tlcl.h revision 3428b4bcd99a6d2e9f8b3e1bdf800d943fbe78c3
1f0605cbdc36f58829a908a3333e438c565c8c7afKees Cook/* Copyright (c) 2012 The Chromium OS Authors. All rights reserved. 20df08373a2d85d1188751749835e466eee8db878Gaurav Shah * Use of this source code is governed by a BSD-style license that can be 30df08373a2d85d1188751749835e466eee8db878Gaurav Shah * found in the LICENSE file. 40df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 50df08373a2d85d1188751749835e466eee8db878Gaurav Shah 60df08373a2d85d1188751749835e466eee8db878Gaurav Shah/* TPM Lightweight Command Library. 70df08373a2d85d1188751749835e466eee8db878Gaurav Shah * 80df08373a2d85d1188751749835e466eee8db878Gaurav Shah * A low-level library for interfacing to TPM hardware or an emulator. 90df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 100df08373a2d85d1188751749835e466eee8db878Gaurav Shah 110df08373a2d85d1188751749835e466eee8db878Gaurav Shah#ifndef TPM_LITE_TLCL_H_ 120df08373a2d85d1188751749835e466eee8db878Gaurav Shah#define TPM_LITE_TLCL_H_ 130df08373a2d85d1188751749835e466eee8db878Gaurav Shah 14f302905224a346718910e56f5f1593d4b19253f1Randall Spangler#include "sysincludes.h" 155896b9664d088699e246de964a7c374af663a34eLuigi Semenzato#include "tss_constants.h" 1639f66114c03639715cb88774255f066a2d942557Randall Spangler 1739f66114c03639715cb88774255f066a2d942557Randall Spangler/*****************************************************************************/ 1839f66114c03639715cb88774255f066a2d942557Randall Spangler/* Functions implemented in tlcl.c */ 1939f66114c03639715cb88774255f066a2d942557Randall Spangler 205d9509cbdee7b9c8dd91ed47d967569dbb9af83dChe-Liang Chiou/* Call this first. Returns 0 if success, nonzero if error. 2139f66114c03639715cb88774255f066a2d942557Randall Spangler */ 225d9509cbdee7b9c8dd91ed47d967569dbb9af83dChe-Liang Chiouuint32_t TlclLibInit(void); 2339f66114c03639715cb88774255f066a2d942557Randall Spangler 24f9e82e9695d3f208b549cc0208baf24985bbb488Kees Cook/* Call this on shutdown. Returns 0 if success, nonzero if error. 25f9e82e9695d3f208b549cc0208baf24985bbb488Kees Cook */ 26f9e82e9695d3f208b549cc0208baf24985bbb488Kees Cookuint32_t TlclLibClose(void); 27f9e82e9695d3f208b549cc0208baf24985bbb488Kees Cook 2839f66114c03639715cb88774255f066a2d942557Randall Spangler/* Logs to stdout. Arguments like printf. 2939f66114c03639715cb88774255f066a2d942557Randall Spangler */ 3039f66114c03639715cb88774255f066a2d942557Randall Spanglervoid TlclLog(char* format, ...); 3139f66114c03639715cb88774255f066a2d942557Randall Spangler 3239f66114c03639715cb88774255f066a2d942557Randall Spangler/* Sets the log level. 0 is quietest. 3339f66114c03639715cb88774255f066a2d942557Randall Spangler */ 3439f66114c03639715cb88774255f066a2d942557Randall Spanglervoid TlclSetLogLevel(int level); 3539f66114c03639715cb88774255f066a2d942557Randall Spangler 363428b4bcd99a6d2e9f8b3e1bdf800d943fbe78c3Luigi Semenzato/* Low-level operations */ 373428b4bcd99a6d2e9f8b3e1bdf800d943fbe78c3Luigi Semenzato 383428b4bcd99a6d2e9f8b3e1bdf800d943fbe78c3Luigi Semenzato/* Performs a raw TPM request/response transaction. 393428b4bcd99a6d2e9f8b3e1bdf800d943fbe78c3Luigi Semenzato */ 403428b4bcd99a6d2e9f8b3e1bdf800d943fbe78c3Luigi Semenzatouint32_t TlclSendReceive(const uint8_t* request, uint8_t* response, 413428b4bcd99a6d2e9f8b3e1bdf800d943fbe78c3Luigi Semenzato int max_length); 423428b4bcd99a6d2e9f8b3e1bdf800d943fbe78c3Luigi Semenzato 433428b4bcd99a6d2e9f8b3e1bdf800d943fbe78c3Luigi Semenzato/* Returns the size of a TPM request or response packet. 443428b4bcd99a6d2e9f8b3e1bdf800d943fbe78c3Luigi Semenzato */ 453428b4bcd99a6d2e9f8b3e1bdf800d943fbe78c3Luigi Semenzatoint TlclPacketSize(const uint8_t* packet); 463428b4bcd99a6d2e9f8b3e1bdf800d943fbe78c3Luigi Semenzato 473428b4bcd99a6d2e9f8b3e1bdf800d943fbe78c3Luigi Semenzato/* Commands */ 483428b4bcd99a6d2e9f8b3e1bdf800d943fbe78c3Luigi Semenzato 4939f66114c03639715cb88774255f066a2d942557Randall Spangler/* Sends a TPM_Startup(ST_CLEAR). The TPM error code is returned (0 5039f66114c03639715cb88774255f066a2d942557Randall Spangler * for success). 510df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 5259204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzatouint32_t TlclStartup(void); 530df08373a2d85d1188751749835e466eee8db878Gaurav Shah 5454992f9d3379c4b048d8da6171f0e578b2db4facLuigi Semenzato/* Save the TPM state. Normally done by the kernel before a suspend, included 5554992f9d3379c4b048d8da6171f0e578b2db4facLuigi Semenzato * here for tests. The TPM error code is returned (0 for success). 5654992f9d3379c4b048d8da6171f0e578b2db4facLuigi Semenzato */ 5754992f9d3379c4b048d8da6171f0e578b2db4facLuigi Semenzatouint32_t TlclSaveState(void); 5854992f9d3379c4b048d8da6171f0e578b2db4facLuigi Semenzato 593da063e3f7612464a41a4c9b2b31fb7eade57a13Luigi Semenzato/* Resumes by sending a TPM_Startup(ST_STATE). The TPM error code is returned 603da063e3f7612464a41a4c9b2b31fb7eade57a13Luigi Semenzato * (0 for success). 613da063e3f7612464a41a4c9b2b31fb7eade57a13Luigi Semenzato */ 623da063e3f7612464a41a4c9b2b31fb7eade57a13Luigi Semenzatouint32_t TlclResume(void); 633da063e3f7612464a41a4c9b2b31fb7eade57a13Luigi Semenzato 643da063e3f7612464a41a4c9b2b31fb7eade57a13Luigi Semenzato/* Runs the self test. Note---this is synchronous. To run this in parallel 6559204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzato * with other firmware, use ContinueSelfTest. The TPM error code is returned. 660df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 673e1081fb71385d72fd3a522599c35b516dda7a37Randall Spangleruint32_t TlclSelfTestFull(void); 6859204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzato 6939f66114c03639715cb88774255f066a2d942557Randall Spangler/* Runs the self test in the background. 7059204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzato */ 7159204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzatouint32_t TlclContinueSelfTest(void); 720df08373a2d85d1188751749835e466eee8db878Gaurav Shah 730df08373a2d85d1188751749835e466eee8db878Gaurav Shah/* Defines a space with permission [perm]. [index] is the index for the space, 7459204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzato * [size] the usable data size. The TPM error code is returned. 750df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 7659204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzatouint32_t TlclDefineSpace(uint32_t index, uint32_t perm, uint32_t size); 770df08373a2d85d1188751749835e466eee8db878Gaurav Shah 780df08373a2d85d1188751749835e466eee8db878Gaurav Shah/* Writes [length] bytes of [data] to space at [index]. The TPM error code is 7959204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzato * returned. 800df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 814abede35afc8b5ecc8165d5d79f77c203bce51fcRandall Spangleruint32_t TlclWrite(uint32_t index, const void* data, uint32_t length); 820df08373a2d85d1188751749835e466eee8db878Gaurav Shah 830df08373a2d85d1188751749835e466eee8db878Gaurav Shah/* Reads [length] bytes from space at [index] into [data]. The TPM error code 8459204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzato * is returned. 850df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 864abede35afc8b5ecc8165d5d79f77c203bce51fcRandall Spangleruint32_t TlclRead(uint32_t index, void* data, uint32_t length); 870df08373a2d85d1188751749835e466eee8db878Gaurav Shah 88946370d012a809bba833ff9d37fe0ce86af09860Kees Cook/* Reads PCR at [index] into [data]. [length] must be TPM_PCR_DIGEST or 89946370d012a809bba833ff9d37fe0ce86af09860Kees Cook * larger. The TPM error code is returned. 90946370d012a809bba833ff9d37fe0ce86af09860Kees Cook */ 91946370d012a809bba833ff9d37fe0ce86af09860Kees Cookuint32_t TlclPCRRead(uint32_t index, void* data, uint32_t length); 92946370d012a809bba833ff9d37fe0ce86af09860Kees Cook 9359204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzato/* Write-locks space at [index]. The TPM error code is returned. 940df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 9559204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzatouint32_t TlclWriteLock(uint32_t index); 960df08373a2d85d1188751749835e466eee8db878Gaurav Shah 9759204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzato/* Read-locks space at [index]. The TPM error code is returned. 980df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 9959204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzatouint32_t TlclReadLock(uint32_t index); 1000df08373a2d85d1188751749835e466eee8db878Gaurav Shah 10159204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzato/* Asserts physical presence in software. The TPM error code is returned. 1020df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 10359204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzatouint32_t TlclAssertPhysicalPresence(void); 1040df08373a2d85d1188751749835e466eee8db878Gaurav Shah 105377557fcb260c9b41abc36ebba5759336436e59cLuigi Semenzato/* Enables the physical presence command. The TPM error code is returned. 1061d83dd1ba5b825407a8e17972c54577d14ba173dLuigi Semenzato */ 1071d83dd1ba5b825407a8e17972c54577d14ba173dLuigi Semenzatouint32_t TlclPhysicalPresenceCMDEnable(void); 1081d83dd1ba5b825407a8e17972c54577d14ba173dLuigi Semenzato 109377557fcb260c9b41abc36ebba5759336436e59cLuigi Semenzato/* Finalizes the physical presence settings: sofware PP is enabled, hardware PP 110377557fcb260c9b41abc36ebba5759336436e59cLuigi Semenzato * is disabled, and the lifetime lock is set. The TPM error code is returned. 111377557fcb260c9b41abc36ebba5759336436e59cLuigi Semenzato */ 112377557fcb260c9b41abc36ebba5759336436e59cLuigi Semenzatouint32_t TlclFinalizePhysicalPresence(void); 113377557fcb260c9b41abc36ebba5759336436e59cLuigi Semenzato 11459204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzato/* Turns off physical presence and locks it off until next reboot. The TPM 11559204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzato * error code is returned. 116596b64052e7a8265b8f4411065036ba51badb6e0Luigi Semenzato */ 117596b64052e7a8265b8f4411065036ba51badb6e0Luigi Semenzatouint32_t TlclLockPhysicalPresence(void); 118596b64052e7a8265b8f4411065036ba51badb6e0Luigi Semenzato 11959204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzato/* Sets the nvLocked bit. The TPM error code is returned. 1200df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 12159204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzatouint32_t TlclSetNvLocked(void); 1220df08373a2d85d1188751749835e466eee8db878Gaurav Shah 1230df08373a2d85d1188751749835e466eee8db878Gaurav Shah/* Returns 1 if the TPM is owned, 0 otherwise. 1240df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 1250df08373a2d85d1188751749835e466eee8db878Gaurav Shahint TlclIsOwned(void); 1260df08373a2d85d1188751749835e466eee8db878Gaurav Shah 12759204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzato/* Issues a ForceClear. The TPM error code is returned. 1280df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 12959204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzatouint32_t TlclForceClear(void); 1300df08373a2d85d1188751749835e466eee8db878Gaurav Shah 131416f681882d8a35fa4c7ad9245a9e544c3115670Luigi Semenzato/* Issues a PhysicalEnable. The TPM error code is returned. 1320df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 13359204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzatouint32_t TlclSetEnable(void); 1340df08373a2d85d1188751749835e466eee8db878Gaurav Shah 135416f681882d8a35fa4c7ad9245a9e544c3115670Luigi Semenzato/* Issues a PhysicalDisable. The TPM error code is returned. 136416f681882d8a35fa4c7ad9245a9e544c3115670Luigi Semenzato */ 137416f681882d8a35fa4c7ad9245a9e544c3115670Luigi Semenzatouint32_t TlclClearEnable(void); 138416f681882d8a35fa4c7ad9245a9e544c3115670Luigi Semenzato 139596b64052e7a8265b8f4411065036ba51badb6e0Luigi Semenzato/* Issues a SetDeactivated. Pass 0 to activate. Returns result code. 1400df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 14159204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzatouint32_t TlclSetDeactivated(uint8_t flag); 1420df08373a2d85d1188751749835e466eee8db878Gaurav Shah 1433e1081fb71385d72fd3a522599c35b516dda7a37Randall Spangler/* Gets flags of interest. Pointers for flags you aren't interested in may 144205190d4ae8080298d9d1b580dd95c885f2af42cRandall Spangler * be NULL. The TPM error code is returned. 1450df08373a2d85d1188751749835e466eee8db878Gaurav Shah */ 146a7e19cffbee540a130d16b3b93ebfe250a774358Luigi Semenzatouint32_t TlclGetFlags(uint8_t* disable, uint8_t* deactivated, 147a7e19cffbee540a130d16b3b93ebfe250a774358Luigi Semenzato uint8_t* nvlocked); 1480df08373a2d85d1188751749835e466eee8db878Gaurav Shah 14959204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzato/* Sets the bGlobalLock flag, which only a reboot can clear. The TPM error 15059204c57d0a4889e3cace81b3361ea06f7b3fb45Luigi Semenzato * code is returned. 151596b64052e7a8265b8f4411065036ba51badb6e0Luigi Semenzato */ 152596b64052e7a8265b8f4411065036ba51badb6e0Luigi Semenzatouint32_t TlclSetGlobalLock(void); 153596b64052e7a8265b8f4411065036ba51badb6e0Luigi Semenzato 15439f66114c03639715cb88774255f066a2d942557Randall Spangler/* Performs a TPM_Extend. 15539f66114c03639715cb88774255f066a2d942557Randall Spangler */ 156b64faaa7f4167344765eb32baebb0aa01a03bc29Gaurav Shahuint32_t TlclExtend(int pcr_num, const uint8_t* in_digest, uint8_t* out_digest); 15739f66114c03639715cb88774255f066a2d942557Randall Spangler 1584f11c36ebcc42a8f875ce6ea7cdc36f5c4e965deLuigi Semenzato/* Gets the permission bits for the NVRAM space with |index|. 1594f11c36ebcc42a8f875ce6ea7cdc36f5c4e965deLuigi Semenzato */ 1604f11c36ebcc42a8f875ce6ea7cdc36f5c4e965deLuigi Semenzatouint32_t TlclGetPermissions(uint32_t index, uint32_t* permissions); 1614f11c36ebcc42a8f875ce6ea7cdc36f5c4e965deLuigi Semenzato 1625896b9664d088699e246de964a7c374af663a34eLuigi Semenzato/* Gets the entire set of permanent flags. 1635896b9664d088699e246de964a7c374af663a34eLuigi Semenzato */ 1645896b9664d088699e246de964a7c374af663a34eLuigi Semenzatouint32_t TlclGetPermanentFlags(TPM_PERMANENT_FLAGS* pflags); 1655896b9664d088699e246de964a7c374af663a34eLuigi Semenzato 1665896b9664d088699e246de964a7c374af663a34eLuigi Semenzato/* Gets the entire set of volatile (ST_CLEAR) flags. 1675896b9664d088699e246de964a7c374af663a34eLuigi Semenzato */ 1685896b9664d088699e246de964a7c374af663a34eLuigi Semenzatouint32_t TlclGetSTClearFlags(TPM_STCLEAR_FLAGS* pflags); 1695896b9664d088699e246de964a7c374af663a34eLuigi Semenzato 1708b6da26a6e5978a43233f7a43c7bab5889d3817aKees Cook/* Gets ownership flag. The TPM error code is returned. 1718b6da26a6e5978a43233f7a43c7bab5889d3817aKees Cook */ 1728b6da26a6e5978a43233f7a43c7bab5889d3817aKees Cookuint32_t TlclGetOwnership(uint8_t* owned); 1738b6da26a6e5978a43233f7a43c7bab5889d3817aKees Cook 174f0605cbdc36f58829a908a3333e438c565c8c7afKees Cook/* Requests [length] bytes from TPM RNG to be stored in [data]. Actual 175f0605cbdc36f58829a908a3333e438c565c8c7afKees Cook * number of bytes read is stored in [size]. The TPM error code is returned. 176f0605cbdc36f58829a908a3333e438c565c8c7afKees Cook */ 177f0605cbdc36f58829a908a3333e438c565c8c7afKees Cookuint32_t TlclGetRandom(uint8_t* data, uint32_t length, uint32_t* size); 178f0605cbdc36f58829a908a3333e438c565c8c7afKees Cook 1790df08373a2d85d1188751749835e466eee8db878Gaurav Shah#endif /* TPM_LITE_TLCL_H_ */ 180