output Command structure with a 4 byte return data
-struct TPM2_4ByteOut {
-    TPM2_BaseOut base;
-    uint32_t     resp;
-} PACKED;
+void tpmInitialize(TRUSTEDBOOT::TpmTarget & io_target,
+                   TARGETING::Target* i_nodeTarget,
+                   TPMDD::tpm_chip_types_t i_chip);
 
-/// Incoming TPM_GetCapability structure
-struct TPM2_GetCapabilityIn {
-    TPM2_BaseIn  base;
-    uint32_t    capability;      ///< group selection
-    uint32_t    property;        ///< Further definition
-    uint32_t    propertyCount;   ///< Number of properties to return
-} PACKED;
-
-/// Outgoing TPM_GetCapability structure
-struct TPM2_GetCapabilityOut {
-    TPM2_BaseOut base;
-    uint8_t     moreData;    ///< Flag to indicate if more values available
-    uint8_t     capData[];   ///< The capability response
-} PACKED;
-
-/// Various static values
-enum {
-    // Command structure tags
-    TPM_ST_NO_SESSIONS        = 0x8001,     ///< A command with no sess/auth
-
-
-    // Command Codes
-    TPM_CC_Startup            = 0x00000144,
-    TPM_CC_GetCapability      = 0x0000017A,
-    TPM_CC_PCR_Read           = 0x0000017E,
-    TPM_CC_PCR_Extend         = 0x00000182,
-
-
-    // TPM Startup types
-    TPM_SU_CLEAR              = 0x0000,  ///< TPM perform reset,restart
-    TPM_SU_STATE              = 0x0001,  ///< TPM perform restore saved state
-
-    // Capability
-    TPM_CAP_TPM_PROPERTIES    = 0x00000006, ///< Pull TPM Properties
+/**
+ * @brief Mark the TPM as non-functional and take required steps
+ * @param[in/out] io_target Current TPM target structure
+ */
+void tpmMarkFailed(TRUSTEDBOOT::TpmTarget & io_target);
 
-    // TPM Properties
-    TPM_PT_MANUFACTURER       = 0x00000105,
+/**
+ * @brief Transmit the command to the TPM and perform marshaling
+ * @param[in/out] io_target Current TPM target structure
+ * @param[in/out] io_buffer Input the command buffer to send, response on exit
+ * @param[in] i_bufsize Size of io_buffer in bytes
+ * @return errlHndl_t NULL if successful, otherwise a pointer to the
+ *       error log.
+ */
+errlHndl_t tpmTransmitCommand(TRUSTEDBOOT::TpmTarget & io_target,
+                              uint8_t* io_buffer,
+                              size_t i_bufsize );
 
-    // TPM Return Codes
-    TPM_SUCCESS               = 0x000,
+/**
+ * @brief Take structure pointed to by cmd and format for input into TPM
+ * @param[in] i_cmd Prefilled command input structure
+ * @param[out] o_outbuf Buffer to place marshalled data
+ * @param[in] i_bufsize Size of o_outbuf in bytes
+ * @param[out] o_cmdSize Byte size of io_outbuf data after marshal
+ * @return errlHndl_t NULL if successful, otherwise a pointer to the
+ *       error log.
+ */
+errlHndl_t tpmMarshalCommandData(TRUSTEDBOOT::TPM2_BaseIn* i_cmd,
+                                 uint8_t* o_outbuf,
+                                 size_t i_bufsize,
+                                 size_t & o_cmdSize);
 
-    TPM_RC_INITIALIZE         = 0x100,
+/**
+ * @brief Take structure pointed to by cmd and format for input into TPM
+ * @param[in] i_commandCode Command code that was executed on the TPM
+ * @param[in] i_respBuf Buffer with response data from TPM
+ * @param[in] i_respBufSize Byte size of respBuf buffer from TPM
+ * @param[out] o_outBuf Buffer to place formatted response data
+ * @param[in] i_outBufSize Byte size of o_outBuf buffer
+ * @return errlHndl_t NULL if successful, otherwise a pointer to the
+ *       error log.
+ */
+errlHndl_t tpmUnmarshalResponseData(uint32_t i_commandCode,
+                                    uint8_t* i_respBuf,
+                                    size_t i_respBufSize,
+                                    TRUSTEDBOOT::TPM2_BaseOut* o_outBuf,
+                                    size_t i_outBufSize);
+/**
+ * @brief Send the TPM_STARTUP command to the targetted TPM
+ * @param[in/out] io_target Current TPM target structure
+ * @return errlHndl_t NULL if successful, otherwise a pointer to the
+ *       error log.
+*/
+errlHndl_t tpmCmdStartup(TRUSTEDBOOT::TpmTarget & io_target);
 
-};
+/**
+ * @brief Send the TPM_GETCAPABILITY command to read FW version from TPM
+ * @param[in/out] io_target Current TPM target structure
+ * @return errlHndl_t NULL if successful, otherwise a pointer to the
+ *       error log.
+*/
 
+errlHndl_t tpmCmdGetCapFwVersion(TRUSTEDBOOT::TpmTarget & io_target);
 
 
 } // end TRUSTEDBOOT namespace
author	Chris Engel <cjengel@us.ibm.com>	2015-08-03 16:01:14 -0500
committer	A. Patrick Williams III <iawillia@us.ibm.com>	2015-12-11 11:17:32 -0600
commit	e914974751a5125cff6fa7078399db6f3aac5641 (patch)
tree	4f50b6677a2a0111f98884813ff7e028459bcca2 /src/usr/secureboot/trusted/trustedboot.H
parent	0cbd52585b9013430efeaeed6b4c38f6122eea98 (diff)
download	talos-hostboot-e914974751a5125cff6fa7078399db6f3aac5641.tar.gz talos-hostboot-e914974751a5125cff6fa7078399db6f3aac5641.zip