OLD | NEW |
1 /* Software-Based Trusted Platform Module (TPM) Emulator for Linux | 1 /* Software-based Trusted Platform Module (TPM) Emulator |
2 * Copyright (C) 2004 Mario Strasser <mast@gmx.net>, | 2 * Copyright (C) 2004-2010 Mario Strasser <mast@gmx.net> |
3 * Swiss Federal Institute of Technology (ETH) Zurich, | 3 * 2005-2008 Heiko Stamer <stamer@gaos.org> |
4 * 2006, 2008 Heiko Stamer <stamer@gaos.org> | |
5 * | 4 * |
6 * This module is free software; you can redistribute it and/or modify | 5 * This module is free software; you can redistribute it and/or modify |
7 * it under the terms of the GNU General Public License as published | 6 * it under the terms of the GNU General Public License as published |
8 * by the Free Software Foundation; either version 2 of the License, | 7 * by the Free Software Foundation; either version 2 of the License, |
9 * or (at your option) any later version. | 8 * or (at your option) any later version. |
10 * | 9 * |
11 * This module is distributed in the hope that it will be useful, | 10 * This module is distributed in the hope that it will be useful, |
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of | 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of |
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
14 * GNU General Public License for more details. | 13 * GNU General Public License for more details. |
15 * | 14 * |
16 * $Id$ | 15 * $Id: tpm_capability.c 407 2010-02-19 11:14:52Z mast $ |
17 */ | 16 */ |
18 | 17 |
19 #include "tpm_emulator.h" | 18 #include "tpm_emulator.h" |
20 #include "tpm_commands.h" | 19 #include "tpm_commands.h" |
21 #include "tpm_marshalling.h" | 20 #include "tpm_marshalling.h" |
22 #include "tpm_data.h" | 21 #include "tpm_data.h" |
23 #include "tpm_handles.h" | 22 #include "tpm_handles.h" |
24 | 23 |
25 /* | 24 /* |
26 * The GetCapability Commands ([TPM_Part3], Section 7) | 25 * The GetCapability Commands ([TPM_Part3], Section 7) |
(...skipping 320 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
347 list.handle[i] = INDEX_TO_COUNTER_HANDLE(i); | 346 list.handle[i] = INDEX_TO_COUNTER_HANDLE(i); |
348 } | 347 } |
349 break; | 348 break; |
350 case TPM_RT_CONTEXT: | 349 case TPM_RT_CONTEXT: |
351 debug("[TPM_RT_CONTEXT]"); | 350 debug("[TPM_RT_CONTEXT]"); |
352 for (i = 0; i < TPM_MAX_SESSION_LIST; i++) | 351 for (i = 0; i < TPM_MAX_SESSION_LIST; i++) |
353 if (tpmData.stany.data.contextList[i] != 0) { | 352 if (tpmData.stany.data.contextList[i] != 0) { |
354 list.loaded++; | 353 list.loaded++; |
355 list.handle[i] = tpmData.stany.data.contextList[i]; | 354 list.handle[i] = tpmData.stany.data.contextList[i]; |
356 } | 355 } |
| 356 break; |
357 default: | 357 default: |
358 return TPM_BAD_MODE; | 358 return TPM_BAD_MODE; |
359 } | 359 } |
360 /* marshal handle list */ | 360 /* marshal handle list */ |
361 len = *respSize = 2 + list.loaded * 4; | 361 len = *respSize = 2 + list.loaded * 4; |
362 ptr = *resp = tpm_malloc(len); | 362 ptr = *resp = tpm_malloc(len); |
363 if (ptr == NULL || tpm_marshal_TPM_KEY_HANDLE_LIST(&ptr, &len, &list)) { | 363 if (ptr == NULL || tpm_marshal_TPM_KEY_HANDLE_LIST(&ptr, &len, &list)) { |
364 tpm_free(*resp); | 364 tpm_free(*resp); |
365 return TPM_FAIL; | 365 return TPM_FAIL; |
366 } | 366 } |
(...skipping 512 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
879 } | 879 } |
880 | 880 |
881 static TPM_RESULT set_perm_data(UINT32 subCap, BYTE *setValue, | 881 static TPM_RESULT set_perm_data(UINT32 subCap, BYTE *setValue, |
882 UINT32 setValueSize, BOOL ownerAuth, | 882 UINT32 setValueSize, BOOL ownerAuth, |
883 BOOL deactivated, BOOL disabled) | 883 BOOL deactivated, BOOL disabled) |
884 { | 884 { |
885 TPM_CMK_DELEGATE del; | 885 TPM_CMK_DELEGATE del; |
886 TPM_NONCE nonce; | 886 TPM_NONCE nonce; |
887 switch (subCap) { | 887 switch (subCap) { |
888 | 888 |
889 #ifdef TPM_ENABLE_PRNG_STATE_SETTING | |
890 case 16: | 889 case 16: |
891 if (setValueSize != sizeof(tpmData.permanent.data.rngState)) | 890 if (tpmConf & TPM_CONF_ALLOW_PRNG_STATE_SETTING) { |
| 891 if (setValueSize != sizeof(tpmData.permanent.data.rngState)) |
| 892 return TPM_BAD_PARAMETER; |
| 893 memcpy(&tpmData.permanent.data.rngState, setValue, setValueSize); |
| 894 return TPM_SUCCESS; |
| 895 } else { |
892 return TPM_BAD_PARAMETER; | 896 return TPM_BAD_PARAMETER; |
893 memcpy(&tpmData.permanent.data.rngState, setValue, setValueSize); | 897 } |
894 return TPM_SUCCESS; | |
895 #endif /* TPM_ENABLE_PRNG_STATE_SETTING */ | |
896 | |
897 | 898 |
898 case 23: | 899 case 23: |
899 if (!ownerAuth) return TPM_AUTHFAIL; | 900 if (!ownerAuth) return TPM_AUTHFAIL; |
900 if (deactivated) return TPM_DEACTIVATED; | 901 if (deactivated) return TPM_DEACTIVATED; |
901 if (disabled) return TPM_DISABLED; | 902 if (disabled) return TPM_DISABLED; |
902 if (tpm_unmarshal_TPM_CMK_DELEGATE(&setValue, &setValueSize, &del) != 0) | 903 if (tpm_unmarshal_TPM_CMK_DELEGATE(&setValue, &setValueSize, &del) != 0) |
903 return TPM_BAD_PARAMETER; | 904 return TPM_BAD_PARAMETER; |
904 tpmData.permanent.data.restrictDelegate = del; | 905 tpmData.permanent.data.restrictDelegate = del; |
905 return TPM_SUCCESS; | 906 return TPM_SUCCESS; |
906 | 907 |
(...skipping 115 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1022 res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER)
; | 1023 res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER)
; |
1023 if (res != TPM_SUCCESS) return res; | 1024 if (res != TPM_SUCCESS) return res; |
1024 ownerAuth = TRUE; | 1025 ownerAuth = TRUE; |
1025 } | 1026 } |
1026 /* unmarshal subCap */ | 1027 /* unmarshal subCap */ |
1027 if (tpm_unmarshal_UINT32(&subCap, &subCapSize, &subCapVal) != 0) | 1028 if (tpm_unmarshal_UINT32(&subCap, &subCapSize, &subCapVal) != 0) |
1028 return TPM_BAD_PARAMETER; | 1029 return TPM_BAD_PARAMETER; |
1029 /* set capability area */ | 1030 /* set capability area */ |
1030 switch (capArea) { | 1031 switch (capArea) { |
1031 case TPM_SET_PERM_FLAGS: | 1032 case TPM_SET_PERM_FLAGS: |
1032 debug("[TPM_SET_PERM_FLAGS]:%d", subCap); | 1033 debug("[TPM_SET_PERM_FLAGS]:%d", subCapVal); |
1033 if (setValueSize != 1 || setValue[0] & 0xfe) return TPM_BAD_PARAMETER; | 1034 if (setValueSize != 1 || setValue[0] & 0xfe) return TPM_BAD_PARAMETER; |
1034 return set_perm_flags(subCapVal, setValue[0], ownerAuth, | 1035 return set_perm_flags(subCapVal, setValue[0], ownerAuth, |
1035 deactivated, disabled); | 1036 deactivated, disabled); |
1036 case TPM_SET_STCLEAR_FLAGS: | 1037 case TPM_SET_STCLEAR_FLAGS: |
1037 debug("[TPM_SET_STCLEAR_FLAGS]:%d", subCap); | 1038 debug("[TPM_SET_STCLEAR_FLAGS]:%d", subCapVal); |
1038 if (setValueSize != 1 || setValue[0] & 0xfe) return TPM_BAD_PARAMETER; | 1039 if (setValueSize != 1 || setValue[0] & 0xfe) return TPM_BAD_PARAMETER; |
1039 return set_stclear_flags(subCapVal, setValue[0], ownerAuth, | 1040 return set_stclear_flags(subCapVal, setValue[0], ownerAuth, |
1040 deactivated, disabled); | 1041 deactivated, disabled); |
1041 case TPM_SET_STANY_FLAGS: | 1042 case TPM_SET_STANY_FLAGS: |
1042 debug("[TPM_SET_STANY_FLAGS]:%d", subCap); | 1043 debug("[TPM_SET_STANY_FLAGS]:%d", subCapVal); |
1043 if (setValueSize != 1 || setValue[0] & 0xfe) return TPM_BAD_PARAMETER; | 1044 if (setValueSize != 1 || setValue[0] & 0xfe) return TPM_BAD_PARAMETER; |
1044 return set_stany_flags(subCapVal, setValue[0], ownerAuth, | 1045 return set_stany_flags(subCapVal, setValue[0], ownerAuth, |
1045 deactivated, disabled); | 1046 deactivated, disabled); |
1046 case TPM_SET_PERM_DATA: | 1047 case TPM_SET_PERM_DATA: |
1047 debug("[TPM_SET_PERM_DATA]:%d", subCap); | 1048 debug("[TPM_SET_PERM_DATA]:%d", subCapVal); |
1048 return set_perm_data(subCapVal, setValue, setValueSize, ownerAuth, | 1049 return set_perm_data(subCapVal, setValue, setValueSize, ownerAuth, |
1049 deactivated, disabled); | 1050 deactivated, disabled); |
1050 case TPM_SET_STCLEAR_DATA: | 1051 case TPM_SET_STCLEAR_DATA: |
1051 debug("[TPM_SET_STCLEAR_DATA]:%d", subCap); | 1052 debug("[TPM_SET_STCLEAR_DATA]:%d", subCapVal); |
1052 return set_stclear_data(subCapVal, setValue, setValueSize, ownerAuth, | 1053 return set_stclear_data(subCapVal, setValue, setValueSize, ownerAuth, |
1053 deactivated, disabled); | 1054 deactivated, disabled); |
1054 case TPM_SET_STANY_DATA: | 1055 case TPM_SET_STANY_DATA: |
1055 debug("[TPM_SET_STANY_DATA]:%d", subCap); | 1056 debug("[TPM_SET_STANY_DATA]:%d", subCapVal); |
1056 return set_stany_data(subCapVal, setValue, setValueSize, ownerAuth, | 1057 return set_stany_data(subCapVal, setValue, setValueSize, ownerAuth, |
1057 deactivated, disabled); | 1058 deactivated, disabled); |
1058 case TPM_SET_VENDOR: | 1059 case TPM_SET_VENDOR: |
1059 debug("[TPM_SET_VENDOR]"); | 1060 debug("[TPM_SET_VENDOR]:%d", subCapVal); |
1060 return set_vendor(subCapVal, setValue, setValueSize, ownerAuth, | 1061 return set_vendor(subCapVal, setValue, setValueSize, ownerAuth, |
1061 deactivated, disabled); | 1062 deactivated, disabled); |
1062 } | 1063 } |
1063 return TPM_BAD_PARAMETER; | 1064 return TPM_BAD_PARAMETER; |
1064 } | 1065 } |
1065 | 1066 |
1066 TPM_RESULT TPM_GetCapabilityOwner(TPM_AUTH *auth1, TPM_VERSION *version, | 1067 TPM_RESULT TPM_GetCapabilityOwner(TPM_AUTH *auth1, TPM_VERSION *version, |
1067 UINT32 *non_volatile_flags, | 1068 UINT32 *non_volatile_flags, |
1068 UINT32 *volatile_flags) | 1069 UINT32 *volatile_flags) |
1069 { | 1070 { |
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1126 *volatile_flags |= (1 << 1); | 1127 *volatile_flags |= (1 << 1); |
1127 if (tpmData.stclear.flags.physicalPresence) | 1128 if (tpmData.stclear.flags.physicalPresence) |
1128 *volatile_flags |= (1 << 2); | 1129 *volatile_flags |= (1 << 2); |
1129 if (tpmData.stclear.flags.physicalPresenceLock) | 1130 if (tpmData.stclear.flags.physicalPresenceLock) |
1130 *volatile_flags |= (1 << 3); | 1131 *volatile_flags |= (1 << 3); |
1131 if (tpmData.stclear.flags.bGlobalLock) | 1132 if (tpmData.stclear.flags.bGlobalLock) |
1132 *volatile_flags |= (1 << 4); | 1133 *volatile_flags |= (1 << 4); |
1133 | 1134 |
1134 return TPM_SUCCESS; | 1135 return TPM_SUCCESS; |
1135 } | 1136 } |
OLD | NEW |