15679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// This file was extracted from the TCG Published
25679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Trusted Platform Module Library
35679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Part 4: Supporting Routines
45679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Family "2.0"
55679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Level 00 Revision 01.16
65679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// October 30, 2014
75679752bf24c21135884e987c4077e2f7184897Vadim Bendebury
85679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#define MANUFACTURE_C
95679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#include "InternalRoutines.h"
105679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#include "Global.h"
115679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
125679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
135679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//          Functions
145679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
155679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//         TPM_Manufacture()
165679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
175679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//     This function initializes the TPM values in preparation for the TPM's first use. This function will fail if
185679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//     previously called. The TPM can be re-manufactured by calling TPM_Teardown() first and then calling this
195679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//     function again.
205679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
215679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//     Return Value                      Meaning
225679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
235679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//     0                                 success
245679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//     1                                 manufacturing process previously performed
255679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
265679752bf24c21135884e987c4077e2f7184897Vadim BendeburyLIB_EXPORT int
275679752bf24c21135884e987c4077e2f7184897Vadim BendeburyTPM_Manufacture(
285679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   BOOL                 firstTime           // IN: indicates if this is the first call from
295679752bf24c21135884e987c4077e2f7184897Vadim Bendebury                                            //     main()
305679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   )
315679752bf24c21135884e987c4077e2f7184897Vadim Bendebury{
325679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   TPM_SU              orderlyShutdown;
335679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   UINT64              totalResetCount = 0;
345679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // If TPM has been manufactured, return indication.
355679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   if(!firstTime && g_manufactured)
365679752bf24c21135884e987c4077e2f7184897Vadim Bendebury       return 1;
375679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // initialize crypto units
385679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   //CryptInitUnits();
395679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   //
405679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   s_selfHealTimer = 0;
415679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   s_lockoutTimer = 0;
425679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   s_DAPendingOnNV = FALSE;
435679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // initialize NV
445679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   NvInit();
455679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#ifdef _DRBG_STATE_SAVE
465679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // Initialize the drbg. This needs to come before the install
475679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // of the hierarchies
485679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   if(!_cpri__Startup())               // Have to start the crypto units first
495679752bf24c21135884e987c4077e2f7184897Vadim Bendebury       FAIL(FATAL_ERROR_INTERNAL);
505679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   _cpri__DrbgGetPutState(PUT_STATE, 0, NULL);
515679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#endif
525679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // default configuration for PCR
535679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   PCRSimStart();
545679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // initialize pre-installed hierarchy data
555679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // This should happen after NV is initialized because hierarchy data is
565679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // stored in NV.
575679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   HierarchyPreInstall_Init();
585679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // initialize dictionary attack parameters
595679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   DAPreInstall_Init();
605679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // initialize PP list
615679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   PhysicalPresencePreInstall_Init();
625679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // initialize command audit list
635679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   CommandAuditPreInstall_Init();
645679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // first start up is required to be Startup(CLEAR)
6515d53c3aca7b3e88a541779d696d9cfb65f58f68Vadim Bendebury   orderlyShutdown = TPM_SU_CLEAR;
6615d53c3aca7b3e88a541779d696d9cfb65f58f68Vadim Bendebury   NvWriteReserved(NV_ORDERLY, &orderlyShutdown);
675679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // initialize the firmware version
6815d53c3aca7b3e88a541779d696d9cfb65f58f68Vadim Bendebury#ifdef EMBEDDED_MODE
6915d53c3aca7b3e88a541779d696d9cfb65f58f68Vadim Bendebury   _plat__GetFwVersion(&gp.firmwareV1, &gp.firmwareV2);
7015d53c3aca7b3e88a541779d696d9cfb65f58f68Vadim Bendebury#else
715679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   gp.firmwareV1 = FIRMWARE_V1;
725679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#ifdef FIRMWARE_V2
735679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   gp.firmwareV2 = FIRMWARE_V2;
745679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#else
755679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   gp.firmwareV2 = 0;
765679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#endif
775679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   NvWriteReserved(NV_FIRMWARE_V1, &gp.firmwareV1);
785679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   NvWriteReserved(NV_FIRMWARE_V2, &gp.firmwareV2);
7915d53c3aca7b3e88a541779d696d9cfb65f58f68Vadim Bendebury#endif
805679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    // initialize the total reset counter to 0
815679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    NvWriteReserved(NV_TOTAL_RESET_COUNT, &totalResetCount);
825679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    // initialize the clock stuff
835679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    go.clock = 0;
845679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    go.clockSafe = YES;
855679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#ifdef _DRBG_STATE_SAVE
865679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // initialize the current DRBG state in NV
875679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   _cpri__DrbgGetPutState(GET_STATE, sizeof(go.drbgState), (BYTE *)&go.drbgState);
885679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#endif
895679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    NvWriteReserved(NV_ORDERLY_DATA, &go);
905679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    // Commit NV writes. Manufacture process is an artificial process existing
915679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    // only in simulator environment and it is not defined in the specification
925679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    // that what should be the expected behavior if the NV write fails at this
935679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    // point. Therefore, it is assumed the NV write here is always success and
945679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    // no return code of this function is checked.
955679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    NvCommit();
965679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    g_manufactured = TRUE;
975679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    return 0;
985679752bf24c21135884e987c4077e2f7184897Vadim Bendebury}
995679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
1005679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
1015679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//          TPM_TearDown()
1025679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
1035679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//      This function prepares the TPM for re-manufacture. It should not be implemented in anything other than a
1045679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//      simulated TPM.
1055679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//      In this implementation, all that is needs is to stop the cryptographic units and set a flag to indicate that the
1065679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//      TPM can be re-manufactured. This should be all that is necessary to start the manufacturing process
1075679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//      again.
1085679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
1095679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//      Return Value                      Meaning
1105679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
1115679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//      0                                 success
1125679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//      1                                 TPM not previously manufactured
1135679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
1145679752bf24c21135884e987c4077e2f7184897Vadim BendeburyLIB_EXPORT int
1155679752bf24c21135884e987c4077e2f7184897Vadim BendeburyTPM_TearDown(
1165679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    void
1175679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    )
1185679752bf24c21135884e987c4077e2f7184897Vadim Bendebury{
1195679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    // stop crypt units
1205679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    CryptStopUnits();
1215679752bf24c21135884e987c4077e2f7184897Vadim Bendebury    g_manufactured = FALSE;
1225679752bf24c21135884e987c4077e2f7184897Vadim Bendebury      return 0;
1235679752bf24c21135884e987c4077e2f7184897Vadim Bendebury}
124