1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
|
/********************************************************************************/
/* */
/* Functions for testing various command properties */
/* Written by Ken Goldman */
/* IBM Thomas J. Watson Research Center */
/* $Id: CommandCodeAttributes.c 1594 2020-03-26 22:15:48Z kgoldman $ */
/* */
/* Licenses and Notices */
/* */
/* 1. Copyright Licenses: */
/* */
/* - Trusted Computing Group (TCG) grants to the user of the source code in */
/* this specification (the "Source Code") a worldwide, irrevocable, */
/* nonexclusive, royalty free, copyright license to reproduce, create */
/* derivative works, distribute, display and perform the Source Code and */
/* derivative works thereof, and to grant others the rights granted herein. */
/* */
/* - The TCG grants to the user of the other parts of the specification */
/* (other than the Source Code) the rights to reproduce, distribute, */
/* display, and perform the specification solely for the purpose of */
/* developing products based on such documents. */
/* */
/* 2. Source Code Distribution Conditions: */
/* */
/* - Redistributions of Source Code must retain the above copyright licenses, */
/* this list of conditions and the following disclaimers. */
/* */
/* - Redistributions in binary form must reproduce the above copyright */
/* licenses, this list of conditions and the following disclaimers in the */
/* documentation and/or other materials provided with the distribution. */
/* */
/* 3. Disclaimers: */
/* */
/* - THE COPYRIGHT LICENSES SET FORTH ABOVE DO NOT REPRESENT ANY FORM OF */
/* LICENSE OR WAIVER, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, WITH */
/* RESPECT TO PATENT RIGHTS HELD BY TCG MEMBERS (OR OTHER THIRD PARTIES) */
/* THAT MAY BE NECESSARY TO IMPLEMENT THIS SPECIFICATION OR OTHERWISE. */
/* Contact TCG Administration (admin@trustedcomputinggroup.org) for */
/* information on specification licensing rights available through TCG */
/* membership agreements. */
/* */
/* - THIS SPECIFICATION IS PROVIDED "AS IS" WITH NO EXPRESS OR IMPLIED */
/* WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY OR */
/* FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, COMPLETENESS, OR */
/* NONINFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS, OR ANY WARRANTY */
/* OTHERWISE ARISING OUT OF ANY PROPOSAL, SPECIFICATION OR SAMPLE. */
/* */
/* - Without limitation, TCG and its members and licensors disclaim all */
/* liability, including liability for infringement of any proprietary */
/* rights, relating to use of information in this specification and to the */
/* implementation of this specification, and TCG disclaims all liability for */
/* cost of procurement of substitute goods or services, lost profits, loss */
/* of use, loss of data or any incidental, consequential, direct, indirect, */
/* or special damages, whether under contract, tort, warranty or otherwise, */
/* arising in any way out of use or reliance upon this specification or any */
/* information herein. */
/* */
/* (c) Copyright IBM Corp. and others, 2016 - 2020 */
/* */
/********************************************************************************/
/* 9.3 CommandCodeAttributes.c */
/* 9.3.1 Introduction */
/* This file contains the functions for testing various command properties. */
/* 9.3.2 Includes and Defines */
#include "Tpm.h"
#include "CommandCodeAttributes_fp.h"
/* Set the default value for CC_VEND if not already set */
#ifndef CC_VEND
#define CC_VEND (TPM_CC)(0x20000000)
#endif
typedef UINT16 ATTRIBUTE_TYPE;
/* The following file is produced from the command tables in part 3 of the specification. It defines
the attributes for each of the commands. */
/* NOTE: This file is currently produced by an automated process. Files produced from Part 2 or Part
3 tables through automated processes are not included in the specification so that there is no
ambiguity about the table containing the information being the normative definition. */
#define _COMMAND_CODE_ATTRIBUTES_
#include "CommandAttributeData.h"
/* 9.3.3 Command Attribute Functions */
/* 9.3.3.1 NextImplementedIndex() */
/* This function is used when the lists are not compressed. In a compressed list, only the
implemented commands are present. So, a search might find a value but that value may not be
implemented. This function checks to see if the input commandIndex points to an implemented
command and, if not, it searches upwards until it finds one. When the list is compressed, this
function gets defined as a no-op. */
/* Return Value Meaning */
/* UNIMPLEMENTED_COMMAND_INDEX command is not implemented */
/* other index of the command */
#if !COMPRESSED_LISTS
static COMMAND_INDEX
NextImplementedIndex(
COMMAND_INDEX commandIndex
)
{
for(;commandIndex < COMMAND_COUNT; commandIndex++)
{
if(s_commandAttributes[commandIndex] & IS_IMPLEMENTED)
return commandIndex;
}
return UNIMPLEMENTED_COMMAND_INDEX;
}
#else
#define NextImplementedIndex(x) (x)
#endif
/* 9.3.3.2 GetClosestCommandIndex() */
/* This function returns the command index for the command with a value that is equal to or greater
than the input value */
/* Return Value Meaning */
/* UNIMPLEMENTED_COMMAND_INDEX command is not implemented */
/* other index of the command */
COMMAND_INDEX
GetClosestCommandIndex(
TPM_CC commandCode // IN: the command code to start at
)
{
BOOL vendor = (commandCode & CC_VEND) != 0;
COMMAND_INDEX searchIndex = (COMMAND_INDEX)commandCode;
// The commandCode is a UINT32 and the search index is UINT16. We are going to
// search for a match but need to make sure that the commandCode value is not
// out of range. To do this, need to clear the vendor bit of the commandCode
// (if set) and compare the result to the 16-bit searchIndex value. If it is
// out of range, indicate that the command is not implemented
if((commandCode & ~CC_VEND) != searchIndex)
return UNIMPLEMENTED_COMMAND_INDEX;
// if there is at least one vendor command, the last entry in the array will
// have the v bit set. If the input commandCode is larger than the last
// vendor-command, then it is out of range.
if(vendor)
{
#if VENDOR_COMMAND_ARRAY_SIZE > 0
COMMAND_INDEX commandIndex;
COMMAND_INDEX min;
COMMAND_INDEX max;
int diff;
#if LIBRARY_COMMAND_ARRAY_SIZE == COMMAND_COUNT
#error "Constants are not consistent."
#endif
// Check to see if the value is equal to or below the minimum
// entry.
// Note: Put this check first so that the typical case of only one vendor-
// specific command doesn't waste any more time.
if(GET_ATTRIBUTE(s_ccAttr[LIBRARY_COMMAND_ARRAY_SIZE], TPMA_CC,
commandIndex) >= searchIndex)
{
// the vendor array is always assumed to be packed so there is
// no need to check to see if the command is implemented
return LIBRARY_COMMAND_ARRAY_SIZE;
}
// See if this is out of range on the top
if(GET_ATTRIBUTE(s_ccAttr[COMMAND_COUNT - 1], TPMA_CC, commandIndex)
< searchIndex)
{
return UNIMPLEMENTED_COMMAND_INDEX;
}
commandIndex = UNIMPLEMENTED_COMMAND_INDEX; // Needs initialization to keep
// compiler happy
min = LIBRARY_COMMAND_ARRAY_SIZE; // first vendor command
max = COMMAND_COUNT - 1; // last vendor command
diff = 1; // needs initialization to keep
// compiler happy
while(min <= max)
{
commandIndex = (min + max + 1) / 2;
diff = GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, commandIndex)
- searchIndex;
if(diff == 0)
return commandIndex;
if(diff > 0)
max = commandIndex - 1;
else
min = commandIndex + 1;
}
// didn't find and exact match. commandIndex will be pointing at the last
// item tested. If 'diff' is positive, then the last item tested was
// larger index of the command code so it is the smallest value
// larger than the requested value.
if(diff > 0)
return commandIndex;
// if 'diff' is negative, then the value tested was smaller than
// the commandCode index and the next higher value is the correct one.
// Note: this will necessarily be in range because of the earlier check
// that the index was within range.
return commandIndex + 1;
#else
// If there are no vendor commands so anything with the vendor bit set is out
// of range
return UNIMPLEMENTED_COMMAND_INDEX;
#endif
}
// Get here if the V-Bit was not set in 'commandCode'
if(GET_ATTRIBUTE(s_ccAttr[LIBRARY_COMMAND_ARRAY_SIZE - 1], TPMA_CC,
commandIndex) < searchIndex)
{
// requested index is out of the range to the top
#if VENDOR_COMMAND_ARRAY_SIZE > 0
// If there are vendor commands, then the first vendor command
// is the next value greater than the commandCode.
// NOTE: we got here if the starting index did not have the V bit but we
// reached the end of the array of library commands (non-vendor). Since
// there is at least one vendor command, and vendor commands are always
// in a compressed list that starts after the library list, the next
// index value contains a valid vendor command.
return LIBRARY_COMMAND_ARRAY_SIZE;
#else
// if there are no vendor commands, then this is out of range
return UNIMPLEMENTED_COMMAND_INDEX;
#endif
}
// If the request is lower than any value in the array, then return
// the lowest value (needs to be an index for an implemented command
if(GET_ATTRIBUTE(s_ccAttr[0], TPMA_CC, commandIndex) >= searchIndex)
{
return NextImplementedIndex(0);
}
else
{
#if COMPRESSED_LISTS
COMMAND_INDEX commandIndex = UNIMPLEMENTED_COMMAND_INDEX;
COMMAND_INDEX min = 0;
COMMAND_INDEX max = LIBRARY_COMMAND_ARRAY_SIZE - 1;
int diff = 1;
#if LIBRARY_COMMAND_ARRAY_SIZE == 0
#error "Something is terribly wrong"
#endif
// The s_ccAttr array contains an extra entry at the end (a zero value).
// Don't count this as an array entry. This means that max should start
// out pointing to the last valid entry in the array which is - 2
pAssert(max == (sizeof(s_ccAttr) / sizeof(TPMA_CC)
- VENDOR_COMMAND_ARRAY_SIZE - 2));
while(min <= max)
{
commandIndex = (min + max + 1) / 2;
diff = GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC,
commandIndex) - searchIndex;
if(diff == 0)
return commandIndex;
if(diff > 0)
max = commandIndex - 1;
else
min = commandIndex + 1;
}
// didn't find and exact match. commandIndex will be pointing at the
// last item tested. If diff is positive, then the last item tested was
// larger index of the command code so it is the smallest value
// larger than the requested value.
if(diff > 0)
return commandIndex;
// if diff is negative, then the value tested was smaller than
// the commandCode index and the next higher value is the correct one.
// Note: this will necessarily be in range because of the earlier check
// that the index was within range.
return commandIndex + 1;
#else
// The list is not compressed so offset into the array by the command
// code value of the first entry in the list. Then go find the first
// implemented command.
return NextImplementedIndex(searchIndex
- (COMMAND_INDEX)s_ccAttr[0].commandIndex);
#endif
}
}
/* 9.3.3.3 CommandCodeToComandIndex() */
/* This function returns the index in the various attributes arrays of the command. */
/* Return Values Meaning */
/* UNIMPLEMENTED_COMMAND_INDEX command is not implemented */
/* other index of the command */
COMMAND_INDEX
CommandCodeToCommandIndex(
TPM_CC commandCode // IN: the command code to look up
)
{
// Extract the low 16-bits of the command code to get the starting search index
COMMAND_INDEX searchIndex = (COMMAND_INDEX)commandCode;
BOOL vendor = (commandCode & CC_VEND) != 0;
COMMAND_INDEX commandIndex;
#if !COMPRESSED_LISTS
if(!vendor)
{
commandIndex = searchIndex - (COMMAND_INDEX)s_ccAttr[0].commandIndex;
// Check for out of range or unimplemented.
// Note, since a COMMAND_INDEX is unsigned, if searchIndex is smaller than
// the lowest value of command, it will become a 'negative' number making
// it look like a large unsigned number, this will cause it to fail
// the unsigned check below.
if(commandIndex >= LIBRARY_COMMAND_ARRAY_SIZE
|| (s_commandAttributes[commandIndex] & IS_IMPLEMENTED) == 0)
return UNIMPLEMENTED_COMMAND_INDEX;
return commandIndex;
}
#endif
// Need this code for any vendor code lookup or for compressed lists
commandIndex = GetClosestCommandIndex(commandCode);
// Look at the returned value from get closest. If it isn't the one that was
// requested, then the command is not implemented.
if(commandIndex != UNIMPLEMENTED_COMMAND_INDEX)
{
if((GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, commandIndex)
!= searchIndex)
|| (IS_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, V)) != vendor)
commandIndex = UNIMPLEMENTED_COMMAND_INDEX;
}
return commandIndex;
}
/* 9.3.3.4 GetNextCommandIndex() */
/* This function returns the index of the next implemented command. */
/* Return Values Meaning */
/* UNIMPLEMENTED_COMMAND_INDEX no more implemented commands */
/* other the index of the next implemented command */
COMMAND_INDEX
GetNextCommandIndex(
COMMAND_INDEX commandIndex // IN: the starting index
)
{
while(++commandIndex < COMMAND_COUNT)
{
#if !COMPRESSED_LISTS
if(s_commandAttributes[commandIndex] & IS_IMPLEMENTED)
#endif
return commandIndex;
}
return UNIMPLEMENTED_COMMAND_INDEX;
}
/* 9.3.3.5 GetCommandCode() */
/* This function returns the commandCode associated with the command index */
TPM_CC
GetCommandCode(
COMMAND_INDEX commandIndex // IN: the command index
)
{
TPM_CC commandCode = GET_ATTRIBUTE(s_ccAttr[commandIndex],
TPMA_CC, commandIndex);
if(IS_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, V))
commandCode += CC_VEND;
return commandCode;
}
/* 9.3.3.6 CommandAuthRole() */
/* This function returns the authorization role required of a handle. */
/* Return Values Meaning */
/* AUTH_NONE no authorization is required */
/* AUTH_USER user role authorization is required */
/* AUTH_ADMIN admin role authorization is required */
/* AUTH_DUP duplication role authorization is required */
AUTH_ROLE
CommandAuthRole(
COMMAND_INDEX commandIndex, // IN: command index
UINT32 handleIndex // IN: handle index (zero based)
)
{
if(0 == handleIndex)
{
// Any authorization role set?
COMMAND_ATTRIBUTES properties = s_commandAttributes[commandIndex];
if(properties & HANDLE_1_USER)
return AUTH_USER;
if(properties & HANDLE_1_ADMIN)
return AUTH_ADMIN;
if(properties & HANDLE_1_DUP)
return AUTH_DUP;
}
else if(1 == handleIndex)
{
if(s_commandAttributes[commandIndex] & HANDLE_2_USER)
return AUTH_USER;
}
return AUTH_NONE;
}
/* 9.3.3.7 EncryptSize() */
/* This function returns the size of the decrypt size field. This function returns 0 if encryption
is not allowed */
/* Return Values Meaning */
/* 0 encryption not allowed */
/* 2 size field is two bytes */
/* 4 size field is four bytes */
int
EncryptSize(
COMMAND_INDEX commandIndex // IN: command index
)
{
return ((s_commandAttributes[commandIndex] & ENCRYPT_2) ? 2 :
(s_commandAttributes[commandIndex] & ENCRYPT_4) ? 4 : 0);
}
/* 9.3.3.8 DecryptSize() */
/* This function returns the size of the decrypt size field. This function returns 0 if decryption
is not allowed */
/* Return Values Meaning */
/* 0 encryption not allowed */
/* 2 size field is two bytes */
/* 4 size field is four bytes */
int
DecryptSize(
COMMAND_INDEX commandIndex // IN: command index
)
{
return ((s_commandAttributes[commandIndex] & DECRYPT_2) ? 2 :
(s_commandAttributes[commandIndex] & DECRYPT_4) ? 4 : 0);
}
/* 9.3.3.9 IsSessionAllowed() */
/* This function indicates if the command is allowed to have sessions. */
/* This function must not be called if the command is not known to be implemented. */
/* Return Values Meaning */
/* TRUE session is allowed with this command */
/* FALSE session is not allowed with this command */
BOOL
IsSessionAllowed(
COMMAND_INDEX commandIndex // IN: the command to be checked
)
{
return ((s_commandAttributes[commandIndex] & NO_SESSIONS) == 0);
}
/* 9.3.3.10 IsHandleInResponse() */
/* This function determines if a command has a handle in the response */
BOOL
IsHandleInResponse(
COMMAND_INDEX commandIndex
)
{
return ((s_commandAttributes[commandIndex] & R_HANDLE) != 0);
}
/* 9.3.3.11 IsWriteOperation() */
/* Checks to see if an operation will write to an NV Index and is subject to being blocked by
read-lock */
BOOL
IsWriteOperation(
COMMAND_INDEX commandIndex // IN: Command to check
)
{
#ifdef WRITE_LOCK
return ((s_commandAttributes[commandIndex] & WRITE_LOCK) != 0);
#else
if(!IS_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, V))
{
switch(GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, commandIndex))
{
case TPM_CC_NV_Write:
#if CC_NV_Increment
case TPM_CC_NV_Increment:
#endif
#if CC_NV_SetBits
case TPM_CC_NV_SetBits:
#endif
#if CC_NV_Extend
case TPM_CC_NV_Extend:
#endif
#if CC_AC_Send
case TPM_CC_AC_Send:
#endif
// NV write lock counts as a write operation for authorization purposes.
// We check to see if the NV is write locked before we do the
// authorization. If it is locked, we fail the command early.
case TPM_CC_NV_WriteLock:
return TRUE;
default:
break;
}
}
return FALSE;
#endif
}
/* 9.3.3.12 IsReadOperation() */
/* Checks to see if an operation will write to an NV Index and is subject to being blocked by
write-lock. */
BOOL
IsReadOperation(
COMMAND_INDEX commandIndex // IN: Command to check
)
{
#ifdef READ_LOCK
return ((s_commandAttributes[commandIndex] & READ_LOCK) != 0);
#else
if(!IS_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, V))
{
switch(GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, commandIndex))
{
case TPM_CC_NV_Read:
case TPM_CC_PolicyNV:
case TPM_CC_NV_Certify:
// NV read lock counts as a read operation for authorization purposes.
// We check to see if the NV is read locked before we do the
// authorization. If it is locked, we fail the command early.
case TPM_CC_NV_ReadLock:
return TRUE;
default:
break;
}
}
return FALSE;
#endif
}
/* 9.3.3.13 CommandCapGetCCList() */
/* This function returns a list of implemented commands and command attributes starting from the
command in commandCode. */
/* Return Values Meaning */
/* YES more command attributes are available */
/* NO no more command attributes are available */
TPMI_YES_NO
CommandCapGetCCList(
TPM_CC commandCode, // IN: start command code
UINT32 count, // IN: maximum count for number of entries in
// 'commandList'
TPML_CCA *commandList // OUT: list of TPMA_CC
)
{
TPMI_YES_NO more = NO;
COMMAND_INDEX commandIndex;
// initialize output handle list count
commandList->count = 0;
for(commandIndex = GetClosestCommandIndex(commandCode);
commandIndex != UNIMPLEMENTED_COMMAND_INDEX;
commandIndex = GetNextCommandIndex(commandIndex))
{
#if !COMPRESSED_LISTS
// this check isn't needed for compressed lists.
if(!(s_commandAttributes[commandIndex] & IS_IMPLEMENTED))
continue;
#endif
if(commandList->count < count)
{
// If the list is not full, add the attributes for this command.
commandList->commandAttributes[commandList->count]
= s_ccAttr[commandIndex];
commandList->count++;
}
else
{
// If the list is full but there are more commands to report,
// indicate this and return.
more = YES;
break;
}
}
return more;
}
#if 0 /* libtpms added */
/* 9.3.3.14 IsVendorCommand() */
/* Function indicates if a command index references a vendor command. */
/* Return Values Meaning */
/* TRUE command is a vendor command */
/* FALSE command is not a vendor command */
BOOL
IsVendorCommand(
COMMAND_INDEX commandIndex // IN: command index to check
)
{
return (IS_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, V));
}
#endif /* libtpms added */
|