1d677bfe2SMiquel Raynal /* SPDX-License-Identifier: GPL-2.0+ */ 2d677bfe2SMiquel Raynal /* 3d677bfe2SMiquel Raynal * Copyright (c) 2013 The Chromium OS Authors. 4d677bfe2SMiquel Raynal * Coypright (c) 2013 Guntermann & Drunck GmbH 5d677bfe2SMiquel Raynal */ 6d677bfe2SMiquel Raynal 7d677bfe2SMiquel Raynal #ifndef __TPM_V1_H 8d677bfe2SMiquel Raynal #define __TPM_V1_H 9d677bfe2SMiquel Raynal 10d677bfe2SMiquel Raynal #include <tpm-common.h> 11d677bfe2SMiquel Raynal 12d677bfe2SMiquel Raynal /* Useful constants */ 13d677bfe2SMiquel Raynal enum { 14d677bfe2SMiquel Raynal TPM_REQUEST_HEADER_LENGTH = 10, 15d677bfe2SMiquel Raynal TPM_RESPONSE_HEADER_LENGTH = 10, 16d677bfe2SMiquel Raynal PCR_DIGEST_LENGTH = 20, 17d677bfe2SMiquel Raynal DIGEST_LENGTH = 20, 18d677bfe2SMiquel Raynal TPM_REQUEST_AUTH_LENGTH = 45, 19d677bfe2SMiquel Raynal TPM_RESPONSE_AUTH_LENGTH = 41, 20d677bfe2SMiquel Raynal /* some max lengths, valid for RSA keys <= 2048 bits */ 21d677bfe2SMiquel Raynal TPM_KEY12_MAX_LENGTH = 618, 22d677bfe2SMiquel Raynal TPM_PUBKEY_MAX_LENGTH = 288, 23d677bfe2SMiquel Raynal }; 24d677bfe2SMiquel Raynal 25d677bfe2SMiquel Raynal enum tpm_startup_type { 26d677bfe2SMiquel Raynal TPM_ST_CLEAR = 0x0001, 27d677bfe2SMiquel Raynal TPM_ST_STATE = 0x0002, 28d677bfe2SMiquel Raynal TPM_ST_DEACTIVATED = 0x0003, 29d677bfe2SMiquel Raynal }; 30d677bfe2SMiquel Raynal 31d677bfe2SMiquel Raynal enum tpm_physical_presence { 32d677bfe2SMiquel Raynal TPM_PHYSICAL_PRESENCE_HW_DISABLE = 0x0200, 33d677bfe2SMiquel Raynal TPM_PHYSICAL_PRESENCE_CMD_DISABLE = 0x0100, 34d677bfe2SMiquel Raynal TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK = 0x0080, 35d677bfe2SMiquel Raynal TPM_PHYSICAL_PRESENCE_HW_ENABLE = 0x0040, 36d677bfe2SMiquel Raynal TPM_PHYSICAL_PRESENCE_CMD_ENABLE = 0x0020, 37d677bfe2SMiquel Raynal TPM_PHYSICAL_PRESENCE_NOTPRESENT = 0x0010, 38d677bfe2SMiquel Raynal TPM_PHYSICAL_PRESENCE_PRESENT = 0x0008, 39d677bfe2SMiquel Raynal TPM_PHYSICAL_PRESENCE_LOCK = 0x0004, 40d677bfe2SMiquel Raynal }; 41d677bfe2SMiquel Raynal 42d677bfe2SMiquel Raynal enum tpm_nv_index { 43d677bfe2SMiquel Raynal TPM_NV_INDEX_LOCK = 0xffffffff, 44d677bfe2SMiquel Raynal TPM_NV_INDEX_0 = 0x00000000, 45d677bfe2SMiquel Raynal TPM_NV_INDEX_DIR = 0x10000001, 46d677bfe2SMiquel Raynal }; 47d677bfe2SMiquel Raynal 48d677bfe2SMiquel Raynal enum tpm_resource_type { 49d677bfe2SMiquel Raynal TPM_RT_KEY = 0x00000001, 50d677bfe2SMiquel Raynal TPM_RT_AUTH = 0x00000002, 51d677bfe2SMiquel Raynal TPM_RT_HASH = 0x00000003, 52d677bfe2SMiquel Raynal TPM_RT_TRANS = 0x00000004, 53d677bfe2SMiquel Raynal TPM_RT_CONTEXT = 0x00000005, 54d677bfe2SMiquel Raynal TPM_RT_COUNTER = 0x00000006, 55d677bfe2SMiquel Raynal TPM_RT_DELEGATE = 0x00000007, 56d677bfe2SMiquel Raynal TPM_RT_DAA_TPM = 0x00000008, 57d677bfe2SMiquel Raynal TPM_RT_DAA_V0 = 0x00000009, 58d677bfe2SMiquel Raynal TPM_RT_DAA_V1 = 0x0000000A, 59d677bfe2SMiquel Raynal }; 60d677bfe2SMiquel Raynal 61d677bfe2SMiquel Raynal enum tpm_capability_areas { 62d677bfe2SMiquel Raynal TPM_CAP_ORD = 0x00000001, 63d677bfe2SMiquel Raynal TPM_CAP_ALG = 0x00000002, 64d677bfe2SMiquel Raynal TPM_CAP_PID = 0x00000003, 65d677bfe2SMiquel Raynal TPM_CAP_FLAG = 0x00000004, 66d677bfe2SMiquel Raynal TPM_CAP_PROPERTY = 0x00000005, 67d677bfe2SMiquel Raynal TPM_CAP_VERSION = 0x00000006, 68d677bfe2SMiquel Raynal TPM_CAP_KEY_HANDLE = 0x00000007, 69d677bfe2SMiquel Raynal TPM_CAP_CHECK_LOADED = 0x00000008, 70d677bfe2SMiquel Raynal TPM_CAP_SYM_MODE = 0x00000009, 71d677bfe2SMiquel Raynal TPM_CAP_KEY_STATUS = 0x0000000C, 72d677bfe2SMiquel Raynal TPM_CAP_NV_LIST = 0x0000000D, 73d677bfe2SMiquel Raynal TPM_CAP_MFR = 0x00000010, 74d677bfe2SMiquel Raynal TPM_CAP_NV_INDEX = 0x00000011, 75d677bfe2SMiquel Raynal TPM_CAP_TRANS_ALG = 0x00000012, 76d677bfe2SMiquel Raynal TPM_CAP_HANDLE = 0x00000014, 77d677bfe2SMiquel Raynal TPM_CAP_TRANS_ES = 0x00000015, 78d677bfe2SMiquel Raynal TPM_CAP_AUTH_ENCRYPT = 0x00000017, 79d677bfe2SMiquel Raynal TPM_CAP_SELECT_SIZE = 0x00000018, 80d677bfe2SMiquel Raynal TPM_CAP_DA_LOGIC = 0x00000019, 81d677bfe2SMiquel Raynal TPM_CAP_VERSION_VAL = 0x0000001A, 82d677bfe2SMiquel Raynal }; 83d677bfe2SMiquel Raynal 84*998af319SSimon Glass enum tmp_cap_flag { 85*998af319SSimon Glass TPM_CAP_FLAG_PERMANENT = 0x108, 86*998af319SSimon Glass }; 87*998af319SSimon Glass 88*998af319SSimon Glass #define TPM_TAG_PERMANENT_FLAGS 0x001f 89*998af319SSimon Glass 90d677bfe2SMiquel Raynal #define TPM_NV_PER_GLOBALLOCK BIT(15) 91d677bfe2SMiquel Raynal #define TPM_NV_PER_PPREAD BIT(16) 92d677bfe2SMiquel Raynal #define TPM_NV_PER_PPWRITE BIT(0) 93d677bfe2SMiquel Raynal #define TPM_NV_PER_READ_STCLEAR BIT(31) 94d677bfe2SMiquel Raynal #define TPM_NV_PER_WRITE_STCLEAR BIT(14) 95d677bfe2SMiquel Raynal #define TPM_NV_PER_WRITEDEFINE BIT(13) 96d677bfe2SMiquel Raynal #define TPM_NV_PER_WRITEALL BIT(12) 97d677bfe2SMiquel Raynal 98d677bfe2SMiquel Raynal enum { 99d677bfe2SMiquel Raynal TPM_PUBEK_SIZE = 256, 100d677bfe2SMiquel Raynal }; 101d677bfe2SMiquel Raynal 102*998af319SSimon Glass enum { 103*998af319SSimon Glass TPM_CMD_EXTEND = 0x14, 104*998af319SSimon Glass TPM_CMD_GET_CAPABILITY = 0x65, 105*998af319SSimon Glass TPM_CMD_NV_DEFINE_SPACE = 0xcc, 106*998af319SSimon Glass TPM_CMD_NV_WRITE_VALUE = 0xcd, 107*998af319SSimon Glass TPM_CMD_NV_READ_VALUE = 0xcf, 108*998af319SSimon Glass }; 109*998af319SSimon Glass 110d677bfe2SMiquel Raynal /** 111d677bfe2SMiquel Raynal * TPM return codes as defined in the TCG Main specification 112d677bfe2SMiquel Raynal * (TPM Main Part 2 Structures; Specification version 1.2) 113d677bfe2SMiquel Raynal */ 114d677bfe2SMiquel Raynal enum tpm_return_code { 115d677bfe2SMiquel Raynal TPM_BASE = 0x00000000, 116d677bfe2SMiquel Raynal TPM_NON_FATAL = 0x00000800, 117d677bfe2SMiquel Raynal TPM_SUCCESS = TPM_BASE, 118d677bfe2SMiquel Raynal /* TPM-defined fatal error codes */ 119d677bfe2SMiquel Raynal TPM_AUTHFAIL = TPM_BASE + 1, 120d677bfe2SMiquel Raynal TPM_BADINDEX = TPM_BASE + 2, 121d677bfe2SMiquel Raynal TPM_BAD_PARAMETER = TPM_BASE + 3, 122d677bfe2SMiquel Raynal TPM_AUDITFAILURE = TPM_BASE + 4, 123d677bfe2SMiquel Raynal TPM_CLEAR_DISABLED = TPM_BASE + 5, 124d677bfe2SMiquel Raynal TPM_DEACTIVATED = TPM_BASE + 6, 125d677bfe2SMiquel Raynal TPM_DISABLED = TPM_BASE + 7, 126d677bfe2SMiquel Raynal TPM_DISABLED_CMD = TPM_BASE + 8, 127d677bfe2SMiquel Raynal TPM_FAIL = TPM_BASE + 9, 128d677bfe2SMiquel Raynal TPM_BAD_ORDINAL = TPM_BASE + 10, 129d677bfe2SMiquel Raynal TPM_INSTALL_DISABLED = TPM_BASE + 11, 130d677bfe2SMiquel Raynal TPM_INVALID_KEYHANDLE = TPM_BASE + 12, 131d677bfe2SMiquel Raynal TPM_KEYNOTFOUND = TPM_BASE + 13, 132d677bfe2SMiquel Raynal TPM_INAPPROPRIATE_ENC = TPM_BASE + 14, 133d677bfe2SMiquel Raynal TPM_MIGRATE_FAIL = TPM_BASE + 15, 134d677bfe2SMiquel Raynal TPM_INVALID_PCR_INFO = TPM_BASE + 16, 135d677bfe2SMiquel Raynal TPM_NOSPACE = TPM_BASE + 17, 136d677bfe2SMiquel Raynal TPM_NOSRK = TPM_BASE + 18, 137d677bfe2SMiquel Raynal TPM_NOTSEALED_BLOB = TPM_BASE + 19, 138d677bfe2SMiquel Raynal TPM_OWNER_SET = TPM_BASE + 20, 139d677bfe2SMiquel Raynal TPM_RESOURCES = TPM_BASE + 21, 140d677bfe2SMiquel Raynal TPM_SHORTRANDOM = TPM_BASE + 22, 141d677bfe2SMiquel Raynal TPM_SIZE = TPM_BASE + 23, 142d677bfe2SMiquel Raynal TPM_WRONGPCRVAL = TPM_BASE + 24, 143d677bfe2SMiquel Raynal TPM_BAD_PARAM_SIZE = TPM_BASE + 25, 144d677bfe2SMiquel Raynal TPM_SHA_THREAD = TPM_BASE + 26, 145d677bfe2SMiquel Raynal TPM_SHA_ERROR = TPM_BASE + 27, 146d677bfe2SMiquel Raynal TPM_FAILEDSELFTEST = TPM_BASE + 28, 147d677bfe2SMiquel Raynal TPM_AUTH2FAIL = TPM_BASE + 29, 148d677bfe2SMiquel Raynal TPM_BADTAG = TPM_BASE + 30, 149d677bfe2SMiquel Raynal TPM_IOERROR = TPM_BASE + 31, 150d677bfe2SMiquel Raynal TPM_ENCRYPT_ERROR = TPM_BASE + 32, 151d677bfe2SMiquel Raynal TPM_DECRYPT_ERROR = TPM_BASE + 33, 152d677bfe2SMiquel Raynal TPM_INVALID_AUTHHANDLE = TPM_BASE + 34, 153d677bfe2SMiquel Raynal TPM_NO_ENDORSEMENT = TPM_BASE + 35, 154d677bfe2SMiquel Raynal TPM_INVALID_KEYUSAGE = TPM_BASE + 36, 155d677bfe2SMiquel Raynal TPM_WRONG_ENTITYTYPE = TPM_BASE + 37, 156d677bfe2SMiquel Raynal TPM_INVALID_POSTINIT = TPM_BASE + 38, 157d677bfe2SMiquel Raynal TPM_INAPPROPRIATE_SIG = TPM_BASE + 39, 158d677bfe2SMiquel Raynal TPM_BAD_KEY_PROPERTY = TPM_BASE + 40, 159d677bfe2SMiquel Raynal TPM_BAD_MIGRATION = TPM_BASE + 41, 160d677bfe2SMiquel Raynal TPM_BAD_SCHEME = TPM_BASE + 42, 161d677bfe2SMiquel Raynal TPM_BAD_DATASIZE = TPM_BASE + 43, 162d677bfe2SMiquel Raynal TPM_BAD_MODE = TPM_BASE + 44, 163d677bfe2SMiquel Raynal TPM_BAD_PRESENCE = TPM_BASE + 45, 164d677bfe2SMiquel Raynal TPM_BAD_VERSION = TPM_BASE + 46, 165d677bfe2SMiquel Raynal TPM_NO_WRAP_TRANSPORT = TPM_BASE + 47, 166d677bfe2SMiquel Raynal TPM_AUDITFAIL_UNSUCCESSFUL = TPM_BASE + 48, 167d677bfe2SMiquel Raynal TPM_AUDITFAIL_SUCCESSFUL = TPM_BASE + 49, 168d677bfe2SMiquel Raynal TPM_NOTRESETABLE = TPM_BASE + 50, 169d677bfe2SMiquel Raynal TPM_NOTLOCAL = TPM_BASE + 51, 170d677bfe2SMiquel Raynal TPM_BAD_TYPE = TPM_BASE + 52, 171d677bfe2SMiquel Raynal TPM_INVALID_RESOURCE = TPM_BASE + 53, 172d677bfe2SMiquel Raynal TPM_NOTFIPS = TPM_BASE + 54, 173d677bfe2SMiquel Raynal TPM_INVALID_FAMILY = TPM_BASE + 55, 174d677bfe2SMiquel Raynal TPM_NO_NV_PERMISSION = TPM_BASE + 56, 175d677bfe2SMiquel Raynal TPM_REQUIRES_SIGN = TPM_BASE + 57, 176d677bfe2SMiquel Raynal TPM_KEY_NOTSUPPORTED = TPM_BASE + 58, 177d677bfe2SMiquel Raynal TPM_AUTH_CONFLICT = TPM_BASE + 59, 178d677bfe2SMiquel Raynal TPM_AREA_LOCKED = TPM_BASE + 60, 179d677bfe2SMiquel Raynal TPM_BAD_LOCALITY = TPM_BASE + 61, 180d677bfe2SMiquel Raynal TPM_READ_ONLY = TPM_BASE + 62, 181d677bfe2SMiquel Raynal TPM_PER_NOWRITE = TPM_BASE + 63, 182d677bfe2SMiquel Raynal TPM_FAMILY_COUNT = TPM_BASE + 64, 183d677bfe2SMiquel Raynal TPM_WRITE_LOCKED = TPM_BASE + 65, 184d677bfe2SMiquel Raynal TPM_BAD_ATTRIBUTES = TPM_BASE + 66, 185d677bfe2SMiquel Raynal TPM_INVALID_STRUCTURE = TPM_BASE + 67, 186d677bfe2SMiquel Raynal TPM_KEY_OWNER_CONTROL = TPM_BASE + 68, 187d677bfe2SMiquel Raynal TPM_BAD_COUNTER = TPM_BASE + 69, 188d677bfe2SMiquel Raynal TPM_NOT_FULLWRITE = TPM_BASE + 70, 189d677bfe2SMiquel Raynal TPM_CONTEXT_GAP = TPM_BASE + 71, 190d677bfe2SMiquel Raynal TPM_MAXNVWRITES = TPM_BASE + 72, 191d677bfe2SMiquel Raynal TPM_NOOPERATOR = TPM_BASE + 73, 192d677bfe2SMiquel Raynal TPM_RESOURCEMISSING = TPM_BASE + 74, 193d677bfe2SMiquel Raynal TPM_DELEGATE_LOCK = TPM_BASE + 75, 194d677bfe2SMiquel Raynal TPM_DELEGATE_FAMILY = TPM_BASE + 76, 195d677bfe2SMiquel Raynal TPM_DELEGATE_ADMIN = TPM_BASE + 77, 196d677bfe2SMiquel Raynal TPM_TRANSPORT_NOTEXCLUSIVE = TPM_BASE + 78, 197d677bfe2SMiquel Raynal TPM_OWNER_CONTROL = TPM_BASE + 79, 198d677bfe2SMiquel Raynal TPM_DAA_RESOURCES = TPM_BASE + 80, 199d677bfe2SMiquel Raynal TPM_DAA_INPUT_DATA0 = TPM_BASE + 81, 200d677bfe2SMiquel Raynal TPM_DAA_INPUT_DATA1 = TPM_BASE + 82, 201d677bfe2SMiquel Raynal TPM_DAA_ISSUER_SETTINGS = TPM_BASE + 83, 202d677bfe2SMiquel Raynal TPM_DAA_TPM_SETTINGS = TPM_BASE + 84, 203d677bfe2SMiquel Raynal TPM_DAA_STAGE = TPM_BASE + 85, 204d677bfe2SMiquel Raynal TPM_DAA_ISSUER_VALIDITY = TPM_BASE + 86, 205d677bfe2SMiquel Raynal TPM_DAA_WRONG_W = TPM_BASE + 87, 206d677bfe2SMiquel Raynal TPM_BAD_HANDLE = TPM_BASE + 88, 207d677bfe2SMiquel Raynal TPM_BAD_DELEGATE = TPM_BASE + 89, 208d677bfe2SMiquel Raynal TPM_BADCONTEXT = TPM_BASE + 90, 209d677bfe2SMiquel Raynal TPM_TOOMANYCONTEXTS = TPM_BASE + 91, 210d677bfe2SMiquel Raynal TPM_MA_TICKET_SIGNATURE = TPM_BASE + 92, 211d677bfe2SMiquel Raynal TPM_MA_DESTINATION = TPM_BASE + 93, 212d677bfe2SMiquel Raynal TPM_MA_SOURCE = TPM_BASE + 94, 213d677bfe2SMiquel Raynal TPM_MA_AUTHORITY = TPM_BASE + 95, 214d677bfe2SMiquel Raynal TPM_PERMANENTEK = TPM_BASE + 97, 215d677bfe2SMiquel Raynal TPM_BAD_SIGNATURE = TPM_BASE + 98, 216d677bfe2SMiquel Raynal TPM_NOCONTEXTSPACE = TPM_BASE + 99, 217d677bfe2SMiquel Raynal /* TPM-defined non-fatal errors */ 218d677bfe2SMiquel Raynal TPM_RETRY = TPM_BASE + TPM_NON_FATAL, 219d677bfe2SMiquel Raynal TPM_NEEDS_SELFTEST = TPM_BASE + TPM_NON_FATAL + 1, 220d677bfe2SMiquel Raynal TPM_DOING_SELFTEST = TPM_BASE + TPM_NON_FATAL + 2, 221d677bfe2SMiquel Raynal TPM_DEFEND_LOCK_RUNNING = TPM_BASE + TPM_NON_FATAL + 3, 222d677bfe2SMiquel Raynal }; 223d677bfe2SMiquel Raynal 224d677bfe2SMiquel Raynal struct tpm_permanent_flags { 225d677bfe2SMiquel Raynal __be16 tag; 226d677bfe2SMiquel Raynal u8 disable; 227d677bfe2SMiquel Raynal u8 ownership; 228d677bfe2SMiquel Raynal u8 deactivated; 229d677bfe2SMiquel Raynal u8 read_pubek; 230d677bfe2SMiquel Raynal u8 disable_owner_clear; 231d677bfe2SMiquel Raynal u8 allow_maintenance; 232d677bfe2SMiquel Raynal u8 physical_presence_lifetime_lock; 233d677bfe2SMiquel Raynal u8 physical_presence_hw_enable; 234d677bfe2SMiquel Raynal u8 physical_presence_cmd_enable; 235d677bfe2SMiquel Raynal u8 cekp_used; 236d677bfe2SMiquel Raynal u8 tpm_post; 237d677bfe2SMiquel Raynal u8 tpm_post_lock; 238d677bfe2SMiquel Raynal u8 fips; 239d677bfe2SMiquel Raynal u8 operator; 240d677bfe2SMiquel Raynal u8 enable_revoke_ek; 241d677bfe2SMiquel Raynal u8 nv_locked; 242d677bfe2SMiquel Raynal u8 read_srk_pub; 243d677bfe2SMiquel Raynal u8 tpm_established; 244d677bfe2SMiquel Raynal u8 maintenance_done; 245d677bfe2SMiquel Raynal u8 disable_full_da_logic_info; 246d677bfe2SMiquel Raynal } __packed; 247d677bfe2SMiquel Raynal 248d677bfe2SMiquel Raynal /** 249d677bfe2SMiquel Raynal * Issue a TPM_Startup command. 250d677bfe2SMiquel Raynal * 251d677bfe2SMiquel Raynal * @param mode TPM startup mode 252d677bfe2SMiquel Raynal * @return return code of the operation 253d677bfe2SMiquel Raynal */ 254d677bfe2SMiquel Raynal u32 tpm_startup(enum tpm_startup_type mode); 255d677bfe2SMiquel Raynal 256d677bfe2SMiquel Raynal /** 257d677bfe2SMiquel Raynal * Issue a TPM_SelfTestFull command. 258d677bfe2SMiquel Raynal * 259d677bfe2SMiquel Raynal * @return return code of the operation 260d677bfe2SMiquel Raynal */ 261d677bfe2SMiquel Raynal u32 tpm_self_test_full(void); 262d677bfe2SMiquel Raynal 263d677bfe2SMiquel Raynal /** 264d677bfe2SMiquel Raynal * Issue a TPM_ContinueSelfTest command. 265d677bfe2SMiquel Raynal * 266d677bfe2SMiquel Raynal * @return return code of the operation 267d677bfe2SMiquel Raynal */ 268d677bfe2SMiquel Raynal u32 tpm_continue_self_test(void); 269d677bfe2SMiquel Raynal 270d677bfe2SMiquel Raynal /** 271d677bfe2SMiquel Raynal * Issue a TPM_NV_DefineSpace command. The implementation is limited 272d677bfe2SMiquel Raynal * to specify TPM_NV_ATTRIBUTES and size of the area. The area index 273d677bfe2SMiquel Raynal * could be one of the special value listed in enum tpm_nv_index. 274d677bfe2SMiquel Raynal * 275d677bfe2SMiquel Raynal * @param index index of the area 276d677bfe2SMiquel Raynal * @param perm TPM_NV_ATTRIBUTES of the area 277d677bfe2SMiquel Raynal * @param size size of the area 278d677bfe2SMiquel Raynal * @return return code of the operation 279d677bfe2SMiquel Raynal */ 280d677bfe2SMiquel Raynal u32 tpm_nv_define_space(u32 index, u32 perm, u32 size); 281d677bfe2SMiquel Raynal 282d677bfe2SMiquel Raynal /** 283d677bfe2SMiquel Raynal * Issue a TPM_NV_ReadValue command. This implementation is limited 284d677bfe2SMiquel Raynal * to read the area from offset 0. The area index could be one of 285d677bfe2SMiquel Raynal * the special value listed in enum tpm_nv_index. 286d677bfe2SMiquel Raynal * 287d677bfe2SMiquel Raynal * @param index index of the area 288d677bfe2SMiquel Raynal * @param data output buffer of the area contents 289d677bfe2SMiquel Raynal * @param count size of output buffer 290d677bfe2SMiquel Raynal * @return return code of the operation 291d677bfe2SMiquel Raynal */ 292d677bfe2SMiquel Raynal u32 tpm_nv_read_value(u32 index, void *data, u32 count); 293d677bfe2SMiquel Raynal 294d677bfe2SMiquel Raynal /** 295d677bfe2SMiquel Raynal * Issue a TPM_NV_WriteValue command. This implementation is limited 296d677bfe2SMiquel Raynal * to write the area from offset 0. The area index could be one of 297d677bfe2SMiquel Raynal * the special value listed in enum tpm_nv_index. 298d677bfe2SMiquel Raynal * 299d677bfe2SMiquel Raynal * @param index index of the area 300d677bfe2SMiquel Raynal * @param data input buffer to be wrote to the area 301d677bfe2SMiquel Raynal * @param length length of data bytes of input buffer 302d677bfe2SMiquel Raynal * @return return code of the operation 303d677bfe2SMiquel Raynal */ 304d677bfe2SMiquel Raynal u32 tpm_nv_write_value(u32 index, const void *data, u32 length); 305d677bfe2SMiquel Raynal 306d677bfe2SMiquel Raynal /** 307d677bfe2SMiquel Raynal * Issue a TPM_Extend command. 308d677bfe2SMiquel Raynal * 309d677bfe2SMiquel Raynal * @param index index of the PCR 310d677bfe2SMiquel Raynal * @param in_digest 160-bit value representing the event to be 311d677bfe2SMiquel Raynal * recorded 312d677bfe2SMiquel Raynal * @param out_digest 160-bit PCR value after execution of the 313d677bfe2SMiquel Raynal * command 314d677bfe2SMiquel Raynal * @return return code of the operation 315d677bfe2SMiquel Raynal */ 316d677bfe2SMiquel Raynal u32 tpm_extend(u32 index, const void *in_digest, void *out_digest); 317d677bfe2SMiquel Raynal 318d677bfe2SMiquel Raynal /** 319d677bfe2SMiquel Raynal * Issue a TPM_PCRRead command. 320d677bfe2SMiquel Raynal * 321d677bfe2SMiquel Raynal * @param index index of the PCR 322d677bfe2SMiquel Raynal * @param data output buffer for contents of the named PCR 323d677bfe2SMiquel Raynal * @param count size of output buffer 324d677bfe2SMiquel Raynal * @return return code of the operation 325d677bfe2SMiquel Raynal */ 326d677bfe2SMiquel Raynal u32 tpm_pcr_read(u32 index, void *data, size_t count); 327d677bfe2SMiquel Raynal 328d677bfe2SMiquel Raynal /** 329d677bfe2SMiquel Raynal * Issue a TSC_PhysicalPresence command. TPM physical presence flag 330d677bfe2SMiquel Raynal * is bit-wise OR'ed of flags listed in enum tpm_physical_presence. 331d677bfe2SMiquel Raynal * 332d677bfe2SMiquel Raynal * @param presence TPM physical presence flag 333d677bfe2SMiquel Raynal * @return return code of the operation 334d677bfe2SMiquel Raynal */ 335d677bfe2SMiquel Raynal u32 tpm_tsc_physical_presence(u16 presence); 336d677bfe2SMiquel Raynal 337d677bfe2SMiquel Raynal /** 338d677bfe2SMiquel Raynal * Issue a TPM_ReadPubek command. 339d677bfe2SMiquel Raynal * 340d677bfe2SMiquel Raynal * @param data output buffer for the public endorsement key 341d677bfe2SMiquel Raynal * @param count size of output buffer 342d677bfe2SMiquel Raynal * @return return code of the operation 343d677bfe2SMiquel Raynal */ 344d677bfe2SMiquel Raynal u32 tpm_read_pubek(void *data, size_t count); 345d677bfe2SMiquel Raynal 346d677bfe2SMiquel Raynal /** 347d677bfe2SMiquel Raynal * Issue a TPM_ForceClear command. 348d677bfe2SMiquel Raynal * 349d677bfe2SMiquel Raynal * @return return code of the operation 350d677bfe2SMiquel Raynal */ 351d677bfe2SMiquel Raynal u32 tpm_force_clear(void); 352d677bfe2SMiquel Raynal 353d677bfe2SMiquel Raynal /** 354d677bfe2SMiquel Raynal * Issue a TPM_PhysicalEnable command. 355d677bfe2SMiquel Raynal * 356d677bfe2SMiquel Raynal * @return return code of the operation 357d677bfe2SMiquel Raynal */ 358d677bfe2SMiquel Raynal u32 tpm_physical_enable(void); 359d677bfe2SMiquel Raynal 360d677bfe2SMiquel Raynal /** 361d677bfe2SMiquel Raynal * Issue a TPM_PhysicalDisable command. 362d677bfe2SMiquel Raynal * 363d677bfe2SMiquel Raynal * @return return code of the operation 364d677bfe2SMiquel Raynal */ 365d677bfe2SMiquel Raynal u32 tpm_physical_disable(void); 366d677bfe2SMiquel Raynal 367d677bfe2SMiquel Raynal /** 368d677bfe2SMiquel Raynal * Issue a TPM_PhysicalSetDeactivated command. 369d677bfe2SMiquel Raynal * 370d677bfe2SMiquel Raynal * @param state boolean state of the deactivated flag 371d677bfe2SMiquel Raynal * @return return code of the operation 372d677bfe2SMiquel Raynal */ 373d677bfe2SMiquel Raynal u32 tpm_physical_set_deactivated(u8 state); 374d677bfe2SMiquel Raynal 375d677bfe2SMiquel Raynal /** 376d677bfe2SMiquel Raynal * Issue a TPM_GetCapability command. This implementation is limited 377d677bfe2SMiquel Raynal * to query sub_cap index that is 4-byte wide. 378d677bfe2SMiquel Raynal * 379d677bfe2SMiquel Raynal * @param cap_area partition of capabilities 380d677bfe2SMiquel Raynal * @param sub_cap further definition of capability, which is 381d677bfe2SMiquel Raynal * limited to be 4-byte wide 382d677bfe2SMiquel Raynal * @param cap output buffer for capability information 383d677bfe2SMiquel Raynal * @param count size of output buffer 384d677bfe2SMiquel Raynal * @return return code of the operation 385d677bfe2SMiquel Raynal */ 386d677bfe2SMiquel Raynal u32 tpm_get_capability(u32 cap_area, u32 sub_cap, void *cap, size_t count); 387d677bfe2SMiquel Raynal 388d677bfe2SMiquel Raynal /** 389d677bfe2SMiquel Raynal * Issue a TPM_FlushSpecific command for a AUTH resource. 390d677bfe2SMiquel Raynal * 391d677bfe2SMiquel Raynal * @param auth_handle handle of the auth session 392d677bfe2SMiquel Raynal * @return return code of the operation 393d677bfe2SMiquel Raynal */ 394d677bfe2SMiquel Raynal u32 tpm_terminate_auth_session(u32 auth_handle); 395d677bfe2SMiquel Raynal 396d677bfe2SMiquel Raynal /** 397d677bfe2SMiquel Raynal * Issue a TPM_OIAP command to setup an object independent authorization 398d677bfe2SMiquel Raynal * session. 399d677bfe2SMiquel Raynal * Information about the session is stored internally. 400d677bfe2SMiquel Raynal * If there was already an OIAP session active it is terminated and a new 401d677bfe2SMiquel Raynal * session is set up. 402d677bfe2SMiquel Raynal * 403d677bfe2SMiquel Raynal * @param auth_handle pointer to the (new) auth handle or NULL. 404d677bfe2SMiquel Raynal * @return return code of the operation 405d677bfe2SMiquel Raynal */ 406d677bfe2SMiquel Raynal u32 tpm_oiap(u32 *auth_handle); 407d677bfe2SMiquel Raynal 408d677bfe2SMiquel Raynal /** 409d677bfe2SMiquel Raynal * Ends an active OIAP session. 410d677bfe2SMiquel Raynal * 411d677bfe2SMiquel Raynal * @return return code of the operation 412d677bfe2SMiquel Raynal */ 413d677bfe2SMiquel Raynal u32 tpm_end_oiap(void); 414d677bfe2SMiquel Raynal 415d677bfe2SMiquel Raynal /** 416d677bfe2SMiquel Raynal * Issue a TPM_LoadKey2 (Auth1) command using an OIAP session for authenticating 417d677bfe2SMiquel Raynal * the usage of the parent key. 418d677bfe2SMiquel Raynal * 419d677bfe2SMiquel Raynal * @param parent_handle handle of the parent key. 420d677bfe2SMiquel Raynal * @param key pointer to the key structure (TPM_KEY or TPM_KEY12). 421d677bfe2SMiquel Raynal * @param key_length size of the key structure 422d677bfe2SMiquel Raynal * @param parent_key_usage_auth usage auth for the parent key 423d677bfe2SMiquel Raynal * @param key_handle pointer to the key handle 424d677bfe2SMiquel Raynal * @return return code of the operation 425d677bfe2SMiquel Raynal */ 426d677bfe2SMiquel Raynal u32 tpm_load_key2_oiap(u32 parent_handle, const void *key, size_t key_length, 427d677bfe2SMiquel Raynal const void *parent_key_usage_auth, u32 *key_handle); 428d677bfe2SMiquel Raynal 429d677bfe2SMiquel Raynal /** 430d677bfe2SMiquel Raynal * Issue a TPM_GetPubKey (Auth1) command using an OIAP session for 431d677bfe2SMiquel Raynal * authenticating the usage of the key. 432d677bfe2SMiquel Raynal * 433d677bfe2SMiquel Raynal * @param key_handle handle of the key 434d677bfe2SMiquel Raynal * @param usage_auth usage auth for the key 435d677bfe2SMiquel Raynal * @param pubkey pointer to the pub key buffer; may be NULL if the pubkey 436d677bfe2SMiquel Raynal * should not be stored. 437d677bfe2SMiquel Raynal * @param pubkey_len pointer to the pub key buffer len. On entry: the size of 438d677bfe2SMiquel Raynal * the provided pubkey buffer. On successful exit: the size 439d677bfe2SMiquel Raynal * of the stored TPM_PUBKEY structure (iff pubkey != NULL). 440d677bfe2SMiquel Raynal * @return return code of the operation 441d677bfe2SMiquel Raynal */ 442d677bfe2SMiquel Raynal u32 tpm_get_pub_key_oiap(u32 key_handle, const void *usage_auth, void *pubkey, 443d677bfe2SMiquel Raynal size_t *pubkey_len); 444d677bfe2SMiquel Raynal 445d677bfe2SMiquel Raynal /** 446d677bfe2SMiquel Raynal * Get the TPM permanent flags value 447d677bfe2SMiquel Raynal * 448d677bfe2SMiquel Raynal * @param pflags Place to put permanent flags 449d677bfe2SMiquel Raynal * @return return code of the operation 450d677bfe2SMiquel Raynal */ 451d677bfe2SMiquel Raynal u32 tpm_get_permanent_flags(struct tpm_permanent_flags *pflags); 452d677bfe2SMiquel Raynal 453d677bfe2SMiquel Raynal /** 454d677bfe2SMiquel Raynal * Get the TPM permissions 455d677bfe2SMiquel Raynal * 456d677bfe2SMiquel Raynal * @param perm Returns permissions value 457d677bfe2SMiquel Raynal * @return return code of the operation 458d677bfe2SMiquel Raynal */ 459d677bfe2SMiquel Raynal u32 tpm_get_permissions(u32 index, u32 *perm); 460d677bfe2SMiquel Raynal 461d677bfe2SMiquel Raynal /** 462d677bfe2SMiquel Raynal * Flush a resource with a given handle and type from the TPM 463d677bfe2SMiquel Raynal * 464d677bfe2SMiquel Raynal * @param key_handle handle of the resource 465d677bfe2SMiquel Raynal * @param resource_type type of the resource 466d677bfe2SMiquel Raynal * @return return code of the operation 467d677bfe2SMiquel Raynal */ 468d677bfe2SMiquel Raynal u32 tpm_flush_specific(u32 key_handle, u32 resource_type); 469d677bfe2SMiquel Raynal 470d677bfe2SMiquel Raynal #ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1 471d677bfe2SMiquel Raynal /** 472d677bfe2SMiquel Raynal * Search for a key by usage AuthData and the hash of the parent's pub key. 473d677bfe2SMiquel Raynal * 474d677bfe2SMiquel Raynal * @param auth Usage auth of the key to search for 475d677bfe2SMiquel Raynal * @param pubkey_digest SHA1 hash of the pub key structure of the key 476d677bfe2SMiquel Raynal * @param[out] handle The handle of the key (Non-null iff found) 477d677bfe2SMiquel Raynal * @return 0 if key was found in TPM; != 0 if not. 478d677bfe2SMiquel Raynal */ 479d677bfe2SMiquel Raynal u32 tpm_find_key_sha1(const u8 auth[20], const u8 pubkey_digest[20], 480d677bfe2SMiquel Raynal u32 *handle); 481d677bfe2SMiquel Raynal #endif /* CONFIG_TPM_LOAD_KEY_BY_SHA1 */ 482d677bfe2SMiquel Raynal 483d677bfe2SMiquel Raynal /** 484d677bfe2SMiquel Raynal * Read random bytes from the TPM RNG. The implementation deals with the fact 485d677bfe2SMiquel Raynal * that the TPM may legally return fewer bytes than requested by retrying 486d677bfe2SMiquel Raynal * until @p count bytes have been received. 487d677bfe2SMiquel Raynal * 488d677bfe2SMiquel Raynal * @param data output buffer for the random bytes 489d677bfe2SMiquel Raynal * @param count size of output buffer 490d677bfe2SMiquel Raynal * @return return code of the operation 491d677bfe2SMiquel Raynal */ 492d677bfe2SMiquel Raynal u32 tpm_get_random(void *data, u32 count); 493d677bfe2SMiquel Raynal 494d677bfe2SMiquel Raynal #endif /* __TPM_V1_H */ 495