1/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 */
5
6/*
7 * TPM Lightweight Command Library.
8 *
9 * A low-level library for interfacing to TPM hardware or an emulator.
10 */
11
12#ifndef TPM_LITE_TLCL_H_
13#define TPM_LITE_TLCL_H_
14#include <stdint.h>
15
16#include "tss_constants.h"
17
18/*****************************************************************************/
19/* Functions implemented in tlcl.c */
20
21/**
22 * Call this first.  Returns 0 if success, nonzero if error.
23 */
24uint32_t TlclLibInit(void);
25
26/**
27 * Call this on shutdown.  Returns 0 if success, nonzero if error.
28 */
29uint32_t TlclLibClose(void);
30
31/* Low-level operations */
32
33/**
34 * Perform a raw TPM request/response transaction.
35 */
36uint32_t TlclSendReceive(const uint8_t *request, uint8_t *response,
37                         int max_length);
38
39/**
40 * Return the size of a TPM request or response packet.
41 */
42int TlclPacketSize(const uint8_t *packet);
43
44/* Commands */
45
46/**
47 * Send a TPM_Startup(ST_CLEAR).  The TPM error code is returned (0 for
48 * success).
49 */
50uint32_t TlclStartup(void);
51
52/**
53 * Save the TPM state.  Normally done by the kernel before a suspend, included
54 * here for tests.  The TPM error code is returned (0 for success).
55 */
56uint32_t TlclSaveState(void);
57
58/**
59 * Resume by sending a TPM_Startup(ST_STATE).  The TPM error code is returned
60 * (0 for success).
61 */
62uint32_t TlclResume(void);
63
64/**
65 * Run the self test.
66 *
67 * Note---this is synchronous.  To run this in parallel with other firmware,
68 * use ContinueSelfTest().  The TPM error code is returned.
69 */
70uint32_t TlclSelfTestFull(void);
71
72/**
73 * Run the self test in the background.
74 */
75uint32_t TlclContinueSelfTest(void);
76
77/**
78 * Define a space with permission [perm].  [index] is the index for the space,
79 * [size] the usable data size.  The TPM error code is returned.
80 */
81uint32_t TlclDefineSpace(uint32_t index, uint32_t perm, uint32_t size);
82
83/**
84 * Write [length] bytes of [data] to space at [index].  The TPM error code is
85 * returned.
86 */
87uint32_t TlclWrite(uint32_t index, const void *data, uint32_t length);
88
89/**
90 * Read [length] bytes from space at [index] into [data].  The TPM error code
91 * is returned.
92 */
93uint32_t TlclRead(uint32_t index, void *data, uint32_t length);
94
95/**
96 * Read PCR at [index] into [data].  [length] must be TPM_PCR_DIGEST or
97 * larger. The TPM error code is returned.
98 */
99uint32_t TlclPCRRead(uint32_t index, void *data, uint32_t length);
100
101/**
102 * Write-lock space at [index].  The TPM error code is returned.
103 */
104uint32_t TlclWriteLock(uint32_t index);
105
106/**
107 * Read-lock space at [index].  The TPM error code is returned.
108 */
109uint32_t TlclReadLock(uint32_t index);
110
111/**
112 * Assert physical presence in software.  The TPM error code is returned.
113 */
114uint32_t TlclAssertPhysicalPresence(void);
115
116/**
117 * Enable the physical presence command.  The TPM error code is returned.
118 */
119uint32_t TlclPhysicalPresenceCMDEnable(void);
120
121/**
122 * Finalize the physical presence settings: sofware PP is enabled, hardware PP
123 * is disabled, and the lifetime lock is set.  The TPM error code is returned.
124 */
125uint32_t TlclFinalizePhysicalPresence(void);
126
127uint32_t TlclAssertPhysicalPresenceResult(void);
128
129/**
130 * Turn off physical presence and locks it off until next reboot.  The TPM
131 * error code is returned.
132 */
133uint32_t TlclLockPhysicalPresence(void);
134
135/**
136 * Set the nvLocked bit.  The TPM error code is returned.
137 */
138uint32_t TlclSetNvLocked(void);
139
140/**
141 * Return 1 if the TPM is owned, 0 otherwise.
142 */
143int TlclIsOwned(void);
144
145/**
146 * Issue a ForceClear.  The TPM error code is returned.
147 */
148uint32_t TlclForceClear(void);
149
150/**
151 * Issue a PhysicalEnable.  The TPM error code is returned.
152 */
153uint32_t TlclSetEnable(void);
154
155/**
156 * Issue a PhysicalDisable.  The TPM error code is returned.
157 */
158uint32_t TlclClearEnable(void);
159
160/**
161 * Issue a SetDeactivated.  Pass 0 to activate.  Returns result code.
162 */
163uint32_t TlclSetDeactivated(uint8_t flag);
164
165/**
166 * Get flags of interest.  Pointers for flags you aren't interested in may
167 * be NULL.  The TPM error code is returned.
168 */
169uint32_t TlclGetFlags(uint8_t *disable, uint8_t *deactivated,
170                      uint8_t *nvlocked);
171
172/**
173 * Set the bGlobalLock flag, which only a reboot can clear.  The TPM error
174 * code is returned.
175 */
176uint32_t TlclSetGlobalLock(void);
177
178/**
179 * Perform a TPM_Extend.
180 */
181uint32_t TlclExtend(int pcr_num, const uint8_t *in_digest, uint8_t *out_digest);
182
183/**
184 * Get the permission bits for the NVRAM space with |index|.
185 */
186uint32_t TlclGetPermissions(uint32_t index, uint32_t *permissions);
187
188/**
189 * Get the entire set of permanent flags.
190 */
191uint32_t TlclGetPermanentFlags(TPM_PERMANENT_FLAGS *pflags);
192
193/**
194 * Get the entire set of volatile (ST_CLEAR) flags.
195 */
196uint32_t TlclGetSTClearFlags(TPM_STCLEAR_FLAGS *pflags);
197
198/**
199 * Get the ownership flag. The TPM error code is returned.
200 */
201uint32_t TlclGetOwnership(uint8_t *owned);
202
203/**
204 * Request [length] bytes from TPM RNG to be stored in [data]. Actual number of
205 * bytes read is stored in [size]. The TPM error code is returned.
206 */
207uint32_t TlclGetRandom(uint8_t *data, uint32_t length, uint32_t *size);
208
209#endif  /* TPM_LITE_TLCL_H_ */
210