Chromium Code Reviews Chromium Code Reviews
Issue 3007036:
Enable TPM in developer mode again. (Closed)
Base URL: ssh://gitrw.chromium.org/vboot_reference.git| OLD | NEW |
|---|---|
| 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
| 3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
| 4 * | 4 * |
| 5 * High-level firmware API for loading and verifying rewritable firmware. | 5 * High-level firmware API for loading and verifying rewritable firmware. |
| 6 * (Firmware portion) | 6 * (Firmware portion) |
| 7 */ | 7 */ |
| 8 | 8 |
| 9 #include "load_firmware_fw.h" | 9 #include "load_firmware_fw.h" |
| 10 #include "rollback_index.h" | 10 #include "rollback_index.h" |
| (...skipping 23 matching lines...) Expand all Loading... | |
| 34 int LoadFirmware(LoadFirmwareParams* params) { | 34 int LoadFirmware(LoadFirmwareParams* params) { |
| 35 | 35 |
| 36 VbPublicKey* root_key = (VbPublicKey*)params->firmware_root_key_blob; | 36 VbPublicKey* root_key = (VbPublicKey*)params->firmware_root_key_blob; |
| 37 VbLoadFirmwareInternal* lfi; | 37 VbLoadFirmwareInternal* lfi; |
| 38 | 38 |
| 39 uint16_t tpm_key_version = 0; | 39 uint16_t tpm_key_version = 0; |
| 40 uint16_t tpm_fw_version = 0; | 40 uint16_t tpm_fw_version = 0; |
| 41 uint64_t lowest_key_version = 0xFFFF; | 41 uint64_t lowest_key_version = 0xFFFF; |
| 42 uint64_t lowest_fw_version = 0xFFFF; | 42 uint64_t lowest_fw_version = 0xFFFF; |
| 43 uint32_t status; | 43 uint32_t status; |
| 44 int is_dev = (BOOT_FLAG_DEVELOPER & params->boot_flags ? 1 : 0); | |
| 45 int good_index = -1; | 44 int good_index = -1; |
| 46 int index; | 45 int index; |
| 47 | 46 |
| 48 /* Clear output params in case we fail */ | 47 /* Clear output params in case we fail */ |
| 49 params->firmware_index = 0; | 48 params->firmware_index = 0; |
| 50 | 49 |
| 51 VBDEBUG(("LoadFirmware started...\n")); | 50 VBDEBUG(("LoadFirmware started...\n")); |
| 52 | 51 |
| 53 if (params->kernel_sign_key_size < sizeof(VbPublicKey)) { | 52 if (params->kernel_sign_key_size < sizeof(VbPublicKey)) { |
| 54 VBDEBUG(("Kernel sign key buffer too small\n")); | 53 VBDEBUG(("Kernel sign key buffer too small\n")); |
| 55 return LOAD_FIRMWARE_RECOVERY; | 54 return LOAD_FIRMWARE_RECOVERY; |
| 56 } | 55 } |
| 57 | 56 |
| 58 /* Must have a root key */ | 57 /* Must have a root key */ |
| 59 if (!root_key) { | 58 if (!root_key) { |
| 60 VBDEBUG(("No root key\n")); | 59 VBDEBUG(("No root key\n")); |
| 61 return LOAD_FIRMWARE_RECOVERY; | 60 return LOAD_FIRMWARE_RECOVERY; |
| 62 } | 61 } |
| 63 | 62 |
| 64 /* Initialize the TPM and read rollback indices. */ | 63 /* Initialize the TPM and read rollback indices. */ |
| 65 if (!is_dev) { | 64 status = RollbackFirmwareSetup(params->boot_flags & BOOT_FLAG_DEVELOPER); |
| 66 /* TODO: should use the TPM all the time; for now, only use when | 65 if (0 != status) { |
| 67 * not in developer mode. */ | 66 VBDEBUG(("Unable to setup TPM.\n")); |
|
semenzato
2010/08/05 19:50:53
This message may be too scary when the firmware is
| |
| 68 status = RollbackFirmwareSetup(params->boot_flags & BOOT_FLAG_DEVELOPER); | 67 return (status == TPM_E_MUST_REBOOT ? |
| 69 if (0 != status) { | 68 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); |
| 70 VBDEBUG(("Unable to setup TPM.\n")); | 69 } |
| 71 return (status == TPM_E_MUST_REBOOT ? | 70 status = RollbackFirmwareRead(&tpm_key_version, &tpm_fw_version); |
| 72 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); | 71 if (0 != status) { |
| 73 } | 72 VBDEBUG(("Unable to read stored versions.\n")); |
| 74 status = RollbackFirmwareRead(&tpm_key_version, &tpm_fw_version); | 73 return (status == TPM_E_MUST_REBOOT ? |
| 75 if (0 != status) { | 74 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); |
| 76 VBDEBUG(("Unable to read stored versions.\n")); | |
| 77 return (status == TPM_E_MUST_REBOOT ? | |
| 78 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); | |
| 79 } | |
| 80 } | 75 } |
| 81 | 76 |
| 82 /* Allocate our internal data */ | 77 /* Allocate our internal data */ |
| 83 lfi = (VbLoadFirmwareInternal*)Malloc(sizeof(VbLoadFirmwareInternal)); | 78 lfi = (VbLoadFirmwareInternal*)Malloc(sizeof(VbLoadFirmwareInternal)); |
| 84 if (!lfi) | 79 if (!lfi) |
| 85 return LOAD_FIRMWARE_RECOVERY; | 80 return LOAD_FIRMWARE_RECOVERY; |
| 86 params->load_firmware_internal = (uint8_t*)lfi; | 81 params->load_firmware_internal = (uint8_t*)lfi; |
| 87 | 82 |
| 88 /* Loop over indices */ | 83 /* Loop over indices */ |
| 89 for (index = 0; index < 2; index++) { | 84 for (index = 0; index < 2; index++) { |
| (...skipping 133 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 223 params->load_firmware_internal = NULL; | 218 params->load_firmware_internal = NULL; |
| 224 | 219 |
| 225 /* Handle finding good firmware */ | 220 /* Handle finding good firmware */ |
| 226 if (good_index >= 0) { | 221 if (good_index >= 0) { |
| 227 | 222 |
| 228 /* Update TPM if necessary */ | 223 /* Update TPM if necessary */ |
| 229 if ((lowest_key_version > tpm_key_version) || | 224 if ((lowest_key_version > tpm_key_version) || |
| 230 (lowest_key_version == tpm_key_version && | 225 (lowest_key_version == tpm_key_version && |
| 231 lowest_fw_version > tpm_fw_version)) { | 226 lowest_fw_version > tpm_fw_version)) { |
| 232 | 227 |
| 233 if (!is_dev) { | 228 status = RollbackFirmwareWrite((uint16_t)lowest_key_version, |
| 234 /* TODO: should use the TPM all the time; for now, only use | 229 (uint16_t)lowest_fw_version); |
| 235 * when not in developer mode. */ | |
| 236 status = RollbackFirmwareWrite((uint16_t)lowest_key_version, | |
| 237 (uint16_t)lowest_fw_version); | |
| 238 if (0 != status) { | |
| 239 VBDEBUG(("Unable to write stored versions.\n")); | |
| 240 return (status == TPM_E_MUST_REBOOT ? | |
| 241 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); | |
| 242 } | |
| 243 } | |
| 244 } | |
| 245 | |
| 246 if (!is_dev) { | |
| 247 /* TODO: should use the TPM all the time; for now, only use | |
| 248 * when not in developer mode. */ | |
| 249 /* Lock firmware versions in TPM */ | |
| 250 status = RollbackFirmwareLock(); | |
| 251 if (0 != status) { | 230 if (0 != status) { |
| 252 VBDEBUG(("Unable to lock firmware versions.\n")); | 231 VBDEBUG(("Unable to write stored versions.\n")); |
| 253 return (status == TPM_E_MUST_REBOOT ? | 232 return (status == TPM_E_MUST_REBOOT ? |
| 254 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); | 233 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); |
| 255 } | 234 } |
| 256 } | 235 } |
| 257 | 236 |
| 237 /* Lock firmware versions in TPM */ | |
| 238 status = RollbackFirmwareLock(); | |
| 239 if (0 != status) { | |
| 240 VBDEBUG(("Unable to lock firmware versions.\n")); | |
| 241 return (status == TPM_E_MUST_REBOOT ? | |
| 242 LOAD_FIRMWARE_REBOOT : LOAD_FIRMWARE_RECOVERY); | |
| 243 } | |
| 244 | |
| 258 /* Success */ | 245 /* Success */ |
| 259 VBDEBUG(("Will boot firmware index %d\n", (int)params->firmware_index)); | 246 VBDEBUG(("Will boot firmware index %d\n", (int)params->firmware_index)); |
| 260 return LOAD_FIRMWARE_SUCCESS; | 247 return LOAD_FIRMWARE_SUCCESS; |
| 261 } | 248 } |
| 262 | 249 |
| 263 /* If we're still here, no good firmware, so go to recovery mode. */ | 250 /* If we're still here, no good firmware, so go to recovery mode. */ |
| 264 VBDEBUG(("Alas, no good firmware.\n")); | 251 VBDEBUG(("Alas, no good firmware.\n")); |
| 265 return LOAD_FIRMWARE_RECOVERY; | 252 return LOAD_FIRMWARE_RECOVERY; |
| 266 } | 253 } |
| OLD | NEW |
