Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 23 additions & 12 deletions TAs/optee_ta/fTPM/fTPM.c
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,7 @@ TEE_Result TA_CreateEntryPoint(void)
if (fTPMInitialized) {
// We may have had TA_DestroyEntryPoint called but we didn't
// actually get torn down. Re-NVEnable, just in case.
if (_plat__NVEnable(NULL) == 0) {
if (_plat__NVEnable(NULL) != 0) {
TEE_Panic(TEE_ERROR_BAD_STATE);
}
return TEE_SUCCESS;
Expand All @@ -134,7 +134,7 @@ TEE_Result TA_CreateEntryPoint(void)
_admin__NvInitState();

// If we fail to open fTPM storage we cannot continue.
if (_plat__NVEnable(NULL) == 0) {
if (_plat__NVEnable(NULL) != 0) {
TEE_Panic(TEE_ERROR_BAD_STATE);
}

Expand All @@ -158,17 +158,12 @@ TEE_Result TA_CreateEntryPoint(void)
respBuf = startupState;
respLen = STARTUP_SIZE;

ExecuteCommand(STARTUP_SIZE, startupState, &respLen, &respBuf);
_plat__RunCommand(STARTUP_SIZE, startupState, &respLen, &respBuf);
if (fTPMResponseCode(respLen, respBuf) == TPM_RC_SUCCESS) {
goto Exit;
}

#ifdef fTPMDebug
DMSG("Fall through to startup clear\n");
#endif

//DMSG("Start self test");
//CryptSelfTest(1);

goto Clear;
}
Expand All @@ -179,7 +174,7 @@ TEE_Result TA_CreateEntryPoint(void)
respLen = STARTUP_SIZE;

// Fall back to a Startup Clear
ExecuteCommand(STARTUP_SIZE, startupClear, &respLen, &respBuf);
_plat__RunCommand(STARTUP_SIZE, startupClear, &respLen, &respBuf);

Exit:
// Init is complete, indicate so in fTPM admin state.
Expand All @@ -189,7 +184,18 @@ TEE_Result TA_CreateEntryPoint(void)
// Initialization complete
fTPMInitialized = true;

return TEE_SUCCESS;
#ifdef fTPMDebug
DMSG("Start forced self test");
CryptSelfTest(1);
#endif

if (g_inFailureMode) {
EMSG("Startup failed");
return TEE_ERROR_BAD_STATE;
} else {
EMSG("Startup succeeded");
return TEE_SUCCESS;
}
}


Expand Down Expand Up @@ -303,7 +309,7 @@ static TEE_Result fTPM_Submit_Command(uint32_t param_types,
// Check if this is a PPI Command
if (!_admin__PPICommand(cmdLen, cmdBuf, &respLen, &respBuf)) {
// If not, pass through to TPM
ExecuteCommand(cmdLen, cmdBuf, &respLen, &respBuf);
_plat__RunCommand(cmdLen, cmdBuf, &respLen, &respBuf);
}
// Unfortunately, this cannot be done until after we have our response in
// hand. We will, however, make an effort to return at least a portion of
Expand All @@ -319,7 +325,12 @@ static TEE_Result fTPM_Submit_Command(uint32_t param_types,
DMSG("Success, RS: 0x%x\n", respLen);
#endif

return TEE_SUCCESS;
if (g_inFailureMode) {
EMSG("fTPM in failure mode!");
return TEE_ERROR_BAD_STATE;
} else {
return TEE_SUCCESS;
}
}

//
Expand Down
2 changes: 2 additions & 0 deletions TAs/optee_ta/fTPM/include/fTPM.h
Original file line number Diff line number Diff line change
Expand Up @@ -105,4 +105,6 @@ typedef union {
} TPM_CHIP_STATE;

extern TPM_CHIP_STATE g_chipFlags;
extern bool g_inFailureMode;

#endif /* FTPM_TA_H */
34 changes: 11 additions & 23 deletions TAs/optee_ta/fTPM/platform/NVMem.c
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,9 @@ for (int i = 0; i < NV_BLOCK_COUNT; i++) \
//
// NV state
//
// Contents of NV need to be cleared/initialized
static BOOL s_NVChipFileNeedsManufacture = FALSE;
// NV objects have been successfully opened
static BOOL s_NVInitialized = FALSE;

//
Expand All @@ -114,7 +116,6 @@ _plat__NvInitFromStorage()
{
DMSG("_plat__NvInitFromStorage()");
UINT32 i;
BOOL initialized;
UINT32 objID;
UINT32 bytesRead;
TEE_Result Result;
Expand All @@ -126,14 +127,10 @@ _plat__NvInitFromStorage()

//
// If the NV file is successfully read from the storage then
// initialized must be set. We are setting initialized to true
// here but if an error is encountered reading the NV file it will
// be reset.
// s_NVInitialized must be set. We will set s_NVInitialized to true
// once reading the NV file has been completed without error.
//

initialized = TRUE;


// Collect storage objects and init NV.
for (i = 0; i < NV_BLOCK_COUNT; i++) {

Expand Down Expand Up @@ -182,9 +179,6 @@ _plat__NvInitFromStorage()
// To ensure NV is consistent, force a write back of all NV blocks
NV_DIRTY_ALL(s_blockMap);

// Need to re-initialize
initialized = FALSE;

IMSG("Created fTPM storage object, i: 0x%x, s: 0x%x, id: 0x%x, h:0x%x\n",
i, NV_BLOCK_SIZE, objID, s_NVStore[i]);
}
Expand Down Expand Up @@ -233,18 +227,15 @@ _plat__NvInitFromStorage()

// Force (re)manufacture.
s_NVChipFileNeedsManufacture = TRUE;

// Need to re-initialize
initialized = FALSE;

return;
}

s_NVInitialized = initialized;
// The NV storage has been loaded, however may still require manufacturing
s_NVInitialized = TRUE;

return;

Error:
EMSG("Aborting NvInit due to error");
s_NVInitialized = FALSE;
for (i = 0; i < NV_BLOCK_COUNT; i++) {
if (IS_VALID(s_NVStore[i])) {
Expand Down Expand Up @@ -388,7 +379,7 @@ _plat__NVEnable(
_plat__NvInitFromStorage();

// Were we successful?
if (!s_NVInitialized) {
if (s_NVChipFileNeedsManufacture == TRUE || s_NVInitialized == FALSE) {
// Arriving here means one of two things: Either there existed no
// NV state before we came along and we just (re)initialized our
// storage. Or there is an error condition preventing us from
Expand All @@ -401,10 +392,10 @@ _plat__NVEnable(
// should we decide not to just TEE_Panic, we can continue
// execution after (re)manufacture. Later an attempt at re-init
// can be made by calling _plat__NvInitFromStorage again.
retVal = 0;
retVal = 1;
}
else {
retVal = 1;
retVal = 0;
}

// Going to manufacture, zero flags
Expand All @@ -413,9 +404,6 @@ _plat__NVEnable(
// Save flags
_admin__SaveChipFlags();

// Now we're done
s_NVInitialized = TRUE;

return retVal;
}
else {
Expand All @@ -429,7 +417,7 @@ _plat__NVEnable(
_admin__RestoreChipFlags();

// Success
retVal = 1;
retVal = 0;
}

return retVal;
Expand Down
1 change: 1 addition & 0 deletions TAs/optee_ta/fTPM/platform/RunCommand.c
Original file line number Diff line number Diff line change
Expand Up @@ -94,5 +94,6 @@ _plat__Fail(
#if FAIL_TRACE
EMSG("%s:%d", s_failFunction, s_failLine);
#endif
longjmp(&(s_jumpBuffer[0]), 1);
TEE_Panic(TEE_ERROR_BAD_STATE);
}