libcros 0.4.2

/* Copyright 2016 The ChromiumOS Authors
 * Use of this source code is governed by a BSD-style license that can be
 * found in the LICENSE file.
 *
 * Some TPM constants and type definitions for standalone compilation for use
 * in the firmware
 */

#ifndef VBOOT_REFERENCE_TPM2_TSS_CONSTANTS_H_
#define VBOOT_REFERENCE_TPM2_TSS_CONSTANTS_H_

#ifdef __cplusplus
extern "C" {
#endif  /* __cplusplus */

#define TPM_BUFFER_SIZE 2048

/* Tpm2 command tags. */
#define TPM_ST_NO_SESSIONS 0x8001
#define TPM_ST_SESSIONS    0x8002

/* TPM2 command codes. */
#define TPM2_EvictControl      ((TPM_CC)0x00000120)
#define TPM2_Hierarchy_Control ((TPM_CC)0x00000121)
#define TPM2_NV_UndefineSpace  ((TPM_CC)0x00000122)
#define TPM2_Clear             ((TPM_CC)0x00000126)
#define TPM2_NV_DefineSpace    ((TPM_CC)0x0000012A)
#define TPM2_CreatePrimary     ((TPM_CC)0x00000131)
#define TPM2_NV_Write          ((TPM_CC)0x00000137)
#define TPM2_NV_WriteLock      ((TPM_CC)0x00000138)
#define TPM2_SelfTest          ((TPM_CC)0x00000143)
#define TPM2_Startup           ((TPM_CC)0x00000144)
#define TPM2_Shutdown          ((TPM_CC)0x00000145)
#define TPM2_NV_Read           ((TPM_CC)0x0000014E)
#define TPM2_NV_ReadLock       ((TPM_CC)0x0000014F)
#define TPM2_NV_ReadPublic     ((TPM_CC)0x00000169)
#define TPM2_ReadPublic        ((TPM_CC)0x00000173)
#define TPM2_GetCapability     ((TPM_CC)0x0000017A)
#define TPM2_GetRandom         ((TPM_CC)0x0000017B)
#define TPM2_PCR_Extend        ((TPM_CC)0x00000182)

#define TPM_HT_PCR             0x00
#define TPM_HT_NV_INDEX        0x01

#define HR_SHIFT               24
#define HR_PCR                (TPM_HT_PCR <<  HR_SHIFT)
#define HR_NV_INDEX           (TPM_HT_NV_INDEX <<  HR_SHIFT)
#define TPM_RH_OWNER        0x40000001
#define TPM_RH_NULL         0x40000007
#define TPM_RH_ENDORSEMENT  0x4000000B
#define TPM_RH_PLATFORM     0x4000000C
#define TPM_RS_PW           0x40000009

/* TPM2 capabilities. */
#define TPM_CAP_FIRST                   ((TPM_CAP)0x00000000)
#define TPM_CAP_TPM_PROPERTIES          ((TPM_CAP)0x00000006)

/* TPM properties */
#define TPM_PT_NONE                     ((TPM_PT)0x00000000)
#define PT_GROUP                        ((TPM_PT)0x00000100)
#define PT_FIXED                        PT_GROUP
#define TPM_PT_MANUFACTURER             (PT_FIXED + 5)
#define TPM_PT_VENDOR_STRING_1          (PT_FIXED + 6)
#define TPM_PT_VENDOR_STRING_4          (PT_FIXED + 9)
#define TPM_PT_FIRMWARE_VERSION_1       (PT_FIXED + 11)
#define TPM_PT_FIRMWARE_VERSION_2       (PT_FIXED + 12)
#define PT_VAR                          (PT_GROUP * 2)
#define TPM_PT_PERMANENT                (PT_VAR + 0)
#define TPM_PT_STARTUP_CLEAR            (PT_VAR + 1)

/* TPM startup types. */
#define TPM_SU_CLEAR                    ((TPM_SU)0x0000)
#define TPM_SU_STATE                    ((TPM_SU)0x0001)

/* TPM algorithm IDs. */
#define TPM_ALG_SHA1			((TPM_ALG_ID)0x0004)
#define TPM_ALG_SHA256			((TPM_ALG_ID)0x000B)
#define TPM_ALG_NULL			((TPM_ALG_ID)0x0010)

/* NV index attributes. */
#define TPMA_NV_PPWRITE			((TPMA_NV)(1UL << 0))
#define TPMA_NV_OWNERWRITE		((TPMA_NV)(1UL << 1))
#define TPMA_NV_AUTHWRITE		((TPMA_NV)(1UL << 2))
#define TPMA_NV_POLICYWRITE		((TPMA_NV)(1UL << 3))
#define TPMA_NV_COUNTER			((TPMA_NV)(1UL << 4))
#define TPMA_NV_BITS			((TPMA_NV)(1UL << 5))
#define TPMA_NV_EXTEND			((TPMA_NV)(1UL << 6))
#define TPMA_NV_POLICY_DELETE		((TPMA_NV)(1UL << 10))
#define TPMA_NV_WRITELOCKED		((TPMA_NV)(1UL << 11))
#define TPMA_NV_WRITEALL		((TPMA_NV)(1UL << 12))
#define TPMA_NV_WRITEDEFINE		((TPMA_NV)(1UL << 13))
#define TPMA_NV_WRITE_STCLEAR		((TPMA_NV)(1UL << 14))
#define TPMA_NV_GLOBALLOCK		((TPMA_NV)(1UL << 15))
#define TPMA_NV_PPREAD			((TPMA_NV)(1UL << 16))
#define TPMA_NV_OWNERREAD		((TPMA_NV)(1UL << 17))
#define TPMA_NV_AUTHREAD		((TPMA_NV)(1UL << 18))
#define TPMA_NV_POLICYREAD		((TPMA_NV)(1UL << 19))
#define TPMA_NV_NO_DA			((TPMA_NV)(1UL << 25))
#define TPMA_NV_ORDERLY			((TPMA_NV)(1UL << 26))
#define TPMA_NV_CLEAR_STCLEAR		((TPMA_NV)(1UL << 27))
#define TPMA_NV_READLOCKED		((TPMA_NV)(1UL << 28))
#define TPMA_NV_WRITTEN			((TPMA_NV)(1UL << 29))
#define TPMA_NV_PLATFORMCREATE		((TPMA_NV)(1UL << 30))
#define TPMA_NV_READ_STCLEAR		((TPMA_NV)(1UL << 31))

#define TPMA_NV_MASK_READ		(TPMA_NV_PPREAD | TPMA_NV_OWNERREAD |\
					 TPMA_NV_AUTHREAD | TPMA_NV_POLICYREAD)
#define TPMA_NV_MASK_WRITE		(TPMA_NV_PPWRITE | TPMA_NV_OWNERWRITE |\
					 TPMA_NV_AUTHWRITE |\
					 TPMA_NV_POLICYWRITE)

/* Starting indexes of NV index ranges, as defined in "Registry of reserved
 * TPM 2.0 handles and localities".
 */
#define TPMI_RH_NV_INDEX_TPM_START	((TPMI_RH_NV_INDEX)0x01000000)
#define TPMI_RH_NV_INDEX_PLATFORM_START	((TPMI_RH_NV_INDEX)0x01400000)
#define TPMI_RH_NV_INDEX_OWNER_START	((TPMI_RH_NV_INDEX)0x01800000)
#define TPMI_RH_NV_INDEX_TCG_OEM_START	((TPMI_RH_NV_INDEX)0x01C00000)
#define TPMI_RH_NV_INDEX_TCG_WG_START	((TPMI_RH_NV_INDEX)0x01C40000)
#define TPMI_RH_NV_INDEX_RESERVED_START	((TPMI_RH_NV_INDEX)0x01C90000)

#define HASH_COUNT 1 /* Only SHA-256 is supported */

/* Table 206 - Defines for SHA256 Hash Values */
#define SHA256_DIGEST_SIZE  32

typedef uint8_t TPMI_YES_NO;
typedef uint32_t TPM_CC;
typedef uint32_t TPM_HANDLE;
typedef TPM_HANDLE TPMI_DH_OBJECT;
typedef TPM_HANDLE TPMI_DH_PCR;
typedef TPM_HANDLE TPMI_DH_PERSISTENT;
typedef TPM_HANDLE TPMI_RH_ENABLES;
typedef TPM_HANDLE TPMI_RH_HIERARCHY;
typedef TPM_HANDLE TPMI_RH_NV_INDEX;
typedef TPM_HANDLE TPMI_RH_PROVISION;
typedef uint32_t TPM_CAP;
typedef uint32_t TPM_PT;
typedef uint16_t TPM_SU;
typedef uint16_t TPM_ALG_ID;
typedef TPM_ALG_ID TPMI_ALG_HASH;
typedef uint32_t TPMA_NV;

typedef struct {
	uint16_t      size;
	const uint8_t *buffer;
} TPM2B, TPM2B_DIGEST, TPM2B_AUTH, TPM2B_NAME;

typedef struct {
	TPM_PT property;
	uint32_t value;
} TPMS_TAGGED_PROPERTY;

typedef struct {
	uint32_t count;
	TPMS_TAGGED_PROPERTY tpm_property[1];
} TPML_TAGGED_TPM_PROPERTY;

typedef union {
	uint8_t sha256[SHA256_DIGEST_SIZE];
} TPMU_HA;

typedef struct {
	TPMI_ALG_HASH  hashAlg;
	TPMU_HA        digest;
} TPMT_HA;

typedef struct {
	uint32_t   count;
	TPMT_HA digests[HASH_COUNT];
} TPML_DIGEST_VALUES;

typedef union {
	TPML_TAGGED_TPM_PROPERTY tpm_properties;
} TPMU_CAPABILITIES;

typedef struct {
	TPM_CAP capability;
	TPMU_CAPABILITIES data;
} TPMS_CAPABILITY_DATA;

typedef struct {
	TPMI_RH_NV_INDEX nvIndex;
	TPMI_ALG_HASH nameAlg;
	TPMA_NV attributes;
	TPM2B authPolicy;
	uint16_t dataSize;
} TPMS_NV_PUBLIC;

struct tpm2_nv_define_space_cmd {
	TPM2B auth;
	TPMS_NV_PUBLIC publicInfo;
};

struct tpm2_nv_undefine_space_cmd {
	TPMI_RH_NV_INDEX nvIndex;
	uint8_t use_platform_auth;
};

struct tpm2_nv_read_cmd {
	TPMI_RH_NV_INDEX nvIndex;
	uint16_t size;
	uint16_t offset;
};

struct tpm2_nv_write_cmd {
	TPMI_RH_NV_INDEX nvIndex;
	TPM2B data;
	uint16_t offset;
};

struct tpm2_nv_read_lock_cmd {
	TPMI_RH_NV_INDEX nvIndex;
};

struct tpm2_nv_write_lock_cmd {
	TPMI_RH_NV_INDEX nvIndex;
};

struct tpm2_nv_read_public_cmd {
	TPMI_RH_NV_INDEX nvIndex;
};

struct tpm2_hierarchy_control_cmd {
	TPMI_RH_ENABLES enable;
	TPMI_YES_NO state;
};

struct tpm2_get_capability_cmd {
	TPM_CAP capability;
	uint32_t property;
	uint32_t property_count;
};

struct tpm2_get_random_cmd {
	uint16_t bytes_requested;
};

struct tpm2_self_test_cmd {
	TPMI_YES_NO full_test;
};

struct tpm2_startup_cmd {
	TPM_SU startup_type;
};

struct tpm2_shutdown_cmd {
	TPM_SU shutdown_type;
};

struct tpm2_pcr_extend_cmd {
	TPMI_DH_PCR pcrHandle;
	TPML_DIGEST_VALUES digests;
};

struct tpm2_read_public_cmd {
	TPMI_DH_OBJECT object_handle;
};

struct tpm2_evict_control_cmd {
	TPMI_RH_PROVISION auth;
	TPMI_DH_OBJECT object_handle;
	TPMI_DH_PERSISTENT persistent_handle;
};

struct tpm2_create_primary_cmd {
	TPMI_RH_HIERARCHY primary_handle;
	TPM2B in_sensitive;
	TPM2B in_public;
};

/* Common command/response header. */
struct tpm_header {
	uint16_t tpm_tag;
	uint32_t tpm_size;
	uint32_t tpm_code;
} __attribute__((packed));

struct nv_read_response {
	uint32_t params_size;
	TPM2B buffer;
};

struct read_public_response {
	TPM2B buffer;
};

struct tpm2_session_attrs {
	uint8_t continueSession : 1;
	uint8_t auditExclusive  : 1;
	uint8_t auditReset      : 1;
	uint8_t reserved3_4     : 2;
	uint8_t decrypt         : 1;
	uint8_t encrypt         : 1;
	uint8_t audit           : 1;
};

struct tpm2_session_header {
	uint32_t session_handle;
	uint16_t nonce_size;
	uint8_t *nonce;
	union {
		struct tpm2_session_attrs session_attr_bits;
		uint8_t session_attrs;
	}  __attribute__((packed));
	uint16_t auth_size;
	uint8_t *auth;
};

struct get_capability_response {
	TPMI_YES_NO more_data;
	TPMS_CAPABILITY_DATA capability_data;
} __attribute__((packed));

struct get_random_response {
	TPM2B_DIGEST random_bytes;
} __attribute__((packed));

struct nv_read_public_response {
	TPMS_NV_PUBLIC nvPublic;
	TPM2B_NAME nvName;
} __attribute__((packed));

struct create_primary_response {
	TPM_HANDLE object_handle;
} __attribute__((packed));

struct tpm2_response {
	struct tpm_header hdr;
	union {
		struct nv_read_response nvr;
		struct tpm2_session_header def_space;
		struct get_capability_response cap;
		struct get_random_response random;
		struct nv_read_public_response nv_read_public;
		struct read_public_response read_pub;
		struct create_primary_response create_primary;
	};
};

typedef struct {
	uint32_t ownerAuthSet : 1;
	uint32_t endorsementAuthSet : 1;
	uint32_t lockoutAuthSet : 1;
	uint32_t reserved3_7 : 5;
	uint32_t disableClear : 1;
	uint32_t inLockout : 1;
	uint32_t tpmGeneratedEPS : 1;
	uint32_t reserved11_31 : 21;
} TPM_PERMANENT_FLAGS;

typedef struct {
	uint32_t phEnable : 1;
	uint32_t shEnable : 1;
	uint32_t ehEnable : 1;
	uint32_t phEnableNV : 1;
	uint32_t reserved4_30 : 27;
	uint32_t orderly : 1;
} TPM_STCLEAR_FLAGS;

typedef struct tdTPM_IFX_FIELDUPGRADEINFO
{
} TPM_IFX_FIELDUPGRADEINFO;

/* TODO(apronin): For TPM2 certain properties must be received using
 * TPM2_GetCapability instead of being hardcoded as they are now:
 * TPM_MAX_COMMAND_SIZE -> use TPM_PT_MAX_COMMAND_SIZE for TPM2.
 * TPM_PCR_DIGEST -> use TPM_PT_MAX_DIGEST for TPM2.
 */
#define TPM_MAX_COMMAND_SIZE	4096
#define TPM_PCR_DIGEST		32

#ifdef __cplusplus
}
#endif  /* __cplusplus */

#endif  /* VBOOT_REFERENCE_TPM2_TSS_CONSTANTS_H_ */