1// Copyright 2015 The Chromium OS Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5// NOTE: All tpm_manager protobufs are in the same file because the Android
6// build system cannot handle import statements without using Android-specific
7// paths.
8
9syntax = "proto2";
10option optimize_for = LITE_RUNTIME;
11package tpm_manager;
12
13enum TpmManagerStatus {
14  STATUS_SUCCESS = 0;
15  STATUS_DEVICE_ERROR = 1;
16  STATUS_NOT_AVAILABLE = 2;
17  // The error that is translated into by the client to indicate any kind of
18  // D-Bus error.
19  STATUS_DBUS_ERROR = 3;
20}
21
22// Result codes. For convenience, keep these in sync with Brillo NVRAM HAL
23// values defined in hardware/nvram_defs.h.
24enum NvramResult {
25  NVRAM_RESULT_SUCCESS = 0;
26  // An unexpected TPM error occurred. More information should be in logs.
27  NVRAM_RESULT_DEVICE_ERROR = 1;
28  // The caller is not authorized to perform the requested operation. This may
29  // be due to a bad authorization value or to system state.
30  NVRAM_RESULT_ACCESS_DENIED = 2;
31  NVRAM_RESULT_INVALID_PARAMETER = 3;
32  NVRAM_RESULT_SPACE_DOES_NOT_EXIST = 4;
33  NVRAM_RESULT_SPACE_ALREADY_EXISTS = 5;
34  // This may be because a space is locked or because an operation has been
35  // explicitly disabled.
36  NVRAM_RESULT_OPERATION_DISABLED = 6;
37  // Literally, the TPM is out of non-volatile storage.
38  NVRAM_RESULT_INSUFFICIENT_SPACE = 7;
39  // An error occurred sending the request to the system service.
40  NVRAM_RESULT_IPC_ERROR = 100;
41}
42
43// More background on these attributes can be found by looking up the TPMA_NV_*
44// constants in the TPM 2.0 specification or the TPM_NV_PER_* constants in the
45// TPM 1.2 specification.
46enum NvramSpaceAttribute {
47  // The space can be locked for writing until it is destroyed. Without TPM
48  // owner privilege this is always after the TPM is cleared. This typically
49  // occurs during device factory reset.
50  NVRAM_PERSISTENT_WRITE_LOCK = 0;
51  // The space can be locked for writing until the next boot.
52  NVRAM_BOOT_WRITE_LOCK = 1;
53  // The space can be locked for reading until the next boot.
54  NVRAM_BOOT_READ_LOCK = 2;
55  // The space requires an authorization value for writing.
56  NVRAM_WRITE_AUTHORIZATION = 3;
57  // The space requires an authorization value for reading.
58  NVRAM_READ_AUTHORIZATION = 4;
59  // The space can not be written directly, only extended.
60  // E.g. new_value = HASH(old_value + input)
61  NVRAM_WRITE_EXTEND = 5;
62  // The space is tied to the global lock (bGlobalLock). This global lock is
63  // typically locked early in boot. This is defined for inspecting existing
64  // spaces, this interface cannot be used to define spaces with this attribute.
65  NVRAM_GLOBAL_LOCK = 6;
66  // The space is tied to the platform rather than the TPM owner. The 'platform'
67  // is whatever executes first after boot. Typically this access is locked
68  // early in boot. This is defined for inspecting existing spaces, this
69  // interface cannot be used to define spaces with this attribute.
70  NVRAM_PLATFORM_WRITE = 7;
71  // The space can only be written by the TPM owner. For TPM 2.0 this can be
72  // used only for inspecting existing spaces, not for defining new spaces.
73  NVRAM_OWNER_WRITE = 8;
74  // The space can only be read by the TPM owner. For TPM 2.0 this can be used
75  // only for inspecting existing spaces, not for defining new spaces.
76  NVRAM_OWNER_READ = 9;
77  // This space can be read by firmware (which always uses platform
78  // authorization) in addition to other authorizations defined here. Used
79  // by spaces like FWMP, which are defined in userland but can be read
80  // by firmware.
81  NVRAM_PLATFORM_READ = 10;
82}
83
84enum NvramSpacePolicy {
85  // No policy, only authorization values are enforced. This is the default.
86  // AUTHREAD | AUTHWRITE attributes are set for the space.
87  // Authorization values are enforced via authValue defined for the space.
88  NVRAM_POLICY_NONE = 0;
89  // Bind both read and write access to the current PCR0 value in addition to
90  // enforcing any authorization value.
91  // For TPM 2.0:
92  // POLICYREAD | POLICYWRITE attributes are set for the space.
93  // Authorization values are enforced by binding the policy to the
94  // defined value using PolicyAuthValue command.
95  NVRAM_POLICY_PCR0 = 1;
96}
97
98// Tracks the expected policy for a particular NVRAM space.
99message NvramPolicyRecord {
100  optional uint32 index = 1;
101  optional NvramSpacePolicy policy = 2;
102  // This will be true if the NVRAM_READ_AUTHORIZATION attribute was not
103  // specified when the space was created.
104  optional bool world_read_allowed = 3;
105  // This will be true if the NVRAM_WRITE_AUTHORIZATION attribute was not
106  // specified when the space was created.
107  optional bool world_write_allowed = 4;
108  repeated bytes policy_digests = 5;
109}
110
111// Holds owner delegation information.
112// Copied from attestation/common/database.proto and removed reserved fields.
113message AuthDelegate {
114  // The delegate owner blob.
115  optional bytes blob = 1;
116  // The authorization secret.
117  optional bytes secret = 2;
118  // Whether this delegate has permissions to call TPM_ResetLockValue.
119  optional bool has_reset_lock_permissions = 3;
120}
121
122// The format of persistent local TPM management data stored on the device.
123// When TPM ownership is taken, this protobuf is populated with the passwords
124// used to take ownership, and with a list of clients who have a dependency on
125// the owner password (like Attestation, InstallAttributes and BootLockbox).
126// When all the clients have the owner password injected, the owner password
127// is cleared from this protobuf.
128message LocalData {
129  optional bytes owner_password = 2;
130  repeated string owner_dependency = 3;
131  optional bytes endorsement_password = 4;
132  optional bytes lockout_password = 5;
133  repeated NvramPolicyRecord nvram_policy = 6;
134  optional AuthDelegate owner_delegate = 7;
135}
136
137// The format of the ownership taken signal payload.
138message OwnershipTakenSignal {
139  // A copy of LocalData right before sending the signal.
140  optional LocalData local_data = 1;
141}
142
143////////////////////////////////////////////////////////////////////////////////
144// A series of request and reply messages for the NVRAM interface methods.
145////////////////////////////////////////////////////////////////////////////////
146message DefineSpaceRequest {
147  optional uint32 index = 1;
148  optional uint32 size = 2;
149  repeated NvramSpaceAttribute attributes = 3;
150  optional bytes authorization_value = 4;
151  optional NvramSpacePolicy policy = 5;
152}
153
154message DefineSpaceReply {
155  optional NvramResult result = 1;
156}
157
158message DestroySpaceRequest {
159  optional uint32 index = 1;
160}
161
162message DestroySpaceReply {
163  optional NvramResult result = 1;
164}
165
166message WriteSpaceRequest {
167  optional uint32 index = 1;
168  optional bytes data = 2;
169  optional bytes authorization_value = 3;
170  optional bool use_owner_authorization = 4;
171}
172
173message WriteSpaceReply {
174  optional NvramResult result = 1;
175}
176
177message ReadSpaceRequest {
178  optional uint32 index = 1;
179  optional bytes authorization_value = 2;
180  optional bool use_owner_authorization = 3;
181}
182
183message ReadSpaceReply {
184  optional NvramResult result = 1;
185  optional bytes data = 2;
186}
187
188message LockSpaceRequest {
189  optional uint32 index = 1;
190  optional bool lock_read = 2;
191  optional bool lock_write = 3;
192  optional bytes authorization_value = 4;
193  optional bool use_owner_authorization = 5;
194}
195
196message LockSpaceReply {
197  optional NvramResult result = 1;
198}
199
200message ListSpacesRequest {
201}
202
203message ListSpacesReply {
204  optional NvramResult result = 1;
205  repeated uint32 index_list = 2;
206}
207
208message GetSpaceInfoRequest {
209  optional uint32 index = 1;
210}
211
212message GetSpaceInfoReply {
213  optional NvramResult result = 1;
214  optional uint32 size = 2;
215  optional bool is_read_locked = 3;
216  optional bool is_write_locked = 4;
217  repeated NvramSpaceAttribute attributes = 5;
218  optional NvramSpacePolicy policy = 6;
219}
220
221////////////////////////////////////////////////////////////////////////////////
222// A series of request and reply messages for the tpm manager interface methods.
223////////////////////////////////////////////////////////////////////////////////
224message GetTpmStatusRequest {
225  reserved 1;
226}
227
228message GetTpmStatusReply {
229  optional TpmManagerStatus status = 1;
230  // Whether a TPM is enabled on the system.
231  optional bool enabled = 2;
232  // Whether the TPM has been owned.
233  optional bool owned = 3;
234  // Local TPM management data (including the owner password if available).
235  // TODO(b/168852740): Refine the comments above.
236  optional LocalData local_data = 4;
237
238  reserved 5 to 9;
239}
240
241message GetTpmNonsensitiveStatusRequest {
242}
243
244message GetTpmNonsensitiveStatusReply {
245  optional TpmManagerStatus status = 1;
246  // Whether a TPM is enabled on the system.
247  optional bool is_enabled = 2;
248  // Whether the TPM has been owned.
249  optional bool is_owned = 3;
250  // Whether the owner password is still retained.
251  optional bool is_owner_password_present = 4;
252  // Whether tpm manager is capable of reset DA.
253  optional bool has_reset_lock_permissions = 5;
254}
255
256message GetVersionInfoRequest {
257}
258
259message GetVersionInfoReply {
260  // The success or error code of the call GetVersionInfo.
261  optional TpmManagerStatus status = 1;
262
263  // TPM family. We use the TPM 2.0 style encoding, e.g.:
264  //  * TPM 1.2: "1.2" -> 0x312e3200
265  //  * TPM 2.0: "2.0" -> 0x322e3000
266  optional uint32 family = 2;
267  // TPM spec level.
268  optional uint64 spec_level = 3;
269  // Manufacturer code.
270  optional uint32 manufacturer = 4;
271  // TPM model number.
272  optional uint32 tpm_model = 5;
273  // Firmware version.
274  optional uint64 firmware_version = 6;
275  // Vendor specific information.
276  optional bytes vendor_specific = 7;
277}
278
279message GetDictionaryAttackInfoRequest {
280}
281
282message GetDictionaryAttackInfoReply {
283  // The success or error code of the call GetDictionaryAttackInfo.
284  optional TpmManagerStatus status = 1;
285
286  // The current dictionary attack counter value.
287  optional uint32 dictionary_attack_counter = 2;
288  // The current dictionary attack counter threshold.
289  optional uint32 dictionary_attack_threshold = 3;
290  // Whether the TPM is in some form of dictionary attack lockout.
291  optional bool dictionary_attack_lockout_in_effect = 4;
292  // The number of seconds remaining in the lockout.
293  optional uint32 dictionary_attack_lockout_seconds_remaining = 5;
294}
295
296message ResetDictionaryAttackLockRequest {
297}
298
299message ResetDictionaryAttackLockReply {
300  optional TpmManagerStatus status = 1;
301}
302
303message TakeOwnershipRequest {
304}
305
306message TakeOwnershipReply {
307  optional TpmManagerStatus status = 1;
308}
309
310message RemoveOwnerDependencyRequest {
311  optional bytes owner_dependency = 1;
312}
313
314message RemoveOwnerDependencyReply {
315  optional TpmManagerStatus status = 1;
316}
317
318message ClearStoredOwnerPasswordRequest {
319}
320
321message ClearStoredOwnerPasswordReply {
322  optional TpmManagerStatus status = 1;
323}
324