/* Adjusts permissions of KERNEL_VERSIONS space. Updates |wrong_value| to
* reflect that currently the space contains the wrong value (i.e. does not
* contain the GRWL identifier).
*/
static uint32_t RollbackTest_AdjustKernelPermissions(int* wrong_value) {
uint32_t perms;
/* Wrong permissions */
RETURN_ON_FAILURE(TlclGetPermissions(KERNEL_VERSIONS_NV_INDEX, &perms));
if (RBTS.KERNEL_VERSIONS_wrong_permissions && perms == TPM_NV_PER_PPWRITE) {
/* Redefines with wrong permissions. */
RETURN_ON_FAILURE(RollbackTest_RemoveSpace(KERNEL_VERSIONS_NV_INDEX));
RETURN_ON_FAILURE(SafeDefineSpace(KERNEL_VERSIONS_NV_INDEX,
TPM_NV_PER_PPWRITE |
TPM_NV_PER_GLOBALLOCK,
KERNEL_SPACE_SIZE));
*wrong_value = 1;
}
if (!RBTS.KERNEL_VERSIONS_wrong_permissions &&
perms != TPM_NV_PER_PPWRITE) {
/* Redefines with right permissions. */
RETURN_ON_FAILURE(SafeDefineSpace(KERNEL_VERSIONS_NV_INDEX,
TPM_NV_PER_PPWRITE, 0));
RETURN_ON_FAILURE(SafeDefineSpace(KERNEL_VERSIONS_NV_INDEX,
TPM_NV_PER_PPWRITE,
KERNEL_SPACE_SIZE));
*wrong_value = 1;
}
return TPM_SUCCESS;
}
/**
* Test flags / capabilities
*
* TODO: check params/data read/written.
*/
static void FlagsTest(void)
{
TPM_PERMANENT_FLAGS pflags;
TPM_STCLEAR_FLAGS vflags;
uint8_t disable = 0, deactivated = 0, nvlocked = 0;
uint32_t u;
uint8_t buf[32];
ResetMocks();
TEST_EQ(TlclGetPermanentFlags(&pflags), 0, "GetPermanentFlags");
TEST_EQ(calls[0].req_cmd, TPM_ORD_GetCapability, " cmd");
ResetMocks();
TEST_EQ(TlclGetSTClearFlags(&vflags), 0, "GetSTClearFlags");
TEST_EQ(calls[0].req_cmd, TPM_ORD_GetCapability, " cmd");
ResetMocks();
TEST_EQ(TlclGetFlags(NULL, NULL, NULL), 0, "GetFlags NULL");
TEST_EQ(calls[0].req_cmd, TPM_ORD_GetCapability, " cmd");
ResetMocks();
TEST_EQ(TlclGetFlags(&disable, &deactivated, &nvlocked), 0, "GetFlags");
ResetMocks();
TEST_EQ(TlclGetPermissions(1, &u), 0, "GetPermissions");
TEST_EQ(calls[0].req_cmd, TPM_ORD_GetCapability, " cmd");
ResetMocks();
TEST_EQ(TlclGetOwnership(buf), 0, "GetOwnership");
TEST_EQ(calls[0].req_cmd, TPM_ORD_GetCapability, " cmd");
}
