/src/libtpms/src/tpm12/tpm_global.c
Line | Count | Source (jump to first uncovered line) |
1 | | /********************************************************************************/ |
2 | | /* */ |
3 | | /* Global Variables */ |
4 | | /* Written by Ken Goldman */ |
5 | | /* IBM Thomas J. Watson Research Center */ |
6 | | /* $Id: tpm_global.c 4621 2011-09-09 20:19:42Z kgoldman $ */ |
7 | | /* */ |
8 | | /* (c) Copyright IBM Corporation 2006, 2010. */ |
9 | | /* */ |
10 | | /* All rights reserved. */ |
11 | | /* */ |
12 | | /* Redistribution and use in source and binary forms, with or without */ |
13 | | /* modification, are permitted provided that the following conditions are */ |
14 | | /* met: */ |
15 | | /* */ |
16 | | /* Redistributions of source code must retain the above copyright notice, */ |
17 | | /* this list of conditions and the following disclaimer. */ |
18 | | /* */ |
19 | | /* Redistributions in binary form must reproduce the above copyright */ |
20 | | /* notice, this list of conditions and the following disclaimer in the */ |
21 | | /* documentation and/or other materials provided with the distribution. */ |
22 | | /* */ |
23 | | /* Neither the names of the IBM Corporation nor the names of its */ |
24 | | /* contributors may be used to endorse or promote products derived from */ |
25 | | /* this software without specific prior written permission. */ |
26 | | /* */ |
27 | | /* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS */ |
28 | | /* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT */ |
29 | | /* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR */ |
30 | | /* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT */ |
31 | | /* HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, */ |
32 | | /* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT */ |
33 | | /* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, */ |
34 | | /* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY */ |
35 | | /* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT */ |
36 | | /* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE */ |
37 | | /* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ |
38 | | /********************************************************************************/ |
39 | | |
40 | | #include <string.h> |
41 | | #include <stdio.h> |
42 | | |
43 | | #include "tpm_crypto.h" |
44 | | #include "tpm_debug.h" |
45 | | #include "tpm_digest.h" |
46 | | #include "tpm_error.h" |
47 | | #include "tpm_io.h" |
48 | | #include "tpm_init.h" |
49 | | #include "tpm_key.h" |
50 | | #include "tpm_nvfile.h" |
51 | | #include "tpm_nvram.h" |
52 | | #include "tpm_permanent.h" |
53 | | #include "tpm_platform.h" |
54 | | #include "tpm_startup.h" |
55 | | #include "tpm_structures.h" |
56 | | |
57 | | |
58 | | #include "tpm_global.h" |
59 | | |
60 | | /* state for the TPM's */ |
61 | | tpm_state_t *tpm_instances[TPMS_MAX]; |
62 | | |
63 | | /* TPM_Global_Init initializes the tpm_state to default values. |
64 | | |
65 | | It does not load any data from or store data to NVRAM |
66 | | */ |
67 | | |
68 | | TPM_RESULT TPM_Global_Init(tpm_state_t *tpm_state) |
69 | 0 | { |
70 | 0 | TPM_RESULT rc = 0; |
71 | | |
72 | 0 | printf("TPM_Global_Init: TPMs %lu\n", |
73 | 0 | (unsigned long)sizeof(tpm_instances)/sizeof(tpm_state_t *)); |
74 | | /* initialize the TPM_STANY_FLAGS structure */ |
75 | 0 | if (rc == 0) { |
76 | | /* set the structure to 0 for security, clean out old secrets */ |
77 | 0 | memset(tpm_state, 0 , sizeof(tpm_state_t)); |
78 | | /* the virtual TPM number NOTE: This must be done early as it is used to construct |
79 | | nn.permall file names */ |
80 | 0 | tpm_state->tpm_number = TPM_ILLEGAL_INSTANCE_HANDLE; |
81 | | /* initialize the TPM_PERMANENT_FLAGS structure */ |
82 | 0 | printf("TPM_Global_Init: Initializing TPM_PERMANENT_FLAGS\n"); |
83 | 0 | TPM_PermanentFlags_Init(&(tpm_state->tpm_permanent_flags)); |
84 | | /* initialize the TPM_STCLEAR_FLAGS structure */ |
85 | 0 | printf("TPM_Global_Init: Initializing TPM_STCLEAR_FLAGS\n"); |
86 | 0 | TPM_StclearFlags_Init(&(tpm_state->tpm_stclear_flags)); |
87 | | /* initialize the TPM_STANY_FLAGS structure */ |
88 | 0 | printf("TPM_Global_Init: Initializing TPM_STANY_FLAGS\n"); |
89 | 0 | TPM_StanyFlags_Init(&(tpm_state->tpm_stany_flags)); |
90 | | /* initialize TPM_PERMANENT_DATA structure */ |
91 | 0 | printf("TPM_Global_Init: Initializing TPM_PERMANENT_DATA\n"); |
92 | 0 | rc = TPM_PermanentData_Init(&(tpm_state->tpm_permanent_data), TRUE); |
93 | 0 | } |
94 | 0 | if (rc == 0) { |
95 | | /* initialize TPM_STCLEAR_DATA structure */ |
96 | 0 | printf("TPM_Global_Init: Initializing TPM_STCLEAR_DATA\n"); |
97 | 0 | TPM_StclearData_Init(&(tpm_state->tpm_stclear_data), |
98 | 0 | tpm_state->tpm_permanent_data.pcrAttrib, |
99 | 0 | TRUE); /* initialize the PCR's */ |
100 | | /* initialize TPM_STANY_DATA structure */ |
101 | 0 | printf("TPM_Global_Init: Initializing TPM_STANY_DATA\n"); |
102 | 0 | rc = TPM_StanyData_Init(&(tpm_state->tpm_stany_data)); |
103 | 0 | } |
104 | | /* initialize the TPM_KEY_HANDLE_LIST structure */ |
105 | 0 | if (rc == 0) { |
106 | 0 | printf("TPM_Global_Init: Initializing TPM_KEY_HANDLE_LIST\n"); |
107 | 0 | TPM_KeyHandleEntries_Init(tpm_state->tpm_key_handle_entries); |
108 | | /* initialize the SHA1 thread context */ |
109 | 0 | tpm_state->sha1_context = NULL; |
110 | | /* initialize the TIS SHA1 thread context */ |
111 | 0 | tpm_state->sha1_context_tis = NULL; |
112 | 0 | tpm_state->transportHandle = 0; |
113 | 0 | printf("TPM_Global_Init: Initializing TPM_NV_INDEX_ENTRIES\n"); |
114 | 0 | TPM_NVIndexEntries_Init(&(tpm_state->tpm_nv_index_entries)); |
115 | 0 | } |
116 | | /* comes up in limited operation mode */ |
117 | | /* shutdown is set on a self test failure, before calling TPM_Global_Init() */ |
118 | 0 | if (rc == 0) { |
119 | 0 | printf(" TPM_Global_Init: Set testState to %u \n", TPM_TEST_STATE_LIMITED); |
120 | 0 | tpm_state->testState = TPM_TEST_STATE_LIMITED; |
121 | 0 | } |
122 | 0 | else { |
123 | 0 | printf(" TPM_Global_Init: Set testState to %u \n", TPM_TEST_STATE_FAILURE); |
124 | 0 | tpm_state->testState = TPM_TEST_STATE_FAILURE; |
125 | 0 | } |
126 | 0 | return rc; |
127 | 0 | } |
128 | | |
129 | | #if 0 |
130 | | /* TPM_Global_Load() loads the tpm_state_t global structures for the TPM instance from NVRAM. |
131 | | |
132 | | tpm_state->tpm_number must be set by the caller. |
133 | | |
134 | | Returns |
135 | | |
136 | | 0 on success. |
137 | | TPM_FAIL on failure to load (fatal), since it should never occur |
138 | | */ |
139 | | |
140 | | TPM_RESULT TPM_Global_Load(tpm_state_t *tpm_state) |
141 | | { |
142 | | TPM_RESULT rc = 0; |
143 | | |
144 | | printf("TPM_Global_Load:\n"); |
145 | | /* TPM_PERMANENT_DATA, TPM_PERMANENT_FLAGS, owner evict keys, and NV defined space. */ |
146 | | if (rc == 0) { |
147 | | rc = TPM_PermanentAll_NVLoad(tpm_state); |
148 | | } |
149 | | if (rc == 0) { |
150 | | rc = TPM_VolatileAll_NVLoad(tpm_state); |
151 | | } |
152 | | return rc; |
153 | | } |
154 | | |
155 | | /* TPM_Global_Store() store the tpm_state_t global structure for the TPM instance to NVRAM |
156 | | |
157 | | tpm_state->tpm_number must be set by the caller. |
158 | | */ |
159 | | |
160 | | TPM_RESULT TPM_Global_Store(tpm_state_t *tpm_state) |
161 | | { |
162 | | TPM_RESULT rc = 0; |
163 | | |
164 | | printf(" TPM_Global_Store:\n"); |
165 | | if (rc == 0) { |
166 | | rc = TPM_PermanentAll_NVStore(tpm_state, TRUE, 0); |
167 | | } |
168 | | if (rc == 0) { |
169 | | rc = TPM_VolatileAll_NVStore(tpm_state); |
170 | | } |
171 | | return rc; |
172 | | } |
173 | | #endif |
174 | | |
175 | | /* TPM_Global_Delete() |
176 | | |
177 | | No-OP if the parameter is NULL, else: |
178 | | frees memory allocated for the object |
179 | | sets pointers to NULL |
180 | | calls TPM_Global_Init to set members back to default values |
181 | | The object itself is not freed |
182 | | */ |
183 | | |
184 | | void TPM_Global_Delete(tpm_state_t *tpm_state) |
185 | 0 | { |
186 | 0 | printf(" TPM_Global_Delete:\n"); |
187 | 0 | if (tpm_state != NULL) { |
188 | | /* TPM_PERMANENT_FLAGS have no allocated memory or secrets */ |
189 | | /* TPM_STCLEAR_FLAGS have no allocated memory or secrets */ |
190 | | /* TPM_STANY_FLAGS have no allocated memory or secrets */ |
191 | 0 | printf(" TPM_Global_Delete: Deleting TPM_PERMANENT_DATA\n"); |
192 | 0 | TPM_PermanentData_Delete(&(tpm_state->tpm_permanent_data), TRUE); |
193 | 0 | printf(" TPM_Global_Delete: Deleting TPM_STCLEAR_DATA\n"); |
194 | 0 | TPM_StclearData_Delete(&(tpm_state->tpm_stclear_data), |
195 | 0 | tpm_state->tpm_permanent_data.pcrAttrib, |
196 | 0 | TRUE); /* reset the PCR's */ |
197 | 0 | printf(" TPM_Global_Delete: Deleting TPM_STANY_DATA\n"); |
198 | 0 | TPM_StanyData_Delete(&(tpm_state->tpm_stany_data)); |
199 | 0 | printf(" TPM_Global_Delete: Deleting key handle entries\n"); |
200 | 0 | TPM_KeyHandleEntries_Delete(tpm_state->tpm_key_handle_entries); |
201 | 0 | printf(" TPM_Global_Delete: Deleting SHA1 contexts\n"); |
202 | 0 | TPM_SHA1Delete(&(tpm_state->sha1_context)); |
203 | 0 | TPM_SHA1Delete(&(tpm_state->sha1_context_tis)); |
204 | 0 | TPM_NVIndexEntries_Delete(&(tpm_state->tpm_nv_index_entries)); |
205 | 0 | } |
206 | 0 | return; |
207 | 0 | } |
208 | | |
209 | | |
210 | | /* TPM_Global_GetPhysicalPresence() returns 'physicalPresence' TRUE if either TPM_STCLEAR_FLAGS -> |
211 | | physicalPresence is TRUE or hardware physical presence is indicated. |
212 | | |
213 | | The physicalPresenceHWEnable and physicalPresenceCMDEnable flags MUST mask their respective |
214 | | signals before further processing. The hardware signal, if enabled by the |
215 | | physicalPresenceHWEnable flag, MUST be logically ORed with the PhysicalPresence flag, if enabled, |
216 | | to obtain the final physical presence value used to allow or disallow local commands. |
217 | | */ |
218 | | |
219 | | TPM_RESULT TPM_Global_GetPhysicalPresence(TPM_BOOL *physicalPresence, |
220 | | const tpm_state_t *tpm_state) |
221 | 0 | { |
222 | 0 | TPM_RESULT rc = 0; |
223 | 0 | *physicalPresence = FALSE; |
224 | | |
225 | | /* is CMD physical presence enabled */ |
226 | 0 | printf(" TPM_Global_GetPhysicalPresence: physicalPresenceCMDEnable is %02x\n", |
227 | 0 | tpm_state->tpm_permanent_flags.physicalPresenceCMDEnable); |
228 | 0 | if (tpm_state->tpm_permanent_flags.physicalPresenceCMDEnable) { |
229 | 0 | printf(" TPM_Global_GetPhysicalPresence: physicalPresence flag is %02x\n", |
230 | 0 | tpm_state->tpm_stclear_flags.physicalPresence); |
231 | | /* if enabled, check for physicalPresence set by the command ordinal */ |
232 | 0 | *physicalPresence = tpm_state->tpm_stclear_flags.physicalPresence; |
233 | 0 | } |
234 | | |
235 | | /* if the software flag is true, result is true, no need to check the hardware */ |
236 | | /* if the TPM_STCLEAR_FLAGS flag is FALSE, check the hardware */ |
237 | 0 | if (!(*physicalPresence)) { |
238 | 0 | printf(" TPM_Global_GetPhysicalPresence: physicalPresenceHWEnable is %02x\n", |
239 | 0 | tpm_state->tpm_permanent_flags.physicalPresenceHWEnable); |
240 | | /* if physicalPresenceHWEnable is FALSE, the hardware signal is disabled */ |
241 | 0 | if (tpm_state->tpm_permanent_flags.physicalPresenceHWEnable) { |
242 | | /* if enabled, check the hardware signal */ |
243 | 0 | rc = TPM_IO_GetPhysicalPresence(physicalPresence, tpm_state->tpm_number); |
244 | 0 | printf(" TPM_Global_GetPhysicalPresence: physicalPresence HW is %02x\n", |
245 | 0 | *physicalPresence); |
246 | 0 | } |
247 | 0 | } |
248 | 0 | printf(" TPM_Global_GetPhysicalPresence: physicalPresence is %02x\n", |
249 | 0 | *physicalPresence); |
250 | 0 | return rc; |
251 | 0 | } |
252 | | |