Google Git
Sign in
chromium / chromiumos / third_party / tpm2 / f8f4c9b5ae3dc82f0ee2aadfbb3aaaedcf3e0bf9 / . / CommandCodeAttributes.c
blob: 084c0a7c663e23e0cde77d3574c921846716f868 [file] [log] [blame]
// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 4: Supporting Routines
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014
#include "Tpm.h"
#include "InternalRoutines.h"
typedef UINT16 ATTRIBUTE_TYPE;
//
// The following file is produced from the command tables in part 3 of the specification. It defines the
// attributes for each of the commands.
//
// NOTE: This file is currently produced by an automated process. Files produced from Part 2 or Part 3 tables through
// automated processes are not included in the specification so that their is no ambiguity about the table
// containing the information being the normative definition.
//
#include "CommandAttributeData.c"
//
// SafeGetAttributesForCC()
//
// Helper function returning a command attribute value for the given command
// code or extended command code.
//
// Return Value Meaning
//
// COMMAND_ATTRIBUTES command attribute for the given command
//
static COMMAND_ATTRIBUTES SafeGetAttributesForCC(TPM_CC commandCode) {
const COMMAND_ATTRIBUTES kUnimplementedAttr = 0;
if (commandCode & TPM_CCE_BIT_MASK) {
if (commandCode >= TPM_CCE_FIRST && commandCode <= TPM_CCE_LAST)
return s_commandAttributesExt[commandCode - TPM_CCE_FIRST];
} else {
if (commandCode >= TPM_CC_FIRST && commandCode <= TPM_CC_LAST)
return s_commandAttributes[commandCode - TPM_CC_FIRST];
}
return kUnimplementedAttr;
}
//
//
//
// Command Attribute Functions
//
// CommandAuthRole()
//
// This function returns the authorization role required of a handle.
//
// Return Value Meaning
//
// AUTH_NONE no authorization is required
// AUTH_USER user role authorization is required
// AUTH_ADMIN admin role authorization is required
// AUTH_DUP duplication role authorization is required
//
AUTH_ROLE
CommandAuthRole(
TPM_CC commandCode, // IN: command code
UINT32 handleIndex // IN: handle index (zero based)
)
{
ATTRIBUTE_TYPE properties = SafeGetAttributesForCC(commandCode);
if(handleIndex > 1)
return AUTH_NONE;
if(handleIndex == 0) {
if(properties & HANDLE_1_USER) return AUTH_USER;
if(properties & HANDLE_1_ADMIN) return AUTH_ADMIN;
if(properties & HANDLE_1_DUP) return AUTH_DUP;
return AUTH_NONE;
}
if(properties & HANDLE_2_USER)
return AUTH_USER;
return AUTH_NONE;
}
//
//
// CommandIsImplemented()
//
// This function indicates if a command is implemented.
//
// Return Value Meaning
//
// TRUE if the command is implemented
// FALSE if the command is not implemented
//
BOOL
CommandIsImplemented(
TPM_CC commandCode // IN: command code
)
{
return (SafeGetAttributesForCC(commandCode) & IS_IMPLEMENTED) ? TRUE : FALSE;
}
//
//
// CommandGetAttribute()
//
// return a TPMA_CC structure for the given command code
//
TPMA_CC
CommandGetAttribute(
TPM_CC commandCode // IN: command code
)
{
UINT32 size = sizeof(s_ccAttr) / sizeof(s_ccAttr[0]);
UINT32 i;
for(i = 0; i < size; i++) {
if(s_ccAttr[i].commandIndex == (UINT16) commandCode)
return s_ccAttr[i];
}
// This function should be called in the way that the command code
// attribute is available.
FAIL(FATAL_ERROR_INTERNAL);
return s_ccAttr[0]; // Just to appease the compiler, never reached.
}
//
//
// EncryptSize()
//
// This function returns the size of the decrypt size field. This function returns 0 if encryption is not allowed
//
// Return Value Meaning
//
// 0 encryption not allowed
// 2 size field is two bytes
// 4 size field is four bytes
//
int
EncryptSize(
TPM_CC commandCode // IN: commandCode
)
{
COMMAND_ATTRIBUTES ca = SafeGetAttributesForCC(commandCode);
if(ca & ENCRYPT_2)
return 2;
if(ca & ENCRYPT_4)
return 4;
return 0;
}
//
//
// DecryptSize()
//
// This function returns the size of the decrypt size field. This function returns 0 if decryption is not allowed
//
// Return Value Meaning
//
// 0 encryption not allowed
// 2 size field is two bytes
// 4 size field is four bytes
//
int
DecryptSize(
TPM_CC commandCode // IN: commandCode
)
{
COMMAND_ATTRIBUTES ca = SafeGetAttributesForCC(commandCode);
if(ca & DECRYPT_2)
return 2;
if(ca & DECRYPT_4)
return 4;
return 0;
}
//
//
// IsSessionAllowed()
//
// This function indicates if the command is allowed to have sessions.
// This function must not be called if the command is not known to be implemented.
//
// Return Value Meaning
//
// TRUE session is allowed with this command
// FALSE session is not allowed with this command
//
BOOL
IsSessionAllowed(
TPM_CC commandCode // IN: the command to be checked
)
{
return (SafeGetAttributesForCC(commandCode) & NO_SESSIONS) ? FALSE : TRUE;
}
//
//
// IsHandleInResponse()
//
BOOL
IsHandleInResponse(
TPM_CC commandCode
)
{
return (SafeGetAttributesForCC(commandCode) & R_HANDLE) ? TRUE : FALSE;
}
//
//
// IsWriteOperation()
//
// Checks to see if an operation will write to NV memory
//
BOOL
IsWriteOperation(
TPM_CC command // IN: Command to check
)
{
switch (command)
{
case TPM_CC_NV_Write:
case TPM_CC_NV_Increment:
case TPM_CC_NV_SetBits:
case TPM_CC_NV_Extend:
// Nv write lock counts as a write operation for authorization purposes.
// We check to see if the NV is write locked before we do the authorization
// If it is locked, we fail the command early.
case TPM_CC_NV_WriteLock:
return TRUE;
default:
break;
}
return FALSE;
}
//
//
// IsReadOperation()
//
// Checks to see if an operation will write to NV memory
//
BOOL
IsReadOperation(
TPM_CC command // IN: Command to check
)
{
switch (command)
{
case TPM_CC_NV_Read:
case TPM_CC_PolicyNV:
case TPM_CC_NV_Certify:
// Nv read lock counts as a read operation for authorization purposes.
// We check to see if the NV is read locked before we do the authorization
// If it is locked, we fail the command early.
case TPM_CC_NV_ReadLock:
return TRUE;
default:
break;
}
return FALSE;
}
//
//
// CommandCapGetCCList()
//
// This function returns a list of implemented commands and command attributes starting from the
// command in commandCode.
//
//
//
//
// Return Value Meaning
//
// YES more command attributes are available
// NO no more command attributes are available
//
TPMI_YES_NO
CommandCapGetCCList(
TPM_CC commandCode, // IN: start command code
UINT32 count, // IN: maximum count for number of entries in
// 'commandList'
TPML_CCA *commandList // OUT: list of TPMA_CC
)
{
TPMI_YES_NO more = NO;
UINT32 i;
// initialize output handle list count
commandList->count = 0;
// The maximum count of commands that may be returned is MAX_CAP_CC_ALL.
if(count > MAX_CAP_CC_ALL) count = MAX_CAP_CC_ALL;
// If the command code is smaller than TPM_CC_FIRST, start from TPM_CC_FIRST
if(commandCode < TPM_CC_FIRST) commandCode = TPM_CC_FIRST;
// Collect command attributes
for(i = commandCode; i <= TPM_CCE_LAST; i++)
{
if (i > TPM_CC_LAST && i < TPM_CCE_FIRST)
{
i = TPM_CCE_FIRST;
}
if(CommandIsImplemented(i))
{
if(commandList->count < count)
{
// If the list is not full, add the attributes for this command.
commandList->commandAttributes[commandList->count]
= CommandGetAttribute(i);
commandList->count++;
}
else
{
// If the list is full but there are more commands to report,
// indicate this and return.
more = YES;
break;
}
}
}
return more;
}