From 25db435d6f7c1fef3177e54f17a5a8ea42534bb2 Mon Sep 17 00:00:00 2001
From: Namyoon Woo <namyoon@chromium.org>
Date: Wed, 31 Oct 2018 17:35:09 -0700
Subject: cr50: revoke key ladder on disabling TPM

Disabling TPM will do revoke H1 key laddder.
Querying TPM_MODE or enabling TPM_MODE will fail if H1 Key
Ladder is already revoked.

BUG=b:118504817
BRANCH=cr50
TEST=Manually tested with TPM disabling and Resume or Warm Reboot.

(1) Resume
$ trunks_send --raw 80 01 00 00 00 0c 00 00 01 45 00 01
80010000000A00000000
$ gsctool -a -m disable
TPM Mode: disabled (2)
$ echo mem > /sys/power/state

(press key on chromebook either after three seconds or in a second.)

(2) Warm Reboot
$ gsctool -a -m disable

(press refresh + power button or run kernel command 'reboot')

Check Chrome os boot ok.
No TPM command failures were observed (in CR50 console).

(3) Windows Warm Reboot or Resume are checked.

Change-Id: I32fffc432a9a6068ea324a97225974c581cb9359
Signed-off-by: Namyoon Woo <namyoon@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1312197
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
(cherry picked from commit 2b9ee186544863f29a84477aa46a80a57d8f09e0)
Reviewed-on: https://chromium-review.googlesource.com/c/1465009
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Commit-Queue: Vadim Bendebury <vbendeb@chromium.org>
(cherry picked from commit daa8a3a52b2289e807738ed8be61870a3383a00c)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1548161
(cherry picked from commit 2fea626df59acaf9683e8f077a9daf9b338097e1)
---
 include/nvmem.h           |  5 +++++
 include/tpm_vendor_cmds.h | 10 +++++++++-
 2 files changed, 14 insertions(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/nvmem.h b/include/nvmem.h
index 1ca09fff38..c705bc4b1c 100644
--- a/include/nvmem.h
+++ b/include/nvmem.h
@@ -205,6 +205,11 @@ void nvmem_disable_commits(void);
  */
 int nvmem_enable_commits(void);
 
+/*
+ * Clear all NVMEM cache in SRAM.
+ */
+void nvmem_clear_cache(void);
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/include/tpm_vendor_cmds.h b/include/tpm_vendor_cmds.h
index a3b260cf05..39ef3b8b57 100644
--- a/include/tpm_vendor_cmds.h
+++ b/include/tpm_vendor_cmds.h
@@ -77,7 +77,15 @@ enum vendor_cmd_cc {
 	 * in 'enum tpm_modes', tpm_registers.h.
 	 * If the input size is zero, it won't change TPM_MODE.
 	 * If either the input size is zero or the input value is valid,
-	 * it will response with the current tpm_mode value in uint8_t format.
+	 * it will respond with the current tpm_mode value in uint8_t format.
+	 *
+	 *  Return code:
+	 *   VENDOR_RC_SUCCESS: completed successfully.
+	 *   VENDOR_RC_INTERNAL_ERROR: failed for an internal reason.
+	 *   VENDOR_RC_NOT_ALLOWED: failed in changing TPM_MODE,
+	 *                          since it is already set.
+	 *   VENDOR_RC_NO_SUCH_SUBCOMMAND: failed because the given input
+	 *                                 is undefined.
 	 */
 	VENDOR_CC_TPM_MODE = 40,
 	/*
-- 
cgit v1.2.1