diff options
| author | Stefan Berger <stefanb@linux.vnet.ibm.com> | 2016-02-02 13:09:17 -0500 |
|---|---|---|
| committer | Kevin O'Connor <kevin@koconnor.net> | 2016-02-05 20:47:37 -0500 |
| commit | e444dce9361f079c77c1e25e61d3f5864de41e93 (patch) | |
| tree | fb52f16e5146c56f53d038dd78c781feb3163ef3 /src/tcgbios.c | |
| parent | 7d596dcccfd5bd931a3d74be5dde1615440b78cb (diff) | |
| download | seabios-hppa-e444dce9361f079c77c1e25e61d3f5864de41e93.zip seabios-hppa-e444dce9361f079c77c1e25e61d3f5864de41e93.tar.gz seabios-hppa-e444dce9361f079c77c1e25e61d3f5864de41e93.tar.bz2 | |
tpm: Implement TPM 2's tpm_set_failure part
Implement TPM 2's tpm_set_failure part.
We follow this specification:
TCG PC Client Specific Platform Firmware Profile for TPM 2.0 Systems Revision 1.0 Version 21
It can be found on this page:
http://www.trustedcomputinggroup.org/resources/specifications_in_public_review
Make the TPM unavailable for OS-present applications following 6.2 item 2.d.i .
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Diffstat (limited to 'src/tcgbios.c')
| -rw-r--r-- | src/tcgbios.c | 35 |
1 files changed, 34 insertions, 1 deletions
diff --git a/src/tcgbios.c b/src/tcgbios.c index cd2b228..da457a4 100644 --- a/src/tcgbios.c +++ b/src/tcgbios.c @@ -239,6 +239,38 @@ tpm_build_and_send_cmd(u8 locty, u32 ordinal, const u8 *append, return ret; } +static int +tpm20_hierarchycontrol(u32 hierarchy, u8 state) +{ + /* we will try to deactivate the TPM now - ignoring all errors */ + struct tpm2_req_hierarchycontrol trh = { + .hdr.tag = cpu_to_be16(TPM2_ST_SESSIONS), + .hdr.totlen = cpu_to_be32(sizeof(trh)), + .hdr.ordinal = cpu_to_be32(TPM2_CC_HierarchyControl), + .authhandle = cpu_to_be32(TPM2_RH_PLATFORM), + .authblocksize = cpu_to_be32(sizeof(trh.authblock)), + .authblock = { + .handle = cpu_to_be32(TPM2_RS_PW), + .noncesize = cpu_to_be16(0), + .contsession = TPM2_YES, + .pwdsize = cpu_to_be16(0), + }, + .enable = cpu_to_be32(hierarchy), + .state = state, + }; + struct tpm_rsp_header rsp; + u32 resp_length = sizeof(rsp); + int ret = tpmhw_transmit(0, &trh.hdr, &rsp, &resp_length, + TPM_DURATION_TYPE_MEDIUM); + if (ret || resp_length != sizeof(rsp) || rsp.errcode) + ret = -1; + + dprintf(DEBUG_tcg, "TCGBIOS: Return value from sending TPM2_CC_HierarchyControl = 0x%08x\n", + ret); + + return ret; +} + static void tpm_set_failure(void) { @@ -253,7 +285,8 @@ tpm_set_failure(void) NULL, 0, TPM_DURATION_TYPE_SHORT); break; case TPM_VERSION_2: - // FIXME: missing code + tpm20_hierarchycontrol(TPM2_RH_ENDORSEMENT, TPM2_NO); + tpm20_hierarchycontrol(TPM2_RH_OWNER, TPM2_NO); break; } |