1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
|
/********************************************************************************/
/* */
/* ACT Command Support */
/* Written by Ken Goldman */
/* IBM Thomas J. Watson Research Center */
/* $Id: Object_spt.c 1490 2019-07-26 21:13:22Z kgoldman $ */
/* */
/* Licenses and Notices */
/* */
/* 1. Copyright Licenses: */
/* */
/* - Trusted Computing Group (TCG) grants to the user of the source code in */
/* this specification (the "Source Code") a worldwide, irrevocable, */
/* nonexclusive, royalty free, copyright license to reproduce, create */
/* derivative works, distribute, display and perform the Source Code and */
/* derivative works thereof, and to grant others the rights granted herein. */
/* */
/* - The TCG grants to the user of the other parts of the specification */
/* (other than the Source Code) the rights to reproduce, distribute, */
/* display, and perform the specification solely for the purpose of */
/* developing products based on such documents. */
/* */
/* 2. Source Code Distribution Conditions: */
/* */
/* - Redistributions of Source Code must retain the above copyright licenses, */
/* this list of conditions and the following disclaimers. */
/* */
/* - Redistributions in binary form must reproduce the above copyright */
/* licenses, this list of conditions and the following disclaimers in the */
/* documentation and/or other materials provided with the distribution. */
/* */
/* 3. Disclaimers: */
/* */
/* - THE COPYRIGHT LICENSES SET FORTH ABOVE DO NOT REPRESENT ANY FORM OF */
/* LICENSE OR WAIVER, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, WITH */
/* RESPECT TO PATENT RIGHTS HELD BY TCG MEMBERS (OR OTHER THIRD PARTIES) */
/* THAT MAY BE NECESSARY TO IMPLEMENT THIS SPECIFICATION OR OTHERWISE. */
/* Contact TCG Administration (admin@trustedcomputinggroup.org) for */
/* information on specification licensing rights available through TCG */
/* membership agreements. */
/* */
/* - THIS SPECIFICATION IS PROVIDED "AS IS" WITH NO EXPRESS OR IMPLIED */
/* WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY OR */
/* FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, COMPLETENESS, OR */
/* NONINFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS, OR ANY WARRANTY */
/* OTHERWISE ARISING OUT OF ANY PROPOSAL, SPECIFICATION OR SAMPLE. */
/* */
/* - Without limitation, TCG and its members and licensors disclaim all */
/* liability, including liability for infringement of any proprietary */
/* rights, relating to use of information in this specification and to the */
/* implementation of this specification, and TCG disclaims all liability for */
/* cost of procurement of substitute goods or services, lost profits, loss */
/* of use, loss of data or any incidental, consequential, direct, indirect, */
/* or special damages, whether under contract, tort, warranty or otherwise, */
/* arising in any way out of use or reliance upon this specification or any */
/* information herein. */
/* */
/* (c) Copyright IBM Corp. and others, 2016 - 2020 */
/* */
/********************************************************************************/
/* 7.8 ACT Support (ACT_spt.c) */
/* 7.8.1 Introduction */
/* This code implements the ACT update code. It does not use a mutex. This code uses a platform
service (_plat__ACT_UpdateCounter()) that returns false if the update is not accepted. If this
occurs, then TPM_RC_RETRY should be sent to the caller so that they can retry the operation
later. The implementation of this is platform dependent but the reference uses a simple flag to
indicate that an update is pending and the only process that can clear that flag is the process
that does the actual update. */
/* 7.8.2 Includes */
#include "Tpm.h"
#include "ACT_spt_fp.h"
#include "Platform_fp.h"
#include "PlatformACT_fp.h" /* added kgold */
/* 7.8.3 Functions */
/* 7.8.3.1 _ActResume() */
/* This function does the resume processing for an ACT. It updates the saved count and turns
signaling back on if necessary. */
#ifndef __ACT_DISABLED // libtpms added
static void
_ActResume(
UINT32 act, //IN: the act number
ACT_STATE *actData //IN: pointer to the saved ACT data
)
{
// If the act was non-zero, then restore the counter value.
if(actData->remaining > 0)
_plat__ACT_UpdateCounter(act, actData->remaining);
// if the counter was zero and the ACT signaling, enable the signaling.
else if(go.signaledACT & (1 << act))
_plat__ACT_SetSignaled(act, TRUE);
}
#endif // libtpms added
/* 7.8.3.2 ActStartup() */
/* This function is called by TPM2_Startup() to initialize the ACT counter values. */
BOOL
ActStartup(
STARTUP_TYPE type
)
{
// Reset all the ACT hardware
_plat__ACT_Initialize();
// If this not a cold start, copy all the current 'signaled' settings to
// 'preservedSignaled'.
#ifndef __ACT_DISABLED // libtpms added
if (g_powerWasLost)
go.preservedSignaled = 0;
else
go.preservedSignaled |= go.signaledACT;
#endif // libtpms added
// For TPM_RESET or TPM_RESTART, the ACTs will all be disabled and the output
// de-asserted.
if(type != SU_RESUME)
{
#ifndef __ACT_DISABLED // libtpms added
go.signaledACT = 0;
#endif // libtpms added
#define CLEAR_ACT_POLICY(N) \
go.ACT_##N.hashAlg = TPM_ALG_NULL; \
go.ACT_##N.authPolicy.b.size = 0;
FOR_EACH_ACT(CLEAR_ACT_POLICY)
}
else
{
// Resume each of the implemented ACT
#define RESUME_ACT(N) _ActResume(0x##N, &go.ACT_##N);
FOR_EACH_ACT(RESUME_ACT)
}
// set no ACT updated since last startup. This is to enable the halving of the
// timeout value
s_ActUpdated = 0;
_plat__ACT_EnableTicks(TRUE);
return TRUE;
}
/* 7.8.3.3 _ActSaveState() */
/* Get the counter state and the signaled state for an ACT. If the ACT has not been updated since
the last time it was saved, then divide the count by 2. */
#ifndef __ACT_DISABLED // libtpms added
static void
_ActSaveState(
UINT32 act,
P_ACT_STATE actData
)
{
actData->remaining = _plat__ACT_GetRemaining(act);
// If the ACT hasn't been updated since the last startup, then it should be
// be halved.
if((s_ActUpdated & (1 << act)) == 0)
{
// Don't halve if the count is set to max or if halving would make it zero
if((actData->remaining != UINT32_MAX) && (actData->remaining > 1))
actData->remaining /= 2;
}
if(_plat__ACT_GetSignaled(act))
go.signaledACT |= (1 << act);
}
/* 7.8.3.4 ActGetSignaled() */
/* This function returns the state of the signaled flag associated with an ACT. */
BOOL
ActGetSignaled(
TPM_RH actHandle
)
{
UINT32 act = actHandle - TPM_RH_ACT_0;
//
return _plat__ACT_GetSignaled(act);
}
#endif // libtpms added
/* 7.8.3.5 ActShutdown() */
/* This function saves the current state of the counters */
BOOL
ActShutdown(
TPM_SU state //IN: the type of the shutdown.
)
{
// if this is not shutdown state, then the only type of startup is TPM_RESTART
// so the timer values will be cleared. If this is shutdown state, get the current
// countdown and signaled values. Plus, if the counter has not been updated
// since the last restart, divide the time by 2 so that there is no attack on the
// countdown by saving the countdown state early and then not using the TPM.
if(state == TPM_SU_STATE)
{
// This will be populated as each of the ACT is queried
#ifndef __ACT_DISABLED // libtpms added
go.signaledACT = 0;
#endif // libtpms added
// Get the current count and the signaled state
#define SAVE_ACT_STATE(N) _ActSaveState(0x##N, &go.ACT_##N);
FOR_EACH_ACT(SAVE_ACT_STATE);
}
return TRUE;
}
/* 7.8.3.6 ActIsImplemented() */
/* This function determines if an ACT is implemented in both the TPM and the platform code. */
BOOL
ActIsImplemented(
UINT32 act
)
{
#define CASE_ACT_
// This switch accounts for the TPM implemented values.
switch(act)
{
#ifndef __ACT_DISABLED // libtpms added
FOR_EACH_ACT(CASE_ACT_NUMBER)
// This ensures that the platorm implemented the values implemented by
// the TPM
return _plat__ACT_GetImplemented(act);
#endif // libtpms added
default:
break;
}
return FALSE;
}
/* 7.8.3.7 ActCounterUpdate() */
/* This function updates the ACT counter. If the counter already has a pending update, it returns
TPM_RC_RETRY so that the update can be tried again later. */
#if CC_ACT_SetTimeout // libtpms added
TPM_RC
ActCounterUpdate(
TPM_RH handle, //IN: the handle of the act
UINT32 newValue //IN: the value to set in the ACT
)
{
UINT32 act;
TPM_RC result;
//
act = handle - TPM_RH_ACT_0;
// This should never fail, but...
if(!_plat__ACT_GetImplemented(act))
result = TPM_RC_VALUE;
else
{
// Will need to clear orderly so fail if we are orderly and NV is not available
if(NV_IS_ORDERLY)
RETURN_IF_NV_IS_NOT_AVAILABLE;
// if the attempt to update the counter fails, it means that there is an
// update pending so wait until it has occurred and then do an update.
if(!_plat__ACT_UpdateCounter(act, newValue))
result = TPM_RC_RETRY;
else
{
// Indicate that the ACT has been updated since last TPM2_Startup().
s_ActUpdated |= (UINT16)(1 << act);
// Clear the preservedSignaled attribute.
go.preservedSignaled &= ~((UINT16)(1 << act));
// Need to clear the orderly flag
g_clearOrderly = TRUE;
result = TPM_RC_SUCCESS;
}
}
return result;
}
#endif // libtpms added
/* 7.8.3.8 ActGetCapabilityData() */
/* This function returns the list of ACT data */
/* Return Value Meaning */
/* YES if more ACT data is available */
/* NO if no more ACT data to */
TPMI_YES_NO
ActGetCapabilityData(
TPM_HANDLE actHandle, // IN: the handle for the starting ACT
UINT32 maxCount, // IN: maximum allowed return values
TPML_ACT_DATA *actList // OUT: ACT data list
)
{
// Initialize output property list
actList->count = 0;
// Make sure that the starting handle value is in range (again)
if((actHandle < TPM_RH_ACT_0) || (actHandle > TPM_RH_ACT_F))
return FALSE;
// The maximum count of curves we may return is MAX_ECC_CURVES
if(maxCount > MAX_ACT_DATA)
maxCount = MAX_ACT_DATA;
// Scan the ACT data from the starting ACT
for(; actHandle <= TPM_RH_ACT_F; actHandle++)
{
UINT32 act = actHandle - TPM_RH_ACT_0;
if(actList->count < maxCount)
{
if(ActIsImplemented(act))
{
TPMS_ACT_DATA *actData = &actList->actData[actList->count];
//
memset(&actData->attributes, 0, sizeof(actData->attributes));
actData->handle = actHandle;
actData->timeout = _plat__ACT_GetRemaining(act);
if (_plat__ACT_GetSignaled(act))
SET_ATTRIBUTE(actData->attributes, TPMA_ACT, signaled);
else
CLEAR_ATTRIBUTE(actData->attributes, TPMA_ACT, signaled);
actList->count++;
}
}
else
{
if(_plat__ACT_GetImplemented(act))
return YES;
}
}
// If we get here, either all of the ACT values were put in the list, or the list
// was filled and there are no more ACT values to return
return NO;
}
|
