OLD | NEW |
1 #!/bin/sh -u | 1 #!/bin/sh -u |
2 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 2 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
3 # Use of this source code is governed by a BSD-style license that can be | 3 # Use of this source code is governed by a BSD-style license that can be |
4 # found in the LICENSE file. | 4 # found in the LICENSE file. |
5 # | 5 # |
6 # Run TPM diagnostics in recovery mode, and attempt to fix problems. This is | 6 # Run TPM diagnostics in recovery mode, and attempt to fix problems. This is |
7 # specific to devices with chromeos firmware. | 7 # specific to devices with chromeos firmware. |
8 # | 8 # |
9 # Usage: chromeos_tpm_recovery <log file> | 9 # Usage: chromeos_tpm_recovery <log file> |
10 # | 10 # |
11 # Most of the diagnostics examine the TPM state and try to fix it. This may | 11 # Most of the diagnostics examine the TPM state and try to fix it. This may |
12 # require clearing TPM ownership. | 12 # require clearing TPM ownership. |
13 | 13 |
14 tpmc=${USR_BIN:=/usr/bin}/tpmc | 14 tpmc=${USR_BIN:=/usr/bin}/tpmc |
15 nvtool=$USR_BIN/tpm-nvtool | 15 nvtool=${USR_LOCAL_BIN:=/usr/local/bin}/tpm-nvtool |
16 tpm_takeownership=${USR_SBIN:=/usr/sbin}/tpm_takeownership | 16 tpm_takeownership=${USR_LOCAL_SBIN:=/usr/local/sbin}/tpm_takeownership |
17 tcsd=$USR_SBIN/tcsd | 17 tcsd=${USR_SBIN:=/usr/sbin}/tcsd |
18 dot_recovery=${DOT_RECOVERY:=/mnt/stateful_partition/.recovery} | 18 dot_recovery=${DOT_RECOVERY:=/mnt/stateful_partition/.recovery} |
19 acpi=${ACPI_DIR:=/sys/devices/platform/chromeos_acpi} | 19 acpi=${ACPI_DIR:=/sys/devices/platform/chromeos_acpi} |
20 awk=/usr/bin/awk | 20 awk=/usr/bin/awk |
21 | 21 |
22 # At the time this script starts, we assume the following holds: | 22 # At the time this script starts, we assume the following holds: |
23 # | 23 # |
24 # - TPM may be owned, but not with the well-known password | 24 # - TPM may be owned, but not with the well-known password |
25 # - tcsd has not been started | 25 # - tcsd has not been started |
26 | 26 |
27 tpm_owned_with_well_known_password=0 | 27 tpm_owned_with_well_known_password=0 |
(...skipping 17 matching lines...) Expand all Loading... |
45 # bit <n> <i> outputs bit i of number n, with bit 0 being the lsb. | 45 # bit <n> <i> outputs bit i of number n, with bit 0 being the lsb. |
46 | 46 |
47 bit () { | 47 bit () { |
48 echo $(( ( $1 >> $2 ) & 1 )) | 48 echo $(( ( $1 >> $2 ) & 1 )) |
49 } | 49 } |
50 | 50 |
51 ensure_tcsd_is_running () { | 51 ensure_tcsd_is_running () { |
52 if [ $tcsd_pid = 0 ]; then | 52 if [ $tcsd_pid = 0 ]; then |
53 $tcsd -f & | 53 $tcsd -f & |
54 tcsd_pid=$! | 54 tcsd_pid=$! |
| 55 sleep 2 # give tcsd time to initialize |
55 fi | 56 fi |
56 } | 57 } |
57 | 58 |
58 ensure_tcsd_is_not_running () { | 59 ensure_tcsd_is_not_running () { |
59 if [ $tcsd_pid != 0 ]; then | 60 if [ $tcsd_pid != 0 ]; then |
60 kill $tcsd_pid | 61 kill $tcsd_pid |
| 62 sleep 0.5 |
| 63 kill $tcsd_pid > /dev/null 2>&1 |
| 64 sleep 0.5 |
61 wait $tcsd_pid > /dev/null 2>&1 # we trust that tcsd will agree to die | 65 wait $tcsd_pid > /dev/null 2>&1 # we trust that tcsd will agree to die |
62 tcsd_pid=0 | 66 tcsd_pid=0 |
63 fi | 67 fi |
64 } | 68 } |
65 | 69 |
66 tpm_clear_and_reenable () { | 70 tpm_clear_and_reenable () { |
67 ensure_tcsd_is_not_running | 71 ensure_tcsd_is_not_running |
68 $tpmc clear | 72 $tpmc clear |
69 $tpmc enable | 73 $tpmc enable |
70 $tpmc activate | 74 $tpmc activate |
(...skipping 174 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
245 | 249 |
246 # Sanity check: are we executing in a recovery image? | 250 # Sanity check: are we executing in a recovery image? |
247 | 251 |
248 if [ ! -e $dot_recovery ]; then | 252 if [ ! -e $dot_recovery ]; then |
249 quit "not a recovery image" | 253 quit "not a recovery image" |
250 fi | 254 fi |
251 | 255 |
252 # Mnemonic: "B, I, N, F, O, and BINFO was his name-o." | 256 # Mnemonic: "B, I, N, F, O, and BINFO was his name-o." |
253 # Except it's a zero (0), not an O. | 257 # Except it's a zero (0), not an O. |
254 BINF0=$acpi/BINF.0 | 258 BINF0=$acpi/BINF.0 |
255 CRSW=$acpi/CRSW | 259 CHSW=$acpi/CHSW |
256 | 260 |
257 # There is no point running unless this a ChromeOS device. | 261 # There is no point running unless this a ChromeOS device. |
258 | 262 |
259 if [ ! -e $BINF0 ]; then | 263 if [ ! -e $BINF0 ]; then |
260 log "not a chromeos device, exiting" | 264 log "not a chromeos device, exiting" |
261 exit 0 | 265 exit 0 |
262 fi | 266 fi |
263 | 267 |
264 BOOT_REASON=$(cat $BINF0) | 268 BOOT_REASON=$(cat $BINF0) |
265 log "boot reason is $BOOT_REASON" | 269 log "boot reason is $BOOT_REASON" |
(...skipping 28 matching lines...) Expand all Loading... |
294 if $tpmc getvf | grep -q "physicalPresence 0"; then | 298 if $tpmc getvf | grep -q "physicalPresence 0"; then |
295 log_tryfix "physical presence is OFF, expected ON" | 299 log_tryfix "physical presence is OFF, expected ON" |
296 # attempt to turn on physical presence | 300 # attempt to turn on physical presence |
297 if $tpmc ppon; then | 301 if $tpmc ppon; then |
298 log "physical presence is now on" | 302 log "physical presence is now on" |
299 else | 303 else |
300 quit "could not turn physical presence on" | 304 quit "could not turn physical presence on" |
301 fi | 305 fi |
302 fi | 306 fi |
303 | 307 |
304 DEV_MODE_NOW=$(bit $(cat $CRSW) 4) | 308 DEV_MODE_NOW=$(bit $(cat $CHSW) 4) |
305 DEV_MODE_AT_BOOT=$(bit $(cat $CRSW) 5) | 309 DEV_MODE_AT_BOOT=$(bit $(cat $CHSW) 5) |
306 | 310 |
307 # Check that bGlobalLock is unset | 311 # Check that bGlobalLock is unset |
308 | 312 |
309 if [ $DEV_MODE_NOW != $DEV_MODE_AT_BOOT ]; then | 313 if [ $DEV_MODE_NOW != $DEV_MODE_AT_BOOT ]; then |
310 # this is either too weird or malicious, so we give up | 314 # this is either too weird or malicious, so we give up |
311 quit "dev mode is $DEV_MODE_NOW, but was $DEV_MODE_AT_BOOT at boot" | 315 quit "dev mode is $DEV_MODE_NOW, but was $DEV_MODE_AT_BOOT at boot" |
312 fi | 316 fi |
313 | 317 |
314 BGLOBALLOCK=$($tpmc getvf | $awk '/bGlobalLock/ {print $2;}') | 318 BGLOBALLOCK=$($tpmc getvf | $awk '/bGlobalLock/ {print $2;}') |
315 | 319 |
316 if [ 0 -ne $BGLOBALLOCK ]; then | 320 if [ 0 -ne $BGLOBALLOCK ]; then |
317 # this indicates either TPM malfunction or firmware malfunction. | 321 # this indicates either TPM malfunction or firmware malfunction. |
318 log "bGlobalLock is $BGLOBALLOCK (dev mode is $DEV_MODE_NOW)." | 322 log "bGlobalLock is $BGLOBALLOCK (dev mode is $DEV_MODE_NOW)." |
319 fi | 323 fi |
320 | 324 |
321 # Check firmware and kernel spaces | 325 # Check firmware and kernel spaces |
322 fix_space 0x1007 0x8001 0xa "01 00 00 00 00 00 00 00 00 00" || \ | 326 fix_space 0x1007 0x8001 0xa "01 00 00 00 00 00 00 00 00 00" || \ |
323 log "could not fix firmware space" | 327 log "could not fix firmware space" |
324 fix_space 0x1008 0x1 0xd "01 4c 57 52 47 00 00 00 00 00 00 00 00" || \ | 328 fix_space 0x1008 0x1 0xd "01 4c 57 52 47 00 00 00 00 00 00 00 00" || \ |
325 log "could not fix kernel space" | 329 log "could not fix kernel space" |
326 | 330 |
327 # Cleanup: don't leave the tpm owned with the well-known password. | 331 # Cleanup: don't leave the tpm owned with the well-known password. |
328 if [ $tpm_owned_with_well_known_password -eq 1 ]; then | 332 if [ $tpm_owned_with_well_known_password -eq 1 ]; then |
329 tpm_clear_and_reenable | 333 tpm_clear_and_reenable |
330 fi | 334 fi |
331 | 335 |
332 ensure_tcsd_is_not_running | 336 ensure_tcsd_is_not_running |
| 337 log "tpm recovery has completed" |
OLD | NEW |