1 /* Microsoft Reference Implementation for TPM 2.0
2 *
3 * The copyright in this software is being made available under the BSD License,
4 * included below. This software may be subject to other third party and
5 * contributor rights, including patent rights, and no such rights are granted
6 * under this license.
7 *
8 * Copyright (c) Microsoft Corporation
9 *
10 * All rights reserved.
11 *
12 * BSD License
13 *
14 * Redistribution and use in source and binary forms, with or without modification,
15 * are permitted provided that the following conditions are met:
16 *
17 * Redistributions of source code must retain the above copyright notice, this list
18 * of conditions and the following disclaimer.
19 *
20 * Redistributions in binary form must reproduce the above copyright notice, this
21 * list of conditions and the following disclaimer in the documentation and/or
22 * other materials provided with the distribution.
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS""
25 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
27 * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
28 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
29 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
30 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
31 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
32 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 */
35 #include "Tpm.h"
36 #include "HierarchyControl_fp.h"
37
38 #if CC_HierarchyControl // Conditional expansion of this file
39
40 /*(See part 3 specification)
41 // Enable or disable use of a hierarchy
42 */
43 // Return Type: TPM_RC
44 // TPM_RC_AUTH_TYPE 'authHandle' is not applicable to 'hierarchy' in its
45 // current state
46 TPM_RC
TPM2_HierarchyControl(HierarchyControl_In * in)47 TPM2_HierarchyControl(
48 HierarchyControl_In *in // IN: input parameter list
49 )
50 {
51 BOOL select = (in->state == YES);
52 BOOL *selected = NULL;
53
54 // Input Validation
55 switch(in->enable)
56 {
57 // Platform hierarchy has to be disabled by PlatformAuth
58 // If the platform hierarchy has already been disabled, only a reboot
59 // can enable it again
60 case TPM_RH_PLATFORM:
61 case TPM_RH_PLATFORM_NV:
62 if(in->authHandle != TPM_RH_PLATFORM)
63 return TPM_RC_AUTH_TYPE;
64 break;
65
66 // ShEnable may be disabled if PlatformAuth/PlatformPolicy or
67 // OwnerAuth/OwnerPolicy is provided. If ShEnable is disabled, then it
68 // may only be enabled if PlatformAuth/PlatformPolicy is provided.
69 case TPM_RH_OWNER:
70 if(in->authHandle != TPM_RH_PLATFORM
71 && in->authHandle != TPM_RH_OWNER)
72 return TPM_RC_AUTH_TYPE;
73 if(gc.shEnable == FALSE && in->state == YES
74 && in->authHandle != TPM_RH_PLATFORM)
75 return TPM_RC_AUTH_TYPE;
76 break;
77
78 // EhEnable may be disabled if either PlatformAuth/PlatformPolicy or
79 // EndosementAuth/EndorsementPolicy is provided. If EhEnable is disabled,
80 // then it may only be enabled if PlatformAuth/PlatformPolicy is
81 // provided.
82 case TPM_RH_ENDORSEMENT:
83 if(in->authHandle != TPM_RH_PLATFORM
84 && in->authHandle != TPM_RH_ENDORSEMENT)
85 return TPM_RC_AUTH_TYPE;
86 if(gc.ehEnable == FALSE && in->state == YES
87 && in->authHandle != TPM_RH_PLATFORM)
88 return TPM_RC_AUTH_TYPE;
89 break;
90 default:
91 FAIL(FATAL_ERROR_INTERNAL);
92 break;
93 }
94
95 // Internal Data Update
96
97 // Enable or disable the selected hierarchy
98 // Note: the authorization processing for this command may keep these
99 // command actions from being executed. For example, if phEnable is
100 // CLEAR, then platformAuth cannot be used for authorization. This
101 // means that would not be possible to use platformAuth to change the
102 // state of phEnable from CLEAR to SET.
103 // If it is decided that platformPolicy can still be used when phEnable
104 // is CLEAR, then this code could SET phEnable when proper platform
105 // policy is provided.
106 switch(in->enable)
107 {
108 case TPM_RH_OWNER:
109 selected = &gc.shEnable;
110 break;
111 case TPM_RH_ENDORSEMENT:
112 selected = &gc.ehEnable;
113 break;
114 case TPM_RH_PLATFORM:
115 selected = &g_phEnable;
116 break;
117 case TPM_RH_PLATFORM_NV:
118 selected = &gc.phEnableNV;
119 break;
120 default:
121 FAIL(FATAL_ERROR_INTERNAL);
122 break;
123 }
124 if(selected != NULL && *selected != select)
125 {
126 // Before changing the internal state, make sure that NV is available.
127 // Only need to update NV if changing the orderly state
128 RETURN_IF_ORDERLY;
129
130 // state is changing and NV is available so modify
131 *selected = select;
132 // If a hierarchy was just disabled, flush it
133 if(select == CLEAR && in->enable != TPM_RH_PLATFORM_NV)
134 // Flush hierarchy
135 ObjectFlushHierarchy(in->enable);
136
137 // orderly state should be cleared because of the update to state clear data
138 // This gets processed in ExecuteCommand() on the way out.
139 g_clearOrderly = TRUE;
140 }
141 return TPM_RC_SUCCESS;
142 }
143
144 #endif // CC_HierarchyControl