Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(915)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: src/platform/vboot_reference/vboot_firmware/lib/rollback_index.c

Issue 2225005: New anti-rollback strategy (no TPM NVRAM write cycles for locking). (Closed) Base URL: ssh://git@chromiumos-git/chromeos
Patch Set: comment changes Created 10 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « src/platform/vboot_reference/vboot_firmware/lib/kernel_image_fw.c ('k') | src/platform/vboot_reference/vboot_firmware/lib/tlcl.c » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: src/platform/vboot_reference/vboot_firmware/lib/rollback_index.c
diff --git a/src/platform/vboot_reference/vboot_firmware/lib/rollback_index.c b/src/platform/vboot_reference/vboot_firmware/lib/rollback_index.c
index 2d7fd8e89a274b5160cdab1c35de8dae6fcbbf32..89e97a3ce977c30055edfe5331aaa29f54d37895 100644
--- a/src/platform/vboot_reference/vboot_firmware/lib/rollback_index.c
+++ b/src/platform/vboot_reference/vboot_firmware/lib/rollback_index.c
@@ -21,21 +21,23 @@ uint16_t g_kernel_version = 0;
static void InitializeSpaces(void) {
uint16_t zero = 0;
- uint32_t perm = TPM_NV_PER_WRITE_STCLEAR | TPM_NV_PER_PPWRITE;
+ uint32_t firmware_perm = TPM_NV_PER_GLOBALLOCK | TPM_NV_PER_PPWRITE;
+ uint32_t kernel_perm = TPM_NV_PER_PPWRITE;
debug("Initializing spaces\n");
TlclSetNvLocked(); /* useful only the first time */
- TlclDefineSpace(FIRMWARE_KEY_VERSION_NV_INDEX, perm, sizeof(uint16_t));
+ TlclDefineSpace(FIRMWARE_KEY_VERSION_NV_INDEX,
+ firmware_perm, sizeof(uint16_t));
TlclWrite(FIRMWARE_KEY_VERSION_NV_INDEX, (uint8_t*) &zero, sizeof(uint16_t));
- TlclDefineSpace(FIRMWARE_VERSION_NV_INDEX, perm, sizeof(uint16_t));
+ TlclDefineSpace(FIRMWARE_VERSION_NV_INDEX, firmware_perm, sizeof(uint16_t));
TlclWrite(FIRMWARE_VERSION_NV_INDEX, (uint8_t*) &zero, sizeof(uint16_t));
- TlclDefineSpace(KERNEL_KEY_VERSION_NV_INDEX, perm, sizeof(uint16_t));
+ TlclDefineSpace(KERNEL_KEY_VERSION_NV_INDEX, kernel_perm, sizeof(uint16_t));
TlclWrite(KERNEL_KEY_VERSION_NV_INDEX, (uint8_t*) &zero, sizeof(uint16_t));
- TlclDefineSpace(KERNEL_VERSION_NV_INDEX, perm, sizeof(uint16_t));
+ TlclDefineSpace(KERNEL_VERSION_NV_INDEX, kernel_perm, sizeof(uint16_t));
TlclWrite(KERNEL_VERSION_NV_INDEX, (uint8_t*) &zero, sizeof(uint16_t));
}
@@ -55,8 +57,8 @@ static int GetTPMRollbackIndices(void) {
(uint8_t*) &g_firmware_key_version,
sizeof(g_firmware_key_version)) ||
TPM_SUCCESS != TlclRead(FIRMWARE_KEY_VERSION_NV_INDEX,
- (uint8_t*) &g_firmware_key_version,
- sizeof(g_firmware_key_version)) ||
+ (uint8_t*) &g_firmware_key_version,
+ sizeof(g_firmware_key_version)) ||
TPM_SUCCESS != TlclRead(FIRMWARE_KEY_VERSION_NV_INDEX,
(uint8_t*) &g_firmware_key_version,
sizeof(g_firmware_key_version)))
@@ -66,6 +68,8 @@ static int GetTPMRollbackIndices(void) {
void SetupTPM(void) {
+ uint8_t disable;
+ uint8_t deactivated;
TlclLibinit();
TlclStartup();
/* TODO(gauravsh): The call to self test should probably be deferred.
@@ -77,8 +81,20 @@ void SetupTPM(void) {
* before the selftest completes. */
TlclSelftestfull();
TlclAssertPhysicalPresence();
+ /* Check that the TPM is enabled and activated. */
+ if(TlclGetFlags(&disable, &deactivated) != TPM_SUCCESS) {
+ debug("failed to get TPM flags");
+ EnterRecovery();
+ }
+ if (disable || deactivated) {
+ TlclSetEnable();
+ if (TlclSetDeactivated(0) != TPM_SUCCESS) {
+ debug("failed to activate TPM");
+ EnterRecovery();
+ }
+ }
if (!GetTPMRollbackIndices()) {
- debug("Ho Ho Ho! We must jump to recovery.");
+ debug("failed to get rollback indices");
EnterRecovery();
}
}
@@ -128,22 +144,16 @@ int WriteStoredVersion(int type, uint16_t version) {
return 0;
}
-void LockStoredVersion(int type) {
- /* TODO(gauravsh): Add error checking here to make sure TlclWriteLock
- * did not fail. We must jump to recovery in that case.
- */
- switch (type) {
- case FIRMWARE_KEY_VERSION:
- TlclWriteLock(FIRMWARE_KEY_VERSION_NV_INDEX);
- break;
- case FIRMWARE_VERSION:
- TlclWriteLock(FIRMWARE_VERSION_NV_INDEX);
- break;
- case KERNEL_KEY_VERSION:
- TlclWriteLock(KERNEL_KEY_VERSION_NV_INDEX);
- break;
- case KERNEL_VERSION:
- TlclWriteLock(KERNEL_VERSION_NV_INDEX);
- break;
+void LockFirmwareVersions() {
+ if (TlclSetGlobalLock() != TPM_SUCCESS) {
+ debug("failed to set global lock");
+ EnterRecovery();
+ }
+}
+
+void LockKernelVersionsByLockingPP() {
+ if (TlclLockPhysicalPresence() != TPM_SUCCESS) {
+ debug("failed to turn off PP");
+ EnterRecovery();
}
}
« no previous file with comments | « src/platform/vboot_reference/vboot_firmware/lib/kernel_image_fw.c ('k') | src/platform/vboot_reference/vboot_firmware/lib/tlcl.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698