diff options
author | Namyoon Woo <namyoon@google.com> | 2018-06-19 08:44:37 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2018-06-21 19:56:21 -0700 |
commit | 0eb2c25d926d2ae2d59bede0062729c1db0e31c8 (patch) | |
tree | d0ea471857900d2b683574bd10419483c9188dbb | |
parent | 27e8d040b368601051cedf702bd1dfc53b279c50 (diff) | |
download | chrome-ec-0eb2c25d926d2ae2d59bede0062729c1db0e31c8.tar.gz |
gsctool: support for enabling/disabling TPM.
This patch introduces '-m' or '--tpm_mode' flag, which either
enables or disables TPM.
(chroot) gsctool -m enable
open_device 18d1:5014
found interface 3 endpoint 4, chunk_len 64
READY
-------
(chroot) gsctool --tpm_mode disable
open_device 18d1:5014
found interface 3 endpoint 4, chunk_len 64
READY
-------
BUG=b:77543596
BRANCH=gsctool
TEST=manually
Signed-off-by: Namyoon Woo <namyoon@google.com>
Change-Id: I2feb8c51d4343a49f2f5d43291c304e3ad140057
Reviewed-on: https://chromium-review.googlesource.com/1106295
Commit-Ready: Namyoon Woo <namyoon@chromium.org>
Tested-by: Namyoon Woo <namyoon@chromium.org>
Reviewed-by: Namyoon Woo <namyoon@chromium.org>
-rw-r--r-- | extra/usb_updater/gsctool.c | 73 | ||||
-rw-r--r-- | include/tpm_registers.h | 1 |
2 files changed, 73 insertions, 1 deletions
diff --git a/extra/usb_updater/gsctool.c b/extra/usb_updater/gsctool.c index 1ba93ddd9b..a8fa5102c9 100644 --- a/extra/usb_updater/gsctool.c +++ b/extra/usb_updater/gsctool.c @@ -28,6 +28,7 @@ #include "gsctool.h" #include "misc_util.h" #include "signed_header.h" +#include "tpm_registers.h" #include "tpm_vendor_cmds.h" #include "upgrade_fw.h" #include "usb_descriptor.h" @@ -196,7 +197,7 @@ struct upgrade_pkt { static int verbose_mode; static uint32_t protocol_version; static char *progname; -static char *short_opts = "aBbcd:F:fhIikO:oPprstUuVvw"; +static char *short_opts = "aBbcd:F:fhIikmO:oPprstUuVvw"; static const struct option long_opts[] = { /* name hasarg *flag val */ {"any", 0, NULL, 'a'}, @@ -217,6 +218,7 @@ static const struct option long_opts[] = { {"post_reset", 0, NULL, 'p'}, {"rma_auth", 2, NULL, 'r'}, {"systemdev", 0, NULL, 's'}, + {"tpm_mode", 1, NULL, 'm'}, {"trunks_send", 0, NULL, 't'}, {"verbose", 0, NULL, 'V'}, {"version", 0, NULL, 'v'}, @@ -525,6 +527,8 @@ static void usage(int errs) " ID could be 32 bit hex or 4 " "character string.\n" " -k,--ccd_lock Lock CCD\n" + " -m,--tpm_mode [enable|disable]\n" + " Change or query tpm_mode\n" " -O,--openbox_rma <desc_file>\n" " Verify other device's RO integrity\n" " using information provided in " @@ -1973,6 +1977,56 @@ static void report_version(void) exit(0); } +/* + * Either change or query TPM mode value. + */ +static int process_tpm_mode(struct transfer_descriptor *td, + const char *arg) +{ + int rv; + size_t command_size; + size_t response_size; + uint8_t response; + uint8_t command_body; + + response_size = sizeof(response); + if (!arg) { + command_size = 0; + } else if (!strcasecmp(arg, "disable")) { + command_size = sizeof(command_body); + command_body = (uint8_t) TPM_MODE_DISABLED; + } else if (!strcasecmp(arg, "enable")) { + command_size = sizeof(command_body); + command_body = (uint8_t) TPM_MODE_ENABLED; + } else { + fprintf(stderr, "Invalid tpm mode arg: %s.\n", arg); + return update_error; + } + + rv = send_vendor_command(td, VENDOR_CC_TPM_MODE, + &command_body, command_size, + &response, &response_size); + if (rv) { + fprintf(stderr, "Error %d in setting TPM mode.\n", rv); + return update_error; + } + if (response_size != sizeof(response)) { + fprintf(stderr, "Error in the size of response," + " %zu.\n", response_size); + return update_error; + } + if (response >= TPM_MODE_MAX) { + fprintf(stderr, "Error in the value of response," + " %d.\n", response); + return update_error; + } + + printf("TPM Mode: %s (%d)\n", (response == TPM_MODE_DISABLED) ? + "disabled" : "enabled", response); + + return rv; +} + int main(int argc, char *argv[]) { struct transfer_descriptor td; @@ -1997,11 +2051,14 @@ int main(int argc, char *argv[]) int ccd_info = 0; int wp = 0; int try_all_transfer = 0; + int tpm_mode = 0; + const char *exclusive_opt_error = "Options -a, -s and -t are mutually exclusive\n"; const char *openbox_desc_file = NULL; int factory_mode = 0; char *factory_mode_arg; + char *tpm_mode_arg = NULL; progname = strrchr(argv[0], '/'); if (progname) @@ -2073,6 +2130,13 @@ int main(int argc, char *argv[]) case 'k': ccd_lock = 1; break; + case 'm': + tpm_mode = 1; + if (!optarg && argv[optind] && argv[optind][0] != '-') { + optarg = argv[optind++]; + tpm_mode_arg = optarg; + } + break; case 'O': openbox_desc_file = optarg; break; @@ -2162,6 +2226,7 @@ int main(int argc, char *argv[]) !rma && !show_fw_ver && !openbox_desc_file && + !tpm_mode && !wp) { if (optind >= argc) { fprintf(stderr, @@ -2233,6 +2298,12 @@ int main(int argc, char *argv[]) if (corrupt_inactive_rw) invalidate_inactive_rw(&td); + if (tpm_mode) { + int rv = process_tpm_mode(&td, tpm_mode_arg); + + exit(rv); + } + if (data || show_fw_ver) { setup_connection(&td); diff --git a/include/tpm_registers.h b/include/tpm_registers.h index ed03959185..dcdbe41566 100644 --- a/include/tpm_registers.h +++ b/include/tpm_registers.h @@ -115,6 +115,7 @@ enum tpm_modes { TPM_MODE_ENABLED_TENTATIVE = 0, TPM_MODE_ENABLED = 1, TPM_MODE_DISABLED = 2, + TPM_MODE_MAX, }; /* |