1 /* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
2  * Use of this source code is governed by a BSD-style license that can be
3  * found in the LICENSE file.
4  */
5 
6 /*
7  * TPM Lightweight Command Library.
8  *
9  * A low-level library for interfacing to TPM hardware or an emulator.
10  */
11 
12 #ifndef TPM_LITE_TLCL_H_
13 #define TPM_LITE_TLCL_H_
14 #include <stdint.h>
15 
16 #include "tss_constants.h"
17 
18 /*****************************************************************************/
19 /* Functions implemented in tlcl.c */
20 
21 /**
22  * Call this first.  Returns 0 if success, nonzero if error.
23  */
24 uint32_t TlclLibInit(void);
25 
26 /**
27  * Call this on shutdown.  Returns 0 if success, nonzero if error.
28  */
29 uint32_t TlclLibClose(void);
30 
31 /* Low-level operations */
32 
33 /**
34  * Perform a raw TPM request/response transaction.
35  */
36 uint32_t TlclSendReceive(const uint8_t *request, uint8_t *response,
37                          int max_length);
38 
39 /**
40  * Return the size of a TPM request or response packet.
41  */
42 int TlclPacketSize(const uint8_t *packet);
43 
44 /* Commands */
45 
46 /**
47  * Send a TPM_Startup(ST_CLEAR).  The TPM error code is returned (0 for
48  * success).
49  */
50 uint32_t TlclStartup(void);
51 
52 /**
53  * Save the TPM state.  Normally done by the kernel before a suspend, included
54  * here for tests.  The TPM error code is returned (0 for success).
55  */
56 uint32_t TlclSaveState(void);
57 
58 /**
59  * Resume by sending a TPM_Startup(ST_STATE).  The TPM error code is returned
60  * (0 for success).
61  */
62 uint32_t TlclResume(void);
63 
64 /**
65  * Run the self test.
66  *
67  * Note---this is synchronous.  To run this in parallel with other firmware,
68  * use ContinueSelfTest().  The TPM error code is returned.
69  */
70 uint32_t TlclSelfTestFull(void);
71 
72 /**
73  * Run the self test in the background.
74  */
75 uint32_t TlclContinueSelfTest(void);
76 
77 /**
78  * Define a space with permission [perm].  [index] is the index for the space,
79  * [size] the usable data size.  The TPM error code is returned.
80  */
81 uint32_t TlclDefineSpace(uint32_t index, uint32_t perm, uint32_t size);
82 
83 /**
84  * Write [length] bytes of [data] to space at [index].  The TPM error code is
85  * returned.
86  */
87 uint32_t TlclWrite(uint32_t index, const void *data, uint32_t length);
88 
89 /**
90  * Read [length] bytes from space at [index] into [data].  The TPM error code
91  * is returned.
92  */
93 uint32_t TlclRead(uint32_t index, void *data, uint32_t length);
94 
95 /**
96  * Read PCR at [index] into [data].  [length] must be TPM_PCR_DIGEST or
97  * larger. The TPM error code is returned.
98  */
99 uint32_t TlclPCRRead(uint32_t index, void *data, uint32_t length);
100 
101 /**
102  * Write-lock space at [index].  The TPM error code is returned.
103  */
104 uint32_t TlclWriteLock(uint32_t index);
105 
106 /**
107  * Read-lock space at [index].  The TPM error code is returned.
108  */
109 uint32_t TlclReadLock(uint32_t index);
110 
111 /**
112  * Assert physical presence in software.  The TPM error code is returned.
113  */
114 uint32_t TlclAssertPhysicalPresence(void);
115 
116 /**
117  * Enable the physical presence command.  The TPM error code is returned.
118  */
119 uint32_t TlclPhysicalPresenceCMDEnable(void);
120 
121 /**
122  * Finalize the physical presence settings: sofware PP is enabled, hardware PP
123  * is disabled, and the lifetime lock is set.  The TPM error code is returned.
124  */
125 uint32_t TlclFinalizePhysicalPresence(void);
126 
127 uint32_t TlclAssertPhysicalPresenceResult(void);
128 
129 /**
130  * Turn off physical presence and locks it off until next reboot.  The TPM
131  * error code is returned.
132  */
133 uint32_t TlclLockPhysicalPresence(void);
134 
135 /**
136  * Set the nvLocked bit.  The TPM error code is returned.
137  */
138 uint32_t TlclSetNvLocked(void);
139 
140 /**
141  * Return 1 if the TPM is owned, 0 otherwise.
142  */
143 int TlclIsOwned(void);
144 
145 /**
146  * Issue a ForceClear.  The TPM error code is returned.
147  */
148 uint32_t TlclForceClear(void);
149 
150 /**
151  * Issue a PhysicalEnable.  The TPM error code is returned.
152  */
153 uint32_t TlclSetEnable(void);
154 
155 /**
156  * Issue a PhysicalDisable.  The TPM error code is returned.
157  */
158 uint32_t TlclClearEnable(void);
159 
160 /**
161  * Issue a SetDeactivated.  Pass 0 to activate.  Returns result code.
162  */
163 uint32_t TlclSetDeactivated(uint8_t flag);
164 
165 /**
166  * Get flags of interest.  Pointers for flags you aren't interested in may
167  * be NULL.  The TPM error code is returned.
168  */
169 uint32_t TlclGetFlags(uint8_t *disable, uint8_t *deactivated,
170                       uint8_t *nvlocked);
171 
172 /**
173  * Set the bGlobalLock flag, which only a reboot can clear.  The TPM error
174  * code is returned.
175  */
176 uint32_t TlclSetGlobalLock(void);
177 
178 /**
179  * Perform a TPM_Extend.
180  */
181 uint32_t TlclExtend(int pcr_num, const uint8_t *in_digest, uint8_t *out_digest);
182 
183 /**
184  * Get the permission bits for the NVRAM space with |index|.
185  */
186 uint32_t TlclGetPermissions(uint32_t index, uint32_t *permissions);
187 
188 /**
189  * Get the entire set of permanent flags.
190  */
191 uint32_t TlclGetPermanentFlags(TPM_PERMANENT_FLAGS *pflags);
192 
193 /**
194  * Get the entire set of volatile (ST_CLEAR) flags.
195  */
196 uint32_t TlclGetSTClearFlags(TPM_STCLEAR_FLAGS *pflags);
197 
198 /**
199  * Get the ownership flag. The TPM error code is returned.
200  */
201 uint32_t TlclGetOwnership(uint8_t *owned);
202 
203 /**
204  * Request [length] bytes from TPM RNG to be stored in [data]. Actual number of
205  * bytes read is stored in [size]. The TPM error code is returned.
206  */
207 uint32_t TlclGetRandom(uint8_t *data, uint32_t length, uint32_t *size);
208 
209 #endif  /* TPM_LITE_TLCL_H_ */
210