rollback_index: Remove recovery_mode parameter to SetupTPM.
SetupTPM no longer uses recovery_mode parameter for anything other than
a debug print. This change moves the debug print to a caller function,
then removes recovery_mode from SetupTPM and some caller functions that
no longer have a use for it.
BUG=chrome-os-partner:20913.
TEST=Manual. Boot factory install shim in recovery mode and verify TPM
clear operations succeed. Boot in dev mode and verify "Lock physical
presence" print on UART.
BRANCH=None.
Signed-off-by: Shawn Nematbakhsh <shawnn@chromium.org>
Change-Id: I2f671f6680a6e67cf722855e659e99752bc0783c
Reviewed-on: https://gerrit.chromium.org/gerrit/62916
Reviewed-by: Randall Spangler <rspangler@chromium.org>
diff --git a/firmware/lib/include/rollback_index.h b/firmware/lib/include/rollback_index.h
index 386ad77..7c410ee 100644
--- a/firmware/lib/include/rollback_index.h
+++ b/firmware/lib/include/rollback_index.h
@@ -83,7 +83,7 @@
/**
* This must be called.
*/
-uint32_t RollbackFirmwareSetup(int recovery_mode, int is_hw_dev,
+uint32_t RollbackFirmwareSetup(int is_hw_dev,
int disable_dev_request,
int clear_tpm_owner_request,
/* two outputs on success */
@@ -161,9 +161,8 @@
* Start the TPM and establish the root of trust for the anti-rollback
* mechanism.
*/
-uint32_t SetupTPM(int recovery_mode, int developer_mode,
- int disable_dev_request, int clear_tpm_owner_request,
- RollbackSpaceFirmware *rsf);
+uint32_t SetupTPM(int developer_mode, int disable_dev_request,
+ int clear_tpm_owner_request, RollbackSpaceFirmware *rsf);
/**
* Utility function to turn the virtual dev-mode flag on or off. 0=off, 1=on.
diff --git a/firmware/lib/mocked_rollback_index.c b/firmware/lib/mocked_rollback_index.c
index 6f026a3..f83e037 100644
--- a/firmware/lib/mocked_rollback_index.c
+++ b/firmware/lib/mocked_rollback_index.c
@@ -23,9 +23,8 @@
}
-uint32_t SetupTPM(int recovery_mode, int developer_mode,
- int disable_dev_request, int clear_tpm_owner_request,
- RollbackSpaceFirmware* rsf) {
+uint32_t SetupTPM(int developer_mode, int disable_dev_request,
+ int clear_tpm_owner_request, RollbackSpaceFirmware* rsf) {
return TPM_SUCCESS;
}
@@ -35,7 +34,7 @@
}
-uint32_t RollbackFirmwareSetup(int recovery_mode, int is_hw_dev,
+uint32_t RollbackFirmwareSetup(int is_hw_dev,
int disable_dev_request,
int clear_tpm_owner_request,
int *is_virt_dev, uint32_t *version) {
diff --git a/firmware/lib/rollback_index.c b/firmware/lib/rollback_index.c
index 619ba01..e372d9b 100644
--- a/firmware/lib/rollback_index.c
+++ b/firmware/lib/rollback_index.c
@@ -341,9 +341,8 @@
* to the TPM flashram at every reboot or wake-up, because of concerns about
* the durability of the NVRAM.
*/
-uint32_t SetupTPM(int recovery_mode, int developer_mode,
- int disable_dev_request, int clear_tpm_owner_request,
- RollbackSpaceFirmware* rsf)
+uint32_t SetupTPM(int developer_mode, int disable_dev_request,
+ int clear_tpm_owner_request, RollbackSpaceFirmware* rsf)
{
uint8_t in_flags;
uint8_t disable;
@@ -351,8 +350,6 @@
uint32_t result;
uint32_t versions;
- VBDEBUG(("TPM: SetupTPM(r%d, d%d)\n", recovery_mode, developer_mode));
-
RETURN_ON_FAILURE(TlclLibInit());
#ifdef TEGRA_SOFT_REBOOT_WORKAROUND
@@ -494,7 +491,7 @@
return TPM_SUCCESS;
}
-uint32_t RollbackFirmwareSetup(int recovery_mode, int is_hw_dev,
+uint32_t RollbackFirmwareSetup(int is_hw_dev,
int disable_dev_request,
int clear_tpm_owner_request,
int *is_virt_dev, uint32_t *version)
@@ -556,7 +553,7 @@
return result;
}
-uint32_t RollbackFirmwareSetup(int recovery_mode, int is_hw_dev,
+uint32_t RollbackFirmwareSetup(int is_hw_dev,
int disable_dev_request,
int clear_tpm_owner_request,
int *is_virt_dev, uint32_t *version)
@@ -566,8 +563,7 @@
/* Set version to 0 in case we fail */
*version = 0;
- RETURN_ON_FAILURE(SetupTPM(recovery_mode, is_hw_dev,
- disable_dev_request,
+ RETURN_ON_FAILURE(SetupTPM(is_hw_dev, disable_dev_request,
clear_tpm_owner_request, &rsf));
Memcpy(version, &rsf.fw_versions, sizeof(*version));
*is_virt_dev = (rsf.flags & FLAG_VIRTUAL_DEV_MODE_ON) ? 1 : 0;
diff --git a/firmware/lib/vboot_api_init.c b/firmware/lib/vboot_api_init.c
index 2050297..5174aa1 100644
--- a/firmware/lib/vboot_api_init.c
+++ b/firmware/lib/vboot_api_init.c
@@ -175,7 +175,9 @@
* TPM space is initialized by this call, the virtual
* dev-switch will be disabled by default)
*/
- tpm_status = RollbackFirmwareSetup(recovery, is_hw_dev,
+ VBDEBUG(("TPM: Call RollbackFirmwareSetup(r%d, d%d)\n",
+ recovery, is_hw_dev));
+ tpm_status = RollbackFirmwareSetup(is_hw_dev,
disable_dev_request,
clear_tpm_owner_request,
/* two outputs on success */
diff --git a/firmware/linktest/main.c b/firmware/linktest/main.c
index abbc165..bdf1483 100644
--- a/firmware/linktest/main.c
+++ b/firmware/linktest/main.c
@@ -31,7 +31,7 @@
/* rollback_index.h */
RollbackS3Resume();
- RollbackFirmwareSetup(0, 0, 0, 0, 0, 0);
+ RollbackFirmwareSetup(0, 0, 0, 0, 0);
RollbackFirmwareWrite(0);
RollbackFirmwareLock();
RollbackKernelRead(0);
diff --git a/tests/rollback_index2_tests.c b/tests/rollback_index2_tests.c
index 384895f..6d28a9c 100644
--- a/tests/rollback_index2_tests.c
+++ b/tests/rollback_index2_tests.c
@@ -598,7 +598,7 @@
/* Complete setup */
ResetMocks(0, 0);
- TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), 0, "SetupTPM()");
+ TEST_EQ(SetupTPM(0, 0, 0, &rsf), 0, "SetupTPM()");
TEST_STR_EQ(mock_calls,
"TlclLibInit()\n"
"TlclStartup()\n"
@@ -610,7 +610,7 @@
/* If TPM is disabled or deactivated, must enable it */
ResetMocks(0, 0);
mock_pflags.disable = 1;
- TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), TPM_E_MUST_REBOOT,
+ TEST_EQ(SetupTPM(0, 0, 0, &rsf), TPM_E_MUST_REBOOT,
"SetupTPM() disabled");
TEST_STR_EQ(mock_calls,
"TlclLibInit()\n"
@@ -623,7 +623,7 @@
ResetMocks(0, 0);
mock_pflags.deactivated = 1;
- TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), TPM_E_MUST_REBOOT,
+ TEST_EQ(SetupTPM(0, 0, 0, &rsf), TPM_E_MUST_REBOOT,
"SetupTPM() deactivated");
TEST_STR_EQ(mock_calls,
"TlclLibInit()\n"
@@ -636,7 +636,7 @@
/* If physical presence command isn't enabled, try to enable it */
ResetMocks(3, TPM_E_IOERROR);
- TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), 0, "SetupTPM() pp cmd");
+ TEST_EQ(SetupTPM(0, 0, 0, &rsf), 0, "SetupTPM() pp cmd");
TEST_STR_EQ(mock_calls,
"TlclLibInit()\n"
"TlclStartup()\n"
@@ -651,7 +651,7 @@
ResetMocks(5, TPM_E_BADINDEX);
mock_pflags.physicalPresenceLifetimeLock = 1;
mock_pflags.nvLocked = 1;
- TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), 0, "SetupTPM() no firmware space");
+ TEST_EQ(SetupTPM(0, 0, 0, &rsf), 0, "SetupTPM() no firmware space");
TEST_STR_EQ(mock_calls,
"TlclLibInit()\n"
"TlclStartup()\n"
@@ -674,7 +674,7 @@
/* Other firmware space error is passed through */
ResetMocks(5, TPM_E_IOERROR);
- TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), TPM_E_CORRUPTED_STATE,
+ TEST_EQ(SetupTPM(0, 0, 0, &rsf), TPM_E_CORRUPTED_STATE,
"SetupTPM() bad firmware space");
TEST_STR_EQ(mock_calls,
"TlclLibInit()\n"
@@ -686,7 +686,7 @@
/* If developer flag has toggled, clear ownership and write new flag */
ResetMocks(0, 0);
- TEST_EQ(SetupTPM(0, 1, 0, 0, &rsf), 0, "SetupTPM() to dev");
+ TEST_EQ(SetupTPM(1, 0, 0, &rsf), 0, "SetupTPM() to dev");
TEST_STR_EQ(mock_calls,
"TlclLibInit()\n"
"TlclStartup()\n"
@@ -704,7 +704,7 @@
ResetMocks(0, 0);
mock_rsf.flags = FLAG_LAST_BOOT_DEVELOPER;
- TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), 0, "SetupTPM() from dev");
+ TEST_EQ(SetupTPM(0, 0, 0, &rsf), 0, "SetupTPM() from dev");
TEST_STR_EQ(mock_calls,
"TlclLibInit()\n"
"TlclStartup()\n"
@@ -721,7 +721,7 @@
/* If TPM clear request, clear ownership also */
ResetMocks(0, 0);
- TEST_EQ(SetupTPM(0, 0, 0, 1, &rsf), 0, "SetupTPM() clear owner");
+ TEST_EQ(SetupTPM(0, 0, 1, &rsf), 0, "SetupTPM() clear owner");
TEST_STR_EQ(mock_calls,
"TlclLibInit()\n"
"TlclStartup()\n"
@@ -736,13 +736,13 @@
/* Handle request to clear virtual dev switch */
ResetMocks(0, 0);
mock_rsf.flags = FLAG_VIRTUAL_DEV_MODE_ON | FLAG_LAST_BOOT_DEVELOPER;
- TEST_EQ(SetupTPM(0, 0, 1, 0, &rsf), 0, "SetupTPM() clear virtual dev");
+ TEST_EQ(SetupTPM(0, 1, 0, &rsf), 0, "SetupTPM() clear virtual dev");
TEST_EQ(mock_rsf.flags, 0, "Clear virtual dev");
/* If virtual dev switch is on, that should set last boot developer */
ResetMocks(0, 0);
mock_rsf.flags = FLAG_VIRTUAL_DEV_MODE_ON;
- SetupTPM(0, 0, 0, 0, &rsf);
+ SetupTPM(0, 0, 0, &rsf);
TEST_EQ(mock_rsf.flags,
FLAG_VIRTUAL_DEV_MODE_ON | FLAG_LAST_BOOT_DEVELOPER,
"virtual dev sets last boot");
@@ -767,7 +767,7 @@
dev_mode = 0;
version = 123;
mock_rsf.fw_versions = 0x12345678;
- TEST_EQ(RollbackFirmwareSetup(0, 0, dev_mode, 0, &dev_mode, &version),
+ TEST_EQ(RollbackFirmwareSetup(0, dev_mode, 0, &dev_mode, &version),
0, "RollbackFirmwareSetup()");
TEST_STR_EQ(mock_calls,
"TlclLibInit()\n"
@@ -783,7 +783,7 @@
dev_mode = 0;
version = 123;
mock_rsf.fw_versions = 0x12345678;
- TEST_EQ(RollbackFirmwareSetup(0, 0, dev_mode, 0, &dev_mode, &version),
+ TEST_EQ(RollbackFirmwareSetup(0, dev_mode, 0, &dev_mode, &version),
TPM_E_IOERROR,
"RollbackFirmwareSetup() error");
TEST_STR_EQ(mock_calls,
@@ -794,7 +794,7 @@
/* Developer mode flag gets passed properly */
ResetMocks(0, 0);
dev_mode = 1;
- TEST_EQ(RollbackFirmwareSetup(0, dev_mode, 0, 0, &dev_mode, &version),
+ TEST_EQ(RollbackFirmwareSetup(dev_mode, 0, 0, &dev_mode, &version),
0, "RollbackFirmwareSetup() to dev");
TEST_STR_EQ(mock_calls,
"TlclLibInit()\n"
@@ -814,7 +814,7 @@
/* So does clear-TPM request */
ResetMocks(0, 0);
dev_mode = 0;
- TEST_EQ(RollbackFirmwareSetup(0, dev_mode, 0, 1, &dev_mode, &version),
+ TEST_EQ(RollbackFirmwareSetup(dev_mode, 0, 1, &dev_mode, &version),
0, "RollbackFirmwareSetup() clear owner");
TEST_STR_EQ(mock_calls,
"TlclLibInit()\n"
@@ -886,7 +886,7 @@
* rollback_index.c based on recovery mode, which is set by SetupTPM().
* Clear the flag for the first set of tests.
*/
- TEST_EQ(SetupTPM(0, 0, 0, 0, &rsf), 0, "SetupTPM()");
+ TEST_EQ(SetupTPM(0, 0, 0, &rsf), 0, "SetupTPM()");
/* Normal read */
ResetMocks(0, 0);
@@ -948,7 +948,7 @@
"RollbackKernelLock() error");
/* Test lock with recovery on; shouldn't lock PP */
- SetupTPM(1, 0, 0, 0, &rsf);
+ SetupTPM(0, 0, 0, &rsf);
ResetMocks(0, 0);
TEST_EQ(RollbackKernelLock(1), 0, "RollbackKernelLock() in recovery");
TEST_STR_EQ(mock_calls, "", "no tlcl calls");
diff --git a/tests/rollback_index3_tests.c b/tests/rollback_index3_tests.c
index 2fc1f05..e89ad0c 100644
--- a/tests/rollback_index3_tests.c
+++ b/tests/rollback_index3_tests.c
@@ -24,7 +24,7 @@
is_virt_dev = 1;
version = 1;
- TEST_EQ(RollbackFirmwareSetup(0, 0, 0, 0, &is_virt_dev, &version),
+ TEST_EQ(RollbackFirmwareSetup(0, 0, 0, &is_virt_dev, &version),
0, "RollbackFirmwareSetup()");
TEST_EQ(is_virt_dev, 0, "rfs is_virt_dev");
TEST_EQ(version, 0, "rfs version");
diff --git a/tests/vboot_api_init_tests.c b/tests/vboot_api_init_tests.c
index e04554a..6451bd8 100644
--- a/tests/vboot_api_init_tests.c
+++ b/tests/vboot_api_init_tests.c
@@ -100,7 +100,7 @@
return rollback_s3_retval;
}
-uint32_t RollbackFirmwareSetup(int recovery_mode, int is_hw_dev,
+uint32_t RollbackFirmwareSetup(int is_hw_dev,
int disable_dev_request,
int clear_tpm_owner_request,
/* two outputs on success */
