| OLD | NEW |
|---|
| 1 /* Copyright (c) 2010-2011 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010-2011 The Chromium OS Authors. All rights reserved. |
| 2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
| 3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
| 4 * | 4 * |
| 5 * Functions for querying, manipulating and locking rollback indices | 5 * Functions for querying, manipulating and locking rollback indices |
| 6 * stored in the TPM NVRAM. | 6 * stored in the TPM NVRAM. |
| 7 */ | 7 */ |
| 8 | 8 |
| 9 #include "rollback_index.h" | 9 #include "rollback_index.h" |
| 10 | 10 |
| (...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 96 RollbackSpaceKernel* rsk) { | 96 RollbackSpaceKernel* rsk) { |
| 97 static const RollbackSpaceFirmware rsf_init = { | 97 static const RollbackSpaceFirmware rsf_init = { |
| 98 ROLLBACK_SPACE_FIRMWARE_VERSION, 0, 0, 0}; | 98 ROLLBACK_SPACE_FIRMWARE_VERSION, 0, 0, 0}; |
| 99 static const RollbackSpaceKernel rsk_init = { | 99 static const RollbackSpaceKernel rsk_init = { |
| 100 ROLLBACK_SPACE_KERNEL_VERSION, ROLLBACK_SPACE_KERNEL_UID, 0, 0}; | 100 ROLLBACK_SPACE_KERNEL_VERSION, ROLLBACK_SPACE_KERNEL_UID, 0, 0}; |
| 101 TPM_PERMANENT_FLAGS pflags; | 101 TPM_PERMANENT_FLAGS pflags; |
| 102 uint32_t result; | 102 uint32_t result; |
| 103 | 103 |
| 104 VBDEBUG(("TPM: One-time initialization\n")); | 104 VBDEBUG(("TPM: One-time initialization\n")); |
| 105 | 105 |
| 106 /* Do a full test. This only happens the first time the device is turned on |
| 107 * in the factory, so performance is not an issue. This is almost certainly |
| 108 * not necessary, but it gives us more confidence about some code paths below |
| 109 * that are difficult to test---specifically the ones that set lifetime |
| 110 * flags, and are only executed once per physical TPM. */ |
| 111 result = TlclSelfTestFull(); |
| 112 if (result != TPM_SUCCESS) |
| 113 return result; |
| 114 |
| 106 result = TlclGetPermanentFlags(&pflags); | 115 result = TlclGetPermanentFlags(&pflags); |
| 107 if (result != TPM_SUCCESS) | 116 if (result != TPM_SUCCESS) |
| 108 return result; | 117 return result; |
| 109 | 118 |
| 110 /* TPM may come from the factory without physical presence finalized. Fix | 119 /* TPM may come from the factory without physical presence finalized. Fix |
| 111 * if necessary. */ | 120 * if necessary. */ |
| 112 VBDEBUG(("TPM: physicalPresenceLifetimeLock=%d\n", | 121 VBDEBUG(("TPM: physicalPresenceLifetimeLock=%d\n", |
| 113 pflags.physicalPresenceLifetimeLock)); | 122 pflags.physicalPresenceLifetimeLock)); |
| 114 if (!pflags.physicalPresenceLifetimeLock) { | 123 if (!pflags.physicalPresenceLifetimeLock) { |
| 115 VBDEBUG(("TPM: Finalizing physical presence\n")); | 124 VBDEBUG(("TPM: Finalizing physical presence\n")); |
| (...skipping 303 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 419 | 428 |
| 420 uint32_t RollbackKernelLock(void) { | 429 uint32_t RollbackKernelLock(void) { |
| 421 if (g_rollback_recovery_mode) { | 430 if (g_rollback_recovery_mode) { |
| 422 return TPM_SUCCESS; | 431 return TPM_SUCCESS; |
| 423 } else { | 432 } else { |
| 424 return TlclLockPhysicalPresence(); | 433 return TlclLockPhysicalPresence(); |
| 425 } | 434 } |
| 426 } | 435 } |
| 427 | 436 |
| 428 #endif // DISABLE_ROLLBACK_TPM | 437 #endif // DISABLE_ROLLBACK_TPM |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6688004:
Perform a full self test before one-time initialization. (Closed)
Base URL: http://git.chromium.org/git/vboot_reference.git@master