1// Copyright 2015 The Chromium OS Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5// NOTE: All tpm_manager protobufs are in the same file because the Android 6// build system cannot handle import statements without using Android-specific 7// paths. 8 9syntax = "proto2"; 10option optimize_for = LITE_RUNTIME; 11package tpm_manager; 12 13enum TpmManagerStatus { 14 STATUS_SUCCESS = 0; 15 STATUS_DEVICE_ERROR = 1; 16 STATUS_NOT_AVAILABLE = 2; 17 // The error that is translated into by the client to indicate any kind of 18 // D-Bus error. 19 STATUS_DBUS_ERROR = 3; 20} 21 22// Result codes. For convenience, keep these in sync with Brillo NVRAM HAL 23// values defined in hardware/nvram_defs.h. 24enum NvramResult { 25 NVRAM_RESULT_SUCCESS = 0; 26 // An unexpected TPM error occurred. More information should be in logs. 27 NVRAM_RESULT_DEVICE_ERROR = 1; 28 // The caller is not authorized to perform the requested operation. This may 29 // be due to a bad authorization value or to system state. 30 NVRAM_RESULT_ACCESS_DENIED = 2; 31 NVRAM_RESULT_INVALID_PARAMETER = 3; 32 NVRAM_RESULT_SPACE_DOES_NOT_EXIST = 4; 33 NVRAM_RESULT_SPACE_ALREADY_EXISTS = 5; 34 // This may be because a space is locked or because an operation has been 35 // explicitly disabled. 36 NVRAM_RESULT_OPERATION_DISABLED = 6; 37 // Literally, the TPM is out of non-volatile storage. 38 NVRAM_RESULT_INSUFFICIENT_SPACE = 7; 39 // An error occurred sending the request to the system service. 40 NVRAM_RESULT_IPC_ERROR = 100; 41} 42 43// More background on these attributes can be found by looking up the TPMA_NV_* 44// constants in the TPM 2.0 specification or the TPM_NV_PER_* constants in the 45// TPM 1.2 specification. 46enum NvramSpaceAttribute { 47 // The space can be locked for writing until it is destroyed. Without TPM 48 // owner privilege this is always after the TPM is cleared. This typically 49 // occurs during device factory reset. 50 NVRAM_PERSISTENT_WRITE_LOCK = 0; 51 // The space can be locked for writing until the next boot. 52 NVRAM_BOOT_WRITE_LOCK = 1; 53 // The space can be locked for reading until the next boot. 54 NVRAM_BOOT_READ_LOCK = 2; 55 // The space requires an authorization value for writing. 56 NVRAM_WRITE_AUTHORIZATION = 3; 57 // The space requires an authorization value for reading. 58 NVRAM_READ_AUTHORIZATION = 4; 59 // The space can not be written directly, only extended. 60 // E.g. new_value = HASH(old_value + input) 61 NVRAM_WRITE_EXTEND = 5; 62 // The space is tied to the global lock (bGlobalLock). This global lock is 63 // typically locked early in boot. This is defined for inspecting existing 64 // spaces, this interface cannot be used to define spaces with this attribute. 65 NVRAM_GLOBAL_LOCK = 6; 66 // The space is tied to the platform rather than the TPM owner. The 'platform' 67 // is whatever executes first after boot. Typically this access is locked 68 // early in boot. This is defined for inspecting existing spaces, this 69 // interface cannot be used to define spaces with this attribute. 70 NVRAM_PLATFORM_WRITE = 7; 71 // The space can only be written by the TPM owner. For TPM 2.0 this can be 72 // used only for inspecting existing spaces, not for defining new spaces. 73 NVRAM_OWNER_WRITE = 8; 74 // The space can only be read by the TPM owner. For TPM 2.0 this can be used 75 // only for inspecting existing spaces, not for defining new spaces. 76 NVRAM_OWNER_READ = 9; 77 // This space can be read by firmware (which always uses platform 78 // authorization) in addition to other authorizations defined here. Used 79 // by spaces like FWMP, which are defined in userland but can be read 80 // by firmware. 81 NVRAM_PLATFORM_READ = 10; 82} 83 84enum NvramSpacePolicy { 85 // No policy, only authorization values are enforced. This is the default. 86 // AUTHREAD | AUTHWRITE attributes are set for the space. 87 // Authorization values are enforced via authValue defined for the space. 88 NVRAM_POLICY_NONE = 0; 89 // Bind both read and write access to the current PCR0 value in addition to 90 // enforcing any authorization value. 91 // For TPM 2.0: 92 // POLICYREAD | POLICYWRITE attributes are set for the space. 93 // Authorization values are enforced by binding the policy to the 94 // defined value using PolicyAuthValue command. 95 NVRAM_POLICY_PCR0 = 1; 96} 97 98// Tracks the expected policy for a particular NVRAM space. 99message NvramPolicyRecord { 100 optional uint32 index = 1; 101 optional NvramSpacePolicy policy = 2; 102 // This will be true if the NVRAM_READ_AUTHORIZATION attribute was not 103 // specified when the space was created. 104 optional bool world_read_allowed = 3; 105 // This will be true if the NVRAM_WRITE_AUTHORIZATION attribute was not 106 // specified when the space was created. 107 optional bool world_write_allowed = 4; 108 repeated bytes policy_digests = 5; 109} 110 111// Holds owner delegation information. 112// Copied from attestation/common/database.proto and removed reserved fields. 113message AuthDelegate { 114 // The delegate owner blob. 115 optional bytes blob = 1; 116 // The authorization secret. 117 optional bytes secret = 2; 118 // Whether this delegate has permissions to call TPM_ResetLockValue. 119 optional bool has_reset_lock_permissions = 3; 120} 121 122// The format of persistent local TPM management data stored on the device. 123// When TPM ownership is taken, this protobuf is populated with the passwords 124// used to take ownership, and with a list of clients who have a dependency on 125// the owner password (like Attestation, InstallAttributes and BootLockbox). 126// When all the clients have the owner password injected, the owner password 127// is cleared from this protobuf. 128message LocalData { 129 optional bytes owner_password = 2; 130 repeated string owner_dependency = 3; 131 optional bytes endorsement_password = 4; 132 optional bytes lockout_password = 5; 133 repeated NvramPolicyRecord nvram_policy = 6; 134 optional AuthDelegate owner_delegate = 7; 135} 136 137// The format of the ownership taken signal payload. 138message OwnershipTakenSignal { 139 // A copy of LocalData right before sending the signal. 140 optional LocalData local_data = 1; 141} 142 143//////////////////////////////////////////////////////////////////////////////// 144// A series of request and reply messages for the NVRAM interface methods. 145//////////////////////////////////////////////////////////////////////////////// 146message DefineSpaceRequest { 147 optional uint32 index = 1; 148 optional uint32 size = 2; 149 repeated NvramSpaceAttribute attributes = 3; 150 optional bytes authorization_value = 4; 151 optional NvramSpacePolicy policy = 5; 152} 153 154message DefineSpaceReply { 155 optional NvramResult result = 1; 156} 157 158message DestroySpaceRequest { 159 optional uint32 index = 1; 160} 161 162message DestroySpaceReply { 163 optional NvramResult result = 1; 164} 165 166message WriteSpaceRequest { 167 optional uint32 index = 1; 168 optional bytes data = 2; 169 optional bytes authorization_value = 3; 170 optional bool use_owner_authorization = 4; 171} 172 173message WriteSpaceReply { 174 optional NvramResult result = 1; 175} 176 177message ReadSpaceRequest { 178 optional uint32 index = 1; 179 optional bytes authorization_value = 2; 180 optional bool use_owner_authorization = 3; 181} 182 183message ReadSpaceReply { 184 optional NvramResult result = 1; 185 optional bytes data = 2; 186} 187 188message LockSpaceRequest { 189 optional uint32 index = 1; 190 optional bool lock_read = 2; 191 optional bool lock_write = 3; 192 optional bytes authorization_value = 4; 193 optional bool use_owner_authorization = 5; 194} 195 196message LockSpaceReply { 197 optional NvramResult result = 1; 198} 199 200message ListSpacesRequest { 201} 202 203message ListSpacesReply { 204 optional NvramResult result = 1; 205 repeated uint32 index_list = 2; 206} 207 208message GetSpaceInfoRequest { 209 optional uint32 index = 1; 210} 211 212message GetSpaceInfoReply { 213 optional NvramResult result = 1; 214 optional uint32 size = 2; 215 optional bool is_read_locked = 3; 216 optional bool is_write_locked = 4; 217 repeated NvramSpaceAttribute attributes = 5; 218 optional NvramSpacePolicy policy = 6; 219} 220 221//////////////////////////////////////////////////////////////////////////////// 222// A series of request and reply messages for the tpm manager interface methods. 223//////////////////////////////////////////////////////////////////////////////// 224message GetTpmStatusRequest { 225 reserved 1; 226} 227 228message GetTpmStatusReply { 229 optional TpmManagerStatus status = 1; 230 // Whether a TPM is enabled on the system. 231 optional bool enabled = 2; 232 // Whether the TPM has been owned. 233 optional bool owned = 3; 234 // Local TPM management data (including the owner password if available). 235 // TODO(b/168852740): Refine the comments above. 236 optional LocalData local_data = 4; 237 238 reserved 5 to 9; 239} 240 241message GetTpmNonsensitiveStatusRequest { 242} 243 244message GetTpmNonsensitiveStatusReply { 245 optional TpmManagerStatus status = 1; 246 // Whether a TPM is enabled on the system. 247 optional bool is_enabled = 2; 248 // Whether the TPM has been owned. 249 optional bool is_owned = 3; 250 // Whether the owner password is still retained. 251 optional bool is_owner_password_present = 4; 252 // Whether tpm manager is capable of reset DA. 253 optional bool has_reset_lock_permissions = 5; 254} 255 256message GetVersionInfoRequest { 257} 258 259message GetVersionInfoReply { 260 // The success or error code of the call GetVersionInfo. 261 optional TpmManagerStatus status = 1; 262 263 // TPM family. We use the TPM 2.0 style encoding, e.g.: 264 // * TPM 1.2: "1.2" -> 0x312e3200 265 // * TPM 2.0: "2.0" -> 0x322e3000 266 optional uint32 family = 2; 267 // TPM spec level. 268 optional uint64 spec_level = 3; 269 // Manufacturer code. 270 optional uint32 manufacturer = 4; 271 // TPM model number. 272 optional uint32 tpm_model = 5; 273 // Firmware version. 274 optional uint64 firmware_version = 6; 275 // Vendor specific information. 276 optional bytes vendor_specific = 7; 277} 278 279message GetDictionaryAttackInfoRequest { 280} 281 282message GetDictionaryAttackInfoReply { 283 // The success or error code of the call GetDictionaryAttackInfo. 284 optional TpmManagerStatus status = 1; 285 286 // The current dictionary attack counter value. 287 optional uint32 dictionary_attack_counter = 2; 288 // The current dictionary attack counter threshold. 289 optional uint32 dictionary_attack_threshold = 3; 290 // Whether the TPM is in some form of dictionary attack lockout. 291 optional bool dictionary_attack_lockout_in_effect = 4; 292 // The number of seconds remaining in the lockout. 293 optional uint32 dictionary_attack_lockout_seconds_remaining = 5; 294} 295 296message ResetDictionaryAttackLockRequest { 297} 298 299message ResetDictionaryAttackLockReply { 300 optional TpmManagerStatus status = 1; 301} 302 303message TakeOwnershipRequest { 304} 305 306message TakeOwnershipReply { 307 optional TpmManagerStatus status = 1; 308} 309 310message RemoveOwnerDependencyRequest { 311 optional bytes owner_dependency = 1; 312} 313 314message RemoveOwnerDependencyReply { 315 optional TpmManagerStatus status = 1; 316} 317 318message ClearStoredOwnerPasswordRequest { 319} 320 321message ClearStoredOwnerPasswordReply { 322 optional TpmManagerStatus status = 1; 323} 324