cr50: add a function to read TPM NVMEM locations

The cr50 code might need access to certain variables stored in the TPM
NVMEM. In particular the upcoming FWMP support will require reading
the NVMEM FWMP space.

This patch adds a generic function which allows to access TPM NVMEM
spaces. The implementation was borrowed from NV_REad.c in the tpm2
tree, the only difference being that the location, if present, is read
unconditionally, without checking access controls.

The API accepts the NVMEM index in Chrome OS scope and maps it into
TPM2 specification's NVMEM index space based at HR_NV_INDEX. The
definitions are included straight from the tpm2 tree.

BRANCH=none
BUG=chrome-os-partner:62489, chrome-os-partner:62205
TEST=this code is not yet even being compiled, tested with the next
      patch.

Change-Id: I8bcfd8637c192249780634491f30e4a28229984f
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/457823
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>

2 files changed, 75 insertions, 0 deletions

diff --git a/board/cr50/tpm_nvmem_read.c b/board/cr50/tpm_nvmem_read.c
new file mode 100644
index 0000000000..c71c7cce0c
--- /dev/null
+++ b/board/cr50/tpm_nvmem_read.c
@@ -0,0 +1,55 @@
+/*
+ * Copyright 2017 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#include "common.h"
+#include "console.h"
+#include "tpm_nvmem_read.h"
+
+/* These come from the tpm2 tree. */
+#include "Global.h"
+#include "Implementation.h"
+#include "NV_fp.h"
+#include "tpm_types.h"
+
+#define CPRINTF(format, args...) cprintf(CC_TASK, format, ## args)
+
+enum tpm_read_rv read_tpm_nvmem(uint16_t obj_index,
+				uint16_t obj_size, void *obj_value)
+{
+	TPMI_RH_NV_INDEX object_handle;
+	NV_INDEX         nvIndex;
+
+	object_handle = HR_NV_INDEX + obj_index;
+	if (NvIndexIsAccessible(object_handle,
+				TPM_CC_NV_Read) != TPM_RC_SUCCESS) {
+		CPRINTF("%s: object at 0x%x not found\n", __func__, obj_index);
+		return tpm_read_not_found;
+	}
+
+	/* Get properties of this index as stored in nvmem. */
+	NvGetIndexInfo(object_handle, &nvIndex);
+
+	/*
+	 * We presume it is readable and are not checking the access
+	 * limitations.
+	 */
+
+	/*
+	 * Does the caller ask for too much? Note that we always read from the
+	 * beginning of the space, unlike the actual TPM2_NV_Read command
+	 * which can start at an offset.
+	 */
+	if (obj_size > nvIndex.publicArea.dataSize) {
+		CPRINTF("%s: object at 0x%x is smaller than %d\n",
+			__func__, obj_index, obj_size);
+		return tpm_read_too_small;
+	}
+
+	/* Perform the read. */
+	NvGetIndexData(object_handle, &nvIndex, 0, obj_size, obj_value);
+
+	return tpm_read_success;
+}
diff --git a/board/cr50/tpm_nvmem_read.h b/board/cr50/tpm_nvmem_read.h
new file mode 100644
index 0000000000..83d3a415be
--- /dev/null
+++ b/board/cr50/tpm_nvmem_read.h
@@ -0,0 +1,20 @@
+/*
+ * Copyright 2017 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#ifndef __EC_BOARD_CR50_TPM_NVMEM_READ_H
+#define __EC_BOARD_CR50_TPM_NVMEM_READ_H
+
+enum tpm_read_rv {
+	tpm_read_success,
+	tpm_read_not_found,
+	tpm_read_too_small
+};
+
+enum tpm_read_rv read_tpm_nvmem(uint16_t object_index,
+				uint16_t object_size,
+				void *obj_value);
+
+#endif  /* ! __EC_BOARD_CR50_TPM_NVMEM_READ_H */