summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNamyoon Woo <namyoon@google.com>2018-06-19 08:44:37 -0700
committerchrome-bot <chrome-bot@chromium.org>2018-06-21 19:56:21 -0700
commit0eb2c25d926d2ae2d59bede0062729c1db0e31c8 (patch)
treed0ea471857900d2b683574bd10419483c9188dbb
parent27e8d040b368601051cedf702bd1dfc53b279c50 (diff)
downloadchrome-ec-0eb2c25d926d2ae2d59bede0062729c1db0e31c8.tar.gz
gsctool: support for enabling/disabling TPM.
This patch introduces '-m' or '--tpm_mode' flag, which either enables or disables TPM. (chroot) gsctool -m enable open_device 18d1:5014 found interface 3 endpoint 4, chunk_len 64 READY ------- (chroot) gsctool --tpm_mode disable open_device 18d1:5014 found interface 3 endpoint 4, chunk_len 64 READY ------- BUG=b:77543596 BRANCH=gsctool TEST=manually Signed-off-by: Namyoon Woo <namyoon@google.com> Change-Id: I2feb8c51d4343a49f2f5d43291c304e3ad140057 Reviewed-on: https://chromium-review.googlesource.com/1106295 Commit-Ready: Namyoon Woo <namyoon@chromium.org> Tested-by: Namyoon Woo <namyoon@chromium.org> Reviewed-by: Namyoon Woo <namyoon@chromium.org>
-rw-r--r--extra/usb_updater/gsctool.c73
-rw-r--r--include/tpm_registers.h1
2 files changed, 73 insertions, 1 deletions
diff --git a/extra/usb_updater/gsctool.c b/extra/usb_updater/gsctool.c
index 1ba93ddd9b..a8fa5102c9 100644
--- a/extra/usb_updater/gsctool.c
+++ b/extra/usb_updater/gsctool.c
@@ -28,6 +28,7 @@
#include "gsctool.h"
#include "misc_util.h"
#include "signed_header.h"
+#include "tpm_registers.h"
#include "tpm_vendor_cmds.h"
#include "upgrade_fw.h"
#include "usb_descriptor.h"
@@ -196,7 +197,7 @@ struct upgrade_pkt {
static int verbose_mode;
static uint32_t protocol_version;
static char *progname;
-static char *short_opts = "aBbcd:F:fhIikO:oPprstUuVvw";
+static char *short_opts = "aBbcd:F:fhIikmO:oPprstUuVvw";
static const struct option long_opts[] = {
/* name hasarg *flag val */
{"any", 0, NULL, 'a'},
@@ -217,6 +218,7 @@ static const struct option long_opts[] = {
{"post_reset", 0, NULL, 'p'},
{"rma_auth", 2, NULL, 'r'},
{"systemdev", 0, NULL, 's'},
+ {"tpm_mode", 1, NULL, 'm'},
{"trunks_send", 0, NULL, 't'},
{"verbose", 0, NULL, 'V'},
{"version", 0, NULL, 'v'},
@@ -525,6 +527,8 @@ static void usage(int errs)
" ID could be 32 bit hex or 4 "
"character string.\n"
" -k,--ccd_lock Lock CCD\n"
+ " -m,--tpm_mode [enable|disable]\n"
+ " Change or query tpm_mode\n"
" -O,--openbox_rma <desc_file>\n"
" Verify other device's RO integrity\n"
" using information provided in "
@@ -1973,6 +1977,56 @@ static void report_version(void)
exit(0);
}
+/*
+ * Either change or query TPM mode value.
+ */
+static int process_tpm_mode(struct transfer_descriptor *td,
+ const char *arg)
+{
+ int rv;
+ size_t command_size;
+ size_t response_size;
+ uint8_t response;
+ uint8_t command_body;
+
+ response_size = sizeof(response);
+ if (!arg) {
+ command_size = 0;
+ } else if (!strcasecmp(arg, "disable")) {
+ command_size = sizeof(command_body);
+ command_body = (uint8_t) TPM_MODE_DISABLED;
+ } else if (!strcasecmp(arg, "enable")) {
+ command_size = sizeof(command_body);
+ command_body = (uint8_t) TPM_MODE_ENABLED;
+ } else {
+ fprintf(stderr, "Invalid tpm mode arg: %s.\n", arg);
+ return update_error;
+ }
+
+ rv = send_vendor_command(td, VENDOR_CC_TPM_MODE,
+ &command_body, command_size,
+ &response, &response_size);
+ if (rv) {
+ fprintf(stderr, "Error %d in setting TPM mode.\n", rv);
+ return update_error;
+ }
+ if (response_size != sizeof(response)) {
+ fprintf(stderr, "Error in the size of response,"
+ " %zu.\n", response_size);
+ return update_error;
+ }
+ if (response >= TPM_MODE_MAX) {
+ fprintf(stderr, "Error in the value of response,"
+ " %d.\n", response);
+ return update_error;
+ }
+
+ printf("TPM Mode: %s (%d)\n", (response == TPM_MODE_DISABLED) ?
+ "disabled" : "enabled", response);
+
+ return rv;
+}
+
int main(int argc, char *argv[])
{
struct transfer_descriptor td;
@@ -1997,11 +2051,14 @@ int main(int argc, char *argv[])
int ccd_info = 0;
int wp = 0;
int try_all_transfer = 0;
+ int tpm_mode = 0;
+
const char *exclusive_opt_error =
"Options -a, -s and -t are mutually exclusive\n";
const char *openbox_desc_file = NULL;
int factory_mode = 0;
char *factory_mode_arg;
+ char *tpm_mode_arg = NULL;
progname = strrchr(argv[0], '/');
if (progname)
@@ -2073,6 +2130,13 @@ int main(int argc, char *argv[])
case 'k':
ccd_lock = 1;
break;
+ case 'm':
+ tpm_mode = 1;
+ if (!optarg && argv[optind] && argv[optind][0] != '-') {
+ optarg = argv[optind++];
+ tpm_mode_arg = optarg;
+ }
+ break;
case 'O':
openbox_desc_file = optarg;
break;
@@ -2162,6 +2226,7 @@ int main(int argc, char *argv[])
!rma &&
!show_fw_ver &&
!openbox_desc_file &&
+ !tpm_mode &&
!wp) {
if (optind >= argc) {
fprintf(stderr,
@@ -2233,6 +2298,12 @@ int main(int argc, char *argv[])
if (corrupt_inactive_rw)
invalidate_inactive_rw(&td);
+ if (tpm_mode) {
+ int rv = process_tpm_mode(&td, tpm_mode_arg);
+
+ exit(rv);
+ }
+
if (data || show_fw_ver) {
setup_connection(&td);
diff --git a/include/tpm_registers.h b/include/tpm_registers.h
index ed03959185..dcdbe41566 100644
--- a/include/tpm_registers.h
+++ b/include/tpm_registers.h
@@ -115,6 +115,7 @@ enum tpm_modes {
TPM_MODE_ENABLED_TENTATIVE = 0,
TPM_MODE_ENABLED = 1,
TPM_MODE_DISABLED = 2,
+ TPM_MODE_MAX,
};
/*