Home | History | Annotate | Download | only in tpm2 
      1 // This file was extracted from the TCG Published
      2 // Trusted Platform Module Library
      3 // Part 3: Commands
      4 // Family "2.0"
      5 // Level 00 Revision 01.16
      6 // October 30, 2014
      7 
      8 #include "InternalRoutines.h"
      9 #include "NV_ReadLock_fp.h"
     10 #include "NV_spt_fp.h"
     11 //
     12 //
     13 //     Error Returns                    Meaning
     14 //
     15 //     TPM_RC_ATTRIBUTES                TPMA_NV_READ_STCLEAR is not SET so Index referenced by
     16 //                                      nvIndex may not be write locked
     17 //     TPM_RC_NV_AUTHORIZATION          the authorization was valid but the authorizing entity (authHandle) is
     18 //                                      not allowed to read from the Index referenced by nvIndex
     19 //
     20 TPM_RC
     21 TPM2_NV_ReadLock(
     22    NV_ReadLock_In    *in                 // IN: input parameter list
     23    )
     24 {
     25    TPM_RC            result;
     26    NV_INDEX          nvIndex;
     27 
     28    // The command needs NV update. Check if NV is available.
     29    // A TPM_RC_NV_UNAVAILABLE or TPM_RC_NV_RATE error may be returned at
     30    // this point
     31    result = NvIsAvailable();
     32    if(result != TPM_RC_SUCCESS) return result;
     33 
     34 // Input Validation
     35 
     36    // Common read access checks. NvReadAccessChecks() returns
     37    // TPM_RC_NV_AUTHORIZATION, TPM_RC_NV_LOCKED, or TPM_RC_NV_UNINITIALIZED
     38    // error may be returned at this point
     39    result = NvReadAccessChecks(in->authHandle, in->nvIndex);
     40    if(result != TPM_RC_SUCCESS)
     41    {
     42        if(result == TPM_RC_NV_AUTHORIZATION)
     43            return TPM_RC_NV_AUTHORIZATION;
     44        // Index is already locked for write
     45        else if(result == TPM_RC_NV_LOCKED)
     46            return TPM_RC_SUCCESS;
     47 
     48          // If NvReadAccessChecks return TPM_RC_NV_UNINITALIZED, then continue.
     49          // It is not an error to read lock an uninitialized Index.
     50    }
     51 
     52    // Get NV index info
     53    NvGetIndexInfo(in->nvIndex, &nvIndex);
     54 
     55    // if TPMA_NV_READ_STCLEAR is not set, the index can not be read-locked
     56    if(nvIndex.publicArea.attributes.TPMA_NV_READ_STCLEAR == CLEAR)
     57        return TPM_RC_ATTRIBUTES + RC_NV_ReadLock_nvIndex;
     58 
     59 // Internal Data Update
     60 
     61    // Set the READLOCK attribute
     62    nvIndex.publicArea.attributes.TPMA_NV_READLOCKED = SET;
     63    // Write NV info back
     64    NvWriteIndexInfo(in->nvIndex, &nvIndex);
     65 
     66    return TPM_RC_SUCCESS;
     67 }
     68