1 /* Microsoft Reference Implementation for TPM 2.0 2 * 3 * The copyright in this software is being made available under the BSD License, 4 * included below. This software may be subject to other third party and 5 * contributor rights, including patent rights, and no such rights are granted 6 * under this license. 7 * 8 * Copyright (c) Microsoft Corporation 9 * 10 * All rights reserved. 11 * 12 * BSD License 13 * 14 * Redistribution and use in source and binary forms, with or without modification, 15 * are permitted provided that the following conditions are met: 16 * 17 * Redistributions of source code must retain the above copyright notice, this list 18 * of conditions and the following disclaimer. 19 * 20 * Redistributions in binary form must reproduce the above copyright notice, this 21 * list of conditions and the following disclaimer in the documentation and/or other 22 * materials provided with the distribution. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS"" 25 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 27 * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR 28 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 29 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 30 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 31 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 32 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36 /*(Auto) 37 Automatically Generated by TpmPrototypes version 2.2 February 10, 2016 38 Date: Mar 23, 2017 Time: 03:31:52 PM 39 */ 40 41 #ifndef _PLATFORM_FP_H_ 42 #define _PLATFORM_FP_H_ 43 44 //** From Cancel.c 45 46 47 48 //***_plat__IsCanceled() 49 // Check if the cancel flag is set 50 // return type: BOOL 51 // TRUE(1) if cancel flag is set 52 // FALSE(0) if cancel flag is not set 53 LIB_EXPORT int 54 _plat__IsCanceled( 55 void 56 ); 57 58 // Set cancel flag. 59 LIB_EXPORT void 60 _plat__SetCancel( 61 void 62 ); 63 64 //***_plat__ClearCancel() 65 // Clear cancel flag 66 LIB_EXPORT void 67 _plat__ClearCancel( 68 void 69 ); 70 71 72 //** From Clock.c 73 74 75 76 //***_plat__TimerReset() 77 // This function sets current system clock time as t0 for counting TPM time. 78 // This function is called at a power on event to reset the clock. When the clock 79 // is reset, the indication that the clock was stopped is also set. 80 LIB_EXPORT void 81 _plat__TimerReset( 82 void 83 ); 84 85 //*** _plat__TimerRestart() 86 // This function should be called in order to simulate the restart of the timer 87 // should it be stopped while power is still applied. 88 LIB_EXPORT void 89 _plat__TimerRestart( 90 void 91 ); 92 93 //***_plat__TimerRead() 94 // This function provides access to the tick timer of the platform. The TPM code 95 // uses this value to drive the TPM Clock. 96 // 97 // The tick timer is supposed to run when power is applied to the device. This timer 98 // should not be reset by time events including _TPM_Init. It should only be reset 99 // when TPM power is re-applied. 100 // 101 // If the TPM is run in a protected environment, that environment may provide the 102 // tick time to the TPM as long as the time provided by the environment is not 103 // allowed to go backwards. If the time provided by the system can go backwards 104 // during a power discontinuity, then the _plat__Signal_PowerOn should call 105 // _plat__TimerReset(). 106 // 107 // The code in this function should be replaced by a read of a hardware tick timer. 108 LIB_EXPORT uint64_t 109 _plat__TimerRead( 110 void 111 ); 112 113 //*** _plat__TimerWasReset() 114 // This function is used to interrogate the flag indicating if the tick timer has 115 // been reset. 116 // 117 // If the resetFlag parameter is SET, then the flag will be CLEAR before the 118 // function returns. 119 LIB_EXPORT BOOL 120 _plat__TimerWasReset( 121 void 122 ); 123 124 //*** _plat__TimerWasStopped() 125 // This function is used to interrogate the flag indicating if the tick timer has 126 // been stopped. If so, this is typically a reason to roll the nonce. 127 // 128 // This function will CLEAR the s_timerStopped flag before returning. This provides 129 // functionality that is similar to status register that is cleared when read. This 130 // is the model used here because it is the one that has the most impact on the TPM 131 // code as the flag can only be accessed by one entity in the TPM. Any other 132 // implementation of the hardware can be made to look like a read-once register. 133 LIB_EXPORT BOOL 134 _plat__TimerWasStopped( 135 void 136 ); 137 138 //***_plat__ClockAdjustRate() 139 // Adjust the clock rate 140 LIB_EXPORT void 141 _plat__ClockAdjustRate( 142 int adjust // IN: the adjust number. It could be positive 143 // or negative 144 ); 145 146 147 //** From Entropy.c 148 149 150 // return type: int32_t 151 // < 0 hardware failure of the entropy generator, this is sticky 152 // >= 0 the returned amount of entropy (bytes) 153 // 154 LIB_EXPORT int32_t 155 _plat__GetEntropy( 156 unsigned char *entropy, // output buffer 157 uint32_t amount // amount requested 158 ); 159 160 161 //** From LocalityPlat.c 162 163 164 165 //***_plat__LocalityGet() 166 // Get the most recent command locality in locality value form. 167 // This is an integer value for locality and not a locality structure 168 // The locality can be 0-4 or 32-255. 5-31 is not allowed. 169 LIB_EXPORT unsigned char 170 _plat__LocalityGet( 171 void 172 ); 173 174 //***_plat__LocalitySet() 175 // Set the most recent command locality in locality value form 176 LIB_EXPORT void 177 _plat__LocalitySet( 178 unsigned char locality 179 ); 180 181 182 //** From NVMem.c 183 184 185 186 //*** _plat__NvErrors() 187 // This function is used by the simulator to set the error flags in the NV 188 // subsystem to simulate an error in the NV loading process 189 LIB_EXPORT void 190 _plat__NvErrors( 191 int recoverable, 192 int unrecoverable 193 ); 194 195 //***_plat__NVEnable() 196 // Enable NV memory. 197 // 198 // This version just pulls in data from a file. In a real TPM, with NV on chip, 199 // this function would verify the integrity of the saved context. If the NV 200 // memory was not on chip but was in something like RPMB, the NV state would be 201 // read in, decrypted and integrity checked. 202 // 203 // The recovery from an integrity failure depends on where the error occurred. It 204 // it was in the state that is discarded by TPM Reset, then the error is 205 // recoverable if the TPM is reset. Otherwise, the TPM must go into failure mode. 206 // return type: int 207 // 0 if success 208 // > 0 if receive recoverable error 209 // <0 if unrecoverable error 210 LIB_EXPORT int 211 _plat__NVEnable( 212 void *platParameter // IN: platform specific parameters 213 ); 214 215 //***_plat__NVDisable() 216 // Disable NV memory 217 LIB_EXPORT void 218 _plat__NVDisable( 219 void 220 ); 221 222 //***_plat__IsNvAvailable() 223 // Check if NV is available 224 // return type: int 225 // 0 NV is available 226 // 1 NV is not available due to write failure 227 // 2 NV is not available due to rate limit 228 LIB_EXPORT int 229 _plat__IsNvAvailable( 230 void 231 ); 232 233 //***_plat__NvMemoryRead() 234 // Function: Read a chunk of NV memory 235 LIB_EXPORT void 236 _plat__NvMemoryRead( 237 unsigned int startOffset, // IN: read start 238 unsigned int size, // IN: size of bytes to read 239 void *data // OUT: data buffer 240 ); 241 242 //*** _plat__NvIsDifferent() 243 // This function checks to see if the NV is different from the test value. This is 244 // so that NV will not be written if it has not changed. 245 // return value: int 246 // TRUE(1) the NV location is different from the test value 247 // FALSE(0) the NV location is the same as the test value 248 LIB_EXPORT int 249 _plat__NvIsDifferent( 250 unsigned int startOffset, // IN: read start 251 unsigned int size, // IN: size of bytes to read 252 void *data // IN: data buffer 253 ); 254 255 //***_plat__NvMemoryWrite() 256 // This function is used to update NV memory. The "write" is to a memory copy of 257 // NV. At the end of the current command, any changes are written to 258 // the actual NV memory. 259 // NOTE: A useful optimization would be for this code to compare the current 260 // contents of NV with the local copy and note the blocks that have changed. Then 261 // only write those blocks when _plat__NvCommit() is called. 262 LIB_EXPORT void 263 _plat__NvMemoryWrite( 264 unsigned int startOffset, // IN: write start 265 unsigned int size, // IN: size of bytes to write 266 void *data // OUT: data buffer 267 ); 268 269 //***_plat__NvMemoryClear() 270 // Function is used to set a range of NV memory bytes to an implementation-dependent 271 // value. The value represents the erase state of the memory. 272 LIB_EXPORT void 273 _plat__NvMemoryClear( 274 unsigned int start, // IN: clear start 275 unsigned int size // IN: number of bytes to clear 276 ); 277 278 //***_plat__NvMemoryMove() 279 // Function: Move a chunk of NV memory from source to destination 280 // This function should ensure that if there overlap, the original data is 281 // copied before it is written 282 LIB_EXPORT void 283 _plat__NvMemoryMove( 284 unsigned int sourceOffset, // IN: source offset 285 unsigned int destOffset, // IN: destination offset 286 unsigned int size // IN: size of data being moved 287 ); 288 289 //***_plat__NvCommit() 290 // Update NV chip 291 // return type: int 292 // 0 NV write success 293 // non-0 NV write fail 294 LIB_EXPORT int 295 _plat__NvCommit( 296 void 297 ); 298 299 //***_plat__SetNvAvail() 300 // Set the current NV state to available. This function is for testing purpose 301 // only. It is not part of the platform NV logic 302 LIB_EXPORT void 303 _plat__SetNvAvail( 304 void 305 ); 306 307 //***_plat__ClearNvAvail() 308 // Set the current NV state to unavailable. This function is for testing purpose 309 // only. It is not part of the platform NV logic 310 LIB_EXPORT void 311 _plat__ClearNvAvail( 312 void 313 ); 314 315 316 //** From PlatformData.c 317 318 319 320 321 //** From PowerPlat.c 322 323 324 325 //***_plat__Signal_PowerOn() 326 // Signal platform power on 327 LIB_EXPORT int 328 _plat__Signal_PowerOn( 329 void 330 ); 331 332 //*** _plat__WasPowerLost() 333 // Test whether power was lost before a _TPM_Init. 334 // 335 // This function will clear the "hardware" indication of power loss before return. 336 // This means that there can only be one spot in the TPM code where this value 337 // gets read. This method is used here as it is the most difficult to manage in the 338 // TPM code and, if the hardware actually works this way, it is hard to make it 339 // look like anything else. So, the burden is placed on the TPM code rather than the 340 // platform code 341 // return type: int 342 // TRUE(1) power was lost 343 // FALSE(0) power was not lost 344 LIB_EXPORT int 345 _plat__WasPowerLost( 346 void 347 ); 348 349 //*** _plat_Signal_Reset() 350 // This a TPM reset without a power loss. 351 LIB_EXPORT int 352 _plat__Signal_Reset( 353 void 354 ); 355 356 //***_plat__Signal_PowerOff() 357 // Signal platform power off 358 LIB_EXPORT void 359 _plat__Signal_PowerOff( 360 void 361 ); 362 363 364 //** From PPPlat.c 365 366 367 368 //***_plat__PhysicalPresenceAsserted() 369 // Check if physical presence is signaled 370 // return type: int 371 // TRUE(1) if physical presence is signaled 372 // FALSE(0) if physical presence is not signaled 373 LIB_EXPORT int 374 _plat__PhysicalPresenceAsserted( 375 void 376 ); 377 378 //***_plat__Signal_PhysicalPresenceOn() 379 // Signal physical presence on 380 LIB_EXPORT void 381 _plat__Signal_PhysicalPresenceOn( 382 void 383 ); 384 385 //***_plat__Signal_PhysicalPresenceOff() 386 // Signal physical presence off 387 LIB_EXPORT void 388 _plat__Signal_PhysicalPresenceOff( 389 void 390 ); 391 392 393 //** From RunCommand.c 394 395 396 397 //***_plat__RunCommand() 398 // This version of RunCommand will set up a jum_buf and call ExecuteCommand(). If 399 // the command executes without failing, it will return and RunCommand will return. 400 // If there is a failure in the command, then _plat__Fail() is called and it will 401 // longjump back to RunCommand which will call ExecuteCommand again. However, this 402 // time, the TPM will be in failure mode so ExecuteCommand will simply build 403 // a failure response and return. 404 LIB_EXPORT void 405 _plat__RunCommand( 406 unsigned int requestSize, // IN: command buffer size 407 unsigned char *request, // IN: command buffer 408 unsigned int *responseSize, // IN/OUT: response buffer size 409 unsigned char **response // IN/OUT: response buffer 410 ); 411 412 //***_plat__Fail() 413 // This is the platform depended failure exit for the TPM. 414 LIB_EXPORT NORETURN void 415 _plat__FailDetailed( 416 char * file, 417 int line, 418 const char * func 419 ); 420 #define _plat__Fail() _plat__FailDetailed(__FILE__, __LINE__, __FUNCTION__) 421 422 423 //** From Unique.c 424 425 426 427 //** _plat__GetUnique() 428 // This function is used to access the platform-specific unique value. 429 // This function places the unique value in the provided buffer ('b') 430 // and returns the number of bytes transferred. The function will not 431 // copy more data than 'bSize'. 432 // NOTE: If a platform unique value has unequal distribution of uniqueness 433 // and 'bSize' is smaller than the size of the unique value, the 'bSize' 434 // portion with the most uniqueness should be returned. 435 LIB_EXPORT uint32_t 436 _plat__GetUnique( 437 uint32_t which, // authorities (0) or details 438 uint32_t bSize, // size of the buffer 439 unsigned char *b // output buffer 440 ); 441 442 443 #endif // _PLATFORM_FP_H_ 444