1 files changed, 165 insertions, 32 deletions
diff --git a/include/tpm.h b/include/tpm.h
index 6b21e9c73..7219b7319 100644
--- a/include/tpm.h
+++ b/include/tpm.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011 The Chromium OS Authors.
+ * Copyright (c) 2013 The Chromium OS Authors.
  *
  * See file CREDITS for list of people who contributed to this
  * project.
@@ -20,52 +20,185 @@
  * MA 02111-1307 USA
  */
 
-#ifndef _INCLUDE_TPM_H_
-#define _INCLUDE_TPM_H_
+#ifndef __TPM_H
+#define __TPM_H
 
-#include <common.h>
+#include <tis.h>
 
 /*
- * tis_init()
+ * Here is a partial implementation of TPM commands.  Please consult TCG Main
+ * Specification for definitions of TPM commands.
+ */
+
+enum tpm_startup_type {
+	TPM_ST_CLEAR		= 0x0001,
+	TPM_ST_STATE		= 0x0002,
+	TPM_ST_DEACTIVATED	= 0x0003,
+};
+
+enum tpm_physical_presence {
+	TPM_PHYSICAL_PRESENCE_HW_DISABLE	= 0x0200,
+	TPM_PHYSICAL_PRESENCE_CMD_DISABLE	= 0x0100,
+	TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK	= 0x0080,
+	TPM_PHYSICAL_PRESENCE_HW_ENABLE		= 0x0040,
+	TPM_PHYSICAL_PRESENCE_CMD_ENABLE	= 0x0020,
+	TPM_PHYSICAL_PRESENCE_NOTPRESENT	= 0x0010,
+	TPM_PHYSICAL_PRESENCE_PRESENT		= 0x0008,
+	TPM_PHYSICAL_PRESENCE_LOCK		= 0x0004,
+};
+
+enum tpm_nv_index {
+	TPM_NV_INDEX_LOCK	= 0xffffffff,
+	TPM_NV_INDEX_0		= 0x00000000,
+	TPM_NV_INDEX_DIR	= 0x10000001,
+};
+
+/**
+ * Initialize TPM device.  It must be called before any TPM commands.
  *
- * Initialize the TPM device. Returns 0 on success or -1 on
- * failure (in case device probing did not succeed).
+ * @return 0 on success, non-0 on error.
  */
-int tis_init(void);
+uint32_t tpm_init(void);
 
-/*
- * tis_open()
+/**
+ * Issue a TPM_Startup command.
  *
- * Requests access to locality 0 for the caller. After all commands have been
- * completed the caller is supposed to call tis_close().
+ * @param mode		TPM startup mode
+ * @return return code of the operation
+ */
+uint32_t tpm_startup(enum tpm_startup_type mode);
+
+/**
+ * Issue a TPM_SelfTestFull command.
  *
- * Returns 0 on success, -1 on failure.
+ * @return return code of the operation
  */
-int tis_open(void);
+uint32_t tpm_self_test_full(void);
 
-/*
- * tis_close()
+/**
+ * Issue a TPM_ContinueSelfTest command.
  *
- * terminate the currect session with the TPM by releasing the locked
- * locality. Returns 0 on success of -1 on failure (in case lock
- * removal did not succeed).
+ * @return return code of the operation
  */
-int tis_close(void);
+uint32_t tpm_continue_self_test(void);
 
-/*
- * tis_sendrecv()
+/**
+ * Issue a TPM_NV_DefineSpace command.  The implementation is limited
+ * to specify TPM_NV_ATTRIBUTES and size of the area.  The area index
+ * could be one of the special value listed in enum tpm_nv_index.
  *
- * Send the requested data to the TPM and then try to get its response
+ * @param index		index of the area
+ * @param perm		TPM_NV_ATTRIBUTES of the area
+ * @param size		size of the area
+ * @return return code of the operation
+ */
+uint32_t tpm_nv_define_space(uint32_t index, uint32_t perm, uint32_t size);
+
+/**
+ * Issue a TPM_NV_ReadValue command.  This implementation is limited
+ * to read the area from offset 0.  The area index could be one of
+ * the special value listed in enum tpm_nv_index.
+ *
+ * @param index		index of the area
+ * @param data		output buffer of the area contents
+ * @param count		size of output buffer
+ * @return return code of the operation
+ */
+uint32_t tpm_nv_read_value(uint32_t index, void *data, uint32_t count);
+
+/**
+ * Issue a TPM_NV_WriteValue command.  This implementation is limited
+ * to write the area from offset 0.  The area index could be one of
+ * the special value listed in enum tpm_nv_index.
+ *
+ * @param index		index of the area
+ * @param data		input buffer to be wrote to the area
+ * @param length	length of data bytes of input buffer
+ * @return return code of the operation
+ */
+uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length);
+
+/**
+ * Issue a TPM_Extend command.
+ *
+ * @param index		index of the PCR
+ * @param in_digest	160-bit value representing the event to be
+ *			recorded
+ * @param out_digest	160-bit PCR value after execution of the
+ *			command
+ * @return return code of the operation
+ */
+uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest);
+
+/**
+ * Issue a TPM_PCRRead command.
  *
- * @sendbuf - buffer of the data to send
- * @send_size size of the data to send
- * @recvbuf - memory to save the response to
- * @recv_len - pointer to the size of the response buffer
+ * @param index		index of the PCR
+ * @param data		output buffer for contents of the named PCR
+ * @param count		size of output buffer
+ * @return return code of the operation
+ */
+uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count);
+
+/**
+ * Issue a TSC_PhysicalPresence command.  TPM physical presence flag
+ * is bit-wise OR'ed of flags listed in enum tpm_physical_presence.
+ *
+ * @param presence	TPM physical presence flag
+ * @return return code of the operation
+ */
+uint32_t tpm_tsc_physical_presence(uint16_t presence);
+
+/**
+ * Issue a TPM_ReadPubek command.
+ *
+ * @param data		output buffer for the public endorsement key
+ * @param count		size of ouput buffer
+ * @return return code of the operation
+ */
+uint32_t tpm_read_pubek(void *data, size_t count);
+
+/**
+ * Issue a TPM_ForceClear command.
+ *
+ * @return return code of the operation
+ */
+uint32_t tpm_force_clear(void);
+
+/**
+ * Issue a TPM_PhysicalEnable command.
+ *
+ * @return return code of the operation
+ */
+uint32_t tpm_physical_enable(void);
+
+/**
+ * Issue a TPM_PhysicalDisable command.
+ *
+ * @return return code of the operation
+ */
+uint32_t tpm_physical_disable(void);
+
+/**
+ * Issue a TPM_PhysicalSetDeactivated command.
+ *
+ * @param state		boolean state of the deactivated flag
+ * @return return code of the operation
+ */
+uint32_t tpm_physical_set_deactivated(uint8_t state);
+
+/**
+ * Issue a TPM_GetCapability command.  This implementation is limited
+ * to query sub_cap index that is 4-byte wide.
  *
- * Returns 0 on success (and places the number of response bytes at recv_len)
- * or -1 on failure.
+ * @param cap_area	partition of capabilities
+ * @param sub_cap	further definition of capability, which is
+ *			limited to be 4-byte wide
+ * @param cap		output buffer for capability information
+ * @param count		size of ouput buffer
+ * @return return code of the operation
  */
-int tis_sendrecv(const uint8_t *sendbuf, size_t send_size, uint8_t *recvbuf,
-			size_t *recv_len);
+uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap,
+		void *cap, size_t count);
 
-#endif /* _INCLUDE_TPM_H_ */
+#endif /* __TPM_H */