* [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support
@ 2018-05-15 9:56 Miquel Raynal
2018-05-15 9:56 ` [U-Boot] [PATCH v4 01/32] tpm: remove redundant blank line Miquel Raynal
` (32 more replies)
0 siblings, 33 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:56 UTC (permalink / raw)
To: u-boot
Current U-Boot supports TPM v1.2 specification. The new specification
(v2.0) is not backward compatible and renames/introduces several
functions. This series introduces the support for TPMv2.x chips.
First, some cleaning is done in TPM-related code. Then, the code is
split in two categories: generic code (common for both specifications)
and specific code (only used by one specification).
Then, basic functionalities are introduced one by one for the v2.x
specification. TPMv1 vs TPMv2 commands/support distinction is done with
Kconfig options. Drivers of only one specification can be selected at a
time.
A new SPI driver following the TPM v2.x specification is introduced. It
has been tested on a ST TPM but should be usable with others v2.0
compliant chips.
Finally a full Python test suite is added, as well as a Sandbox driver.
Regular testing may be done through the test/py/ framework when using
real hardware as well as the Sandbox driver. The following test has run
more than 300 times without failing with my setup:
test/py/test.py --bd <board> -k tpm2
Available commands for v2.0 TPMs are:
* STARTUP
* SELF TEST
* CLEAR
* PCR EXTEND
* PCR READ
* GET CAPABILITY
* DICTIONARY ATTACK LOCK RESET
* DICTIONARY ATTACK CHANGE PARAMETERS
* HIERARCHY CHANGE AUTH
Two commands have been written but could not be tested (unsupported by
the TPM chosen):
* PCR CHANGE AUTH POLICY
* PCR CHANGE AUTH VALUE
With this set of function, minimal TPMv2.0 handling is possible with the
following sequence.
* First, initialize the TPM stack in U-Boot.
> tpm init
* Then send the STARTUP command to the TPM. The flag is slightly
different between the revisions.
> tpm startup TPM2_SU_CLEAR
* To enable full TPM capabilities, continue the tests (or do them all
again). It seems like self_test_full always waits for the operation to
finish, while continue_self_test returns a busy state if called to
early.
> tpm self_test full
> tpm self_test continue
* Manage passwords (force_clear also resets a lot of internal stuff).
Olderly, TAKE OWNERSHIP == CLEAR + CHANGE AUTH. LOCKOUT is an example,
ENDORSEMENT and PLATFORM hierarchies are available too:
> tpm clear TPM2_RH_LOCKOUT [<pw>]
> tpm change_auth TPM2_RH_LOCKOUT <new_pw> [<old_pw>]
* Dictionary Attack Mitigation (DAM) parameters can be changed. It is
possible to reset the failure counter and disable the lockout (values
erased after a CLEAR). It is then possible to check the parameters
have been correctly applied.
> tpm dam_reset [<pw>]
> tpm dam_parameters 0xffff 1 0 [<pw>]
> tpm get_capability 0x0006 0x020e 0x4000000 4
* PCR policy may be changed (untested).
PCR can be extended (no protection against packet replay yet).
PCR can be read (the counter with the number of "extensions" is also
given).
> tpm pcr_setauthpolicy 0 12345678901234567890123456789012 [<pw>]
> tpm pcr_read 0 0x4000000
> tpm pcr_extend 0 0x4000000
Thanks,
Miquèl
Changes since v3:
=================
* Added Simon Glass's RB tags.
* Moved all the small fixes about lines, alignments, spellings, etc out
of the big commit splitting the TPM code structure. Multiple commits
have been made for these changes. Now the split is still done in one
commit, but it is supposed to be only code moves and headers changes.
* Used map_sysmem() calls to let Sandbox run TPM commands instead of my
hack (allocating memory on the go).
* Updated the documentation to use the new way of declaring parameters:
s/@param x: y/@x: y/.
* Added two parameters in the chip private structure to store the number
of PCRs and the minimum number of bytes needed to address one in a TPM
command. This should fit all the TIS TPM2 compliant modules.
* The above change removes some (wrongly) hardcoded values.
* Changed the error path as suggested in tpm2_get_capability().
* Minor rephrasing.
* Explained in tpm2_get_capability() the offset '19'.
* Removed useless reset of rx_buf[0] in tpm_tis_spi_xfer().
* Changed the way spi_xfer return code is checked: error out on any
value != 0 instead of just negative ones.
* Removed unused functions flagged __maybe_unused as well as well as the
__maybe_unused flags themselves when not needed.
* Simplified the validity check of the GPIO as suggested.
* Updated the compatible property for the SPI modules (as well as the
bindings docuementation) to be simply "tis,tpm2-spi" which should work
with most compliant chips. Data is linked to this generic compatible
in the TPM driver, other values may be added if needed in the future
to fit other chips that would use different values than the current
ones (used by Infineon SLB 9670 and ST ST33TPHF20 modules, for
instance).
Changes since v2:
=================
* Wrote a full sandbox driver that passes _all_ the Python tests.
* Added changes in the library to support running in Sandbox.
* Did not rename the former I2C driver. Instead, will prefix new ones
by "tpm2_" to make the distinction.
* Updated the Kconfig menu to have a clear separated view of the
different drivers/specifications. CMD_TPM is now selected by a
TPM_DRIVER_SELECTED boolean that is selected automatically when one
driver at least is selected. One driver can only be selected if only
one specification was precised (1.x or 2.x).
* Removed the styling fixes in the TPMv1.x command file as another one
will be created.
* Removed the buffer length variable renaming as there is no need for
it anymore.
* Split the whole architecture: for commands and library files, one
tpm-common.c file plus one tpm-v<x>.c per specification. Same split
for the header files. Some prototypes have been moved to
lib/tpm-utils.h and cmd/tpm-user-utils.h depending on their use.
This removed the need for an initialization with the right
specification and the boilerplate coming with it.
* Commented all the TPMv2 enumerations.
* Renamed the macro U<XX>_TO_ARRAY into tpm_u<xx> as suggested.
* Dropped the buffer length name change as the files are split, there
is no more need for such a rename.
* Added RB/AB tags.
* Used the new logging mechanism.
* Added documentation (bindings) for both drivers.
* Add the reset by GPIO in the SPI TPMv2.0 driver.
* Added a delay in the tests between the pcr_extend and the read_pcr.
* Ran the test suite a saw random errors sometimes, with a "LIB_ERROR".
I wonder what produces these. Added traces to try to detect where it
comes from.
* Some checkpatch.pl warnings have been left intentionally.
Changes since v1:
=================
* Complete test suite for the TPMv2 commands in test/py/.
* s/STRINGIFY<X>/U<X>_TO_ARRAY/ (the macros had nothing to do with
actual "stringification").
* Changed/fixed some comments.
Miquel Raynal (32):
tpm: remove redundant blank line
tpm: remove extra spaces between a function and its opening bracket
tpm: substitute deprecated uint<x>_t types with their u<x> equivalent
tpm: align arguments with open parenthesis
tpm: use the BIT() macro where applicable
tpm: fix spelling
tpm: add extra blank lines between declarations and code
tpm: add Revision ID field in the chip structure
tpm: prepare introduction of TPMv2.x support in Kconfig
tpm: disociate TPMv1.x specific and generic code
tpm: add missing parameter in private data structure description
tpm: prepare support for TPMv2.x commands
tpm: add macros to enhance TPM commands readability
tpm: add possible traces to analyze buffers returned by the TPM
tpm: report driver error code to upper layer
tpm: add TPM2_Startup command support
tpm: add TPM2_SelfTest command support
tpm: add TPM2_Clear command support
tpm: add TPM2_PCR_Extend command support
tpm: add TPM2_PCR_Read command support
tpm: add TPM2_GetCapability command support
tpm: add dictionary attack mitigation commands support
tpm: add TPM2_HierarchyChangeAuth command support
tpm: add PCR authentication commands support
tpm: add support for TPMv2.x SPI modules
tpm: add the possibility to reset the chip with a gpio
doc: device-tree-bindings: add TIS TPMv2.0 SPI module info
test/py: add TPMv2.x test suite
tpm: add a Sandbox TPMv2.x driver
doc: device-tree-bindings: add Sandbox TPMv2.0 module info
sandbox: dts: add Sandbox TPMv2.x node
configs: add TPMv2.x support in Sandbox
arch/sandbox/dts/sandbox.dts | 4 +
arch/sandbox/dts/sandbox64.dts | 4 +
arch/sandbox/dts/test.dts | 4 +
cmd/Kconfig | 24 +-
cmd/Makefile | 4 +-
cmd/tpm-common.c | 289 +++++++++++
cmd/tpm-user-utils.h | 25 +
cmd/{tpm.c => tpm-v1.c} | 488 ++++--------------
cmd/tpm-v2.c | 389 ++++++++++++++
cmd/tpm_test.c | 2 +-
configs/sandbox64_defconfig | 1 +
configs/sandbox_defconfig | 1 +
configs/sandbox_flattree_defconfig | 1 +
configs/sandbox_noblk_defconfig | 1 +
configs/sandbox_spl_defconfig | 1 +
doc/device-tree-bindings/tpm2/sandbox.txt | 11 +
doc/device-tree-bindings/tpm2/tis-tpm2-spi.txt | 18 +
drivers/tpm/Kconfig | 83 ++-
drivers/tpm/Makefile | 3 +
drivers/tpm/tpm-uclass.c | 6 +-
drivers/tpm/tpm2_tis_sandbox.c | 626 +++++++++++++++++++++++
drivers/tpm/tpm2_tis_spi.c | 681 +++++++++++++++++++++++++
drivers/tpm/tpm_atmel_twi.c | 2 +-
drivers/tpm/tpm_tis.h | 1 +
drivers/tpm/tpm_tis_infineon.c | 2 +-
drivers/tpm/tpm_tis_lpc.c | 2 +-
drivers/tpm/tpm_tis_sandbox.c | 2 +-
drivers/tpm/tpm_tis_st33zp24_i2c.c | 2 +-
drivers/tpm/tpm_tis_st33zp24_spi.c | 2 +-
include/tpm-common.h | 218 ++++++++
include/{tpm.h => tpm-v1.h} | 296 ++---------
include/tpm-v2.h | 262 ++++++++++
lib/Makefile | 4 +-
lib/tpm-common.c | 198 +++++++
lib/tpm-utils.h | 102 ++++
lib/{tpm.c => tpm-v1.c} | 600 +++++++---------------
lib/tpm-v2.c | 419 +++++++++++++++
test/py/tests/test_tpm2.py | 234 +++++++++
38 files changed, 3936 insertions(+), 1076 deletions(-)
create mode 100644 cmd/tpm-common.c
create mode 100644 cmd/tpm-user-utils.h
rename cmd/{tpm.c => tpm-v1.c} (64%)
create mode 100644 cmd/tpm-v2.c
create mode 100644 doc/device-tree-bindings/tpm2/sandbox.txt
create mode 100644 doc/device-tree-bindings/tpm2/tis-tpm2-spi.txt
create mode 100644 drivers/tpm/tpm2_tis_sandbox.c
create mode 100644 drivers/tpm/tpm2_tis_spi.c
create mode 100644 include/tpm-common.h
rename include/{tpm.h => tpm-v1.h} (60%)
create mode 100644 include/tpm-v2.h
create mode 100644 lib/tpm-common.c
create mode 100644 lib/tpm-utils.h
rename lib/{tpm.c => tpm-v1.c} (59%)
create mode 100644 lib/tpm-v2.c
create mode 100644 test/py/tests/test_tpm2.py
--
2.14.1
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 01/32] tpm: remove redundant blank line
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
@ 2018-05-15 9:56 ` Miquel Raynal
2018-05-15 15:58 ` Tom Rini
` (2 more replies)
2018-05-15 9:56 ` [U-Boot] [PATCH v4 02/32] tpm: remove extra spaces between a function and its opening bracket Miquel Raynal
` (31 subsequent siblings)
32 siblings, 3 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:56 UTC (permalink / raw)
To: u-boot
Fix following checkpatch.pl issue in TPM-related code:
CHECK: Please don't use multiple blank lines
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
---
lib/tpm.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/lib/tpm.c b/lib/tpm.c
index c8bf06178f..0d8cdf9651 100644
--- a/lib/tpm.c
+++ b/lib/tpm.c
@@ -821,7 +821,6 @@ static uint32_t verify_response_auth(uint32_t command_code,
return TPM_SUCCESS;
}
-
uint32_t tpm_terminate_auth_session(uint32_t auth_handle)
{
const uint8_t command[18] = {
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 02/32] tpm: remove extra spaces between a function and its opening bracket
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
2018-05-15 9:56 ` [U-Boot] [PATCH v4 01/32] tpm: remove redundant blank line Miquel Raynal
@ 2018-05-15 9:56 ` Miquel Raynal
2018-05-15 15:58 ` Tom Rini
` (2 more replies)
2018-05-15 9:56 ` [U-Boot] [PATCH v4 03/32] tpm: substitute deprecated uint<x>_t types with their u<x> equivalent Miquel Raynal
` (30 subsequent siblings)
32 siblings, 3 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:56 UTC (permalink / raw)
To: u-boot
Fix following checkpatch.pl issue in TPM-related code:
WARNING: space prohibited between function name and open
parenthesis '('
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
---
lib/tpm.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/tpm.c b/lib/tpm.c
index 0d8cdf9651..58b0a76b97 100644
--- a/lib/tpm.c
+++ b/lib/tpm.c
@@ -611,7 +611,7 @@ uint32_t tpm_get_permanent_flags(struct tpm_permanent_flags *pflags)
0x0, 0x0, 0x1, 0x8, /* subcap value */
};
const size_t data_size_offset = TPM_HEADER_SIZE;
- const size_t data_offset = TPM_HEADER_SIZE + sizeof (uint32_t);
+ const size_t data_offset = TPM_HEADER_SIZE + sizeof(uint32_t);
uint8_t response[COMMAND_BUFFER_SIZE];
size_t response_length = sizeof(response);
uint32_t err;
@@ -1069,7 +1069,7 @@ uint32_t tpm_get_random(void *data, uint32_t count)
while (count > 0) {
uint32_t this_bytes = min((size_t)count,
- sizeof (response) - data_offset);
+ sizeof(response) - data_offset);
uint32_t err;
if (pack_byte_string(buf, sizeof(buf), "sd",
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 03/32] tpm: substitute deprecated uint<x>_t types with their u<x> equivalent
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
2018-05-15 9:56 ` [U-Boot] [PATCH v4 01/32] tpm: remove redundant blank line Miquel Raynal
2018-05-15 9:56 ` [U-Boot] [PATCH v4 02/32] tpm: remove extra spaces between a function and its opening bracket Miquel Raynal
@ 2018-05-15 9:56 ` Miquel Raynal
2018-05-15 15:58 ` Tom Rini
` (2 more replies)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 04/32] tpm: align arguments with open parenthesis Miquel Raynal
` (29 subsequent siblings)
32 siblings, 3 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:56 UTC (permalink / raw)
To: u-boot
Fix following checkpatch.pl issues in TPM-related code:
CHECK: Prefer kernel type 'u8' over 'uint8_t'
CHECK: Prefer kernel type 'u16' over 'uint16_t'
CHECK: Prefer kernel type 'u32' over 'uint32_t'
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
---
cmd/tpm.c | 86 ++++++++---------
include/tpm.h | 72 +++++++--------
lib/tpm.c | 290 +++++++++++++++++++++++++++++-----------------------------
3 files changed, 220 insertions(+), 228 deletions(-)
diff --git a/cmd/tpm.c b/cmd/tpm.c
index d9b433582c..4109ace362 100644
--- a/cmd/tpm.c
+++ b/cmd/tpm.c
@@ -25,7 +25,7 @@ enum {
* @param data byte string to be printed
* @param count number of bytes to be printed
*/
-static void print_byte_string(uint8_t *data, size_t count)
+static void print_byte_string(u8 *data, size_t count)
{
int i, print_newline = 0;
@@ -52,7 +52,7 @@ static void print_byte_string(uint8_t *data, size_t count)
* @param count_ptr output variable for the length of byte string
* @return pointer to output buffer
*/
-static void *parse_byte_string(char *bytes, uint8_t *data, size_t *count_ptr)
+static void *parse_byte_string(char *bytes, u8 *data, size_t *count_ptr)
{
char byte[3];
size_t count, length;
@@ -72,7 +72,7 @@ static void *parse_byte_string(char *bytes, uint8_t *data, size_t *count_ptr)
for (i = 0; i < length; i += 2) {
byte[0] = bytes[i];
byte[1] = bytes[i + 1];
- data[i / 2] = (uint8_t)simple_strtoul(byte, NULL, 16);
+ data[i / 2] = (u8)simple_strtoul(byte, NULL, 16);
}
if (count_ptr)
@@ -146,7 +146,7 @@ static size_t type_string_get_space_size(const char *type_str)
* @param count pointer for storing size of buffer
* @return pointer to buffer or NULL on error
*/
-static void *type_string_alloc(const char *type_str, uint32_t *count)
+static void *type_string_alloc(const char *type_str, u32 *count)
{
void *data;
size_t size;
@@ -171,10 +171,10 @@ static void *type_string_alloc(const char *type_str, uint32_t *count)
* @return 0 on success, non-0 on error
*/
static int type_string_pack(const char *type_str, char * const values[],
- uint8_t *data)
+ u8 *data)
{
size_t offset;
- uint32_t value;
+ u32 value;
for (offset = 0; *type_str; type_str++, values++) {
value = simple_strtoul(values[0], NULL, 0);
@@ -208,11 +208,11 @@ static int type_string_pack(const char *type_str, char * const values[],
* @param vars names of environment variables
* @return 0 on success, non-0 on error
*/
-static int type_string_write_vars(const char *type_str, uint8_t *data,
- char * const vars[])
+static int type_string_write_vars(const char *type_str, u8 *data,
+ char * const vars[])
{
size_t offset;
- uint32_t value;
+ u32 value;
for (offset = 0; *type_str; type_str++, vars++) {
switch (*type_str) {
@@ -262,7 +262,7 @@ static int do_tpm_startup(cmd_tbl_t *cmdtp, int flag,
static int do_tpm_nv_define_space(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
- uint32_t index, perm, size;
+ u32 index, perm, size;
if (argc != 4)
return CMD_RET_USAGE;
@@ -276,7 +276,7 @@ static int do_tpm_nv_define_space(cmd_tbl_t *cmdtp, int flag,
static int do_tpm_nv_read_value(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
- uint32_t index, count, rc;
+ u32 index, count, rc;
void *data;
if (argc != 4)
@@ -297,7 +297,7 @@ static int do_tpm_nv_read_value(cmd_tbl_t *cmdtp, int flag,
static int do_tpm_nv_write_value(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
- uint32_t index, rc;
+ u32 index, rc;
size_t count;
void *data;
@@ -319,8 +319,8 @@ static int do_tpm_nv_write_value(cmd_tbl_t *cmdtp, int flag,
static int do_tpm_extend(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
- uint32_t index, rc;
- uint8_t in_digest[20], out_digest[20];
+ u32 index, rc;
+ u8 in_digest[20], out_digest[20];
if (argc != 3)
return CMD_RET_USAGE;
@@ -342,7 +342,7 @@ static int do_tpm_extend(cmd_tbl_t *cmdtp, int flag,
static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
- uint32_t index, count, rc;
+ u32 index, count, rc;
void *data;
if (argc != 4)
@@ -363,11 +363,11 @@ static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag,
static int do_tpm_tsc_physical_presence(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
- uint16_t presence;
+ u16 presence;
if (argc != 2)
return CMD_RET_USAGE;
- presence = (uint16_t)simple_strtoul(argv[1], NULL, 0);
+ presence = (u16)simple_strtoul(argv[1], NULL, 0);
return report_return_code(tpm_tsc_physical_presence(presence));
}
@@ -375,7 +375,7 @@ static int do_tpm_tsc_physical_presence(cmd_tbl_t *cmdtp, int flag,
static int do_tpm_read_pubek(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
- uint32_t count, rc;
+ u32 count, rc;
void *data;
if (argc != 3)
@@ -395,11 +395,11 @@ static int do_tpm_read_pubek(cmd_tbl_t *cmdtp, int flag,
static int do_tpm_physical_set_deactivated(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
- uint8_t state;
+ u8 state;
if (argc != 2)
return CMD_RET_USAGE;
- state = (uint8_t)simple_strtoul(argv[1], NULL, 0);
+ state = (u8)simple_strtoul(argv[1], NULL, 0);
return report_return_code(tpm_physical_set_deactivated(state));
}
@@ -407,7 +407,7 @@ static int do_tpm_physical_set_deactivated(cmd_tbl_t *cmdtp, int flag,
static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
- uint32_t cap_area, sub_cap, rc;
+ u32 cap_area, sub_cap, rc;
void *cap;
size_t count;
@@ -481,9 +481,9 @@ static int do_tpm_raw_transfer(cmd_tbl_t *cmdtp, int flag,
{
struct udevice *dev;
void *command;
- uint8_t response[1024];
+ u8 response[1024];
size_t count, response_length = sizeof(response);
- uint32_t rc;
+ u32 rc;
command = parse_byte_string(argv[1], NULL, &count);
if (!command) {
@@ -508,7 +508,7 @@ static int do_tpm_raw_transfer(cmd_tbl_t *cmdtp, int flag,
static int do_tpm_nv_define(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
- uint32_t index, perm, size;
+ u32 index, perm, size;
if (argc != 4)
return CMD_RET_USAGE;
@@ -526,7 +526,7 @@ static int do_tpm_nv_define(cmd_tbl_t *cmdtp, int flag,
static int do_tpm_nv_read(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
- uint32_t index, count, err;
+ u32 index, count, err;
void *data;
if (argc < 3)
@@ -555,7 +555,7 @@ static int do_tpm_nv_read(cmd_tbl_t *cmdtp, int flag,
static int do_tpm_nv_write(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
- uint32_t index, count, err;
+ u32 index, count, err;
void *data;
if (argc < 3)
@@ -585,7 +585,7 @@ static int do_tpm_nv_write(cmd_tbl_t *cmdtp, int flag,
static int do_tpm_oiap(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
- uint32_t auth_handle, err;
+ u32 auth_handle, err;
err = tpm_oiap(&auth_handle);
@@ -596,10 +596,10 @@ static int do_tpm_oiap(cmd_tbl_t *cmdtp, int flag,
static int do_tpm_load_key_by_sha1(cmd_tbl_t *cmdtp, int flag, int argc, char *
const argv[])
{
- uint32_t parent_handle = 0;
- uint32_t key_len, key_handle, err;
- uint8_t usage_auth[DIGEST_LENGTH];
- uint8_t parent_hash[DIGEST_LENGTH];
+ u32 parent_handle = 0;
+ u32 key_len, key_handle, err;
+ u8 usage_auth[DIGEST_LENGTH];
+ u8 parent_hash[DIGEST_LENGTH];
void *key;
if (argc < 5)
@@ -634,8 +634,8 @@ static int do_tpm_load_key_by_sha1(cmd_tbl_t *cmdtp, int flag, int argc, char *
static int do_tpm_load_key2_oiap(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
- uint32_t parent_handle, key_len, key_handle, err;
- uint8_t usage_auth[DIGEST_LENGTH];
+ u32 parent_handle, key_len, key_handle, err;
+ u8 usage_auth[DIGEST_LENGTH];
void *key;
if (argc < 5)
@@ -659,9 +659,9 @@ static int do_tpm_load_key2_oiap(cmd_tbl_t *cmdtp, int flag,
static int do_tpm_get_pub_key_oiap(cmd_tbl_t *cmdtp, int flag,
int argc, char * const argv[])
{
- uint32_t key_handle, err;
- uint8_t usage_auth[DIGEST_LENGTH];
- uint8_t pub_key_buffer[TPM_PUBKEY_MAX_LENGTH];
+ u32 key_handle, err;
+ u8 usage_auth[DIGEST_LENGTH];
+ u8 pub_key_buffer[TPM_PUBKEY_MAX_LENGTH];
size_t pub_key_len = sizeof(pub_key_buffer);
if (argc < 3)
@@ -721,9 +721,9 @@ static int do_tpm_flush(cmd_tbl_t *cmdtp, int flag, int argc,
}
if (!strcasecmp(argv[2], "all")) {
- uint16_t res_count;
- uint8_t buf[288];
- uint8_t *ptr;
+ u16 res_count;
+ u8 buf[288];
+ u8 *ptr;
int err;
uint i;
@@ -739,7 +739,7 @@ static int do_tpm_flush(cmd_tbl_t *cmdtp, int flag, int argc,
for (i = 0; i < res_count; ++i, ptr += 4)
tpm_flush_specific(get_unaligned_be32(ptr), type);
} else {
- uint32_t handle = simple_strtoul(argv[2], NULL, 0);
+ u32 handle = simple_strtoul(argv[2], NULL, 0);
if (!handle) {
printf("Illegal resource handle %s\n", argv[2]);
@@ -757,9 +757,9 @@ static int do_tpm_list(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
{
int type = 0;
- uint16_t res_count;
- uint8_t buf[288];
- uint8_t *ptr;
+ u16 res_count;
+ u8 buf[288];
+ u8 *ptr;
int err;
uint i;
diff --git a/include/tpm.h b/include/tpm.h
index 760d94865c..62117f6cc2 100644
--- a/include/tpm.h
+++ b/include/tpm.h
@@ -309,8 +309,7 @@ struct tpm_ops {
*
* Returns 0 on success or -ve on failure.
*/
- int (*send)(struct udevice *dev, const uint8_t *sendbuf,
- size_t send_size);
+ int (*send)(struct udevice *dev, const u8 *sendbuf, size_t send_size);
/**
* recv() - receive a response from the TPM
@@ -323,7 +322,7 @@ struct tpm_ops {
* response is not ready, -EINTR if cancelled, or other -ve value on
* failure.
*/
- int (*recv)(struct udevice *dev, uint8_t *recvbuf, size_t max_size);
+ int (*recv)(struct udevice *dev, u8 *recvbuf, size_t max_size);
/**
* cleanup() - clean up after an operation in progress
@@ -352,8 +351,8 @@ struct tpm_ops {
* Returns 0 on success (and places the number of response bytes at
* recv_size) or -ve on failure.
*/
- int (*xfer)(struct udevice *dev, const uint8_t *sendbuf,
- size_t send_size, uint8_t *recvbuf, size_t *recv_size);
+ int (*xfer)(struct udevice *dev, const u8 *sendbuf, size_t send_size,
+ u8 *recvbuf, size_t *recv_size);
};
#define tpm_get_ops(dev) ((struct tpm_ops *)device_get_ops(dev))
@@ -407,8 +406,8 @@ int tpm_get_desc(struct udevice *dev, char *buf, int size);
* Returns 0 on success (and places the number of response bytes at
* recv_len) or -ve on failure.
*/
-int tpm_xfer(struct udevice *dev, const uint8_t *sendbuf, size_t send_size,
- uint8_t *recvbuf, size_t *recv_size);
+int tpm_xfer(struct udevice *dev, const u8 *sendbuf, size_t send_size,
+ u8 *recvbuf, size_t *recv_size);
/**
* Initialize TPM device. It must be called before any TPM commands.
@@ -423,21 +422,21 @@ int tpm_init(void);
* @param mode TPM startup mode
* @return return code of the operation
*/
-uint32_t tpm_startup(enum tpm_startup_type mode);
+u32 tpm_startup(enum tpm_startup_type mode);
/**
* Issue a TPM_SelfTestFull command.
*
* @return return code of the operation
*/
-uint32_t tpm_self_test_full(void);
+u32 tpm_self_test_full(void);
/**
* Issue a TPM_ContinueSelfTest command.
*
* @return return code of the operation
*/
-uint32_t tpm_continue_self_test(void);
+u32 tpm_continue_self_test(void);
/**
* Issue a TPM_NV_DefineSpace command. The implementation is limited
@@ -449,7 +448,7 @@ uint32_t tpm_continue_self_test(void);
* @param size size of the area
* @return return code of the operation
*/
-uint32_t tpm_nv_define_space(uint32_t index, uint32_t perm, uint32_t size);
+u32 tpm_nv_define_space(u32 index, u32 perm, u32 size);
/**
* Issue a TPM_NV_ReadValue command. This implementation is limited
@@ -461,7 +460,7 @@ uint32_t tpm_nv_define_space(uint32_t index, uint32_t perm, uint32_t size);
* @param count size of output buffer
* @return return code of the operation
*/
-uint32_t tpm_nv_read_value(uint32_t index, void *data, uint32_t count);
+u32 tpm_nv_read_value(u32 index, void *data, u32 count);
/**
* Issue a TPM_NV_WriteValue command. This implementation is limited
@@ -473,7 +472,7 @@ uint32_t tpm_nv_read_value(uint32_t index, void *data, uint32_t count);
* @param length length of data bytes of input buffer
* @return return code of the operation
*/
-uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length);
+u32 tpm_nv_write_value(u32 index, const void *data, u32 length);
/**
* Issue a TPM_Extend command.
@@ -485,7 +484,7 @@ uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length);
* command
* @return return code of the operation
*/
-uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest);
+u32 tpm_extend(u32 index, const void *in_digest, void *out_digest);
/**
* Issue a TPM_PCRRead command.
@@ -495,7 +494,7 @@ uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest);
* @param count size of output buffer
* @return return code of the operation
*/
-uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count);
+u32 tpm_pcr_read(u32 index, void *data, size_t count);
/**
* Issue a TSC_PhysicalPresence command. TPM physical presence flag
@@ -504,7 +503,7 @@ uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count);
* @param presence TPM physical presence flag
* @return return code of the operation
*/
-uint32_t tpm_tsc_physical_presence(uint16_t presence);
+u32 tpm_tsc_physical_presence(u16 presence);
/**
* Issue a TPM_ReadPubek command.
@@ -513,28 +512,28 @@ uint32_t tpm_tsc_physical_presence(uint16_t presence);
* @param count size of ouput buffer
* @return return code of the operation
*/
-uint32_t tpm_read_pubek(void *data, size_t count);
+u32 tpm_read_pubek(void *data, size_t count);
/**
* Issue a TPM_ForceClear command.
*
* @return return code of the operation
*/
-uint32_t tpm_force_clear(void);
+u32 tpm_force_clear(void);
/**
* Issue a TPM_PhysicalEnable command.
*
* @return return code of the operation
*/
-uint32_t tpm_physical_enable(void);
+u32 tpm_physical_enable(void);
/**
* Issue a TPM_PhysicalDisable command.
*
* @return return code of the operation
*/
-uint32_t tpm_physical_disable(void);
+u32 tpm_physical_disable(void);
/**
* Issue a TPM_PhysicalSetDeactivated command.
@@ -542,7 +541,7 @@ uint32_t tpm_physical_disable(void);
* @param state boolean state of the deactivated flag
* @return return code of the operation
*/
-uint32_t tpm_physical_set_deactivated(uint8_t state);
+u32 tpm_physical_set_deactivated(u8 state);
/**
* Issue a TPM_GetCapability command. This implementation is limited
@@ -555,8 +554,7 @@ uint32_t tpm_physical_set_deactivated(uint8_t state);
* @param count size of ouput buffer
* @return return code of the operation
*/
-uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap,
- void *cap, size_t count);
+u32 tpm_get_capability(u32 cap_area, u32 sub_cap, void *cap, size_t count);
/**
* Issue a TPM_FlushSpecific command for a AUTH ressource.
@@ -564,7 +562,7 @@ uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap,
* @param auth_handle handle of the auth session
* @return return code of the operation
*/
-uint32_t tpm_terminate_auth_session(uint32_t auth_handle);
+u32 tpm_terminate_auth_session(u32 auth_handle);
/**
* Issue a TPM_OIAP command to setup an object independant authorization
@@ -576,14 +574,14 @@ uint32_t tpm_terminate_auth_session(uint32_t auth_handle);
* @param auth_handle pointer to the (new) auth handle or NULL.
* @return return code of the operation
*/
-uint32_t tpm_oiap(uint32_t *auth_handle);
+u32 tpm_oiap(u32 *auth_handle);
/**
* Ends an active OIAP session.
*
* @return return code of the operation
*/
-uint32_t tpm_end_oiap(void);
+u32 tpm_end_oiap(void);
/**
* Issue a TPM_LoadKey2 (Auth1) command using an OIAP session for authenticating
@@ -596,10 +594,8 @@ uint32_t tpm_end_oiap(void);
* @param key_handle pointer to the key handle
* @return return code of the operation
*/
-uint32_t tpm_load_key2_oiap(uint32_t parent_handle,
- const void *key, size_t key_length,
- const void *parent_key_usage_auth,
- uint32_t *key_handle);
+u32 tpm_load_key2_oiap(u32 parent_handle, const void *key, size_t key_length,
+ const void *parent_key_usage_auth, u32 *key_handle);
/**
* Issue a TPM_GetPubKey (Auth1) command using an OIAP session for
@@ -614,8 +610,8 @@ uint32_t tpm_load_key2_oiap(uint32_t parent_handle,
* of the stored TPM_PUBKEY structure (iff pubkey != NULL).
* @return return code of the operation
*/
-uint32_t tpm_get_pub_key_oiap(uint32_t key_handle, const void *usage_auth,
- void *pubkey, size_t *pubkey_len);
+u32 tpm_get_pub_key_oiap(u32 key_handle, const void *usage_auth, void *pubkey,
+ size_t *pubkey_len);
/**
* Get the TPM permanent flags value
@@ -623,7 +619,7 @@ uint32_t tpm_get_pub_key_oiap(uint32_t key_handle, const void *usage_auth,
* @param pflags Place to put permanent flags
* @return return code of the operation
*/
-uint32_t tpm_get_permanent_flags(struct tpm_permanent_flags *pflags);
+u32 tpm_get_permanent_flags(struct tpm_permanent_flags *pflags);
/**
* Get the TPM permissions
@@ -631,7 +627,7 @@ uint32_t tpm_get_permanent_flags(struct tpm_permanent_flags *pflags);
* @param perm Returns permissions value
* @return return code of the operation
*/
-uint32_t tpm_get_permissions(uint32_t index, uint32_t *perm);
+u32 tpm_get_permissions(u32 index, u32 *perm);
/**
* Flush a resource with a given handle and type from the TPM
@@ -640,7 +636,7 @@ uint32_t tpm_get_permissions(uint32_t index, uint32_t *perm);
* @param resource_type type of the resource
* @return return code of the operation
*/
-uint32_t tpm_flush_specific(uint32_t key_handle, uint32_t resource_type);
+u32 tpm_flush_specific(u32 key_handle, u32 resource_type);
#ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1
/**
@@ -651,8 +647,8 @@ uint32_t tpm_flush_specific(uint32_t key_handle, uint32_t resource_type);
* @param[out] handle The handle of the key (Non-null iff found)
* @return 0 if key was found in TPM; != 0 if not.
*/
-uint32_t tpm_find_key_sha1(const uint8_t auth[20], const uint8_t
- pubkey_digest[20], uint32_t *handle);
+u32 tpm_find_key_sha1(const u8 auth[20], const u8 pubkey_digest[20],
+ u32 *handle);
#endif /* CONFIG_TPM_LOAD_KEY_BY_SHA1 */
/**
@@ -664,6 +660,6 @@ uint32_t tpm_find_key_sha1(const uint8_t auth[20], const uint8_t
* @param count size of output buffer
* @return return code of the operation
*/
-uint32_t tpm_get_random(void *data, uint32_t count);
+u32 tpm_get_random(void *data, u32 count);
#endif /* __TPM_H */
diff --git a/lib/tpm.c b/lib/tpm.c
index 58b0a76b97..1c4ce2e71d 100644
--- a/lib/tpm.c
+++ b/lib/tpm.c
@@ -12,7 +12,7 @@
#include <u-boot/sha1.h>
/* Internal error of TPM command library */
-#define TPM_LIB_ERROR ((uint32_t)~0u)
+#define TPM_LIB_ERROR ((u32)~0u)
/* Useful constants */
enum {
@@ -36,9 +36,9 @@ enum {
struct session_data {
int valid;
- uint32_t handle;
- uint8_t nonce_even[DIGEST_LENGTH];
- uint8_t nonce_odd[DIGEST_LENGTH];
+ u32 handle;
+ u8 nonce_even[DIGEST_LENGTH];
+ u8 nonce_odd[DIGEST_LENGTH];
};
static struct session_data oiap_session = {0, };
@@ -60,12 +60,12 @@ static struct session_data oiap_session = {0, };
* @param ... data points
* @return 0 on success, non-0 on error
*/
-int pack_byte_string(uint8_t *str, size_t size, const char *format, ...)
+int pack_byte_string(u8 *str, size_t size, const char *format, ...)
{
va_list args;
size_t offset = 0, length = 0;
- uint8_t *data = NULL;
- uint32_t value = 0;
+ u8 *data = NULL;
+ u32 value = 0;
va_start(args, format);
for (; *format; format++) {
@@ -82,13 +82,13 @@ int pack_byte_string(uint8_t *str, size_t size, const char *format, ...)
break;
case 'd':
offset = va_arg(args, size_t);
- value = va_arg(args, uint32_t);
+ value = va_arg(args, u32);
length = 4;
break;
case 's':
offset = va_arg(args, size_t);
- data = va_arg(args, uint8_t *);
- length = va_arg(args, uint32_t);
+ data = va_arg(args, u8 *);
+ length = va_arg(args, u32);
break;
default:
debug("Couldn't recognize format string\n");
@@ -134,36 +134,36 @@ int pack_byte_string(uint8_t *str, size_t size, const char *format, ...)
* @param ... data points
* @return 0 on success, non-0 on error
*/
-int unpack_byte_string(const uint8_t *str, size_t size, const char *format, ...)
+int unpack_byte_string(const u8 *str, size_t size, const char *format, ...)
{
va_list args;
size_t offset = 0, length = 0;
- uint8_t *ptr8 = NULL;
- uint16_t *ptr16 = NULL;
- uint32_t *ptr32 = NULL;
+ u8 *ptr8 = NULL;
+ u16 *ptr16 = NULL;
+ u32 *ptr32 = NULL;
va_start(args, format);
for (; *format; format++) {
switch (*format) {
case 'b':
offset = va_arg(args, size_t);
- ptr8 = va_arg(args, uint8_t *);
+ ptr8 = va_arg(args, u8 *);
length = 1;
break;
case 'w':
offset = va_arg(args, size_t);
- ptr16 = va_arg(args, uint16_t *);
+ ptr16 = va_arg(args, u16 *);
length = 2;
break;
case 'd':
offset = va_arg(args, size_t);
- ptr32 = va_arg(args, uint32_t *);
+ ptr32 = va_arg(args, u32 *);
length = 4;
break;
case 's':
offset = va_arg(args, size_t);
- ptr8 = va_arg(args, uint8_t *);
- length = va_arg(args, uint32_t);
+ ptr8 = va_arg(args, u8 *);
+ length = va_arg(args, u32);
break;
default:
va_end(args);
@@ -202,7 +202,7 @@ int unpack_byte_string(const uint8_t *str, size_t size, const char *format, ...)
* @param command byte string of TPM command
* @return command size of the TPM command
*/
-static uint32_t tpm_command_size(const void *command)
+static u32 tpm_command_size(const void *command)
{
const size_t command_size_offset = 2;
return get_unaligned_be32(command + command_size_offset);
@@ -214,7 +214,7 @@ static uint32_t tpm_command_size(const void *command)
* @param response byte string of TPM response
* @return return code of the TPM response
*/
-static uint32_t tpm_return_code(const void *response)
+static u32 tpm_return_code(const void *response)
{
const size_t return_code_offset = 6;
return get_unaligned_be32(response + return_code_offset);
@@ -232,12 +232,12 @@ static uint32_t tpm_return_code(const void *response)
* is a bidirectional
* @return return code of the TPM response
*/
-static uint32_t tpm_sendrecv_command(const void *command,
- void *response, size_t *size_ptr)
+static u32 tpm_sendrecv_command(const void *command, void *response,
+ size_t *size_ptr)
{
struct udevice *dev;
int err, ret;
- uint8_t response_buffer[COMMAND_BUFFER_SIZE];
+ u8 response_buffer[COMMAND_BUFFER_SIZE];
size_t response_length;
if (response) {
@@ -272,13 +272,13 @@ int tpm_init(void)
return tpm_open(dev);
}
-uint32_t tpm_startup(enum tpm_startup_type mode)
+u32 tpm_startup(enum tpm_startup_type mode)
{
- const uint8_t command[12] = {
+ const u8 command[12] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x0,
};
const size_t mode_offset = 10;
- uint8_t buf[COMMAND_BUFFER_SIZE];
+ u8 buf[COMMAND_BUFFER_SIZE];
if (pack_byte_string(buf, sizeof(buf), "sw",
0, command, sizeof(command),
@@ -288,25 +288,25 @@ uint32_t tpm_startup(enum tpm_startup_type mode)
return tpm_sendrecv_command(buf, NULL, NULL);
}
-uint32_t tpm_self_test_full(void)
+u32 tpm_self_test_full(void)
{
- const uint8_t command[10] = {
+ const u8 command[10] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x50,
};
return tpm_sendrecv_command(command, NULL, NULL);
}
-uint32_t tpm_continue_self_test(void)
+u32 tpm_continue_self_test(void)
{
- const uint8_t command[10] = {
+ const u8 command[10] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x53,
};
return tpm_sendrecv_command(command, NULL, NULL);
}
-uint32_t tpm_nv_define_space(uint32_t index, uint32_t perm, uint32_t size)
+u32 tpm_nv_define_space(u32 index, u32 perm, u32 size)
{
- const uint8_t command[101] = {
+ const u8 command[101] = {
0x0, 0xc1, /* TPM_TAG */
0x0, 0x0, 0x0, 0x65, /* parameter size */
0x0, 0x0, 0x0, 0xcc, /* TPM_COMMAND_CODE */
@@ -335,7 +335,7 @@ uint32_t tpm_nv_define_space(uint32_t index, uint32_t perm, uint32_t size)
const size_t index_offset = 12;
const size_t perm_offset = 70;
const size_t size_offset = 77;
- uint8_t buf[COMMAND_BUFFER_SIZE];
+ u8 buf[COMMAND_BUFFER_SIZE];
if (pack_byte_string(buf, sizeof(buf), "sddd",
0, command, sizeof(command),
@@ -347,19 +347,19 @@ uint32_t tpm_nv_define_space(uint32_t index, uint32_t perm, uint32_t size)
return tpm_sendrecv_command(buf, NULL, NULL);
}
-uint32_t tpm_nv_read_value(uint32_t index, void *data, uint32_t count)
+u32 tpm_nv_read_value(u32 index, void *data, u32 count)
{
- const uint8_t command[22] = {
+ const u8 command[22] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0xcf,
};
const size_t index_offset = 10;
const size_t length_offset = 18;
const size_t data_size_offset = 10;
const size_t data_offset = 14;
- uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
+ u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
size_t response_length = sizeof(response);
- uint32_t data_size;
- uint32_t err;
+ u32 data_size;
+ u32 err;
if (pack_byte_string(buf, sizeof(buf), "sdd",
0, command, sizeof(command),
@@ -381,9 +381,9 @@ uint32_t tpm_nv_read_value(uint32_t index, void *data, uint32_t count)
return 0;
}
-uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length)
+u32 tpm_nv_write_value(u32 index, const void *data, u32 length)
{
- const uint8_t command[256] = {
+ const u8 command[256] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd,
};
const size_t command_size_offset = 2;
@@ -391,11 +391,11 @@ uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length)
const size_t length_offset = 18;
const size_t data_offset = 22;
const size_t write_info_size = 12;
- const uint32_t total_length =
+ const u32 total_length =
TPM_REQUEST_HEADER_LENGTH + write_info_size + length;
- uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
+ u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
size_t response_length = sizeof(response);
- uint32_t err;
+ u32 err;
if (pack_byte_string(buf, sizeof(buf), "sddds",
0, command, sizeof(command),
@@ -411,18 +411,18 @@ uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length)
return 0;
}
-uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest)
+u32 tpm_extend(u32 index, const void *in_digest, void *out_digest)
{
- const uint8_t command[34] = {
+ const u8 command[34] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x14,
};
const size_t index_offset = 10;
const size_t in_digest_offset = 14;
const size_t out_digest_offset = 10;
- uint8_t buf[COMMAND_BUFFER_SIZE];
- uint8_t response[TPM_RESPONSE_HEADER_LENGTH + PCR_DIGEST_LENGTH];
+ u8 buf[COMMAND_BUFFER_SIZE];
+ u8 response[TPM_RESPONSE_HEADER_LENGTH + PCR_DIGEST_LENGTH];
size_t response_length = sizeof(response);
- uint32_t err;
+ u32 err;
if (pack_byte_string(buf, sizeof(buf), "sds",
0, command, sizeof(command),
@@ -442,16 +442,16 @@ uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest)
return 0;
}
-uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count)
+u32 tpm_pcr_read(u32 index, void *data, size_t count)
{
- const uint8_t command[14] = {
+ const u8 command[14] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x15,
};
const size_t index_offset = 10;
const size_t out_digest_offset = 10;
- uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
+ u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
size_t response_length = sizeof(response);
- uint32_t err;
+ u32 err;
if (count < PCR_DIGEST_LENGTH)
return TPM_LIB_ERROR;
@@ -470,13 +470,13 @@ uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count)
return 0;
}
-uint32_t tpm_tsc_physical_presence(uint16_t presence)
+u32 tpm_tsc_physical_presence(u16 presence)
{
- const uint8_t command[12] = {
+ const u8 command[12] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x40, 0x0, 0x0, 0xa, 0x0, 0x0,
};
const size_t presence_offset = 10;
- uint8_t buf[COMMAND_BUFFER_SIZE];
+ u8 buf[COMMAND_BUFFER_SIZE];
if (pack_byte_string(buf, sizeof(buf), "sw",
0, command, sizeof(command),
@@ -486,18 +486,18 @@ uint32_t tpm_tsc_physical_presence(uint16_t presence)
return tpm_sendrecv_command(buf, NULL, NULL);
}
-uint32_t tpm_read_pubek(void *data, size_t count)
+u32 tpm_read_pubek(void *data, size_t count)
{
- const uint8_t command[30] = {
+ const u8 command[30] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x7c,
};
const size_t response_size_offset = 2;
const size_t data_offset = 10;
const size_t header_and_checksum_size = TPM_RESPONSE_HEADER_LENGTH + 20;
- uint8_t response[COMMAND_BUFFER_SIZE + TPM_PUBEK_SIZE];
+ u8 response[COMMAND_BUFFER_SIZE + TPM_PUBEK_SIZE];
size_t response_length = sizeof(response);
- uint32_t data_size;
- uint32_t err;
+ u32 data_size;
+ u32 err;
err = tpm_sendrecv_command(command, response, &response_length);
if (err)
@@ -517,40 +517,40 @@ uint32_t tpm_read_pubek(void *data, size_t count)
return 0;
}
-uint32_t tpm_force_clear(void)
+u32 tpm_force_clear(void)
{
- const uint8_t command[10] = {
+ const u8 command[10] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5d,
};
return tpm_sendrecv_command(command, NULL, NULL);
}
-uint32_t tpm_physical_enable(void)
+u32 tpm_physical_enable(void)
{
- const uint8_t command[10] = {
+ const u8 command[10] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6f,
};
return tpm_sendrecv_command(command, NULL, NULL);
}
-uint32_t tpm_physical_disable(void)
+u32 tpm_physical_disable(void)
{
- const uint8_t command[10] = {
+ const u8 command[10] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x70,
};
return tpm_sendrecv_command(command, NULL, NULL);
}
-uint32_t tpm_physical_set_deactivated(uint8_t state)
+u32 tpm_physical_set_deactivated(u8 state)
{
- const uint8_t command[11] = {
+ const u8 command[11] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x72,
};
const size_t state_offset = 10;
- uint8_t buf[COMMAND_BUFFER_SIZE];
+ u8 buf[COMMAND_BUFFER_SIZE];
if (pack_byte_string(buf, sizeof(buf), "sb",
0, command, sizeof(command),
@@ -560,10 +560,9 @@ uint32_t tpm_physical_set_deactivated(uint8_t state)
return tpm_sendrecv_command(buf, NULL, NULL);
}
-uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap,
- void *cap, size_t count)
+u32 tpm_get_capability(u32 cap_area, u32 sub_cap, void *cap, size_t count)
{
- const uint8_t command[22] = {
+ const u8 command[22] = {
0x0, 0xc1, /* TPM_TAG */
0x0, 0x0, 0x0, 0x16, /* parameter size */
0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */
@@ -575,10 +574,10 @@ uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap,
const size_t sub_cap_offset = 18;
const size_t cap_offset = 14;
const size_t cap_size_offset = 10;
- uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
+ u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
size_t response_length = sizeof(response);
- uint32_t cap_size;
- uint32_t err;
+ u32 cap_size;
+ u32 err;
if (pack_byte_string(buf, sizeof(buf), "sdd",
0, command, sizeof(command),
@@ -600,9 +599,9 @@ uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap,
return 0;
}
-uint32_t tpm_get_permanent_flags(struct tpm_permanent_flags *pflags)
+u32 tpm_get_permanent_flags(struct tpm_permanent_flags *pflags)
{
- const uint8_t command[22] = {
+ const u8 command[22] = {
0x0, 0xc1, /* TPM_TAG */
0x0, 0x0, 0x0, 0x16, /* parameter size */
0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */
@@ -611,11 +610,11 @@ uint32_t tpm_get_permanent_flags(struct tpm_permanent_flags *pflags)
0x0, 0x0, 0x1, 0x8, /* subcap value */
};
const size_t data_size_offset = TPM_HEADER_SIZE;
- const size_t data_offset = TPM_HEADER_SIZE + sizeof(uint32_t);
- uint8_t response[COMMAND_BUFFER_SIZE];
+ const size_t data_offset = TPM_HEADER_SIZE + sizeof(u32);
+ u8 response[COMMAND_BUFFER_SIZE];
size_t response_length = sizeof(response);
- uint32_t err;
- uint32_t data_size;
+ u32 err;
+ u32 data_size;
err = tpm_sendrecv_command(command, response, &response_length);
if (err)
@@ -632,9 +631,9 @@ uint32_t tpm_get_permanent_flags(struct tpm_permanent_flags *pflags)
return 0;
}
-uint32_t tpm_get_permissions(uint32_t index, uint32_t *perm)
+u32 tpm_get_permissions(u32 index, u32 *perm)
{
- const uint8_t command[22] = {
+ const u8 command[22] = {
0x0, 0xc1, /* TPM_TAG */
0x0, 0x0, 0x0, 0x16, /* parameter size */
0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */
@@ -643,9 +642,9 @@ uint32_t tpm_get_permissions(uint32_t index, uint32_t *perm)
};
const size_t index_offset = 18;
const size_t perm_offset = 60;
- uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
+ u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
size_t response_length = sizeof(response);
- uint32_t err;
+ u32 err;
if (pack_byte_string(buf, sizeof(buf), "d", 0, command, sizeof(command),
index_offset, index))
@@ -661,9 +660,9 @@ uint32_t tpm_get_permissions(uint32_t index, uint32_t *perm)
}
#ifdef CONFIG_TPM_FLUSH_RESOURCES
-uint32_t tpm_flush_specific(uint32_t key_handle, uint32_t resource_type)
+u32 tpm_flush_specific(u32 key_handle, u32 resource_type)
{
- const uint8_t command[18] = {
+ const u8 command[18] = {
0x00, 0xc1, /* TPM_TAG */
0x00, 0x00, 0x00, 0x12, /* parameter size */
0x00, 0x00, 0x00, 0xba, /* TPM_COMMAND_CODE */
@@ -672,9 +671,9 @@ uint32_t tpm_flush_specific(uint32_t key_handle, uint32_t resource_type)
};
const size_t key_handle_offset = 10;
const size_t resource_type_offset = 14;
- uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
+ u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
size_t response_length = sizeof(response);
- uint32_t err;
+ u32 err;
if (pack_byte_string(buf, sizeof(buf), "sdd",
0, command, sizeof(command),
@@ -703,12 +702,12 @@ uint32_t tpm_flush_specific(uint32_t key_handle, uint32_t resource_type)
* @param request_auth pointer to the auth block of the request to be filled
* @param auth authentication data (HMAC key)
*/
-static uint32_t create_request_auth(const void *request, size_t request_len0,
- size_t handles_len,
- struct session_data *auth_session,
- void *request_auth, const void *auth)
+static u32 create_request_auth(const void *request, size_t request_len0,
+ size_t handles_len,
+ struct session_data *auth_session,
+ void *request_auth, const void *auth)
{
- uint8_t hmac_data[DIGEST_LENGTH * 3 + 1];
+ u8 hmac_data[DIGEST_LENGTH * 3 + 1];
sha1_context hash_ctx;
const size_t command_code_offset = 6;
const size_t auth_nonce_odd_offset = 4;
@@ -766,19 +765,18 @@ static uint32_t create_request_auth(const void *request, size_t request_len0,
* @param response_auth pointer to the auth block of the response to be verified
* @param auth authentication data (HMAC key)
*/
-static uint32_t verify_response_auth(uint32_t command_code,
- const void *response, size_t response_len0,
- size_t handles_len,
- struct session_data *auth_session,
- const void *response_auth, const void *auth)
+static u32 verify_response_auth(u32 command_code, const void *response,
+ size_t response_len0, size_t handles_len,
+ struct session_data *auth_session,
+ const void *response_auth, const void *auth)
{
- uint8_t hmac_data[DIGEST_LENGTH * 3 + 1];
- uint8_t computed_auth[DIGEST_LENGTH];
+ u8 hmac_data[DIGEST_LENGTH * 3 + 1];
+ u8 computed_auth[DIGEST_LENGTH];
sha1_context hash_ctx;
const size_t return_code_offset = 6;
const size_t auth_continue_offset = 20;
const size_t auth_auth_offset = 21;
- uint8_t auth_continue;
+ u8 auth_continue;
if (!auth_session || !auth_session->valid)
return TPM_AUTHFAIL;
@@ -799,7 +797,7 @@ static uint32_t verify_response_auth(uint32_t command_code,
sha1_finish(&hash_ctx, hmac_data);
memcpy(auth_session->nonce_even, response_auth, DIGEST_LENGTH);
- auth_continue = ((uint8_t *)response_auth)[auth_continue_offset];
+ auth_continue = ((u8 *)response_auth)[auth_continue_offset];
if (pack_byte_string(hmac_data, sizeof(hmac_data), "ssb",
DIGEST_LENGTH,
response_auth,
@@ -821,9 +819,9 @@ static uint32_t verify_response_auth(uint32_t command_code,
return TPM_SUCCESS;
}
-uint32_t tpm_terminate_auth_session(uint32_t auth_handle)
+u32 tpm_terminate_auth_session(u32 auth_handle)
{
- const uint8_t command[18] = {
+ const u8 command[18] = {
0x00, 0xc1, /* TPM_TAG */
0x00, 0x00, 0x00, 0x00, /* parameter size */
0x00, 0x00, 0x00, 0xba, /* TPM_COMMAND_CODE */
@@ -831,7 +829,7 @@ uint32_t tpm_terminate_auth_session(uint32_t auth_handle)
0x00, 0x00, 0x00, 0x02, /* TPM_RESSOURCE_TYPE */
};
const size_t req_handle_offset = TPM_REQUEST_HEADER_LENGTH;
- uint8_t request[COMMAND_BUFFER_SIZE];
+ u8 request[COMMAND_BUFFER_SIZE];
if (pack_byte_string(request, sizeof(request), "sd",
0, command, sizeof(command),
@@ -843,26 +841,26 @@ uint32_t tpm_terminate_auth_session(uint32_t auth_handle)
return tpm_sendrecv_command(request, NULL, NULL);
}
-uint32_t tpm_end_oiap(void)
+u32 tpm_end_oiap(void)
{
- uint32_t err = TPM_SUCCESS;
+ u32 err = TPM_SUCCESS;
if (oiap_session.valid)
err = tpm_terminate_auth_session(oiap_session.handle);
return err;
}
-uint32_t tpm_oiap(uint32_t *auth_handle)
+u32 tpm_oiap(u32 *auth_handle)
{
- const uint8_t command[10] = {
+ const u8 command[10] = {
0x00, 0xc1, /* TPM_TAG */
0x00, 0x00, 0x00, 0x0a, /* parameter size */
0x00, 0x00, 0x00, 0x0a, /* TPM_COMMAND_CODE */
};
const size_t res_auth_handle_offset = TPM_RESPONSE_HEADER_LENGTH;
const size_t res_nonce_even_offset = TPM_RESPONSE_HEADER_LENGTH + 4;
- uint8_t response[COMMAND_BUFFER_SIZE];
+ u8 response[COMMAND_BUFFER_SIZE];
size_t response_length = sizeof(response);
- uint32_t err;
+ u32 err;
if (oiap_session.valid)
tpm_terminate_auth_session(oiap_session.handle);
@@ -873,7 +871,7 @@ uint32_t tpm_oiap(uint32_t *auth_handle)
if (unpack_byte_string(response, response_length, "ds",
res_auth_handle_offset, &oiap_session.handle,
res_nonce_even_offset, &oiap_session.nonce_even,
- (uint32_t)DIGEST_LENGTH))
+ (u32)DIGEST_LENGTH))
return TPM_LIB_ERROR;
oiap_session.valid = 1;
if (auth_handle)
@@ -881,12 +879,10 @@ uint32_t tpm_oiap(uint32_t *auth_handle)
return 0;
}
-uint32_t tpm_load_key2_oiap(uint32_t parent_handle,
- const void *key, size_t key_length,
- const void *parent_key_usage_auth,
- uint32_t *key_handle)
+u32 tpm_load_key2_oiap(u32 parent_handle, const void *key, size_t key_length,
+ const void *parent_key_usage_auth, u32 *key_handle)
{
- const uint8_t command[14] = {
+ const u8 command[14] = {
0x00, 0xc2, /* TPM_TAG */
0x00, 0x00, 0x00, 0x00, /* parameter size */
0x00, 0x00, 0x00, 0x41, /* TPM_COMMAND_CODE */
@@ -896,11 +892,11 @@ uint32_t tpm_load_key2_oiap(uint32_t parent_handle,
const size_t req_parent_handle_offset = TPM_REQUEST_HEADER_LENGTH;
const size_t req_key_offset = TPM_REQUEST_HEADER_LENGTH + 4;
const size_t res_handle_offset = TPM_RESPONSE_HEADER_LENGTH;
- uint8_t request[sizeof(command) + TPM_KEY12_MAX_LENGTH
- + TPM_REQUEST_AUTH_LENGTH];
- uint8_t response[COMMAND_BUFFER_SIZE];
+ u8 request[sizeof(command) + TPM_KEY12_MAX_LENGTH +
+ TPM_REQUEST_AUTH_LENGTH];
+ u8 response[COMMAND_BUFFER_SIZE];
size_t response_length = sizeof(response);
- uint32_t err;
+ u32 err;
if (!oiap_session.valid) {
err = tpm_oiap(NULL);
@@ -947,10 +943,10 @@ uint32_t tpm_load_key2_oiap(uint32_t parent_handle,
return 0;
}
-uint32_t tpm_get_pub_key_oiap(uint32_t key_handle, const void *usage_auth,
- void *pubkey, size_t *pubkey_len)
+u32 tpm_get_pub_key_oiap(u32 key_handle, const void *usage_auth, void *pubkey,
+ size_t *pubkey_len)
{
- const uint8_t command[14] = {
+ const u8 command[14] = {
0x00, 0xc2, /* TPM_TAG */
0x00, 0x00, 0x00, 0x00, /* parameter size */
0x00, 0x00, 0x00, 0x21, /* TPM_COMMAND_CODE */
@@ -959,11 +955,11 @@ uint32_t tpm_get_pub_key_oiap(uint32_t key_handle, const void *usage_auth,
const size_t req_size_offset = 2;
const size_t req_key_handle_offset = TPM_REQUEST_HEADER_LENGTH;
const size_t res_pubkey_offset = TPM_RESPONSE_HEADER_LENGTH;
- uint8_t request[sizeof(command) + TPM_REQUEST_AUTH_LENGTH];
- uint8_t response[TPM_RESPONSE_HEADER_LENGTH + TPM_PUBKEY_MAX_LENGTH
- + TPM_RESPONSE_AUTH_LENGTH];
+ u8 request[sizeof(command) + TPM_REQUEST_AUTH_LENGTH];
+ u8 response[TPM_RESPONSE_HEADER_LENGTH + TPM_PUBKEY_MAX_LENGTH +
+ TPM_RESPONSE_AUTH_LENGTH];
size_t response_length = sizeof(response);
- uint32_t err;
+ u32 err;
if (!oiap_session.valid) {
err = tpm_oiap(NULL);
@@ -973,7 +969,7 @@ uint32_t tpm_get_pub_key_oiap(uint32_t key_handle, const void *usage_auth,
if (pack_byte_string(request, sizeof(request), "sdd",
0, command, sizeof(command),
req_size_offset,
- (uint32_t)(sizeof(command)
+ (u32)(sizeof(command)
+ TPM_REQUEST_AUTH_LENGTH),
req_key_handle_offset, key_handle
))
@@ -1011,15 +1007,15 @@ uint32_t tpm_get_pub_key_oiap(uint32_t key_handle, const void *usage_auth,
}
#ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1
-uint32_t tpm_find_key_sha1(const uint8_t auth[20], const uint8_t
- pubkey_digest[20], uint32_t *handle)
+u32 tpm_find_key_sha1(const u8 auth[20], const u8 pubkey_digest[20],
+ u32 *handle)
{
- uint16_t key_count;
- uint32_t key_handles[10];
- uint8_t buf[288];
- uint8_t *ptr;
- uint32_t err;
- uint8_t digest[20];
+ u16 key_count;
+ u32 key_handles[10];
+ u8 buf[288];
+ u8 *ptr;
+ u32 err;
+ u8 digest[20];
size_t buf_len;
unsigned int i;
@@ -1052,9 +1048,9 @@ uint32_t tpm_find_key_sha1(const uint8_t auth[20], const uint8_t
#endif /* CONFIG_TPM_AUTH_SESSIONS */
-uint32_t tpm_get_random(void *data, uint32_t count)
+u32 tpm_get_random(void *data, u32 count)
{
- const uint8_t command[14] = {
+ const u8 command[14] = {
0x0, 0xc1, /* TPM_TAG */
0x0, 0x0, 0x0, 0xe, /* parameter size */
0x0, 0x0, 0x0, 0x46, /* TPM_COMMAND_CODE */
@@ -1062,15 +1058,15 @@ uint32_t tpm_get_random(void *data, uint32_t count)
const size_t length_offset = 10;
const size_t data_size_offset = 10;
const size_t data_offset = 14;
- uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
+ u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
size_t response_length = sizeof(response);
- uint32_t data_size;
- uint8_t *out = data;
+ u32 data_size;
+ u8 *out = data;
while (count > 0) {
- uint32_t this_bytes = min((size_t)count,
- sizeof(response) - data_offset);
- uint32_t err;
+ u32 this_bytes = min((size_t)count,
+ sizeof(response) - data_offset);
+ u32 err;
if (pack_byte_string(buf, sizeof(buf), "sd",
0, command, sizeof(command),
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 04/32] tpm: align arguments with open parenthesis
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (2 preceding siblings ...)
2018-05-15 9:56 ` [U-Boot] [PATCH v4 03/32] tpm: substitute deprecated uint<x>_t types with their u<x> equivalent Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 15:58 ` Tom Rini
` (2 more replies)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 05/32] tpm: use the BIT() macro where applicable Miquel Raynal
` (28 subsequent siblings)
32 siblings, 3 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Fix following checkpatch.pl issue in TPM-related code:
CHECK: Alignment should match open parenthesis
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
---
cmd/tpm.c | 120 ++++++++++++++++++++++++++++++--------------------------------
lib/tpm.c | 100 ++++++++++++++++++++++++++-------------------------
2 files changed, 110 insertions(+), 110 deletions(-)
diff --git a/cmd/tpm.c b/cmd/tpm.c
index 4109ace362..a7ea1c9012 100644
--- a/cmd/tpm.c
+++ b/cmd/tpm.c
@@ -238,8 +238,8 @@ static int type_string_write_vars(const char *type_str, u8 *data,
return 0;
}
-static int do_tpm_startup(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_startup(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
enum tpm_startup_type mode;
@@ -259,8 +259,8 @@ static int do_tpm_startup(cmd_tbl_t *cmdtp, int flag,
return report_return_code(tpm_startup(mode));
}
-static int do_tpm_nv_define_space(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_nv_define_space(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
u32 index, perm, size;
@@ -273,8 +273,8 @@ static int do_tpm_nv_define_space(cmd_tbl_t *cmdtp, int flag,
return report_return_code(tpm_nv_define_space(index, perm, size));
}
-static int do_tpm_nv_read_value(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_nv_read_value(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
u32 index, count, rc;
void *data;
@@ -294,8 +294,8 @@ static int do_tpm_nv_read_value(cmd_tbl_t *cmdtp, int flag,
return report_return_code(rc);
}
-static int do_tpm_nv_write_value(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_nv_write_value(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
u32 index, rc;
size_t count;
@@ -316,8 +316,8 @@ static int do_tpm_nv_write_value(cmd_tbl_t *cmdtp, int flag,
return report_return_code(rc);
}
-static int do_tpm_extend(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_extend(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
u32 index, rc;
u8 in_digest[20], out_digest[20];
@@ -339,8 +339,8 @@ static int do_tpm_extend(cmd_tbl_t *cmdtp, int flag,
return report_return_code(rc);
}
-static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
u32 index, count, rc;
void *data;
@@ -360,8 +360,8 @@ static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag,
return report_return_code(rc);
}
-static int do_tpm_tsc_physical_presence(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_tsc_physical_presence(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
u16 presence;
@@ -372,8 +372,8 @@ static int do_tpm_tsc_physical_presence(cmd_tbl_t *cmdtp, int flag,
return report_return_code(tpm_tsc_physical_presence(presence));
}
-static int do_tpm_read_pubek(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_read_pubek(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
u32 count, rc;
void *data;
@@ -392,8 +392,8 @@ static int do_tpm_read_pubek(cmd_tbl_t *cmdtp, int flag,
return report_return_code(rc);
}
-static int do_tpm_physical_set_deactivated(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_physical_set_deactivated(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
u8 state;
@@ -404,8 +404,8 @@ static int do_tpm_physical_set_deactivated(cmd_tbl_t *cmdtp, int flag,
return report_return_code(tpm_physical_set_deactivated(state));
}
-static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
u32 cap_area, sub_cap, rc;
void *cap;
@@ -429,7 +429,7 @@ static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag,
#define TPM_COMMAND_NO_ARG(cmd) \
static int do_##cmd(cmd_tbl_t *cmdtp, int flag, \
- int argc, char * const argv[]) \
+ int argc, char * const argv[]) \
{ \
if (argc != 1) \
return CMD_RET_USAGE; \
@@ -456,8 +456,7 @@ static int get_tpm(struct udevice **devp)
return 0;
}
-static int do_tpm_info(cmd_tbl_t *cmdtp, int flag, int argc,
- char *const argv[])
+static int do_tpm_info(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
{
struct udevice *dev;
char buf[80];
@@ -476,8 +475,8 @@ static int do_tpm_info(cmd_tbl_t *cmdtp, int flag, int argc,
return 0;
}
-static int do_tpm_raw_transfer(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_raw_transfer(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
struct udevice *dev;
void *command;
@@ -505,8 +504,8 @@ static int do_tpm_raw_transfer(cmd_tbl_t *cmdtp, int flag,
return report_return_code(rc);
}
-static int do_tpm_nv_define(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_nv_define(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
u32 index, perm, size;
@@ -523,8 +522,8 @@ static int do_tpm_nv_define(cmd_tbl_t *cmdtp, int flag,
return report_return_code(tpm_nv_define_space(index, perm, size));
}
-static int do_tpm_nv_read(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_nv_read(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
u32 index, count, err;
void *data;
@@ -552,8 +551,8 @@ static int do_tpm_nv_read(cmd_tbl_t *cmdtp, int flag,
return report_return_code(err);
}
-static int do_tpm_nv_write(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_nv_write(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
u32 index, count, err;
void *data;
@@ -582,8 +581,8 @@ static int do_tpm_nv_write(cmd_tbl_t *cmdtp, int flag,
#ifdef CONFIG_TPM_AUTH_SESSIONS
-static int do_tpm_oiap(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_oiap(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
u32 auth_handle, err;
@@ -631,8 +630,8 @@ static int do_tpm_load_key_by_sha1(cmd_tbl_t *cmdtp, int flag, int argc, char *
}
#endif /* CONFIG_TPM_LOAD_KEY_BY_SHA1 */
-static int do_tpm_load_key2_oiap(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_load_key2_oiap(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
u32 parent_handle, key_len, key_handle, err;
u8 usage_auth[DIGEST_LENGTH];
@@ -649,15 +648,15 @@ static int do_tpm_load_key2_oiap(cmd_tbl_t *cmdtp, int flag,
parse_byte_string(argv[4], usage_auth, NULL);
err = tpm_load_key2_oiap(parent_handle, key, key_len, usage_auth,
- &key_handle);
+ &key_handle);
if (!err)
printf("Key handle is 0x%x\n", key_handle);
return report_return_code(err);
}
-static int do_tpm_get_pub_key_oiap(cmd_tbl_t *cmdtp, int flag,
- int argc, char * const argv[])
+static int do_tpm_get_pub_key_oiap(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
{
u32 key_handle, err;
u8 usage_auth[DIGEST_LENGTH];
@@ -672,8 +671,8 @@ static int do_tpm_get_pub_key_oiap(cmd_tbl_t *cmdtp, int flag,
return CMD_RET_FAILURE;
parse_byte_string(argv[2], usage_auth, NULL);
- err = tpm_get_pub_key_oiap(key_handle, usage_auth,
- pub_key_buffer, &pub_key_len);
+ err = tpm_get_pub_key_oiap(key_handle, usage_auth, pub_key_buffer,
+ &pub_key_len);
if (!err) {
printf("dump of received pub key structure:\n");
print_byte_string(pub_key_buffer, pub_key_len);
@@ -819,46 +818,45 @@ static int do_tpm_list(cmd_tbl_t *cmdtp, int flag, int argc,
static cmd_tbl_t tpm_commands[] = {
U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""),
- U_BOOT_CMD_MKENT(init, 0, 1,
- do_tpm_init, "", ""),
+ U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""),
U_BOOT_CMD_MKENT(startup, 0, 1,
- do_tpm_startup, "", ""),
+ do_tpm_startup, "", ""),
U_BOOT_CMD_MKENT(self_test_full, 0, 1,
- do_tpm_self_test_full, "", ""),
+ do_tpm_self_test_full, "", ""),
U_BOOT_CMD_MKENT(continue_self_test, 0, 1,
- do_tpm_continue_self_test, "", ""),
+ do_tpm_continue_self_test, "", ""),
U_BOOT_CMD_MKENT(force_clear, 0, 1,
- do_tpm_force_clear, "", ""),
+ do_tpm_force_clear, "", ""),
U_BOOT_CMD_MKENT(physical_enable, 0, 1,
- do_tpm_physical_enable, "", ""),
+ do_tpm_physical_enable, "", ""),
U_BOOT_CMD_MKENT(physical_disable, 0, 1,
- do_tpm_physical_disable, "", ""),
+ do_tpm_physical_disable, "", ""),
U_BOOT_CMD_MKENT(nv_define_space, 0, 1,
- do_tpm_nv_define_space, "", ""),
+ do_tpm_nv_define_space, "", ""),
U_BOOT_CMD_MKENT(nv_read_value, 0, 1,
- do_tpm_nv_read_value, "", ""),
+ do_tpm_nv_read_value, "", ""),
U_BOOT_CMD_MKENT(nv_write_value, 0, 1,
- do_tpm_nv_write_value, "", ""),
+ do_tpm_nv_write_value, "", ""),
U_BOOT_CMD_MKENT(extend, 0, 1,
- do_tpm_extend, "", ""),
+ do_tpm_extend, "", ""),
U_BOOT_CMD_MKENT(pcr_read, 0, 1,
- do_tpm_pcr_read, "", ""),
+ do_tpm_pcr_read, "", ""),
U_BOOT_CMD_MKENT(tsc_physical_presence, 0, 1,
- do_tpm_tsc_physical_presence, "", ""),
+ do_tpm_tsc_physical_presence, "", ""),
U_BOOT_CMD_MKENT(read_pubek, 0, 1,
- do_tpm_read_pubek, "", ""),
+ do_tpm_read_pubek, "", ""),
U_BOOT_CMD_MKENT(physical_set_deactivated, 0, 1,
- do_tpm_physical_set_deactivated, "", ""),
+ do_tpm_physical_set_deactivated, "", ""),
U_BOOT_CMD_MKENT(get_capability, 0, 1,
- do_tpm_get_capability, "", ""),
+ do_tpm_get_capability, "", ""),
U_BOOT_CMD_MKENT(raw_transfer, 0, 1,
- do_tpm_raw_transfer, "", ""),
+ do_tpm_raw_transfer, "", ""),
U_BOOT_CMD_MKENT(nv_define, 0, 1,
- do_tpm_nv_define, "", ""),
+ do_tpm_nv_define, "", ""),
U_BOOT_CMD_MKENT(nv_read, 0, 1,
- do_tpm_nv_read, "", ""),
+ do_tpm_nv_read, "", ""),
U_BOOT_CMD_MKENT(nv_write, 0, 1,
- do_tpm_nv_write, "", ""),
+ do_tpm_nv_write, "", ""),
#ifdef CONFIG_TPM_AUTH_SESSIONS
U_BOOT_CMD_MKENT(oiap, 0, 1,
do_tpm_oiap, "", ""),
diff --git a/lib/tpm.c b/lib/tpm.c
index 1c4ce2e71d..0c57910f53 100644
--- a/lib/tpm.c
+++ b/lib/tpm.c
@@ -281,8 +281,8 @@ u32 tpm_startup(enum tpm_startup_type mode)
u8 buf[COMMAND_BUFFER_SIZE];
if (pack_byte_string(buf, sizeof(buf), "sw",
- 0, command, sizeof(command),
- mode_offset, mode))
+ 0, command, sizeof(command),
+ mode_offset, mode))
return TPM_LIB_ERROR;
return tpm_sendrecv_command(buf, NULL, NULL);
@@ -338,10 +338,10 @@ u32 tpm_nv_define_space(u32 index, u32 perm, u32 size)
u8 buf[COMMAND_BUFFER_SIZE];
if (pack_byte_string(buf, sizeof(buf), "sddd",
- 0, command, sizeof(command),
- index_offset, index,
- perm_offset, perm,
- size_offset, size))
+ 0, command, sizeof(command),
+ index_offset, index,
+ perm_offset, perm,
+ size_offset, size))
return TPM_LIB_ERROR;
return tpm_sendrecv_command(buf, NULL, NULL);
@@ -362,20 +362,20 @@ u32 tpm_nv_read_value(u32 index, void *data, u32 count)
u32 err;
if (pack_byte_string(buf, sizeof(buf), "sdd",
- 0, command, sizeof(command),
- index_offset, index,
- length_offset, count))
+ 0, command, sizeof(command),
+ index_offset, index,
+ length_offset, count))
return TPM_LIB_ERROR;
err = tpm_sendrecv_command(buf, response, &response_length);
if (err)
return err;
if (unpack_byte_string(response, response_length, "d",
- data_size_offset, &data_size))
+ data_size_offset, &data_size))
return TPM_LIB_ERROR;
if (data_size > count)
return TPM_LIB_ERROR;
if (unpack_byte_string(response, response_length, "s",
- data_offset, data, data_size))
+ data_offset, data, data_size))
return TPM_LIB_ERROR;
return 0;
@@ -398,11 +398,11 @@ u32 tpm_nv_write_value(u32 index, const void *data, u32 length)
u32 err;
if (pack_byte_string(buf, sizeof(buf), "sddds",
- 0, command, sizeof(command),
- command_size_offset, total_length,
- index_offset, index,
- length_offset, length,
- data_offset, data, length))
+ 0, command, sizeof(command),
+ command_size_offset, total_length,
+ index_offset, index,
+ length_offset, length,
+ data_offset, data, length))
return TPM_LIB_ERROR;
err = tpm_sendrecv_command(buf, response, &response_length);
if (err)
@@ -425,18 +425,18 @@ u32 tpm_extend(u32 index, const void *in_digest, void *out_digest)
u32 err;
if (pack_byte_string(buf, sizeof(buf), "sds",
- 0, command, sizeof(command),
- index_offset, index,
- in_digest_offset, in_digest,
- PCR_DIGEST_LENGTH))
+ 0, command, sizeof(command),
+ index_offset, index,
+ in_digest_offset, in_digest,
+ PCR_DIGEST_LENGTH))
return TPM_LIB_ERROR;
err = tpm_sendrecv_command(buf, response, &response_length);
if (err)
return err;
if (unpack_byte_string(response, response_length, "s",
- out_digest_offset, out_digest,
- PCR_DIGEST_LENGTH))
+ out_digest_offset, out_digest,
+ PCR_DIGEST_LENGTH))
return TPM_LIB_ERROR;
return 0;
@@ -457,14 +457,14 @@ u32 tpm_pcr_read(u32 index, void *data, size_t count)
return TPM_LIB_ERROR;
if (pack_byte_string(buf, sizeof(buf), "sd",
- 0, command, sizeof(command),
- index_offset, index))
+ 0, command, sizeof(command),
+ index_offset, index))
return TPM_LIB_ERROR;
err = tpm_sendrecv_command(buf, response, &response_length);
if (err)
return err;
if (unpack_byte_string(response, response_length, "s",
- out_digest_offset, data, PCR_DIGEST_LENGTH))
+ out_digest_offset, data, PCR_DIGEST_LENGTH))
return TPM_LIB_ERROR;
return 0;
@@ -479,8 +479,8 @@ u32 tpm_tsc_physical_presence(u16 presence)
u8 buf[COMMAND_BUFFER_SIZE];
if (pack_byte_string(buf, sizeof(buf), "sw",
- 0, command, sizeof(command),
- presence_offset, presence))
+ 0, command, sizeof(command),
+ presence_offset, presence))
return TPM_LIB_ERROR;
return tpm_sendrecv_command(buf, NULL, NULL);
@@ -503,7 +503,7 @@ u32 tpm_read_pubek(void *data, size_t count)
if (err)
return err;
if (unpack_byte_string(response, response_length, "d",
- response_size_offset, &data_size))
+ response_size_offset, &data_size))
return TPM_LIB_ERROR;
if (data_size < header_and_checksum_size)
return TPM_LIB_ERROR;
@@ -511,7 +511,7 @@ u32 tpm_read_pubek(void *data, size_t count)
if (data_size > count)
return TPM_LIB_ERROR;
if (unpack_byte_string(response, response_length, "s",
- data_offset, data, data_size))
+ data_offset, data, data_size))
return TPM_LIB_ERROR;
return 0;
@@ -553,8 +553,8 @@ u32 tpm_physical_set_deactivated(u8 state)
u8 buf[COMMAND_BUFFER_SIZE];
if (pack_byte_string(buf, sizeof(buf), "sb",
- 0, command, sizeof(command),
- state_offset, state))
+ 0, command, sizeof(command),
+ state_offset, state))
return TPM_LIB_ERROR;
return tpm_sendrecv_command(buf, NULL, NULL);
@@ -580,20 +580,20 @@ u32 tpm_get_capability(u32 cap_area, u32 sub_cap, void *cap, size_t count)
u32 err;
if (pack_byte_string(buf, sizeof(buf), "sdd",
- 0, command, sizeof(command),
- cap_area_offset, cap_area,
- sub_cap_offset, sub_cap))
+ 0, command, sizeof(command),
+ cap_area_offset, cap_area,
+ sub_cap_offset, sub_cap))
return TPM_LIB_ERROR;
err = tpm_sendrecv_command(buf, response, &response_length);
if (err)
return err;
if (unpack_byte_string(response, response_length, "d",
- cap_size_offset, &cap_size))
+ cap_size_offset, &cap_size))
return TPM_LIB_ERROR;
if (cap_size > response_length || cap_size > count)
return TPM_LIB_ERROR;
if (unpack_byte_string(response, response_length, "s",
- cap_offset, cap, cap_size))
+ cap_offset, cap, cap_size))
return TPM_LIB_ERROR;
return 0;
@@ -914,9 +914,9 @@ u32 tpm_load_key2_oiap(u32 parent_handle, const void *key, size_t key_length,
return TPM_LIB_ERROR;
err = create_request_auth(request, sizeof(command) + key_length, 4,
- &oiap_session,
- request + sizeof(command) + key_length,
- parent_key_usage_auth);
+ &oiap_session,
+ request + sizeof(command) + key_length,
+ parent_key_usage_auth);
if (err)
return err;
err = tpm_sendrecv_command(request, response, &response_length);
@@ -927,10 +927,11 @@ u32 tpm_load_key2_oiap(u32 parent_handle, const void *key, size_t key_length,
}
err = verify_response_auth(0x00000041, response,
- response_length - TPM_RESPONSE_AUTH_LENGTH,
- 4, &oiap_session,
- response + response_length - TPM_RESPONSE_AUTH_LENGTH,
- parent_key_usage_auth);
+ response_length - TPM_RESPONSE_AUTH_LENGTH,
+ 4, &oiap_session,
+ response + response_length -
+ TPM_RESPONSE_AUTH_LENGTH,
+ parent_key_usage_auth);
if (err)
return err;
@@ -975,7 +976,7 @@ u32 tpm_get_pub_key_oiap(u32 key_handle, const void *usage_auth, void *pubkey,
))
return TPM_LIB_ERROR;
err = create_request_auth(request, sizeof(command), 4, &oiap_session,
- request + sizeof(command), usage_auth);
+ request + sizeof(command), usage_auth);
if (err)
return err;
err = tpm_sendrecv_command(request, response, &response_length);
@@ -985,16 +986,17 @@ u32 tpm_get_pub_key_oiap(u32 key_handle, const void *usage_auth, void *pubkey,
return err;
}
err = verify_response_auth(0x00000021, response,
- response_length - TPM_RESPONSE_AUTH_LENGTH,
- 0, &oiap_session,
- response + response_length - TPM_RESPONSE_AUTH_LENGTH,
- usage_auth);
+ response_length - TPM_RESPONSE_AUTH_LENGTH,
+ 0, &oiap_session,
+ response + response_length -
+ TPM_RESPONSE_AUTH_LENGTH,
+ usage_auth);
if (err)
return err;
if (pubkey) {
if ((response_length - TPM_RESPONSE_HEADER_LENGTH
- - TPM_RESPONSE_AUTH_LENGTH) > *pubkey_len)
+ - TPM_RESPONSE_AUTH_LENGTH) > *pubkey_len)
return TPM_LIB_ERROR;
*pubkey_len = response_length - TPM_RESPONSE_HEADER_LENGTH
- TPM_RESPONSE_AUTH_LENGTH;
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 05/32] tpm: use the BIT() macro where applicable
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (3 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 04/32] tpm: align arguments with open parenthesis Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 15:58 ` Tom Rini
` (2 more replies)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 06/32] tpm: fix spelling Miquel Raynal
` (27 subsequent siblings)
32 siblings, 3 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Fix following checkpatch.pl issue in TPM-related code:
CHECK: Prefer using the BIT macro
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
---
include/tpm.h | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/include/tpm.h b/include/tpm.h
index 62117f6cc2..241597d879 100644
--- a/include/tpm.h
+++ b/include/tpm.h
@@ -83,13 +83,13 @@ enum tpm_capability_areas {
TPM_CAP_VERSION_VAL = 0x0000001A,
};
-#define TPM_NV_PER_GLOBALLOCK (1U << 15)
-#define TPM_NV_PER_PPREAD (1U << 16)
-#define TPM_NV_PER_PPWRITE (1U << 0)
-#define TPM_NV_PER_READ_STCLEAR (1U << 31)
-#define TPM_NV_PER_WRITE_STCLEAR (1U << 14)
-#define TPM_NV_PER_WRITEDEFINE (1U << 13)
-#define TPM_NV_PER_WRITEALL (1U << 12)
+#define TPM_NV_PER_GLOBALLOCK BIT(15)
+#define TPM_NV_PER_PPREAD BIT(16)
+#define TPM_NV_PER_PPWRITE BIT(0)
+#define TPM_NV_PER_READ_STCLEAR BIT(31)
+#define TPM_NV_PER_WRITE_STCLEAR BIT(14)
+#define TPM_NV_PER_WRITEDEFINE BIT(13)
+#define TPM_NV_PER_WRITEALL BIT(12)
enum {
TPM_PUBEK_SIZE = 256,
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 06/32] tpm: fix spelling
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (4 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 05/32] tpm: use the BIT() macro where applicable Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 15:58 ` Tom Rini
` (2 more replies)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 07/32] tpm: add extra blank lines between declarations and code Miquel Raynal
` (26 subsequent siblings)
32 siblings, 3 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Fix following checkpatch.pl issues in TPM-related code:
CHECK: '<x>' may be misspelled - perhaps '<y>'?
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
---
include/tpm.h | 8 ++++----
lib/tpm.c | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/include/tpm.h b/include/tpm.h
index 241597d879..e1fc2ec252 100644
--- a/include/tpm.h
+++ b/include/tpm.h
@@ -509,7 +509,7 @@ u32 tpm_tsc_physical_presence(u16 presence);
* Issue a TPM_ReadPubek command.
*
* @param data output buffer for the public endorsement key
- * @param count size of ouput buffer
+ * @param count size of output buffer
* @return return code of the operation
*/
u32 tpm_read_pubek(void *data, size_t count);
@@ -551,13 +551,13 @@ u32 tpm_physical_set_deactivated(u8 state);
* @param sub_cap further definition of capability, which is
* limited to be 4-byte wide
* @param cap output buffer for capability information
- * @param count size of ouput buffer
+ * @param count size of output buffer
* @return return code of the operation
*/
u32 tpm_get_capability(u32 cap_area, u32 sub_cap, void *cap, size_t count);
/**
- * Issue a TPM_FlushSpecific command for a AUTH ressource.
+ * Issue a TPM_FlushSpecific command for a AUTH resource.
*
* @param auth_handle handle of the auth session
* @return return code of the operation
@@ -565,7 +565,7 @@ u32 tpm_get_capability(u32 cap_area, u32 sub_cap, void *cap, size_t count);
u32 tpm_terminate_auth_session(u32 auth_handle);
/**
- * Issue a TPM_OIAP command to setup an object independant authorization
+ * Issue a TPM_OIAP command to setup an object independent authorization
* session.
* Information about the session is stored internally.
* If there was already an OIAP session active it is terminated and a new
diff --git a/lib/tpm.c b/lib/tpm.c
index 0c57910f53..cc76a46e78 100644
--- a/lib/tpm.c
+++ b/lib/tpm.c
@@ -826,7 +826,7 @@ u32 tpm_terminate_auth_session(u32 auth_handle)
0x00, 0x00, 0x00, 0x00, /* parameter size */
0x00, 0x00, 0x00, 0xba, /* TPM_COMMAND_CODE */
0x00, 0x00, 0x00, 0x00, /* TPM_HANDLE */
- 0x00, 0x00, 0x00, 0x02, /* TPM_RESSOURCE_TYPE */
+ 0x00, 0x00, 0x00, 0x02, /* TPM_RESOURCE_TYPE */
};
const size_t req_handle_offset = TPM_REQUEST_HEADER_LENGTH;
u8 request[COMMAND_BUFFER_SIZE];
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 07/32] tpm: add extra blank lines between declarations and code
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (5 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 06/32] tpm: fix spelling Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 15:58 ` Tom Rini
` (2 more replies)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 08/32] tpm: add Revision ID field in the chip structure Miquel Raynal
` (25 subsequent siblings)
32 siblings, 3 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Fix following checkpatch.pl issue in TPM-related code:
WARNING: Missing a blank line after declarations
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
---
lib/tpm.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/tpm.c b/lib/tpm.c
index cc76a46e78..e8ebbbe6cd 100644
--- a/lib/tpm.c
+++ b/lib/tpm.c
@@ -205,6 +205,7 @@ int unpack_byte_string(const u8 *str, size_t size, const char *format, ...)
static u32 tpm_command_size(const void *command)
{
const size_t command_size_offset = 2;
+
return get_unaligned_be32(command + command_size_offset);
}
@@ -217,6 +218,7 @@ static u32 tpm_command_size(const void *command)
static u32 tpm_return_code(const void *response)
{
const size_t return_code_offset = 6;
+
return get_unaligned_be32(response + return_code_offset);
}
@@ -844,6 +846,7 @@ u32 tpm_terminate_auth_session(u32 auth_handle)
u32 tpm_end_oiap(void)
{
u32 err = TPM_SUCCESS;
+
if (oiap_session.valid)
err = tpm_terminate_auth_session(oiap_session.handle);
return err;
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 08/32] tpm: add Revision ID field in the chip structure
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (6 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 07/32] tpm: add extra blank lines between declarations and code Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 09/32] tpm: prepare introduction of TPMv2.x support in Kconfig Miquel Raynal
` (24 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
TPM are shipped with a few read-only register from which we can retrieve
for instance:
- vendor ID
- product ID
- revision ID
Product and vendor ID share the same register and are already referenced
in the tpm_chip structure. Add the revision ID entry which is missing.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
drivers/tpm/tpm_tis.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/tpm/tpm_tis.h b/drivers/tpm/tpm_tis.h
index 25b152b321..2b81f3be50 100644
--- a/drivers/tpm/tpm_tis.h
+++ b/drivers/tpm/tpm_tis.h
@@ -41,6 +41,7 @@ struct tpm_chip {
int is_open;
int locality;
u32 vend_dev;
+ u8 rid;
unsigned long timeout_a, timeout_b, timeout_c, timeout_d; /* msec */
ulong chip_type;
};
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 09/32] tpm: prepare introduction of TPMv2.x support in Kconfig
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (7 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 08/32] tpm: add Revision ID field in the chip structure Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 10/32] tpm: disociate TPMv1.x specific and generic code Miquel Raynal
` (23 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Because both major revisions are not compatible at all, let's make them
mutually exclusive in Kconfig. This way we will be sure, when using a
command or a library function that it is supported by the right
revision.
Current drivers are currently prefixed by "tpm_", we will prefix TPMv2.x
files by "tpm2_" to make the distinction without moving everything.
The Kconfig menu about TPM drivers is now divided into two sections, one
for each specification. Compliant drivers with one specification will
only show up if this specification _only_ has been selected, otherwise a
comment is displayed.
Once a driver is selected by the user, it selects automatically a
boolean value, that is needed in order to activate the TPM commands.
Selecting the TPM commands will automatically select the right
command/library files.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
cmd/Kconfig | 24 +++++++++++++++------
cmd/Makefile | 2 +-
drivers/tpm/Kconfig | 62 +++++++++++++++++++++++++++++++++++++++++++----------
lib/Makefile | 2 +-
4 files changed, 71 insertions(+), 19 deletions(-)
diff --git a/cmd/Kconfig b/cmd/Kconfig
index 136836d146..7c09c94d6d 100644
--- a/cmd/Kconfig
+++ b/cmd/Kconfig
@@ -1354,25 +1354,37 @@ config HASH_VERIFY
help
Add -v option to verify data against a hash.
+config CMD_TPM_V1
+ bool
+
+config CMD_TPM_V2
+ bool
+
config CMD_TPM
bool "Enable the 'tpm' command"
- depends on TPM
+ depends on TPM_DRIVER_SELECTED
+ select CMD_TPM_V1 if TPM_V1
+ select CMD_TPM_V2 if TPM_V2
help
This provides a means to talk to a TPM from the command line. A wide
range of commands if provided - see 'tpm help' for details. The
command requires a suitable TPM on your board and the correct driver
must be enabled.
+if CMD_TPM
+
config CMD_TPM_TEST
bool "Enable the 'tpm test' command"
- depends on CMD_TPM
+ depends on TPM_V1
help
- This provides a a series of tests to confirm that the TPM is working
- correctly. The tests cover initialisation, non-volatile RAM, extend,
- global lock and checking that timing is within expectations. The
- tests pass correctly on Infineon TPMs but may need to be adjusted
+ This provides a a series of tests to confirm that the TPMv1.x is
+ working correctly. The tests cover initialisation, non-volatile RAM,
+ extend, global lock and checking that timing is within expectations.
+ The tests pass correctly on Infineon TPMs but may need to be adjusted
for other devices.
+endif
+
endmenu
menu "Firmware commands"
diff --git a/cmd/Makefile b/cmd/Makefile
index 9a358e4801..bbeeb7e7f7 100644
--- a/cmd/Makefile
+++ b/cmd/Makefile
@@ -117,7 +117,7 @@ obj-$(CONFIG_CMD_TERMINAL) += terminal.o
obj-$(CONFIG_CMD_TIME) += time.o
obj-$(CONFIG_CMD_TRACE) += trace.o
obj-$(CONFIG_HUSH_PARSER) += test.o
-obj-$(CONFIG_CMD_TPM) += tpm.o
+obj-$(CONFIG_CMD_TPM_V1) += tpm.o
obj-$(CONFIG_CMD_TPM_TEST) += tpm_test.o
obj-$(CONFIG_CMD_CROS_EC) += cros_ec.o
obj-$(CONFIG_CMD_TSI148) += tsi148.o
diff --git a/drivers/tpm/Kconfig b/drivers/tpm/Kconfig
index 2a64bc49c3..01967ffd35 100644
--- a/drivers/tpm/Kconfig
+++ b/drivers/tpm/Kconfig
@@ -4,9 +4,27 @@
menu "TPM support"
+comment "Please select only one TPM revision"
+ depends on TPM_V1 && TPM_V2
+
+config TPM_DRIVER_SELECTED
+ bool
+ help
+ A valid TPM driver has been selected.
+
+config TPM_V1
+ bool "TPMv1.x support"
+ default y
+ help
+ Major TPM versions are not compatible at all, choose either
+ one or the other. This option enables TPMv1.x drivers/commands.
+
+if TPM_V1 && !TPM_V2
+
config TPM_TIS_SANDBOX
bool "Enable sandbox TPM driver"
- depends on SANDBOX
+ depends on TPM_V1 && SANDBOX
+ select TPM_DRIVER_SELECTED
help
This driver emulates a TPM, providing access to base functions
such as reading and writing TPM private data. This is enough to
@@ -15,7 +33,8 @@ config TPM_TIS_SANDBOX
config TPM_ATMEL_TWI
bool "Enable Atmel TWI TPM device driver"
- depends on TPM
+ depends on TPM_V1
+ select TPM_DRIVER_SELECTED
help
This driver supports an Atmel TPM device connected on the I2C bus.
The usual tpm operations and the 'tpm' command can be used to talk
@@ -24,7 +43,8 @@ config TPM_ATMEL_TWI
config TPM_TIS_INFINEON
bool "Enable support for Infineon SLB9635/45 TPMs on I2C"
- depends on TPM && DM_I2C
+ depends on TPM_V1 && DM_I2C
+ select TPM_DRIVER_SELECTED
help
This driver supports Infineon TPM devices connected on the I2C bus.
The usual tpm operations and the 'tpm' command can be used to talk
@@ -33,7 +53,7 @@ config TPM_TIS_INFINEON
config TPM_TIS_I2C_BURST_LIMITATION
bool "Enable I2C burst length limitation"
- depends on TPM_TIS_INFINEON
+ depends on TPM_V1 && TPM_TIS_INFINEON
help
Some broken TPMs have a limitation on the number of bytes they can
receive in one message. Enable this option to allow you to set this
@@ -48,7 +68,7 @@ config TPM_TIS_I2C_BURST_LIMITATION_LEN
config TPM_TIS_LPC
bool "Enable support for Infineon SLB9635/45 TPMs on LPC"
- depends on TPM && X86
+ depends on TPM_V1 && X86
help
This driver supports Infineon TPM devices connected on the LPC bus.
The usual tpm operations and the 'tpm' command can be used to talk
@@ -57,7 +77,8 @@ config TPM_TIS_LPC
config TPM_AUTH_SESSIONS
bool "Enable TPM authentication session support"
- depends on TPM
+ depends on TPM_V1
+ select TPM_DRIVER_SELECTED
help
Enable support for authorised (AUTH1) commands as specified in the
TCG Main Specification 1.2. OIAP-authorised versions of the commands
@@ -66,7 +87,8 @@ config TPM_AUTH_SESSIONS
config TPM_ST33ZP24_I2C
bool "STMicroelectronics ST33ZP24 I2C TPM"
- depends on TPM && DM_I2C
+ depends on TPM_V1 && DM_I2C
+ select TPM_DRIVER_SELECTED
---help---
This driver supports STMicroelectronics TPM devices connected on the I2C bus.
The usual tpm operations and the 'tpm' command can be used to talk
@@ -75,7 +97,8 @@ config TPM_ST33ZP24_I2C
config TPM_ST33ZP24_SPI
bool "STMicroelectronics ST33ZP24 SPI TPM"
- depends on TPM && DM_SPI
+ depends on TPM_V1 && DM_SPI
+ select TPM_DRIVER_SELECTED
---help---
This driver supports STMicroelectronics TPM devices connected on the SPI bus.
The usual tpm operations and the 'tpm' command can be used to talk
@@ -84,14 +107,16 @@ config TPM_ST33ZP24_SPI
config TPM_FLUSH_RESOURCES
bool "Enable TPM resource flushing support"
- depends on TPM
+ depends on TPM_V1
+ select TPM_DRIVER_SELECTED
help
Enable support to flush specific resources (e.g. keys) from the TPM.
The functionality is available via the 'tpm' command as well.
config TPM_LOAD_KEY_BY_SHA1
bool "Enable TPM key loading by SHA1 support"
- depends on TPM
+ depends on TPM_V1
+ select TPM_DRIVER_SELECTED
help
Enable support to load keys into the TPM by identifying
their parent via the public key's SHA1 hash.
@@ -99,8 +124,23 @@ config TPM_LOAD_KEY_BY_SHA1
config TPM_LIST_RESOURCES
bool "Enable TPM resource listing support"
- depends on TPM
+ depends on TPM_V1
+ select TPM_DRIVER_SELECTED
help
Enable support to list specific resources (e.g. keys) within the TPM.
The functionality is available via the 'tpm' command as well.
+
+endif # TPM_V1
+
+config TPM_V2
+ bool "TPMv2.x support"
+ default n
+ help
+ Major TPM versions are not compatible at all, choose either
+ one or the other. This option enables TPMv2.x drivers/commands.
+
+if TPM_V2 && !TPM_V1
+
+endif # TPM_V2
+
endmenu
diff --git a/lib/Makefile b/lib/Makefile
index 0db41c19f3..9ec4a93043 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -40,7 +40,7 @@ obj-$(CONFIG_PHYSMEM) += physmem.o
obj-y += qsort.o
obj-y += rc4.o
obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o
-obj-$(CONFIG_TPM) += tpm.o
+obj-$(CONFIG_TPM_V1) += tpm.o
obj-$(CONFIG_RBTREE) += rbtree.o
obj-$(CONFIG_BITREVERSE) += bitrev.o
obj-y += list_sort.o
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 10/32] tpm: disociate TPMv1.x specific and generic code
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (8 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 09/32] tpm: prepare introduction of TPMv2.x support in Kconfig Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 11/32] tpm: add missing parameter in private data structure description Miquel Raynal
` (22 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
There are no changes in this commit but a new organization of the code
as follow.
* cmd/ directory:
> move existing code from cmd/tpm.c in cmd/tpm-common.c
> move specific code in cmd/tpm-v1.c
> create a specific header file with generic definitions for
commands only called cmd/tpm-user-utils.h
* lib/ directory:
> move existing code from lib/tpm.c in lib/tpm-common.c
> move specific code in lib/tpm-v1.c
> create a specific header file with generic definitions for
the library itself called lib/tpm-utils.h
* include/ directory:
> move existing code from include/tpm.h in include/tpm-common.h
> move specific code in include/tpm-v1.h
Code designated as 'common' is compiled if TPM are used. Code designated
as 'specific' is compiled only if the right specification has been
selected.
All files include tpm-common.h.
Files in cmd/ include tpm-user-utils.h.
Files in lib/ include tpm-utils.h.
Depending on the specification, files may include either (not both)
tpm-v1.h or tpm-v2.h.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
---
cmd/Makefile | 3 +-
cmd/tpm-common.c | 289 +++++++++++++++++++++++++++++++++++
cmd/tpm-user-utils.h | 25 +++
cmd/{tpm.c => tpm-v1.c} | 304 ++-----------------------------------
cmd/tpm_test.c | 2 +-
drivers/tpm/tpm-uclass.c | 4 +-
drivers/tpm/tpm_atmel_twi.c | 2 +-
drivers/tpm/tpm_tis_infineon.c | 2 +-
drivers/tpm/tpm_tis_lpc.c | 2 +-
drivers/tpm/tpm_tis_sandbox.c | 2 +-
drivers/tpm/tpm_tis_st33zp24_i2c.c | 2 +-
drivers/tpm/tpm_tis_st33zp24_spi.c | 2 +-
include/tpm-common.h | 211 +++++++++++++++++++++++++
include/{tpm.h => tpm-v1.h} | 214 ++------------------------
lib/Makefile | 3 +-
lib/tpm-common.c | 189 +++++++++++++++++++++++
lib/tpm-utils.h | 96 ++++++++++++
lib/{tpm.c => tpm-v1.c} | 250 +-----------------------------
18 files changed, 855 insertions(+), 747 deletions(-)
create mode 100644 cmd/tpm-common.c
create mode 100644 cmd/tpm-user-utils.h
rename cmd/{tpm.c => tpm-v1.c} (76%)
create mode 100644 include/tpm-common.h
rename include/{tpm.h => tpm-v1.h} (70%)
create mode 100644 lib/tpm-common.c
create mode 100644 lib/tpm-utils.h
rename lib/{tpm.c => tpm-v1.c} (81%)
diff --git a/cmd/Makefile b/cmd/Makefile
index bbeeb7e7f7..66732085e8 100644
--- a/cmd/Makefile
+++ b/cmd/Makefile
@@ -117,7 +117,8 @@ obj-$(CONFIG_CMD_TERMINAL) += terminal.o
obj-$(CONFIG_CMD_TIME) += time.o
obj-$(CONFIG_CMD_TRACE) += trace.o
obj-$(CONFIG_HUSH_PARSER) += test.o
-obj-$(CONFIG_CMD_TPM_V1) += tpm.o
+obj-$(CONFIG_CMD_TPM) += tpm-common.o
+obj-$(CONFIG_CMD_TPM_V1) += tpm-v1.o
obj-$(CONFIG_CMD_TPM_TEST) += tpm_test.o
obj-$(CONFIG_CMD_CROS_EC) += cros_ec.o
obj-$(CONFIG_CMD_TSI148) += tsi148.o
diff --git a/cmd/tpm-common.c b/cmd/tpm-common.c
new file mode 100644
index 0000000000..235bdf39da
--- /dev/null
+++ b/cmd/tpm-common.c
@@ -0,0 +1,289 @@
+/*
+ * Copyright (c) 2013 The Chromium OS Authors.
+ *
+ * SPDX-License-Identifier: GPL-2.0+
+ */
+
+#include <common.h>
+#include <command.h>
+#include <dm.h>
+#include <asm/unaligned.h>
+#include <linux/string.h>
+#include <tpm-common.h>
+#include "tpm-user-utils.h"
+
+/**
+ * Print a byte string in hexdecimal format, 16-bytes per line.
+ *
+ * @param data byte string to be printed
+ * @param count number of bytes to be printed
+ */
+void print_byte_string(u8 *data, size_t count)
+{
+ int i, print_newline = 0;
+
+ for (i = 0; i < count; i++) {
+ printf(" %02x", data[i]);
+ print_newline = (i % 16 == 15);
+ if (print_newline)
+ putc('\n');
+ }
+ /* Avoid duplicated newline@the end */
+ if (!print_newline)
+ putc('\n');
+}
+
+/**
+ * Convert a text string of hexdecimal values into a byte string.
+ *
+ * @param bytes text string of hexdecimal values with no space
+ * between them
+ * @param data output buffer for byte string. The caller has to make
+ * sure it is large enough for storing the output. If
+ * NULL is passed, a large enough buffer will be allocated,
+ * and the caller must free it.
+ * @param count_ptr output variable for the length of byte string
+ * @return pointer to output buffer
+ */
+void *parse_byte_string(char *bytes, u8 *data, size_t *count_ptr)
+{
+ char byte[3];
+ size_t count, length;
+ int i;
+
+ if (!bytes)
+ return NULL;
+ length = strlen(bytes);
+ count = length / 2;
+
+ if (!data)
+ data = malloc(count);
+ if (!data)
+ return NULL;
+
+ byte[2] = '\0';
+ for (i = 0; i < length; i += 2) {
+ byte[0] = bytes[i];
+ byte[1] = bytes[i + 1];
+ data[i / 2] = (u8)simple_strtoul(byte, NULL, 16);
+ }
+
+ if (count_ptr)
+ *count_ptr = count;
+
+ return data;
+}
+
+/**
+ * report_return_code() - Report any error and return failure or success
+ *
+ * @param return_code TPM command return code
+ * @return value of enum command_ret_t
+ */
+int report_return_code(int return_code)
+{
+ if (return_code) {
+ printf("Error: %d\n", return_code);
+ return CMD_RET_FAILURE;
+ } else {
+ return CMD_RET_SUCCESS;
+ }
+}
+
+/**
+ * Return number of values defined by a type string.
+ *
+ * @param type_str type string
+ * @return number of values of type string
+ */
+int type_string_get_num_values(const char *type_str)
+{
+ return strlen(type_str);
+}
+
+/**
+ * Return total size of values defined by a type string.
+ *
+ * @param type_str type string
+ * @return total size of values of type string, or 0 if type string
+ * contains illegal type character.
+ */
+size_t type_string_get_space_size(const char *type_str)
+{
+ size_t size;
+
+ for (size = 0; *type_str; type_str++) {
+ switch (*type_str) {
+ case 'b':
+ size += 1;
+ break;
+ case 'w':
+ size += 2;
+ break;
+ case 'd':
+ size += 4;
+ break;
+ default:
+ return 0;
+ }
+ }
+
+ return size;
+}
+
+/**
+ * Allocate a buffer large enough to hold values defined by a type
+ * string. The caller has to free the buffer.
+ *
+ * @param type_str type string
+ * @param count pointer for storing size of buffer
+ * @return pointer to buffer or NULL on error
+ */
+void *type_string_alloc(const char *type_str, u32 *count)
+{
+ void *data;
+ size_t size;
+
+ size = type_string_get_space_size(type_str);
+ if (!size)
+ return NULL;
+ data = malloc(size);
+ if (data)
+ *count = size;
+
+ return data;
+}
+
+/**
+ * Pack values defined by a type string into a buffer. The buffer must have
+ * large enough space.
+ *
+ * @param type_str type string
+ * @param values text strings of values to be packed
+ * @param data output buffer of values
+ * @return 0 on success, non-0 on error
+ */
+int type_string_pack(const char *type_str, char * const values[],
+ u8 *data)
+{
+ size_t offset;
+ u32 value;
+
+ for (offset = 0; *type_str; type_str++, values++) {
+ value = simple_strtoul(values[0], NULL, 0);
+ switch (*type_str) {
+ case 'b':
+ data[offset] = value;
+ offset += 1;
+ break;
+ case 'w':
+ put_unaligned_be16(value, data + offset);
+ offset += 2;
+ break;
+ case 'd':
+ put_unaligned_be32(value, data + offset);
+ offset += 4;
+ break;
+ default:
+ return -1;
+ }
+ }
+
+ return 0;
+}
+
+/**
+ * Read values defined by a type string from a buffer, and write these values
+ * to environment variables.
+ *
+ * @param type_str type string
+ * @param data input buffer of values
+ * @param vars names of environment variables
+ * @return 0 on success, non-0 on error
+ */
+int type_string_write_vars(const char *type_str, u8 *data,
+ char * const vars[])
+{
+ size_t offset;
+ u32 value;
+
+ for (offset = 0; *type_str; type_str++, vars++) {
+ switch (*type_str) {
+ case 'b':
+ value = data[offset];
+ offset += 1;
+ break;
+ case 'w':
+ value = get_unaligned_be16(data + offset);
+ offset += 2;
+ break;
+ case 'd':
+ value = get_unaligned_be32(data + offset);
+ offset += 4;
+ break;
+ default:
+ return -1;
+ }
+ if (env_set_ulong(*vars, value))
+ return -1;
+ }
+
+ return 0;
+}
+
+int get_tpm(struct udevice **devp)
+{
+ int rc;
+
+ rc = uclass_first_device_err(UCLASS_TPM, devp);
+ if (rc) {
+ printf("Could not find TPM (ret=%d)\n", rc);
+ return CMD_RET_FAILURE;
+ }
+
+ return 0;
+}
+
+int do_tpm_info(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
+{
+ struct udevice *dev;
+ char buf[80];
+ int rc;
+
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
+ rc = tpm_get_desc(dev, buf, sizeof(buf));
+ if (rc < 0) {
+ printf("Couldn't get TPM info (%d)\n", rc);
+ return CMD_RET_FAILURE;
+ }
+ printf("%s\n", buf);
+
+ return 0;
+}
+
+int do_tpm_init(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
+{
+ if (argc != 1)
+ return CMD_RET_USAGE;
+
+ return report_return_code(tpm_init());
+}
+
+int do_tpm(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
+{
+ cmd_tbl_t *tpm_commands, *cmd;
+ unsigned int size;
+
+ if (argc < 2)
+ return CMD_RET_USAGE;
+
+ tpm_commands = get_tpm_commands(&size);
+
+ cmd = find_cmd_tbl(argv[1], tpm_commands, size);
+ if (!cmd)
+ return CMD_RET_USAGE;
+
+ return cmd->cmd(cmdtp, flag, argc - 1, argv + 1);
+}
diff --git a/cmd/tpm-user-utils.h b/cmd/tpm-user-utils.h
new file mode 100644
index 0000000000..6017090971
--- /dev/null
+++ b/cmd/tpm-user-utils.h
@@ -0,0 +1,25 @@
+/*
+ * Copyright (c) 2013 The Chromium OS Authors.
+ * Coypright (c) 2013 Guntermann & Drunck GmbH
+ *
+ * SPDX-License-Identifier: GPL-2.0+
+ */
+
+#ifndef __TPM_USER_UTILS_H
+#define __TPM_USER_UTILS_H
+
+void print_byte_string(u8 *data, size_t count);
+void *parse_byte_string(char *bytes, u8 *data, size_t *count_ptr);
+int report_return_code(int return_code);
+int type_string_get_num_values(const char *type_str);
+size_t type_string_get_space_size(const char *type_str);
+void *type_string_alloc(const char *type_str, u32 *count);
+int type_string_pack(const char *type_str, char * const values[], u8 *data);
+int type_string_write_vars(const char *type_str, u8 *data, char * const vars[]);
+int get_tpm(struct udevice **devp);
+
+int do_tpm_init(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[]);
+int do_tpm_info(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[]);
+int do_tpm(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]);
+
+#endif /* __TPM_USER_UTILS_H */
diff --git a/cmd/tpm.c b/cmd/tpm-v1.c
similarity index 76%
rename from cmd/tpm.c
rename to cmd/tpm-v1.c
index a7ea1c9012..75a2cf2386 100644
--- a/cmd/tpm.c
+++ b/cmd/tpm-v1.c
@@ -5,238 +5,11 @@
*/
#include <common.h>
-#include <command.h>
-#include <dm.h>
#include <malloc.h>
-#include <tpm.h>
#include <asm/unaligned.h>
-#include <linux/string.h>
-
-/* Useful constants */
-enum {
- DIGEST_LENGTH = 20,
- /* max lengths, valid for RSA keys <= 2048 bits */
- TPM_PUBKEY_MAX_LENGTH = 288,
-};
-
-/**
- * Print a byte string in hexdecimal format, 16-bytes per line.
- *
- * @param data byte string to be printed
- * @param count number of bytes to be printed
- */
-static void print_byte_string(u8 *data, size_t count)
-{
- int i, print_newline = 0;
-
- for (i = 0; i < count; i++) {
- printf(" %02x", data[i]);
- print_newline = (i % 16 == 15);
- if (print_newline)
- putc('\n');
- }
- /* Avoid duplicated newline@the end */
- if (!print_newline)
- putc('\n');
-}
-
-/**
- * Convert a text string of hexdecimal values into a byte string.
- *
- * @param bytes text string of hexdecimal values with no space
- * between them
- * @param data output buffer for byte string. The caller has to make
- * sure it is large enough for storing the output. If
- * NULL is passed, a large enough buffer will be allocated,
- * and the caller must free it.
- * @param count_ptr output variable for the length of byte string
- * @return pointer to output buffer
- */
-static void *parse_byte_string(char *bytes, u8 *data, size_t *count_ptr)
-{
- char byte[3];
- size_t count, length;
- int i;
-
- if (!bytes)
- return NULL;
- length = strlen(bytes);
- count = length / 2;
-
- if (!data)
- data = malloc(count);
- if (!data)
- return NULL;
-
- byte[2] = '\0';
- for (i = 0; i < length; i += 2) {
- byte[0] = bytes[i];
- byte[1] = bytes[i + 1];
- data[i / 2] = (u8)simple_strtoul(byte, NULL, 16);
- }
-
- if (count_ptr)
- *count_ptr = count;
-
- return data;
-}
-
-/**
- * report_return_code() - Report any error and return failure or success
- *
- * @param return_code TPM command return code
- * @return value of enum command_ret_t
- */
-static int report_return_code(int return_code)
-{
- if (return_code) {
- printf("Error: %d\n", return_code);
- return CMD_RET_FAILURE;
- } else {
- return CMD_RET_SUCCESS;
- }
-}
-
-/**
- * Return number of values defined by a type string.
- *
- * @param type_str type string
- * @return number of values of type string
- */
-static int type_string_get_num_values(const char *type_str)
-{
- return strlen(type_str);
-}
-
-/**
- * Return total size of values defined by a type string.
- *
- * @param type_str type string
- * @return total size of values of type string, or 0 if type string
- * contains illegal type character.
- */
-static size_t type_string_get_space_size(const char *type_str)
-{
- size_t size;
-
- for (size = 0; *type_str; type_str++) {
- switch (*type_str) {
- case 'b':
- size += 1;
- break;
- case 'w':
- size += 2;
- break;
- case 'd':
- size += 4;
- break;
- default:
- return 0;
- }
- }
-
- return size;
-}
-
-/**
- * Allocate a buffer large enough to hold values defined by a type
- * string. The caller has to free the buffer.
- *
- * @param type_str type string
- * @param count pointer for storing size of buffer
- * @return pointer to buffer or NULL on error
- */
-static void *type_string_alloc(const char *type_str, u32 *count)
-{
- void *data;
- size_t size;
-
- size = type_string_get_space_size(type_str);
- if (!size)
- return NULL;
- data = malloc(size);
- if (data)
- *count = size;
-
- return data;
-}
-
-/**
- * Pack values defined by a type string into a buffer. The buffer must have
- * large enough space.
- *
- * @param type_str type string
- * @param values text strings of values to be packed
- * @param data output buffer of values
- * @return 0 on success, non-0 on error
- */
-static int type_string_pack(const char *type_str, char * const values[],
- u8 *data)
-{
- size_t offset;
- u32 value;
-
- for (offset = 0; *type_str; type_str++, values++) {
- value = simple_strtoul(values[0], NULL, 0);
- switch (*type_str) {
- case 'b':
- data[offset] = value;
- offset += 1;
- break;
- case 'w':
- put_unaligned_be16(value, data + offset);
- offset += 2;
- break;
- case 'd':
- put_unaligned_be32(value, data + offset);
- offset += 4;
- break;
- default:
- return -1;
- }
- }
-
- return 0;
-}
-
-/**
- * Read values defined by a type string from a buffer, and write these values
- * to environment variables.
- *
- * @param type_str type string
- * @param data input buffer of values
- * @param vars names of environment variables
- * @return 0 on success, non-0 on error
- */
-static int type_string_write_vars(const char *type_str, u8 *data,
- char * const vars[])
-{
- size_t offset;
- u32 value;
-
- for (offset = 0; *type_str; type_str++, vars++) {
- switch (*type_str) {
- case 'b':
- value = data[offset];
- offset += 1;
- break;
- case 'w':
- value = get_unaligned_be16(data + offset);
- offset += 2;
- break;
- case 'd':
- value = get_unaligned_be32(data + offset);
- offset += 4;
- break;
- default:
- return -1;
- }
- if (env_set_ulong(*vars, value))
- return -1;
- }
-
- return 0;
-}
+#include <tpm-common.h>
+#include <tpm-v1.h>
+#include "tpm-user-utils.h"
static int do_tpm_startup(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
@@ -427,54 +200,6 @@ static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag, int argc,
return report_return_code(rc);
}
-#define TPM_COMMAND_NO_ARG(cmd) \
-static int do_##cmd(cmd_tbl_t *cmdtp, int flag, \
- int argc, char * const argv[]) \
-{ \
- if (argc != 1) \
- return CMD_RET_USAGE; \
- return report_return_code(cmd()); \
-}
-
-TPM_COMMAND_NO_ARG(tpm_init)
-TPM_COMMAND_NO_ARG(tpm_self_test_full)
-TPM_COMMAND_NO_ARG(tpm_continue_self_test)
-TPM_COMMAND_NO_ARG(tpm_force_clear)
-TPM_COMMAND_NO_ARG(tpm_physical_enable)
-TPM_COMMAND_NO_ARG(tpm_physical_disable)
-
-static int get_tpm(struct udevice **devp)
-{
- int rc;
-
- rc = uclass_first_device_err(UCLASS_TPM, devp);
- if (rc) {
- printf("Could not find TPM (ret=%d)\n", rc);
- return CMD_RET_FAILURE;
- }
-
- return 0;
-}
-
-static int do_tpm_info(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
-{
- struct udevice *dev;
- char buf[80];
- int rc;
-
- rc = get_tpm(&dev);
- if (rc)
- return rc;
- rc = tpm_get_desc(dev, buf, sizeof(buf));
- if (rc < 0) {
- printf("Couldn't get TPM info (%d)\n", rc);
- return CMD_RET_FAILURE;
- }
- printf("%s\n", buf);
-
- return 0;
-}
-
static int do_tpm_raw_transfer(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
{
@@ -813,10 +538,13 @@ static int do_tpm_list(cmd_tbl_t *cmdtp, int flag, int argc,
}
#endif /* CONFIG_TPM_LIST_RESOURCES */
-#define MAKE_TPM_CMD_ENTRY(cmd) \
- U_BOOT_CMD_MKENT(cmd, 0, 1, do_tpm_ ## cmd, "", "")
+TPM_COMMAND_NO_ARG(tpm_self_test_full)
+TPM_COMMAND_NO_ARG(tpm_continue_self_test)
+TPM_COMMAND_NO_ARG(tpm_force_clear)
+TPM_COMMAND_NO_ARG(tpm_physical_enable)
+TPM_COMMAND_NO_ARG(tpm_physical_disable)
-static cmd_tbl_t tpm_commands[] = {
+static cmd_tbl_t tpm1_commands[] = {
U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""),
U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""),
U_BOOT_CMD_MKENT(startup, 0, 1,
@@ -881,21 +609,15 @@ static cmd_tbl_t tpm_commands[] = {
#endif /* CONFIG_TPM_LIST_RESOURCES */
};
-static int do_tpm(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
+cmd_tbl_t *get_tpm_commands(unsigned int *size)
{
- cmd_tbl_t *tpm_cmd;
+ *size = ARRAY_SIZE(tpm1_commands);
- if (argc < 2)
- return CMD_RET_USAGE;
- tpm_cmd = find_cmd_tbl(argv[1], tpm_commands, ARRAY_SIZE(tpm_commands));
- if (!tpm_cmd)
- return CMD_RET_USAGE;
-
- return tpm_cmd->cmd(cmdtp, flag, argc - 1, argv + 1);
+ return tpm1_commands;
}
U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm,
-"Issue a TPM command",
+"Issue a TPMv1.x command",
"cmd args...\n"
" - Issue TPM command <cmd> with arguments <args...>.\n"
"Admin Startup and State Commands:\n"
diff --git a/cmd/tpm_test.c b/cmd/tpm_test.c
index 37ad2ff33d..c9d641f0ce 100644
--- a/cmd/tpm_test.c
+++ b/cmd/tpm_test.c
@@ -7,7 +7,7 @@
#include <common.h>
#include <command.h>
#include <environment.h>
-#include <tpm.h>
+#include <tpm-v1.h>
/* Prints error and returns on failure */
#define TPM_CHECK(tpm_command) do { \
diff --git a/drivers/tpm/tpm-uclass.c b/drivers/tpm/tpm-uclass.c
index b6e1fc5e62..eb0e511c8f 100644
--- a/drivers/tpm/tpm-uclass.c
+++ b/drivers/tpm/tpm-uclass.c
@@ -7,8 +7,10 @@
#include <common.h>
#include <dm.h>
-#include <tpm.h>
#include <linux/unaligned/be_byteshift.h>
+#if defined(CONFIG_TPM_V1)
+#include <tpm-v1.h>
+#endif
#include "tpm_internal.h"
int tpm_open(struct udevice *dev)
diff --git a/drivers/tpm/tpm_atmel_twi.c b/drivers/tpm/tpm_atmel_twi.c
index 4fd772dc4f..a6f5a333dd 100644
--- a/drivers/tpm/tpm_atmel_twi.c
+++ b/drivers/tpm/tpm_atmel_twi.c
@@ -8,7 +8,7 @@
#include <common.h>
#include <dm.h>
-#include <tpm.h>
+#include <tpm-v1.h>
#include <i2c.h>
#include <asm/unaligned.h>
diff --git a/drivers/tpm/tpm_tis_infineon.c b/drivers/tpm/tpm_tis_infineon.c
index 41b748e7a2..30170afce0 100644
--- a/drivers/tpm/tpm_tis_infineon.c
+++ b/drivers/tpm/tpm_tis_infineon.c
@@ -24,7 +24,7 @@
#include <dm.h>
#include <fdtdec.h>
#include <i2c.h>
-#include <tpm.h>
+#include <tpm-v1.h>
#include <linux/errno.h>
#include <linux/compiler.h>
#include <linux/types.h>
diff --git a/drivers/tpm/tpm_tis_lpc.c b/drivers/tpm/tpm_tis_lpc.c
index c00a2d030b..bf955e73f2 100644
--- a/drivers/tpm/tpm_tis_lpc.c
+++ b/drivers/tpm/tpm_tis_lpc.c
@@ -16,7 +16,7 @@
#include <common.h>
#include <dm.h>
#include <mapmem.h>
-#include <tpm.h>
+#include <tpm-v1.h>
#include <asm/io.h>
#define PREFIX "lpc_tpm: "
diff --git a/drivers/tpm/tpm_tis_sandbox.c b/drivers/tpm/tpm_tis_sandbox.c
index e7746dc675..a19c1ba33d 100644
--- a/drivers/tpm/tpm_tis_sandbox.c
+++ b/drivers/tpm/tpm_tis_sandbox.c
@@ -6,7 +6,7 @@
#include <common.h>
#include <dm.h>
-#include <tpm.h>
+#include <tpm-v1.h>
#include <asm/state.h>
#include <asm/unaligned.h>
#include <linux/crc8.h>
diff --git a/drivers/tpm/tpm_tis_st33zp24_i2c.c b/drivers/tpm/tpm_tis_st33zp24_i2c.c
index 245218fc07..21c2b56034 100644
--- a/drivers/tpm/tpm_tis_st33zp24_i2c.c
+++ b/drivers/tpm/tpm_tis_st33zp24_i2c.c
@@ -17,7 +17,7 @@
#include <dm.h>
#include <fdtdec.h>
#include <i2c.h>
-#include <tpm.h>
+#include <tpm-v1.h>
#include <errno.h>
#include <linux/types.h>
#include <asm/unaligned.h>
diff --git a/drivers/tpm/tpm_tis_st33zp24_spi.c b/drivers/tpm/tpm_tis_st33zp24_spi.c
index c4c5e05286..07daad7beb 100644
--- a/drivers/tpm/tpm_tis_st33zp24_spi.c
+++ b/drivers/tpm/tpm_tis_st33zp24_spi.c
@@ -17,7 +17,7 @@
#include <dm.h>
#include <fdtdec.h>
#include <spi.h>
-#include <tpm.h>
+#include <tpm-v1.h>
#include <errno.h>
#include <linux/types.h>
#include <asm/unaligned.h>
diff --git a/include/tpm-common.h b/include/tpm-common.h
new file mode 100644
index 0000000000..ecc7bc067a
--- /dev/null
+++ b/include/tpm-common.h
@@ -0,0 +1,211 @@
+/*
+ * Copyright (c) 2013 The Chromium OS Authors.
+ * Coypright (c) 2013 Guntermann & Drunck GmbH
+ *
+ * SPDX-License-Identifier: GPL-2.0+
+ */
+
+#ifndef __TPM_COMMON_H
+#define __TPM_COMMON_H
+
+enum tpm_duration {
+ TPM_SHORT = 0,
+ TPM_MEDIUM = 1,
+ TPM_LONG = 2,
+ TPM_UNDEFINED,
+
+ TPM_DURATION_COUNT,
+};
+
+/*
+ * Here is a partial implementation of TPM commands. Please consult TCG Main
+ * Specification for definitions of TPM commands.
+ */
+
+#define TPM_HEADER_SIZE 10
+
+/* Max buffer size supported by our tpm */
+#define TPM_DEV_BUFSIZE 1260
+
+/**
+ * struct tpm_chip_priv - Information about a TPM, stored by the uclass
+ *
+ * These values must be set up by the device's probe() method before
+ * communcation is attempted. If the device has an xfer() method, this is
+ * not needed. There is no need to set up @buf.
+ *
+ * @duration_ms: Length of each duration type in milliseconds
+ * @retry_time_ms: Time to wait before retrying receive
+ */
+struct tpm_chip_priv {
+ uint duration_ms[TPM_DURATION_COUNT];
+ uint retry_time_ms;
+ u8 buf[TPM_DEV_BUFSIZE + sizeof(u8)]; /* Max buffer size + addr */
+};
+
+/**
+ * struct tpm_ops - low-level TPM operations
+ *
+ * These are designed to avoid loops and delays in the driver itself. These
+ * should be handled in the uclass.
+ *
+ * In gneral you should implement everything except xfer(). Where you need
+ * complete control of the transfer, then xfer() can be provided and will
+ * override the other methods.
+ *
+ * This interface is for low-level TPM access. It does not understand the
+ * concept of localities or the various TPM messages. That interface is
+ * defined in the functions later on in this file, but they all translate
+ * to bytes which are sent and received.
+ */
+struct tpm_ops {
+ /**
+ * open() - Request access to locality 0 for the caller
+ *
+ * After all commands have been completed the caller should call
+ * close().
+ *
+ * @dev: Device to close
+ * @return 0 ok OK, -ve on error
+ */
+ int (*open)(struct udevice *dev);
+
+ /**
+ * close() - Close the current session
+ *
+ * Releasing the locked locality. Returns 0 on success, -ve 1 on
+ * failure (in case lock removal did not succeed).
+ *
+ * @dev: Device to close
+ * @return 0 ok OK, -ve on error
+ */
+ int (*close)(struct udevice *dev);
+
+ /**
+ * get_desc() - Get a text description of the TPM
+ *
+ * @dev: Device to check
+ * @buf: Buffer to put the string
+ * @size: Maximum size of buffer
+ * @return length of string, or -ENOSPC it no space
+ */
+ int (*get_desc)(struct udevice *dev, char *buf, int size);
+
+ /**
+ * send() - send data to the TPM
+ *
+ * @dev: Device to talk to
+ * @sendbuf: Buffer of the data to send
+ * @send_size: Size of the data to send
+ *
+ * Returns 0 on success or -ve on failure.
+ */
+ int (*send)(struct udevice *dev, const u8 *sendbuf, size_t send_size);
+
+ /**
+ * recv() - receive a response from the TPM
+ *
+ * @dev: Device to talk to
+ * @recvbuf: Buffer to save the response to
+ * @max_size: Maximum number of bytes to receive
+ *
+ * Returns number of bytes received on success, -EAGAIN if the TPM
+ * response is not ready, -EINTR if cancelled, or other -ve value on
+ * failure.
+ */
+ int (*recv)(struct udevice *dev, u8 *recvbuf, size_t max_size);
+
+ /**
+ * cleanup() - clean up after an operation in progress
+ *
+ * This is called if receiving times out. The TPM may need to abort
+ * the current transaction if it did not complete, and make itself
+ * ready for another.
+ *
+ * @dev: Device to talk to
+ */
+ int (*cleanup)(struct udevice *dev);
+
+ /**
+ * xfer() - send data to the TPM and get response
+ *
+ * This method is optional. If it exists it is used in preference
+ * to send(), recv() and cleanup(). It should handle all aspects of
+ * TPM communication for a single transfer.
+ *
+ * @dev: Device to talk to
+ * @sendbuf: Buffer of the data to send
+ * @send_size: Size of the data to send
+ * @recvbuf: Buffer to save the response to
+ * @recv_size: Pointer to the size of the response buffer
+ *
+ * Returns 0 on success (and places the number of response bytes at
+ * recv_size) or -ve on failure.
+ */
+ int (*xfer)(struct udevice *dev, const u8 *sendbuf, size_t send_size,
+ u8 *recvbuf, size_t *recv_size);
+};
+
+#define tpm_get_ops(dev) ((struct tpm_ops *)device_get_ops(dev))
+
+#define MAKE_TPM_CMD_ENTRY(cmd) \
+ U_BOOT_CMD_MKENT(cmd, 0, 1, do_tpm_ ## cmd, "", "")
+
+#define TPM_COMMAND_NO_ARG(cmd) \
+int do_##cmd(cmd_tbl_t *cmdtp, int flag, \
+ int argc, char * const argv[]) \
+{ \
+ if (argc != 1) \
+ return CMD_RET_USAGE; \
+ return report_return_code(cmd()); \
+}
+
+/**
+ * tpm_get_desc() - Get a text description of the TPM
+ *
+ * @dev: Device to check
+ * @buf: Buffer to put the string
+ * @size: Maximum size of buffer
+ * @return length of string, or -ENOSPC it no space
+ */
+int tpm_get_desc(struct udevice *dev, char *buf, int size);
+
+/**
+ * tpm_xfer() - send data to the TPM and get response
+ *
+ * This first uses the device's send() method to send the bytes. Then it calls
+ * recv() to get the reply. If recv() returns -EAGAIN then it will delay a
+ * short time and then call recv() again.
+ *
+ * Regardless of whether recv() completes successfully, it will then call
+ * cleanup() to finish the transaction.
+ *
+ * Note that the outgoing data is inspected to determine command type
+ * (ordinal) and a timeout is used for that command type.
+ *
+ * @sendbuf - buffer of the data to send
+ * @send_size size of the data to send
+ * @recvbuf - memory to save the response to
+ * @recv_len - pointer to the size of the response buffer
+ *
+ * Returns 0 on success (and places the number of response bytes at
+ * recv_len) or -ve on failure.
+ */
+int tpm_xfer(struct udevice *dev, const u8 *sendbuf, size_t send_size,
+ u8 *recvbuf, size_t *recv_size);
+
+/**
+ * Initialize TPM device. It must be called before any TPM commands.
+ *
+ * @return 0 on success, non-0 on error.
+ */
+int tpm_init(void);
+
+/**
+ * Retrieve the array containing all the commands.
+ *
+ * @return a cmd_tbl_t array.
+ */
+cmd_tbl_t *get_tpm_commands(unsigned int *size);
+
+#endif /* __TPM_COMMON_H */
diff --git a/include/tpm.h b/include/tpm-v1.h
similarity index 70%
rename from include/tpm.h
rename to include/tpm-v1.h
index e1fc2ec252..9bb322ecbb 100644
--- a/include/tpm.h
+++ b/include/tpm-v1.h
@@ -5,23 +5,22 @@
* SPDX-License-Identifier: GPL-2.0+
*/
-#ifndef __TPM_H
-#define __TPM_H
+#ifndef __TPM_V1_H
+#define __TPM_V1_H
-/*
- * Here is a partial implementation of TPM commands. Please consult TCG Main
- * Specification for definitions of TPM commands.
- */
+#include <tpm-common.h>
-#define TPM_HEADER_SIZE 10
-
-enum tpm_duration {
- TPM_SHORT = 0,
- TPM_MEDIUM = 1,
- TPM_LONG = 2,
- TPM_UNDEFINED,
-
- TPM_DURATION_COUNT,
+/* Useful constants */
+enum {
+ TPM_REQUEST_HEADER_LENGTH = 10,
+ TPM_RESPONSE_HEADER_LENGTH = 10,
+ PCR_DIGEST_LENGTH = 20,
+ DIGEST_LENGTH = 20,
+ TPM_REQUEST_AUTH_LENGTH = 45,
+ TPM_RESPONSE_AUTH_LENGTH = 41,
+ /* some max lengths, valid for RSA keys <= 2048 bits */
+ TPM_KEY12_MAX_LENGTH = 618,
+ TPM_PUBKEY_MAX_LENGTH = 288,
};
enum tpm_startup_type {
@@ -233,189 +232,6 @@ struct tpm_permanent_flags {
u8 disable_full_da_logic_info;
} __packed;
-/* Max buffer size supported by our tpm */
-#define TPM_DEV_BUFSIZE 1260
-
-/**
- * struct tpm_chip_priv - Information about a TPM, stored by the uclass
- *
- * These values must be set up by the device's probe() method before
- * communcation is attempted. If the device has an xfer() method, this is
- * not needed. There is no need to set up @buf.
- *
- * @duration_ms: Length of each duration type in milliseconds
- * @retry_time_ms: Time to wait before retrying receive
- */
-struct tpm_chip_priv {
- uint duration_ms[TPM_DURATION_COUNT];
- uint retry_time_ms;
- u8 buf[TPM_DEV_BUFSIZE + sizeof(u8)]; /* Max buffer size + addr */
-};
-
-/**
- * struct tpm_ops - low-level TPM operations
- *
- * These are designed to avoid loops and delays in the driver itself. These
- * should be handled in the uclass.
- *
- * In gneral you should implement everything except xfer(). Where you need
- * complete control of the transfer, then xfer() can be provided and will
- * override the other methods.
- *
- * This interface is for low-level TPM access. It does not understand the
- * concept of localities or the various TPM messages. That interface is
- * defined in the functions later on in this file, but they all translate
- * to bytes which are sent and received.
- */
-struct tpm_ops {
- /**
- * open() - Request access to locality 0 for the caller
- *
- * After all commands have been completed the caller should call
- * close().
- *
- * @dev: Device to close
- * @return 0 ok OK, -ve on error
- */
- int (*open)(struct udevice *dev);
-
- /**
- * close() - Close the current session
- *
- * Releasing the locked locality. Returns 0 on success, -ve 1 on
- * failure (in case lock removal did not succeed).
- *
- * @dev: Device to close
- * @return 0 ok OK, -ve on error
- */
- int (*close)(struct udevice *dev);
-
- /**
- * get_desc() - Get a text description of the TPM
- *
- * @dev: Device to check
- * @buf: Buffer to put the string
- * @size: Maximum size of buffer
- * @return length of string, or -ENOSPC it no space
- */
- int (*get_desc)(struct udevice *dev, char *buf, int size);
-
- /**
- * send() - send data to the TPM
- *
- * @dev: Device to talk to
- * @sendbuf: Buffer of the data to send
- * @send_size: Size of the data to send
- *
- * Returns 0 on success or -ve on failure.
- */
- int (*send)(struct udevice *dev, const u8 *sendbuf, size_t send_size);
-
- /**
- * recv() - receive a response from the TPM
- *
- * @dev: Device to talk to
- * @recvbuf: Buffer to save the response to
- * @max_size: Maximum number of bytes to receive
- *
- * Returns number of bytes received on success, -EAGAIN if the TPM
- * response is not ready, -EINTR if cancelled, or other -ve value on
- * failure.
- */
- int (*recv)(struct udevice *dev, u8 *recvbuf, size_t max_size);
-
- /**
- * cleanup() - clean up after an operation in progress
- *
- * This is called if receiving times out. The TPM may need to abort
- * the current transaction if it did not complete, and make itself
- * ready for another.
- *
- * @dev: Device to talk to
- */
- int (*cleanup)(struct udevice *dev);
-
- /**
- * xfer() - send data to the TPM and get response
- *
- * This method is optional. If it exists it is used in preference
- * to send(), recv() and cleanup(). It should handle all aspects of
- * TPM communication for a single transfer.
- *
- * @dev: Device to talk to
- * @sendbuf: Buffer of the data to send
- * @send_size: Size of the data to send
- * @recvbuf: Buffer to save the response to
- * @recv_size: Pointer to the size of the response buffer
- *
- * Returns 0 on success (and places the number of response bytes at
- * recv_size) or -ve on failure.
- */
- int (*xfer)(struct udevice *dev, const u8 *sendbuf, size_t send_size,
- u8 *recvbuf, size_t *recv_size);
-};
-
-#define tpm_get_ops(dev) ((struct tpm_ops *)device_get_ops(dev))
-
-/**
- * tpm_open() - Request access to locality 0 for the caller
- *
- * After all commands have been completed the caller is supposed to
- * call tpm_close().
- *
- * Returns 0 on success, -ve on failure.
- */
-int tpm_open(struct udevice *dev);
-
-/**
- * tpm_close() - Close the current session
- *
- * Releasing the locked locality. Returns 0 on success, -ve 1 on
- * failure (in case lock removal did not succeed).
- */
-int tpm_close(struct udevice *dev);
-
-/**
- * tpm_get_desc() - Get a text description of the TPM
- *
- * @dev: Device to check
- * @buf: Buffer to put the string
- * @size: Maximum size of buffer
- * @return length of string, or -ENOSPC it no space
- */
-int tpm_get_desc(struct udevice *dev, char *buf, int size);
-
-/**
- * tpm_xfer() - send data to the TPM and get response
- *
- * This first uses the device's send() method to send the bytes. Then it calls
- * recv() to get the reply. If recv() returns -EAGAIN then it will delay a
- * short time and then call recv() again.
- *
- * Regardless of whether recv() completes successfully, it will then call
- * cleanup() to finish the transaction.
- *
- * Note that the outgoing data is inspected to determine command type
- * (ordinal) and a timeout is used for that command type.
- *
- * @sendbuf - buffer of the data to send
- * @send_size size of the data to send
- * @recvbuf - memory to save the response to
- * @recv_len - pointer to the size of the response buffer
- *
- * Returns 0 on success (and places the number of response bytes at
- * recv_len) or -ve on failure.
- */
-int tpm_xfer(struct udevice *dev, const u8 *sendbuf, size_t send_size,
- u8 *recvbuf, size_t *recv_size);
-
-/**
- * Initialize TPM device. It must be called before any TPM commands.
- *
- * @return 0 on success, non-0 on error.
- */
-int tpm_init(void);
-
/**
* Issue a TPM_Startup command.
*
@@ -662,4 +478,4 @@ u32 tpm_find_key_sha1(const u8 auth[20], const u8 pubkey_digest[20],
*/
u32 tpm_get_random(void *data, u32 count);
-#endif /* __TPM_H */
+#endif /* __TPM_V1_H */
diff --git a/lib/Makefile b/lib/Makefile
index 9ec4a93043..2052954841 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -40,7 +40,8 @@ obj-$(CONFIG_PHYSMEM) += physmem.o
obj-y += qsort.o
obj-y += rc4.o
obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o
-obj-$(CONFIG_TPM_V1) += tpm.o
+obj-$(CONFIG_TPM) += tpm-common.o
+obj-$(CONFIG_TPM_V1) += tpm-v1.o
obj-$(CONFIG_RBTREE) += rbtree.o
obj-$(CONFIG_BITREVERSE) += bitrev.o
obj-y += list_sort.o
diff --git a/lib/tpm-common.c b/lib/tpm-common.c
new file mode 100644
index 0000000000..0812b73220
--- /dev/null
+++ b/lib/tpm-common.c
@@ -0,0 +1,189 @@
+/*
+ * Copyright (c) 2013 The Chromium OS Authors.
+ * Coypright (c) 2013 Guntermann & Drunck GmbH
+ *
+ * SPDX-License-Identifier: GPL-2.0+
+ */
+
+#include <common.h>
+#include <dm.h>
+#include <asm/unaligned.h>
+#include <tpm-common.h>
+#include "tpm-utils.h"
+
+int pack_byte_string(u8 *str, size_t size, const char *format, ...)
+{
+ va_list args;
+ size_t offset = 0, length = 0;
+ u8 *data = NULL;
+ u32 value = 0;
+
+ va_start(args, format);
+ for (; *format; format++) {
+ switch (*format) {
+ case 'b':
+ offset = va_arg(args, size_t);
+ value = va_arg(args, int);
+ length = 1;
+ break;
+ case 'w':
+ offset = va_arg(args, size_t);
+ value = va_arg(args, int);
+ length = 2;
+ break;
+ case 'd':
+ offset = va_arg(args, size_t);
+ value = va_arg(args, u32);
+ length = 4;
+ break;
+ case 's':
+ offset = va_arg(args, size_t);
+ data = va_arg(args, u8 *);
+ length = va_arg(args, u32);
+ break;
+ default:
+ debug("Couldn't recognize format string\n");
+ va_end(args);
+ return -1;
+ }
+
+ if (offset + length > size) {
+ va_end(args);
+ return -1;
+ }
+
+ switch (*format) {
+ case 'b':
+ str[offset] = value;
+ break;
+ case 'w':
+ put_unaligned_be16(value, str + offset);
+ break;
+ case 'd':
+ put_unaligned_be32(value, str + offset);
+ break;
+ case 's':
+ memcpy(str + offset, data, length);
+ break;
+ }
+ }
+ va_end(args);
+
+ return 0;
+}
+
+int unpack_byte_string(const u8 *str, size_t size, const char *format, ...)
+{
+ va_list args;
+ size_t offset = 0, length = 0;
+ u8 *ptr8 = NULL;
+ u16 *ptr16 = NULL;
+ u32 *ptr32 = NULL;
+
+ va_start(args, format);
+ for (; *format; format++) {
+ switch (*format) {
+ case 'b':
+ offset = va_arg(args, size_t);
+ ptr8 = va_arg(args, u8 *);
+ length = 1;
+ break;
+ case 'w':
+ offset = va_arg(args, size_t);
+ ptr16 = va_arg(args, u16 *);
+ length = 2;
+ break;
+ case 'd':
+ offset = va_arg(args, size_t);
+ ptr32 = va_arg(args, u32 *);
+ length = 4;
+ break;
+ case 's':
+ offset = va_arg(args, size_t);
+ ptr8 = va_arg(args, u8 *);
+ length = va_arg(args, u32);
+ break;
+ default:
+ va_end(args);
+ debug("Couldn't recognize format string\n");
+ return -1;
+ }
+
+ if (offset + length > size) {
+ va_end(args);
+ return -1;
+ }
+
+ switch (*format) {
+ case 'b':
+ *ptr8 = str[offset];
+ break;
+ case 'w':
+ *ptr16 = get_unaligned_be16(str + offset);
+ break;
+ case 'd':
+ *ptr32 = get_unaligned_be32(str + offset);
+ break;
+ case 's':
+ memcpy(ptr8, str + offset, length);
+ break;
+ }
+ }
+ va_end(args);
+
+ return 0;
+}
+
+u32 tpm_command_size(const void *command)
+{
+ const size_t command_size_offset = 2;
+
+ return get_unaligned_be32(command + command_size_offset);
+}
+
+u32 tpm_return_code(const void *response)
+{
+ const size_t return_code_offset = 6;
+
+ return get_unaligned_be32(response + return_code_offset);
+}
+
+u32 tpm_sendrecv_command(const void *command, void *response, size_t *size_ptr)
+{
+ struct udevice *dev;
+ int err, ret;
+ u8 response_buffer[COMMAND_BUFFER_SIZE];
+ size_t response_length;
+
+ if (response) {
+ response_length = *size_ptr;
+ } else {
+ response = response_buffer;
+ response_length = sizeof(response_buffer);
+ }
+
+ ret = uclass_first_device_err(UCLASS_TPM, &dev);
+ if (ret)
+ return ret;
+ err = tpm_xfer(dev, command, tpm_command_size(command),
+ response, &response_length);
+
+ if (err < 0)
+ return TPM_LIB_ERROR;
+ if (size_ptr)
+ *size_ptr = response_length;
+
+ return tpm_return_code(response);
+}
+
+int tpm_init(void)
+{
+ struct udevice *dev;
+ int err;
+
+ err = uclass_first_device_err(UCLASS_TPM, &dev);
+ if (err)
+ return err;
+
+ return tpm_open(dev);
+}
diff --git a/lib/tpm-utils.h b/lib/tpm-utils.h
new file mode 100644
index 0000000000..429da46232
--- /dev/null
+++ b/lib/tpm-utils.h
@@ -0,0 +1,96 @@
+/*
+ * Copyright (c) 2013 The Chromium OS Authors.
+ * Coypright (c) 2013 Guntermann & Drunck GmbH
+ *
+ * SPDX-License-Identifier: GPL-2.0+
+ */
+
+#ifndef __TPM_UTILS_H
+#define __TPM_UTILS_H
+
+#define COMMAND_BUFFER_SIZE 256
+
+/* Internal error of TPM command library */
+#define TPM_LIB_ERROR ((u32)~0u)
+
+/**
+ * tpm_open() - Request access to locality 0 for the caller
+ *
+ * After all commands have been completed the caller is supposed to
+ * call tpm_close().
+ *
+ * Returns 0 on success, -ve on failure.
+ */
+int tpm_open(struct udevice *dev);
+
+/**
+ * tpm_close() - Close the current session
+ *
+ * Releasing the locked locality. Returns 0 on success, -ve 1 on
+ * failure (in case lock removal did not succeed).
+ */
+int tpm_close(struct udevice *dev);
+
+/**
+ * Pack data into a byte string. The data types are specified in
+ * the format string: 'b' means unsigned byte, 'w' unsigned word,
+ * 'd' unsigned double word, and 's' byte string. The data are a
+ * series of offsets and values (for type byte string there are also
+ * lengths). The data values are packed into the byte string
+ * sequentially, and so a latter value could over-write a former
+ * value.
+ *
+ * @param str output string
+ * @param size size of output string
+ * @param format format string
+ * @param ... data points
+ * @return 0 on success, non-0 on error
+ */
+int pack_byte_string(u8 *str, size_t size, const char *format, ...);
+
+/**
+ * Unpack data from a byte string. The data types are specified in
+ * the format string: 'b' means unsigned byte, 'w' unsigned word,
+ * 'd' unsigned double word, and 's' byte string. The data are a
+ * series of offsets and pointers (for type byte string there are also
+ * lengths).
+ *
+ * @param str output string
+ * @param size size of output string
+ * @param format format string
+ * @param ... data points
+ * @return 0 on success, non-0 on error
+ */
+int unpack_byte_string(const u8 *str, size_t size, const char *format, ...);
+
+/**
+ * Get TPM command size.
+ *
+ * @param command byte string of TPM command
+ * @return command size of the TPM command
+ */
+u32 tpm_command_size(const void *command);
+
+/**
+ * Get TPM response return code, which is one of TPM_RESULT values.
+ *
+ * @param response byte string of TPM response
+ * @return return code of the TPM response
+ */
+u32 tpm_return_code(const void *response);
+
+/**
+ * Send a TPM command and return response's return code, and optionally
+ * return response to caller.
+ *
+ * @param command byte string of TPM command
+ * @param response output buffer for TPM response, or NULL if the
+ * caller does not care about it
+ * @param size_ptr output buffer size (input parameter) and TPM
+ * response length (output parameter); this parameter
+ * is a bidirectional
+ * @return return code of the TPM response
+ */
+u32 tpm_sendrecv_command(const void *command, void *response, size_t *size_ptr);
+
+#endif /* __TPM_UTILS_H */
diff --git a/lib/tpm.c b/lib/tpm-v1.c
similarity index 81%
rename from lib/tpm.c
rename to lib/tpm-v1.c
index e8ebbbe6cd..7893a8bd34 100644
--- a/lib/tpm.c
+++ b/lib/tpm-v1.c
@@ -7,26 +7,11 @@
#include <common.h>
#include <dm.h>
-#include <tpm.h>
#include <asm/unaligned.h>
#include <u-boot/sha1.h>
-
-/* Internal error of TPM command library */
-#define TPM_LIB_ERROR ((u32)~0u)
-
-/* Useful constants */
-enum {
- COMMAND_BUFFER_SIZE = 256,
- TPM_REQUEST_HEADER_LENGTH = 10,
- TPM_RESPONSE_HEADER_LENGTH = 10,
- PCR_DIGEST_LENGTH = 20,
- DIGEST_LENGTH = 20,
- TPM_REQUEST_AUTH_LENGTH = 45,
- TPM_RESPONSE_AUTH_LENGTH = 41,
- /* some max lengths, valid for RSA keys <= 2048 bits */
- TPM_KEY12_MAX_LENGTH = 618,
- TPM_PUBKEY_MAX_LENGTH = 288,
-};
+#include <tpm-common.h>
+#include <tpm-v1.h>
+#include "tpm-utils.h"
#ifdef CONFIG_TPM_AUTH_SESSIONS
@@ -45,235 +30,6 @@ static struct session_data oiap_session = {0, };
#endif /* CONFIG_TPM_AUTH_SESSIONS */
-/**
- * Pack data into a byte string. The data types are specified in
- * the format string: 'b' means unsigned byte, 'w' unsigned word,
- * 'd' unsigned double word, and 's' byte string. The data are a
- * series of offsets and values (for type byte string there are also
- * lengths). The data values are packed into the byte string
- * sequentially, and so a latter value could over-write a former
- * value.
- *
- * @param str output string
- * @param size size of output string
- * @param format format string
- * @param ... data points
- * @return 0 on success, non-0 on error
- */
-int pack_byte_string(u8 *str, size_t size, const char *format, ...)
-{
- va_list args;
- size_t offset = 0, length = 0;
- u8 *data = NULL;
- u32 value = 0;
-
- va_start(args, format);
- for (; *format; format++) {
- switch (*format) {
- case 'b':
- offset = va_arg(args, size_t);
- value = va_arg(args, int);
- length = 1;
- break;
- case 'w':
- offset = va_arg(args, size_t);
- value = va_arg(args, int);
- length = 2;
- break;
- case 'd':
- offset = va_arg(args, size_t);
- value = va_arg(args, u32);
- length = 4;
- break;
- case 's':
- offset = va_arg(args, size_t);
- data = va_arg(args, u8 *);
- length = va_arg(args, u32);
- break;
- default:
- debug("Couldn't recognize format string\n");
- va_end(args);
- return -1;
- }
-
- if (offset + length > size) {
- va_end(args);
- return -1;
- }
-
- switch (*format) {
- case 'b':
- str[offset] = value;
- break;
- case 'w':
- put_unaligned_be16(value, str + offset);
- break;
- case 'd':
- put_unaligned_be32(value, str + offset);
- break;
- case 's':
- memcpy(str + offset, data, length);
- break;
- }
- }
- va_end(args);
-
- return 0;
-}
-
-/**
- * Unpack data from a byte string. The data types are specified in
- * the format string: 'b' means unsigned byte, 'w' unsigned word,
- * 'd' unsigned double word, and 's' byte string. The data are a
- * series of offsets and pointers (for type byte string there are also
- * lengths).
- *
- * @param str output string
- * @param size size of output string
- * @param format format string
- * @param ... data points
- * @return 0 on success, non-0 on error
- */
-int unpack_byte_string(const u8 *str, size_t size, const char *format, ...)
-{
- va_list args;
- size_t offset = 0, length = 0;
- u8 *ptr8 = NULL;
- u16 *ptr16 = NULL;
- u32 *ptr32 = NULL;
-
- va_start(args, format);
- for (; *format; format++) {
- switch (*format) {
- case 'b':
- offset = va_arg(args, size_t);
- ptr8 = va_arg(args, u8 *);
- length = 1;
- break;
- case 'w':
- offset = va_arg(args, size_t);
- ptr16 = va_arg(args, u16 *);
- length = 2;
- break;
- case 'd':
- offset = va_arg(args, size_t);
- ptr32 = va_arg(args, u32 *);
- length = 4;
- break;
- case 's':
- offset = va_arg(args, size_t);
- ptr8 = va_arg(args, u8 *);
- length = va_arg(args, u32);
- break;
- default:
- va_end(args);
- debug("Couldn't recognize format string\n");
- return -1;
- }
-
- if (offset + length > size) {
- va_end(args);
- return -1;
- }
-
- switch (*format) {
- case 'b':
- *ptr8 = str[offset];
- break;
- case 'w':
- *ptr16 = get_unaligned_be16(str + offset);
- break;
- case 'd':
- *ptr32 = get_unaligned_be32(str + offset);
- break;
- case 's':
- memcpy(ptr8, str + offset, length);
- break;
- }
- }
- va_end(args);
-
- return 0;
-}
-
-/**
- * Get TPM command size.
- *
- * @param command byte string of TPM command
- * @return command size of the TPM command
- */
-static u32 tpm_command_size(const void *command)
-{
- const size_t command_size_offset = 2;
-
- return get_unaligned_be32(command + command_size_offset);
-}
-
-/**
- * Get TPM response return code, which is one of TPM_RESULT values.
- *
- * @param response byte string of TPM response
- * @return return code of the TPM response
- */
-static u32 tpm_return_code(const void *response)
-{
- const size_t return_code_offset = 6;
-
- return get_unaligned_be32(response + return_code_offset);
-}
-
-/**
- * Send a TPM command and return response's return code, and optionally
- * return response to caller.
- *
- * @param command byte string of TPM command
- * @param response output buffer for TPM response, or NULL if the
- * caller does not care about it
- * @param size_ptr output buffer size (input parameter) and TPM
- * response length (output parameter); this parameter
- * is a bidirectional
- * @return return code of the TPM response
- */
-static u32 tpm_sendrecv_command(const void *command, void *response,
- size_t *size_ptr)
-{
- struct udevice *dev;
- int err, ret;
- u8 response_buffer[COMMAND_BUFFER_SIZE];
- size_t response_length;
-
- if (response) {
- response_length = *size_ptr;
- } else {
- response = response_buffer;
- response_length = sizeof(response_buffer);
- }
-
- ret = uclass_first_device_err(UCLASS_TPM, &dev);
- if (ret)
- return ret;
- err = tpm_xfer(dev, command, tpm_command_size(command),
- response, &response_length);
-
- if (err < 0)
- return TPM_LIB_ERROR;
- if (size_ptr)
- *size_ptr = response_length;
-
- return tpm_return_code(response);
-}
-
-int tpm_init(void)
-{
- int err;
- struct udevice *dev;
-
- err = uclass_first_device_err(UCLASS_TPM, &dev);
- if (err)
- return err;
- return tpm_open(dev);
-}
-
u32 tpm_startup(enum tpm_startup_type mode)
{
const u8 command[12] = {
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 11/32] tpm: add missing parameter in private data structure description
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (9 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 10/32] tpm: disociate TPMv1.x specific and generic code Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 15:58 ` Tom Rini
` (2 more replies)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 12/32] tpm: prepare support for TPMv2.x commands Miquel Raynal
` (21 subsequent siblings)
32 siblings, 3 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Both parameters 'duration_ms' and 'retry_time_ms' of the tpm_chip_priv
structure are documented is the comment above the declaration but 'buf'
was forgotten. Add the missing description.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
---
include/tpm-common.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/tpm-common.h b/include/tpm-common.h
index ecc7bc067a..6b15466781 100644
--- a/include/tpm-common.h
+++ b/include/tpm-common.h
@@ -36,6 +36,7 @@ enum tpm_duration {
*
* @duration_ms: Length of each duration type in milliseconds
* @retry_time_ms: Time to wait before retrying receive
+ * @buf: Buffer used during the exchanges with the chip
*/
struct tpm_chip_priv {
uint duration_ms[TPM_DURATION_COUNT];
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 12/32] tpm: prepare support for TPMv2.x commands
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (10 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 11/32] tpm: add missing parameter in private data structure description Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 13/32] tpm: add macros to enhance TPM commands readability Miquel Raynal
` (20 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Choice between v1 and v2 compliant functions is done with the
configuration.
Create the various files that will receive TPMv2-only code on the same
scheme as for the TPMv1 code.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
cmd/Makefile | 1 +
cmd/tpm-v2.c | 33 ++++++++++++
drivers/tpm/tpm-uclass.c | 2 +
include/tpm-common.h | 6 +++
include/tpm-v2.h | 128 +++++++++++++++++++++++++++++++++++++++++++++++
lib/Makefile | 1 +
lib/tpm-v2.c | 11 ++++
7 files changed, 182 insertions(+)
create mode 100644 cmd/tpm-v2.c
create mode 100644 include/tpm-v2.h
create mode 100644 lib/tpm-v2.c
diff --git a/cmd/Makefile b/cmd/Makefile
index 66732085e8..bdb5475e07 100644
--- a/cmd/Makefile
+++ b/cmd/Makefile
@@ -120,6 +120,7 @@ obj-$(CONFIG_HUSH_PARSER) += test.o
obj-$(CONFIG_CMD_TPM) += tpm-common.o
obj-$(CONFIG_CMD_TPM_V1) += tpm-v1.o
obj-$(CONFIG_CMD_TPM_TEST) += tpm_test.o
+obj-$(CONFIG_CMD_TPM_V2) += tpm-v2.o
obj-$(CONFIG_CMD_CROS_EC) += cros_ec.o
obj-$(CONFIG_CMD_TSI148) += tsi148.o
obj-$(CONFIG_CMD_UBI) += ubi.o
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
new file mode 100644
index 0000000000..606aa92409
--- /dev/null
+++ b/cmd/tpm-v2.c
@@ -0,0 +1,33 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Copyright (c) 2018 Bootlin
+ * Author: Miquel Raynal <miquel.raynal@bootlin.com>
+ */
+
+#include <common.h>
+#include <dm.h>
+#include <log.h>
+#include <tpm-common.h>
+#include <tpm-v2.h>
+#include "tpm-user-utils.h"
+
+static cmd_tbl_t tpm2_commands[] = {
+ U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""),
+ U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""),
+};
+
+cmd_tbl_t *get_tpm_commands(unsigned int *size)
+{
+ *size = ARRAY_SIZE(tpm2_commands);
+
+ return tpm2_commands;
+}
+
+U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command",
+"<command> [<arguments>]\n"
+"\n"
+"info\n"
+" Show information about the TPM.\n"
+"init\n"
+" Initialize the software stack. Always the first command to issue.\n"
+);
diff --git a/drivers/tpm/tpm-uclass.c b/drivers/tpm/tpm-uclass.c
index eb0e511c8f..cbf4873cbb 100644
--- a/drivers/tpm/tpm-uclass.c
+++ b/drivers/tpm/tpm-uclass.c
@@ -10,6 +10,8 @@
#include <linux/unaligned/be_byteshift.h>
#if defined(CONFIG_TPM_V1)
#include <tpm-v1.h>
+#elif defined(CONFIG_TPM_V2)
+#include <tpm-v2.h>
#endif
#include "tpm_internal.h"
diff --git a/include/tpm-common.h b/include/tpm-common.h
index 6b15466781..94f0f310b4 100644
--- a/include/tpm-common.h
+++ b/include/tpm-common.h
@@ -36,11 +36,17 @@ enum tpm_duration {
*
* @duration_ms: Length of each duration type in milliseconds
* @retry_time_ms: Time to wait before retrying receive
+ * @pcr_count: Number of PCR per bank
+ * @pcr_select_min: Minimum size in bytes of the pcrSelect array
* @buf: Buffer used during the exchanges with the chip
*/
struct tpm_chip_priv {
uint duration_ms[TPM_DURATION_COUNT];
uint retry_time_ms;
+#if defined(CONFIG_TPM_V2)
+ uint pcr_count;
+ uint pcr_select_min;
+#endif
u8 buf[TPM_DEV_BUFSIZE + sizeof(u8)]; /* Max buffer size + addr */
};
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
new file mode 100644
index 0000000000..09a7a8b183
--- /dev/null
+++ b/include/tpm-v2.h
@@ -0,0 +1,128 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Copyright (c) 2018 Bootlin
+ * Author: Miquel Raynal <miquel.raynal@bootlin.com>
+ */
+
+#ifndef __TPM_V2_H
+#define __TPM_V2_H
+
+#include <tpm-common.h>
+
+#define TPM2_DIGEST_LEN 32
+
+/**
+ * TPM2 Structure Tags for command/response buffers.
+ *
+ * @TPM2_ST_NO_SESSIONS: the command does not need an authentication.
+ * @TPM2_ST_SESSIONS: the command needs an authentication.
+ */
+enum tpm2_structures {
+ TPM2_ST_NO_SESSIONS = 0x8001,
+ TPM2_ST_SESSIONS = 0x8002,
+};
+
+/**
+ * TPM2 type of boolean.
+ */
+enum tpm2_yes_no {
+ TPMI_YES = 1,
+ TPMI_NO = 0,
+};
+
+/**
+ * TPM2 startup values.
+ *
+ * @TPM2_SU_CLEAR: reset the internal state.
+ * @TPM2_SU_STATE: restore saved state (if any).
+ */
+enum tpm2_startup_types {
+ TPM2_SU_CLEAR = 0x0000,
+ TPM2_SU_STATE = 0x0001,
+};
+
+/**
+ * TPM2 permanent handles.
+ *
+ * @TPM2_RH_OWNER: refers to the 'owner' hierarchy.
+ * @TPM2_RS_PW: indicates a password.
+ * @TPM2_RH_LOCKOUT: refers to the 'lockout' hierarchy.
+ * @TPM2_RH_ENDORSEMENT: refers to the 'endorsement' hierarchy.
+ * @TPM2_RH_PLATFORM: refers to the 'platform' hierarchy.
+ */
+enum tpm2_handles {
+ TPM2_RH_OWNER = 0x40000001,
+ TPM2_RS_PW = 0x40000009,
+ TPM2_RH_LOCKOUT = 0x4000000A,
+ TPM2_RH_ENDORSEMENT = 0x4000000B,
+ TPM2_RH_PLATFORM = 0x4000000C,
+};
+
+/**
+ * TPM2 command codes used at the beginning of a buffer, gives the command.
+ *
+ * @TPM2_CC_STARTUP: TPM2_Startup().
+ * @TPM2_CC_SELF_TEST: TPM2_SelfTest().
+ * @TPM2_CC_CLEAR: TPM2_Clear().
+ * @TPM2_CC_CLEARCONTROL: TPM2_ClearControl().
+ * @TPM2_CC_HIERCHANGEAUTH: TPM2_HierarchyChangeAuth().
+ * @TPM2_CC_PCR_SETAUTHPOL: TPM2_PCR_SetAuthPolicy().
+ * @TPM2_CC_DAM_RESET: TPM2_DictionaryAttackLockReset().
+ * @TPM2_CC_DAM_PARAMETERS: TPM2_DictionaryAttackParameters().
+ * @TPM2_CC_GET_CAPABILITY: TPM2_GetCapibility().
+ * @TPM2_CC_PCR_READ: TPM2_PCR_Read().
+ * @TPM2_CC_PCR_EXTEND: TPM2_PCR_Extend().
+ * @TPM2_CC_PCR_SETAUTHVAL: TPM2_PCR_SetAuthValue().
+ */
+enum tpm2_command_codes {
+ TPM2_CC_STARTUP = 0x0144,
+ TPM2_CC_SELF_TEST = 0x0143,
+ TPM2_CC_CLEAR = 0x0126,
+ TPM2_CC_CLEARCONTROL = 0x0127,
+ TPM2_CC_HIERCHANGEAUTH = 0x0129,
+ TPM2_CC_DAM_RESET = 0x0139,
+ TPM2_CC_DAM_PARAMETERS = 0x013A,
+ TPM2_CC_GET_CAPABILITY = 0x017A,
+ TPM2_CC_PCR_READ = 0x017E,
+ TPM2_CC_PCR_EXTEND = 0x0182,
+};
+
+/**
+ * TPM2 return codes.
+ */
+enum tpm2_return_codes {
+ TPM2_RC_SUCCESS = 0x0000,
+ TPM2_RC_BAD_TAG = 0x001E,
+ TPM2_RC_FMT1 = 0x0080,
+ TPM2_RC_HASH = TPM2_RC_FMT1 + 0x0003,
+ TPM2_RC_VALUE = TPM2_RC_FMT1 + 0x0004,
+ TPM2_RC_SIZE = TPM2_RC_FMT1 + 0x0015,
+ TPM2_RC_BAD_AUTH = TPM2_RC_FMT1 + 0x0022,
+ TPM2_RC_HANDLE = TPM2_RC_FMT1 + 0x000B,
+ TPM2_RC_VER1 = 0x0100,
+ TPM2_RC_INITIALIZE = TPM2_RC_VER1 + 0x0000,
+ TPM2_RC_FAILURE = TPM2_RC_VER1 + 0x0001,
+ TPM2_RC_DISABLED = TPM2_RC_VER1 + 0x0020,
+ TPM2_RC_AUTH_MISSING = TPM2_RC_VER1 + 0x0025,
+ TPM2_RC_COMMAND_CODE = TPM2_RC_VER1 + 0x0043,
+ TPM2_RC_AUTHSIZE = TPM2_RC_VER1 + 0x0044,
+ TPM2_RC_AUTH_CONTEXT = TPM2_RC_VER1 + 0x0045,
+ TPM2_RC_NEEDS_TEST = TPM2_RC_VER1 + 0x0053,
+ TPM2_RC_WARN = 0x0900,
+ TPM2_RC_TESTING = TPM2_RC_WARN + 0x000A,
+ TPM2_RC_REFERENCE_H0 = TPM2_RC_WARN + 0x0010,
+ TPM2_RC_LOCKOUT = TPM2_RC_WARN + 0x0021,
+};
+
+/**
+ * TPM2 algorithms.
+ */
+enum tpm2_algorithms {
+ TPM2_ALG_XOR = 0x0A,
+ TPM2_ALG_SHA256 = 0x0B,
+ TPM2_ALG_SHA384 = 0x0C,
+ TPM2_ALG_SHA512 = 0x0D,
+ TPM2_ALG_NULL = 0x10,
+};
+
+#endif /* __TPM_V2_H */
diff --git a/lib/Makefile b/lib/Makefile
index 2052954841..ddf8db6be8 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -42,6 +42,7 @@ obj-y += rc4.o
obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o
obj-$(CONFIG_TPM) += tpm-common.o
obj-$(CONFIG_TPM_V1) += tpm-v1.o
+obj-$(CONFIG_TPM_V2) += tpm-v2.o
obj-$(CONFIG_RBTREE) += rbtree.o
obj-$(CONFIG_BITREVERSE) += bitrev.o
obj-y += list_sort.o
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
new file mode 100644
index 0000000000..ef4ebcd8ac
--- /dev/null
+++ b/lib/tpm-v2.c
@@ -0,0 +1,11 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Copyright (c) 2018 Bootlin
+ * Author: Miquel Raynal <miquel.raynal@bootlin.com>
+ */
+
+#include <common.h>
+#include <dm.h>
+#include <tpm-common.h>
+#include <tpm-v2.h>
+#include "tpm-utils.h"
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 13/32] tpm: add macros to enhance TPM commands readability
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (11 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 12/32] tpm: prepare support for TPMv2.x commands Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 15:59 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 14/32] tpm: add possible traces to analyze buffers returned by the TPM Miquel Raynal
` (19 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
TPM commands are much easier to read/write with these macros that will
transform words or integers into byte strings. This way, there is no
need to call pack_byte_string() while all variable length in a command
are known (and at must 4 bytes, which is a lot of them).
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
lib/tpm-utils.h | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/lib/tpm-utils.h b/lib/tpm-utils.h
index 429da46232..9c875e6fa7 100644
--- a/lib/tpm-utils.h
+++ b/lib/tpm-utils.h
@@ -13,6 +13,12 @@
/* Internal error of TPM command library */
#define TPM_LIB_ERROR ((u32)~0u)
+/* To make strings of commands more easily */
+#define __MSB(x) ((x) >> 8)
+#define __LSB(x) ((x) & 0xFF)
+#define tpm_u16(x) __MSB(x), __LSB(x)
+#define tpm_u32(x) tpm_u16((x) >> 16), tpm_u16((x) & 0xFFFF)
+
/**
* tpm_open() - Request access to locality 0 for the caller
*
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 14/32] tpm: add possible traces to analyze buffers returned by the TPM
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (12 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 13/32] tpm: add macros to enhance TPM commands readability Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 15:59 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 15/32] tpm: report driver error code to upper layer Miquel Raynal
` (18 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
When debugging, it is welcome to get more information about what the TPM
returns. Add the possibility to print the packets received to show their
exact content.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
lib/tpm-common.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/lib/tpm-common.c b/lib/tpm-common.c
index 0812b73220..57832debf3 100644
--- a/lib/tpm-common.c
+++ b/lib/tpm-common.c
@@ -154,6 +154,7 @@ u32 tpm_sendrecv_command(const void *command, void *response, size_t *size_ptr)
int err, ret;
u8 response_buffer[COMMAND_BUFFER_SIZE];
size_t response_length;
+ int i;
if (response) {
response_length = *size_ptr;
@@ -173,7 +174,14 @@ u32 tpm_sendrecv_command(const void *command, void *response, size_t *size_ptr)
if (size_ptr)
*size_ptr = response_length;
- return tpm_return_code(response);
+ ret = tpm_return_code(response);
+
+ log(LOGC_NONE, LOGL_DEBUG, "TPM response [ret:%d]: ", ret);
+ for (i = 0; i < response_length; i++)
+ log(LOGC_NONE, LOGL_DEBUG, "%02x ", ((u8 *)response)[i]);
+ log(LOGC_NONE, LOGL_DEBUG, "\n");
+
+ return ret;
}
int tpm_init(void)
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 15/32] tpm: report driver error code to upper layer
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (13 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 14/32] tpm: add possible traces to analyze buffers returned by the TPM Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 16/32] tpm: add TPM2_Startup command support Miquel Raynal
` (17 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Instead of returning a generic 'library' error, report back the actual
error code so it can be displayed to the user by the regular error path.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
lib/tpm-common.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/tpm-common.c b/lib/tpm-common.c
index 57832debf3..08e2c2ad44 100644
--- a/lib/tpm-common.c
+++ b/lib/tpm-common.c
@@ -170,7 +170,8 @@ u32 tpm_sendrecv_command(const void *command, void *response, size_t *size_ptr)
response, &response_length);
if (err < 0)
- return TPM_LIB_ERROR;
+ return err;
+
if (size_ptr)
*size_ptr = response_length;
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 16/32] tpm: add TPM2_Startup command support
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (14 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 15/32] tpm: report driver error code to upper layer Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 17/32] tpm: add TPM2_SelfTest " Miquel Raynal
` (16 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Add support for the TPM2_Startup command.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
cmd/tpm-v2.c | 26 ++++++++++++++++++++++++++
include/tpm-v2.h | 9 +++++++++
lib/tpm-v2.c | 21 +++++++++++++++++++++
3 files changed, 56 insertions(+)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index 606aa92409..d11820404e 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -11,9 +11,30 @@
#include <tpm-v2.h>
#include "tpm-user-utils.h"
+static int do_tpm2_startup(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
+{
+ enum tpm2_startup_types mode;
+
+ if (argc != 2)
+ return CMD_RET_USAGE;
+
+ if (!strcasecmp("TPM2_SU_CLEAR", argv[1])) {
+ mode = TPM2_SU_CLEAR;
+ } else if (!strcasecmp("TPM2_SU_STATE", argv[1])) {
+ mode = TPM2_SU_STATE;
+ } else {
+ printf("Couldn't recognize mode string: %s\n", argv[1]);
+ return CMD_RET_FAILURE;
+ }
+
+ return report_return_code(tpm2_startup(mode));
+}
+
static cmd_tbl_t tpm2_commands[] = {
U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""),
U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""),
+ U_BOOT_CMD_MKENT(startup, 0, 1, do_tpm2_startup, "", ""),
};
cmd_tbl_t *get_tpm_commands(unsigned int *size)
@@ -30,4 +51,9 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command",
" Show information about the TPM.\n"
"init\n"
" Initialize the software stack. Always the first command to issue.\n"
+"startup <mode>\n"
+" Issue a TPM2_Startup command.\n"
+" <mode> is one of:\n"
+" * TPM2_SU_CLEAR (reset state)\n"
+" * TPM2_SU_STATE (preserved state)\n"
);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index 09a7a8b183..b9d6488b4c 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -125,4 +125,13 @@ enum tpm2_algorithms {
TPM2_ALG_NULL = 0x10,
};
+/**
+ * Issue a TPM2_Startup command.
+ *
+ * @mode TPM startup mode
+ *
+ * @return code of the operation
+ */
+u32 tpm2_startup(enum tpm2_startup_types mode);
+
#endif /* __TPM_V2_H */
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index ef4ebcd8ac..0d5ecebd32 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -9,3 +9,24 @@
#include <tpm-common.h>
#include <tpm-v2.h>
#include "tpm-utils.h"
+
+u32 tpm2_startup(enum tpm2_startup_types mode)
+{
+ const u8 command_v2[12] = {
+ tpm_u16(TPM2_ST_NO_SESSIONS),
+ tpm_u32(12),
+ tpm_u32(TPM2_CC_STARTUP),
+ tpm_u16(mode),
+ };
+ int ret;
+
+ /*
+ * Note TPM2_Startup command will return RC_SUCCESS the first time,
+ * but will return RC_INITIALIZE otherwise.
+ */
+ ret = tpm_sendrecv_command(command_v2, NULL, NULL);
+ if (ret && ret != TPM2_RC_INITIALIZE)
+ return ret;
+
+ return 0;
+}
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 17/32] tpm: add TPM2_SelfTest command support
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (15 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 16/32] tpm: add TPM2_Startup command support Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 18/32] tpm: add TPM2_Clear " Miquel Raynal
` (15 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Add support for the TPM2_Selftest command.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
cmd/tpm-v2.c | 26 ++++++++++++++++++++++++++
include/tpm-v2.h | 9 +++++++++
lib/tpm-v2.c | 12 ++++++++++++
3 files changed, 47 insertions(+)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index d11820404e..1e746a7f09 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -31,10 +31,31 @@ static int do_tpm2_startup(cmd_tbl_t *cmdtp, int flag, int argc,
return report_return_code(tpm2_startup(mode));
}
+static int do_tpm2_self_test(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
+{
+ enum tpm2_yes_no full_test;
+
+ if (argc != 2)
+ return CMD_RET_USAGE;
+
+ if (!strcasecmp("full", argv[1])) {
+ full_test = TPMI_YES;
+ } else if (!strcasecmp("continue", argv[1])) {
+ full_test = TPMI_NO;
+ } else {
+ printf("Couldn't recognize test mode: %s\n", argv[1]);
+ return CMD_RET_FAILURE;
+ }
+
+ return report_return_code(tpm2_self_test(full_test));
+}
+
static cmd_tbl_t tpm2_commands[] = {
U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""),
U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""),
U_BOOT_CMD_MKENT(startup, 0, 1, do_tpm2_startup, "", ""),
+ U_BOOT_CMD_MKENT(self_test, 0, 1, do_tpm2_self_test, "", ""),
};
cmd_tbl_t *get_tpm_commands(unsigned int *size)
@@ -56,4 +77,9 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command",
" <mode> is one of:\n"
" * TPM2_SU_CLEAR (reset state)\n"
" * TPM2_SU_STATE (preserved state)\n"
+"self_test <type>\n"
+" Test the TPM capabilities.\n"
+" <type> is one of:\n"
+" * full (perform all tests)\n"
+" * continue (only check untested tests)\n"
);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index b9d6488b4c..f6d50a3a0b 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -134,4 +134,13 @@ enum tpm2_algorithms {
*/
u32 tpm2_startup(enum tpm2_startup_types mode);
+/**
+ * Issue a TPM2_SelfTest command.
+ *
+ * @full_test Asking to perform all tests or only the untested ones
+ *
+ * @return code of the operation
+ */
+u32 tpm2_self_test(enum tpm2_yes_no full_test);
+
#endif /* __TPM_V2_H */
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index 0d5ecebd32..c7156e569b 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -30,3 +30,15 @@ u32 tpm2_startup(enum tpm2_startup_types mode)
return 0;
}
+
+u32 tpm2_self_test(enum tpm2_yes_no full_test)
+{
+ const u8 command_v2[12] = {
+ tpm_u16(TPM2_ST_NO_SESSIONS),
+ tpm_u32(11),
+ tpm_u32(TPM2_CC_SELF_TEST),
+ full_test,
+ };
+
+ return tpm_sendrecv_command(command_v2, NULL, NULL);
+}
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 18/32] tpm: add TPM2_Clear command support
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (16 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 17/32] tpm: add TPM2_SelfTest " Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot,v4,18/32] " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 19/32] tpm: add TPM2_PCR_Extend " Miquel Raynal
` (14 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Add support for the TPM2_Clear command.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
cmd/tpm-v2.c | 29 +++++++++++++++++++++++++++++
include/tpm-v2.h | 11 +++++++++++
lib/tpm-v2.c | 35 +++++++++++++++++++++++++++++++++++
3 files changed, 75 insertions(+)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index 1e746a7f09..9f6a8fc0b6 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -51,11 +51,35 @@ static int do_tpm2_self_test(cmd_tbl_t *cmdtp, int flag, int argc,
return report_return_code(tpm2_self_test(full_test));
}
+static int do_tpm2_clear(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
+{
+ u32 handle = 0;
+ const char *pw = (argc < 3) ? NULL : argv[2];
+ const ssize_t pw_sz = pw ? strlen(pw) : 0;
+
+ if (argc < 2 || argc > 3)
+ return CMD_RET_USAGE;
+
+ if (pw_sz > TPM2_DIGEST_LEN)
+ return -EINVAL;
+
+ if (!strcasecmp("TPM2_RH_LOCKOUT", argv[1]))
+ handle = TPM2_RH_LOCKOUT;
+ else if (!strcasecmp("TPM2_RH_PLATFORM", argv[1]))
+ handle = TPM2_RH_PLATFORM;
+ else
+ return CMD_RET_USAGE;
+
+ return report_return_code(tpm2_clear(handle, pw, pw_sz));
+}
+
static cmd_tbl_t tpm2_commands[] = {
U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""),
U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""),
U_BOOT_CMD_MKENT(startup, 0, 1, do_tpm2_startup, "", ""),
U_BOOT_CMD_MKENT(self_test, 0, 1, do_tpm2_self_test, "", ""),
+ U_BOOT_CMD_MKENT(clear, 0, 1, do_tpm2_clear, "", ""),
};
cmd_tbl_t *get_tpm_commands(unsigned int *size)
@@ -82,4 +106,9 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command",
" <type> is one of:\n"
" * full (perform all tests)\n"
" * continue (only check untested tests)\n"
+"clear <hierarchy>\n"
+" Issue a TPM2_Clear command.\n"
+" <hierarchy> is one of:\n"
+" * TPM2_RH_LOCKOUT\n"
+" * TPM2_RH_PLATFORM\n"
);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index f6d50a3a0b..0d02e4a89b 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -143,4 +143,15 @@ u32 tpm2_startup(enum tpm2_startup_types mode);
*/
u32 tpm2_self_test(enum tpm2_yes_no full_test);
+/**
+ * Issue a TPM2_Clear command.
+ *
+ * @handle Handle
+ * @pw Password
+ * @pw_sz Length of the password
+ *
+ * @return code of the operation
+ */
+u32 tpm2_clear(u32 handle, const char *pw, const ssize_t pw_sz);
+
#endif /* __TPM_V2_H */
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index c7156e569b..e3bfec5082 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -42,3 +42,38 @@ u32 tpm2_self_test(enum tpm2_yes_no full_test)
return tpm_sendrecv_command(command_v2, NULL, NULL);
}
+
+u32 tpm2_clear(u32 handle, const char *pw, const ssize_t pw_sz)
+{
+ u8 command_v2[COMMAND_BUFFER_SIZE] = {
+ tpm_u16(TPM2_ST_SESSIONS), /* TAG */
+ tpm_u32(27 + pw_sz), /* Length */
+ tpm_u32(TPM2_CC_CLEAR), /* Command code */
+
+ /* HANDLE */
+ tpm_u32(handle), /* TPM resource handle */
+
+ /* AUTH_SESSION */
+ tpm_u32(9 + pw_sz), /* Authorization size */
+ tpm_u32(TPM2_RS_PW), /* Session handle */
+ tpm_u16(0), /* Size of <nonce> */
+ /* <nonce> (if any) */
+ 0, /* Attributes: Cont/Excl/Rst */
+ tpm_u16(pw_sz), /* Size of <hmac/password> */
+ /* STRING(pw) <hmac/password> (if any) */
+ };
+ unsigned int offset = 27;
+ int ret;
+
+ /*
+ * Fill the command structure starting from the first buffer:
+ * - the password (if any)
+ */
+ ret = pack_byte_string(command_v2, sizeof(command_v2), "s",
+ offset, pw, pw_sz);
+ offset += pw_sz;
+ if (ret)
+ return TPM_LIB_ERROR;
+
+ return tpm_sendrecv_command(command_v2, NULL, NULL);
+}
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 19/32] tpm: add TPM2_PCR_Extend command support
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (17 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 18/32] tpm: add TPM2_Clear " Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 20/32] tpm: add TPM2_PCR_Read " Miquel Raynal
` (13 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Add support for the TPM2_PCR_Extend command.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
cmd/tpm-v2.c | 37 +++++++++++++++++++++++++++++++++++++
include/tpm-v2.h | 10 ++++++++++
lib/tpm-v2.c | 38 ++++++++++++++++++++++++++++++++++++++
3 files changed, 85 insertions(+)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index 9f6a8fc0b6..df6cd6919c 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -7,6 +7,7 @@
#include <common.h>
#include <dm.h>
#include <log.h>
+#include <mapmem.h>
#include <tpm-common.h>
#include <tpm-v2.h>
#include "tpm-user-utils.h"
@@ -74,12 +75,44 @@ static int do_tpm2_clear(cmd_tbl_t *cmdtp, int flag, int argc,
return report_return_code(tpm2_clear(handle, pw, pw_sz));
}
+static int do_tpm2_pcr_extend(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
+{
+ struct udevice *dev;
+ struct tpm_chip_priv *priv;
+ u32 index = simple_strtoul(argv[1], NULL, 0);
+ void *digest = map_sysmem(simple_strtoul(argv[2], NULL, 0), 0);
+ int ret;
+ u32 rc;
+
+ if (argc != 3)
+ return CMD_RET_USAGE;
+
+ ret = uclass_first_device_err(UCLASS_TPM, &dev);
+ if (ret)
+ return ret;
+
+ priv = dev_get_uclass_priv(dev);
+ if (!priv)
+ return -EINVAL;
+
+ if (index >= priv->pcr_count)
+ return -EINVAL;
+
+ rc = tpm2_pcr_extend(index, digest);
+
+ unmap_sysmem(digest);
+
+ return report_return_code(rc);
+}
+
static cmd_tbl_t tpm2_commands[] = {
U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""),
U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""),
U_BOOT_CMD_MKENT(startup, 0, 1, do_tpm2_startup, "", ""),
U_BOOT_CMD_MKENT(self_test, 0, 1, do_tpm2_self_test, "", ""),
U_BOOT_CMD_MKENT(clear, 0, 1, do_tpm2_clear, "", ""),
+ U_BOOT_CMD_MKENT(pcr_extend, 0, 1, do_tpm2_pcr_extend, "", ""),
};
cmd_tbl_t *get_tpm_commands(unsigned int *size)
@@ -111,4 +144,8 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command",
" <hierarchy> is one of:\n"
" * TPM2_RH_LOCKOUT\n"
" * TPM2_RH_PLATFORM\n"
+"pcr_extend <pcr> <digest_addr>\n"
+" Extend PCR #<pcr> with digest at <digest_addr>.\n"
+" <pcr>: index of the PCR\n"
+" <digest_addr>: address of a 32-byte SHA256 digest\n"
);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index 0d02e4a89b..0706a925ce 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -154,4 +154,14 @@ u32 tpm2_self_test(enum tpm2_yes_no full_test);
*/
u32 tpm2_clear(u32 handle, const char *pw, const ssize_t pw_sz);
+/**
+ * Issue a TPM2_PCR_Extend command.
+ *
+ * @index Index of the PCR
+ * @digest Value representing the event to be recorded
+ *
+ * @return code of the operation
+ */
+u32 tpm2_pcr_extend(u32 index, const uint8_t *digest);
+
#endif /* __TPM_V2_H */
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index e3bfec5082..2696f8145d 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -77,3 +77,41 @@ u32 tpm2_clear(u32 handle, const char *pw, const ssize_t pw_sz)
return tpm_sendrecv_command(command_v2, NULL, NULL);
}
+
+u32 tpm2_pcr_extend(u32 index, const uint8_t *digest)
+{
+ u8 command_v2[COMMAND_BUFFER_SIZE] = {
+ tpm_u16(TPM2_ST_SESSIONS), /* TAG */
+ tpm_u32(33 + TPM2_DIGEST_LEN), /* Length */
+ tpm_u32(TPM2_CC_PCR_EXTEND), /* Command code */
+
+ /* HANDLE */
+ tpm_u32(index), /* Handle (PCR Index) */
+
+ /* AUTH_SESSION */
+ tpm_u32(9), /* Authorization size */
+ tpm_u32(TPM2_RS_PW), /* Session handle */
+ tpm_u16(0), /* Size of <nonce> */
+ /* <nonce> (if any) */
+ 0, /* Attributes: Cont/Excl/Rst */
+ tpm_u16(0), /* Size of <hmac/password> */
+ /* <hmac/password> (if any) */
+ tpm_u32(1), /* Count (number of hashes) */
+ tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */
+ /* STRING(digest) Digest */
+ };
+ unsigned int offset = 33;
+ int ret;
+
+ /*
+ * Fill the command structure starting from the first buffer:
+ * - the digest
+ */
+ ret = pack_byte_string(command_v2, sizeof(command_v2), "s",
+ offset, digest, TPM2_DIGEST_LEN);
+ offset += TPM2_DIGEST_LEN;
+ if (ret)
+ return TPM_LIB_ERROR;
+
+ return tpm_sendrecv_command(command_v2, NULL, NULL);
+}
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 20/32] tpm: add TPM2_PCR_Read command support
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (18 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 19/32] tpm: add TPM2_PCR_Extend " Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 21/32] tpm: add TPM2_GetCapability " Miquel Raynal
` (12 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Add support for the TPM2_PCR_Read command.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
cmd/tpm-v2.c | 43 +++++++++++++++++++++++++++++++++++++++++++
include/tpm-v2.h | 13 +++++++++++++
lib/tpm-v2.c | 42 ++++++++++++++++++++++++++++++++++++++++++
3 files changed, 98 insertions(+)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index df6cd6919c..49c22aaeaa 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -106,6 +106,44 @@ static int do_tpm2_pcr_extend(cmd_tbl_t *cmdtp, int flag, int argc,
return report_return_code(rc);
}
+static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
+{
+ struct udevice *dev;
+ struct tpm_chip_priv *priv;
+ u32 index, rc;
+ unsigned int updates;
+ void *data;
+ int ret;
+
+ if (argc != 3)
+ return CMD_RET_USAGE;
+
+ ret = uclass_first_device_err(UCLASS_TPM, &dev);
+ if (ret)
+ return ret;
+
+ priv = dev_get_uclass_priv(dev);
+ if (!priv)
+ return -EINVAL;
+
+ index = simple_strtoul(argv[1], NULL, 0);
+ if (index >= priv->pcr_count)
+ return -EINVAL;
+
+ data = map_sysmem(simple_strtoul(argv[2], NULL, 0), 0);
+
+ rc = tpm2_pcr_read(index, priv->pcr_select_min, data, &updates);
+ if (!rc) {
+ printf("PCR #%u content (%d known updates):\n", index, updates);
+ print_byte_string(data, TPM2_DIGEST_LEN);
+ }
+
+ unmap_sysmem(data);
+
+ return report_return_code(rc);
+}
+
static cmd_tbl_t tpm2_commands[] = {
U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""),
U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""),
@@ -113,6 +151,7 @@ static cmd_tbl_t tpm2_commands[] = {
U_BOOT_CMD_MKENT(self_test, 0, 1, do_tpm2_self_test, "", ""),
U_BOOT_CMD_MKENT(clear, 0, 1, do_tpm2_clear, "", ""),
U_BOOT_CMD_MKENT(pcr_extend, 0, 1, do_tpm2_pcr_extend, "", ""),
+ U_BOOT_CMD_MKENT(pcr_read, 0, 1, do_tpm_pcr_read, "", ""),
};
cmd_tbl_t *get_tpm_commands(unsigned int *size)
@@ -148,4 +187,8 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command",
" Extend PCR #<pcr> with digest at <digest_addr>.\n"
" <pcr>: index of the PCR\n"
" <digest_addr>: address of a 32-byte SHA256 digest\n"
+"pcr_read <pcr> <digest_addr>\n"
+" Read PCR #<pcr> to memory address <digest_addr>.\n"
+" <pcr>: index of the PCR\n"
+" <digest_addr>: address to store the a 32-byte SHA256 digest\n"
);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index 0706a925ce..b9f36b22ba 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -164,4 +164,17 @@ u32 tpm2_clear(u32 handle, const char *pw, const ssize_t pw_sz);
*/
u32 tpm2_pcr_extend(u32 index, const uint8_t *digest);
+/**
+ * Issue a TPM2_PCR_Read command.
+ *
+ * @idx Index of the PCR
+ * @idx_min_sz Minimum size in bytes of the pcrSelect array
+ * @data Output buffer for contents of the named PCR
+ * @updates Optional out parameter: number of updates for this PCR
+ *
+ * @return code of the operation
+ */
+u32 tpm2_pcr_read(u32 idx, unsigned int idx_min_sz, void *data,
+ unsigned int *updates);
+
#endif /* __TPM_V2_H */
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index 2696f8145d..a1f1dbc3d6 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -115,3 +115,45 @@ u32 tpm2_pcr_extend(u32 index, const uint8_t *digest)
return tpm_sendrecv_command(command_v2, NULL, NULL);
}
+
+u32 tpm2_pcr_read(u32 idx, unsigned int idx_min_sz, void *data,
+ unsigned int *updates)
+{
+ u8 idx_array_sz = max(idx_min_sz, DIV_ROUND_UP(idx, 8));
+ u8 command_v2[COMMAND_BUFFER_SIZE] = {
+ tpm_u16(TPM2_ST_NO_SESSIONS), /* TAG */
+ tpm_u32(17 + idx_array_sz), /* Length */
+ tpm_u32(TPM2_CC_PCR_READ), /* Command code */
+
+ /* TPML_PCR_SELECTION */
+ tpm_u32(1), /* Number of selections */
+ tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */
+ idx_array_sz, /* Array size for selection */
+ /* bitmap(idx) Selected PCR bitmap */
+ };
+ size_t response_len = COMMAND_BUFFER_SIZE;
+ u8 response[COMMAND_BUFFER_SIZE];
+ unsigned int pcr_sel_idx = idx / 8;
+ u8 pcr_sel_bit = BIT(idx % 8);
+ unsigned int counter = 0;
+ int ret;
+
+ if (pack_byte_string(command_v2, COMMAND_BUFFER_SIZE, "b",
+ 17 + pcr_sel_idx, pcr_sel_bit))
+ return TPM_LIB_ERROR;
+
+ ret = tpm_sendrecv_command(command_v2, response, &response_len);
+ if (ret)
+ return ret;
+
+ if (unpack_byte_string(response, response_len, "ds",
+ 10, &counter,
+ response_len - TPM2_DIGEST_LEN, data,
+ TPM2_DIGEST_LEN))
+ return TPM_LIB_ERROR;
+
+ if (updates)
+ *updates = counter;
+
+ return 0;
+}
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 21/32] tpm: add TPM2_GetCapability command support
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (19 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 20/32] tpm: add TPM2_PCR_Read " Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 22/32] tpm: add dictionary attack mitigation commands support Miquel Raynal
` (11 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Add support for the TPM2_GetCapability command.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
cmd/tpm-v2.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
include/tpm-v2.h | 14 ++++++++++++++
lib/tpm-v2.c | 33 +++++++++++++++++++++++++++++++++
3 files changed, 92 insertions(+)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index 49c22aaeaa..3599763e90 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -144,6 +144,43 @@ static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, int argc,
return report_return_code(rc);
}
+static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
+{
+ u32 capability, property, rc;
+ u8 *data;
+ size_t count;
+ int i, j;
+
+ if (argc != 5)
+ return CMD_RET_USAGE;
+
+ capability = simple_strtoul(argv[1], NULL, 0);
+ property = simple_strtoul(argv[2], NULL, 0);
+ data = map_sysmem(simple_strtoul(argv[3], NULL, 0), 0);
+ count = simple_strtoul(argv[4], NULL, 0);
+
+ rc = tpm2_get_capability(capability, property, data, count);
+ if (rc)
+ goto unmap_data;
+
+ printf("Capabilities read from TPM:\n");
+ for (i = 0; i < count; i++) {
+ printf("Property 0x");
+ for (j = 0; j < 4; j++)
+ printf("%02x", data[(i * 8) + j]);
+ printf(": 0x");
+ for (j = 4; j < 8; j++)
+ printf("%02x", data[(i * 8) + j]);
+ printf("\n");
+ }
+
+unmap_data:
+ unmap_sysmem(data);
+
+ return report_return_code(rc);
+}
+
static cmd_tbl_t tpm2_commands[] = {
U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""),
U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""),
@@ -152,6 +189,7 @@ static cmd_tbl_t tpm2_commands[] = {
U_BOOT_CMD_MKENT(clear, 0, 1, do_tpm2_clear, "", ""),
U_BOOT_CMD_MKENT(pcr_extend, 0, 1, do_tpm2_pcr_extend, "", ""),
U_BOOT_CMD_MKENT(pcr_read, 0, 1, do_tpm_pcr_read, "", ""),
+ U_BOOT_CMD_MKENT(get_capability, 0, 1, do_tpm_get_capability, "", ""),
};
cmd_tbl_t *get_tpm_commands(unsigned int *size)
@@ -191,4 +229,11 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command",
" Read PCR #<pcr> to memory address <digest_addr>.\n"
" <pcr>: index of the PCR\n"
" <digest_addr>: address to store the a 32-byte SHA256 digest\n"
+"get_capability <capability> <property> <addr> <count>\n"
+" Read and display <count> entries indexed by <capability>/<property>.\n"
+" Values are 4 bytes long and are written at <addr>.\n"
+" <capability>: capability\n"
+" <property>: property\n"
+" <addr>: address to store <count> entries of 4 bytes\n"
+" <count>: number of entries to retrieve\n"
);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index b9f36b22ba..618026ce2a 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -177,4 +177,18 @@ u32 tpm2_pcr_extend(u32 index, const uint8_t *digest);
u32 tpm2_pcr_read(u32 idx, unsigned int idx_min_sz, void *data,
unsigned int *updates);
+/**
+ * Issue a TPM2_GetCapability command. This implementation is limited
+ * to query property index that is 4-byte wide.
+ *
+ * @capability Partition of capabilities
+ * @property Further definition of capability, limited to be 4 bytes wide
+ * @buf Output buffer for capability information
+ * @prop_count Size of output buffer
+ *
+ * @return code of the operation
+ */
+u32 tpm2_get_capability(u32 capability, u32 property, void *buf,
+ size_t prop_count);
+
#endif /* __TPM_V2_H */
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index a1f1dbc3d6..330844ee31 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -157,3 +157,36 @@ u32 tpm2_pcr_read(u32 idx, unsigned int idx_min_sz, void *data,
return 0;
}
+
+u32 tpm2_get_capability(u32 capability, u32 property, void *buf,
+ size_t prop_count)
+{
+ u8 command_v2[COMMAND_BUFFER_SIZE] = {
+ tpm_u16(TPM2_ST_NO_SESSIONS), /* TAG */
+ tpm_u32(22), /* Length */
+ tpm_u32(TPM2_CC_GET_CAPABILITY), /* Command code */
+
+ tpm_u32(capability), /* Capability */
+ tpm_u32(property), /* Property */
+ tpm_u32(prop_count), /* Property count */
+ };
+ u8 response[COMMAND_BUFFER_SIZE];
+ size_t response_len = COMMAND_BUFFER_SIZE;
+ unsigned int properties_off;
+ int ret;
+
+ ret = tpm_sendrecv_command(command_v2, response, &response_len);
+ if (ret)
+ return ret;
+
+ /*
+ * In the response buffer, the properties are located after the:
+ * tag (u16), response size (u32), response code (u32),
+ * YES/NO flag (u8), TPM_CAP (u32) and TPMU_CAPABILITIES (u32).
+ */
+ properties_off = sizeof(u16) + sizeof(u32) + sizeof(u32) +
+ sizeof(u8) + sizeof(u32) + sizeof(u32);
+ memcpy(buf, &response[properties_off], response_len - properties_off);
+
+ return 0;
+}
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 22/32] tpm: add dictionary attack mitigation commands support
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (20 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 21/32] tpm: add TPM2_GetCapability " Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 23/32] tpm: add TPM2_HierarchyChangeAuth command support Miquel Raynal
` (10 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Add support for the TPM2_DictionaryAttackParameters and
TPM2_DictionaryAttackLockReset commands.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
cmd/tpm-v2.c | 67 +++++++++++++++++++++++++++++++++++++++++++++
include/tpm-v2.h | 25 +++++++++++++++++
lib/tpm-v2.c | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 175 insertions(+)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index 3599763e90..5e3ebc7984 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -181,6 +181,59 @@ unmap_data:
return report_return_code(rc);
}
+static int do_tpm_dam_reset(cmd_tbl_t *cmdtp, int flag, int argc,
+ char *const argv[])
+{
+ const char *pw = (argc < 2) ? NULL : argv[1];
+ const ssize_t pw_sz = pw ? strlen(pw) : 0;
+
+ if (argc > 2)
+ return CMD_RET_USAGE;
+
+ if (pw_sz > TPM2_DIGEST_LEN)
+ return -EINVAL;
+
+ return report_return_code(tpm2_dam_reset(pw, pw_sz));
+}
+
+static int do_tpm_dam_parameters(cmd_tbl_t *cmdtp, int flag, int argc,
+ char *const argv[])
+{
+ const char *pw = (argc < 5) ? NULL : argv[4];
+ const ssize_t pw_sz = pw ? strlen(pw) : 0;
+ /*
+ * No Dictionary Attack Mitigation (DAM) means:
+ * maxtries = 0xFFFFFFFF, recovery_time = 1, lockout_recovery = 0
+ */
+ unsigned long int max_tries;
+ unsigned long int recovery_time;
+ unsigned long int lockout_recovery;
+
+ if (argc < 4 || argc > 5)
+ return CMD_RET_USAGE;
+
+ if (pw_sz > TPM2_DIGEST_LEN)
+ return -EINVAL;
+
+ if (strict_strtoul(argv[1], 0, &max_tries))
+ return CMD_RET_USAGE;
+
+ if (strict_strtoul(argv[2], 0, &recovery_time))
+ return CMD_RET_USAGE;
+
+ if (strict_strtoul(argv[3], 0, &lockout_recovery))
+ return CMD_RET_USAGE;
+
+ log(LOGC_NONE, LOGL_INFO, "Changing dictionary attack parameters:\n");
+ log(LOGC_NONE, LOGL_INFO, "- maxTries: %lu", max_tries);
+ log(LOGC_NONE, LOGL_INFO, "- recoveryTime: %lu\n", recovery_time);
+ log(LOGC_NONE, LOGL_INFO, "- lockoutRecovery: %lu\n", lockout_recovery);
+
+ return report_return_code(tpm2_dam_parameters(pw, pw_sz, max_tries,
+ recovery_time,
+ lockout_recovery));
+}
+
static cmd_tbl_t tpm2_commands[] = {
U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""),
U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""),
@@ -190,6 +243,8 @@ static cmd_tbl_t tpm2_commands[] = {
U_BOOT_CMD_MKENT(pcr_extend, 0, 1, do_tpm2_pcr_extend, "", ""),
U_BOOT_CMD_MKENT(pcr_read, 0, 1, do_tpm_pcr_read, "", ""),
U_BOOT_CMD_MKENT(get_capability, 0, 1, do_tpm_get_capability, "", ""),
+ U_BOOT_CMD_MKENT(dam_reset, 0, 1, do_tpm_dam_reset, "", ""),
+ U_BOOT_CMD_MKENT(dam_parameters, 0, 1, do_tpm_dam_parameters, "", ""),
};
cmd_tbl_t *get_tpm_commands(unsigned int *size)
@@ -236,4 +291,16 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command",
" <property>: property\n"
" <addr>: address to store <count> entries of 4 bytes\n"
" <count>: number of entries to retrieve\n"
+" dam_reset_counter [<password>]\n"
+" - If the TPM is not in a LOCKOUT state, reset the internal error\n"
+" counter (TPMv2 only)\n"
+" dam_set_parameters <maxTries> <recoveryTime> <lockoutRecovery> [<password>]\n"
+" - If the TPM is not in a LOCKOUT state, set the dictionary attack\n"
+" parameters:\n"
+" * maxTries: maximum number of failures before lockout.\n"
+" 0 means always locking.\n"
+" * recoveryTime: time before decrementation of the error counter,\n"
+" 0 means no lockout.\n"
+" * lockoutRecovery: time of a lockout (before the next try)\n"
+" 0 means a reboot is needed.\n"
);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index 618026ce2a..4e182cf827 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -191,4 +191,29 @@ u32 tpm2_pcr_read(u32 idx, unsigned int idx_min_sz, void *data,
u32 tpm2_get_capability(u32 capability, u32 property, void *buf,
size_t prop_count);
+/**
+ * Issue a TPM2_DictionaryAttackLockReset command.
+ *
+ * @pw Password
+ * @pw_sz Length of the password
+ *
+ * @return code of the operation
+ */
+u32 tpm2_dam_reset(const char *pw, const ssize_t pw_sz);
+
+/**
+ * Issue a TPM2_DictionaryAttackParameters command.
+ *
+ * @pw Password
+ * @pw_sz Length of the password
+ * @max_tries Count of authorizations before lockout
+ * @recovery_time Time before decrementation of the failure count
+ * @lockout_recovery Time to wait after a lockout
+ *
+ * @return code of the operation
+ */
+u32 tpm2_dam_parameters(const char *pw, const ssize_t pw_sz,
+ unsigned int max_tries, unsigned int recovery_time,
+ unsigned int lockout_recovery);
+
#endif /* __TPM_V2_H */
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index 330844ee31..5f1090eccb 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -190,3 +190,86 @@ u32 tpm2_get_capability(u32 capability, u32 property, void *buf,
return 0;
}
+
+u32 tpm2_dam_reset(const char *pw, const ssize_t pw_sz)
+{
+ u8 command_v2[COMMAND_BUFFER_SIZE] = {
+ tpm_u16(TPM2_ST_SESSIONS), /* TAG */
+ tpm_u32(27 + pw_sz), /* Length */
+ tpm_u32(TPM2_CC_DAM_RESET), /* Command code */
+
+ /* HANDLE */
+ tpm_u32(TPM2_RH_LOCKOUT), /* TPM resource handle */
+
+ /* AUTH_SESSION */
+ tpm_u32(9 + pw_sz), /* Authorization size */
+ tpm_u32(TPM2_RS_PW), /* Session handle */
+ tpm_u16(0), /* Size of <nonce> */
+ /* <nonce> (if any) */
+ 0, /* Attributes: Cont/Excl/Rst */
+ tpm_u16(pw_sz), /* Size of <hmac/password> */
+ /* STRING(pw) <hmac/password> (if any) */
+ };
+ unsigned int offset = 27;
+ int ret;
+
+ /*
+ * Fill the command structure starting from the first buffer:
+ * - the password (if any)
+ */
+ ret = pack_byte_string(command_v2, sizeof(command_v2), "s",
+ offset, pw, pw_sz);
+ offset += pw_sz;
+ if (ret)
+ return TPM_LIB_ERROR;
+
+ return tpm_sendrecv_command(command_v2, NULL, NULL);
+}
+
+u32 tpm2_dam_parameters(const char *pw, const ssize_t pw_sz,
+ unsigned int max_tries, unsigned int recovery_time,
+ unsigned int lockout_recovery)
+{
+ u8 command_v2[COMMAND_BUFFER_SIZE] = {
+ tpm_u16(TPM2_ST_SESSIONS), /* TAG */
+ tpm_u32(27 + pw_sz + 12), /* Length */
+ tpm_u32(TPM2_CC_DAM_PARAMETERS), /* Command code */
+
+ /* HANDLE */
+ tpm_u32(TPM2_RH_LOCKOUT), /* TPM resource handle */
+
+ /* AUTH_SESSION */
+ tpm_u32(9 + pw_sz), /* Authorization size */
+ tpm_u32(TPM2_RS_PW), /* Session handle */
+ tpm_u16(0), /* Size of <nonce> */
+ /* <nonce> (if any) */
+ 0, /* Attributes: Cont/Excl/Rst */
+ tpm_u16(pw_sz), /* Size of <hmac/password> */
+ /* STRING(pw) <hmac/password> (if any) */
+
+ /* LOCKOUT PARAMETERS */
+ /* tpm_u32(max_tries) Max tries (0, always lock) */
+ /* tpm_u32(recovery_time) Recovery time (0, no lock) */
+ /* tpm_u32(lockout_recovery) Lockout recovery */
+ };
+ unsigned int offset = 27;
+ int ret;
+
+ /*
+ * Fill the command structure starting from the first buffer:
+ * - the password (if any)
+ * - max tries
+ * - recovery time
+ * - lockout recovery
+ */
+ ret = pack_byte_string(command_v2, sizeof(command_v2), "sddd",
+ offset, pw, pw_sz,
+ offset + pw_sz, max_tries,
+ offset + pw_sz + 4, recovery_time,
+ offset + pw_sz + 8, lockout_recovery);
+ offset += pw_sz + 12;
+ if (ret)
+ return TPM_LIB_ERROR;
+
+ return tpm_sendrecv_command(command_v2, NULL, NULL);
+}
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 23/32] tpm: add TPM2_HierarchyChangeAuth command support
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (21 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 22/32] tpm: add dictionary attack mitigation commands support Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 24/32] tpm: add PCR authentication commands support Miquel Raynal
` (9 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Add support for the TPM2_HierarchyChangeAuth command.
Change the command file and the help accordingly.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
cmd/tpm-v2.c | 59 ++++++++++++++++++++++++++++++++++++++++++++------------
include/tpm-v2.h | 14 ++++++++++++++
lib/tpm-v2.c | 44 ++++++++++++++++++++++++++++++++++++++++++
3 files changed, 105 insertions(+), 12 deletions(-)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index 5e3ebc7984..b52409846b 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -234,6 +234,36 @@ static int do_tpm_dam_parameters(cmd_tbl_t *cmdtp, int flag, int argc,
lockout_recovery));
}
+static int do_tpm_change_auth(cmd_tbl_t *cmdtp, int flag, int argc,
+ char *const argv[])
+{
+ u32 handle;
+ const char *newpw = argv[2];
+ const char *oldpw = (argc == 3) ? NULL : argv[3];
+ const ssize_t newpw_sz = strlen(newpw);
+ const ssize_t oldpw_sz = oldpw ? strlen(oldpw) : 0;
+
+ if (argc < 3 || argc > 4)
+ return CMD_RET_USAGE;
+
+ if (newpw_sz > TPM2_DIGEST_LEN || oldpw_sz > TPM2_DIGEST_LEN)
+ return -EINVAL;
+
+ if (!strcasecmp("TPM2_RH_LOCKOUT", argv[1]))
+ handle = TPM2_RH_LOCKOUT;
+ else if (!strcasecmp("TPM2_RH_ENDORSEMENT", argv[1]))
+ handle = TPM2_RH_ENDORSEMENT;
+ else if (!strcasecmp("TPM2_RH_OWNER", argv[1]))
+ handle = TPM2_RH_OWNER;
+ else if (!strcasecmp("TPM2_RH_PLATFORM", argv[1]))
+ handle = TPM2_RH_PLATFORM;
+ else
+ return CMD_RET_USAGE;
+
+ return report_return_code(tpm2_change_auth(handle, newpw, newpw_sz,
+ oldpw, oldpw_sz));
+}
+
static cmd_tbl_t tpm2_commands[] = {
U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""),
U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""),
@@ -245,6 +275,7 @@ static cmd_tbl_t tpm2_commands[] = {
U_BOOT_CMD_MKENT(get_capability, 0, 1, do_tpm_get_capability, "", ""),
U_BOOT_CMD_MKENT(dam_reset, 0, 1, do_tpm_dam_reset, "", ""),
U_BOOT_CMD_MKENT(dam_parameters, 0, 1, do_tpm_dam_parameters, "", ""),
+ U_BOOT_CMD_MKENT(change_auth, 0, 1, do_tpm_change_auth, "", ""),
};
cmd_tbl_t *get_tpm_commands(unsigned int *size)
@@ -291,16 +322,20 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command",
" <property>: property\n"
" <addr>: address to store <count> entries of 4 bytes\n"
" <count>: number of entries to retrieve\n"
-" dam_reset_counter [<password>]\n"
-" - If the TPM is not in a LOCKOUT state, reset the internal error\n"
-" counter (TPMv2 only)\n"
-" dam_set_parameters <maxTries> <recoveryTime> <lockoutRecovery> [<password>]\n"
-" - If the TPM is not in a LOCKOUT state, set the dictionary attack\n"
-" parameters:\n"
-" * maxTries: maximum number of failures before lockout.\n"
-" 0 means always locking.\n"
-" * recoveryTime: time before decrementation of the error counter,\n"
-" 0 means no lockout.\n"
-" * lockoutRecovery: time of a lockout (before the next try)\n"
-" 0 means a reboot is needed.\n"
+"dam_reset [<password>]\n"
+" If the TPM is not in a LOCKOUT state, reset the internal error counter.\n"
+" <password>: optional password\n"
+"dam_parameters <max_tries> <recovery_time> <lockout_recovery> [<password>]\n"
+" If the TPM is not in a LOCKOUT state, set the DAM parameters\n"
+" <maxTries>: maximum number of failures before lockout,\n"
+" 0 means always locking\n"
+" <recoveryTime>: time before decrement of the error counter,\n"
+" 0 means no lockout\n"
+" <lockoutRecovery>: time of a lockout (before the next try),\n"
+" 0 means a reboot is needed\n"
+" <password>: optional password of the LOCKOUT hierarchy\n"
+"change_auth <hierarchy> <new_pw> [<old_pw>]\n"
+" <hierarchy>: the hierarchy\n"
+" <new_pw>: new password for <hierarchy>\n"
+" <old_pw>: optional previous password of <hierarchy>\n"
);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index 4e182cf827..19f0ecd80b 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -216,4 +216,18 @@ u32 tpm2_dam_parameters(const char *pw, const ssize_t pw_sz,
unsigned int max_tries, unsigned int recovery_time,
unsigned int lockout_recovery);
+/**
+ * Issue a TPM2_HierarchyChangeAuth command.
+ *
+ * @handle Handle
+ * @newpw New password
+ * @newpw_sz Length of the new password
+ * @oldpw Old password
+ * @oldpw_sz Length of the old password
+ *
+ * @return code of the operation
+ */
+int tpm2_change_auth(u32 handle, const char *newpw, const ssize_t newpw_sz,
+ const char *oldpw, const ssize_t oldpw_sz);
+
#endif /* __TPM_V2_H */
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index 5f1090eccb..219f0ee941 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -273,3 +273,47 @@ u32 tpm2_dam_parameters(const char *pw, const ssize_t pw_sz,
return tpm_sendrecv_command(command_v2, NULL, NULL);
}
+
+int tpm2_change_auth(u32 handle, const char *newpw, const ssize_t newpw_sz,
+ const char *oldpw, const ssize_t oldpw_sz)
+{
+ unsigned int offset = 27;
+ u8 command_v2[COMMAND_BUFFER_SIZE] = {
+ tpm_u16(TPM2_ST_SESSIONS), /* TAG */
+ tpm_u32(offset + oldpw_sz + 2 + newpw_sz), /* Length */
+ tpm_u32(TPM2_CC_HIERCHANGEAUTH), /* Command code */
+
+ /* HANDLE */
+ tpm_u32(handle), /* TPM resource handle */
+
+ /* AUTH_SESSION */
+ tpm_u32(9 + oldpw_sz), /* Authorization size */
+ tpm_u32(TPM2_RS_PW), /* Session handle */
+ tpm_u16(0), /* Size of <nonce> */
+ /* <nonce> (if any) */
+ 0, /* Attributes: Cont/Excl/Rst */
+ tpm_u16(oldpw_sz) /* Size of <hmac/password> */
+ /* STRING(oldpw) <hmac/password> (if any) */
+
+ /* TPM2B_AUTH (TPM2B_DIGEST) */
+ /* tpm_u16(newpw_sz) Digest size, new pw length */
+ /* STRING(newpw) Digest buffer, new pw */
+ };
+ int ret;
+
+ /*
+ * Fill the command structure starting from the first buffer:
+ * - the old password (if any)
+ * - size of the new password
+ * - new password
+ */
+ ret = pack_byte_string(command_v2, sizeof(command_v2), "sws",
+ offset, oldpw, oldpw_sz,
+ offset + oldpw_sz, newpw_sz,
+ offset + oldpw_sz + 2, newpw, newpw_sz);
+ offset += oldpw_sz + 2 + newpw_sz;
+ if (ret)
+ return TPM_LIB_ERROR;
+
+ return tpm_sendrecv_command(command_v2, NULL, NULL);
+}
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 24/32] tpm: add PCR authentication commands support
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (22 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 23/32] tpm: add TPM2_HierarchyChangeAuth command support Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 25/32] tpm: add support for TPMv2.x SPI modules Miquel Raynal
` (8 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Add support for the TPM2_PCR_SetAuthPolicy and
TPM2_PCR_SetAuthValue commands.
Change the command file and the help accordingly.
Note: These commands could not be tested because the TPMs available
do not support them, however they could be useful for someone else.
The user is warned by the command help.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
cmd/tpm-v2.c | 48 ++++++++++++++++++++++++++
include/tpm-v2.h | 29 ++++++++++++++++
lib/tpm-v2.c | 100 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 177 insertions(+)
diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
index b52409846b..6d7d6cabbd 100644
--- a/cmd/tpm-v2.c
+++ b/cmd/tpm-v2.c
@@ -264,6 +264,43 @@ static int do_tpm_change_auth(cmd_tbl_t *cmdtp, int flag, int argc,
oldpw, oldpw_sz));
}
+static int do_tpm_pcr_setauthpolicy(cmd_tbl_t *cmdtp, int flag, int argc,
+ char * const argv[])
+{
+ u32 index = simple_strtoul(argv[1], NULL, 0);
+ char *key = argv[2];
+ const char *pw = (argc < 4) ? NULL : argv[3];
+ const ssize_t pw_sz = pw ? strlen(pw) : 0;
+
+ if (strlen(key) != TPM2_DIGEST_LEN)
+ return -EINVAL;
+
+ if (argc < 3 || argc > 4)
+ return CMD_RET_USAGE;
+
+ return report_return_code(tpm2_pcr_setauthpolicy(pw, pw_sz, index,
+ key));
+}
+
+static int do_tpm_pcr_setauthvalue(cmd_tbl_t *cmdtp, int flag,
+ int argc, char * const argv[])
+{
+ u32 index = simple_strtoul(argv[1], NULL, 0);
+ char *key = argv[2];
+ const ssize_t key_sz = strlen(key);
+ const char *pw = (argc < 4) ? NULL : argv[3];
+ const ssize_t pw_sz = pw ? strlen(pw) : 0;
+
+ if (strlen(key) != TPM2_DIGEST_LEN)
+ return -EINVAL;
+
+ if (argc < 3 || argc > 4)
+ return CMD_RET_USAGE;
+
+ return report_return_code(tpm2_pcr_setauthvalue(pw, pw_sz, index,
+ key, key_sz));
+}
+
static cmd_tbl_t tpm2_commands[] = {
U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""),
U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""),
@@ -276,6 +313,10 @@ static cmd_tbl_t tpm2_commands[] = {
U_BOOT_CMD_MKENT(dam_reset, 0, 1, do_tpm_dam_reset, "", ""),
U_BOOT_CMD_MKENT(dam_parameters, 0, 1, do_tpm_dam_parameters, "", ""),
U_BOOT_CMD_MKENT(change_auth, 0, 1, do_tpm_change_auth, "", ""),
+ U_BOOT_CMD_MKENT(pcr_setauthpolicy, 0, 1,
+ do_tpm_pcr_setauthpolicy, "", ""),
+ U_BOOT_CMD_MKENT(pcr_setauthvalue, 0, 1,
+ do_tpm_pcr_setauthvalue, "", ""),
};
cmd_tbl_t *get_tpm_commands(unsigned int *size)
@@ -338,4 +379,11 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command",
" <hierarchy>: the hierarchy\n"
" <new_pw>: new password for <hierarchy>\n"
" <old_pw>: optional previous password of <hierarchy>\n"
+"pcr_setauthpolicy|pcr_setauthvalue <pcr> <key> [<password>]\n"
+" Change the <key> to access PCR #<pcr>.\n"
+" hierarchy and may be empty.\n"
+" /!\\WARNING: untested function, use at your own risks !\n"
+" <pcr>: index of the PCR\n"
+" <key>: secret to protect the access of PCR #<pcr>\n"
+" <password>: optional password of the PLATFORM hierarchy\n"
);
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index 19f0ecd80b..b7820b405d 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -80,11 +80,13 @@ enum tpm2_command_codes {
TPM2_CC_CLEAR = 0x0126,
TPM2_CC_CLEARCONTROL = 0x0127,
TPM2_CC_HIERCHANGEAUTH = 0x0129,
+ TPM2_CC_PCR_SETAUTHPOL = 0x012C,
TPM2_CC_DAM_RESET = 0x0139,
TPM2_CC_DAM_PARAMETERS = 0x013A,
TPM2_CC_GET_CAPABILITY = 0x017A,
TPM2_CC_PCR_READ = 0x017E,
TPM2_CC_PCR_EXTEND = 0x0182,
+ TPM2_CC_PCR_SETAUTHVAL = 0x0183,
};
/**
@@ -230,4 +232,31 @@ u32 tpm2_dam_parameters(const char *pw, const ssize_t pw_sz,
int tpm2_change_auth(u32 handle, const char *newpw, const ssize_t newpw_sz,
const char *oldpw, const ssize_t oldpw_sz);
+/**
+ * Issue a TPM_PCR_SetAuthPolicy command.
+ *
+ * @pw Platform password
+ * @pw_sz Length of the password
+ * @index Index of the PCR
+ * @digest New key to access the PCR
+ *
+ * @return code of the operation
+ */
+u32 tpm2_pcr_setauthpolicy(const char *pw, const ssize_t pw_sz, u32 index,
+ const char *key);
+
+/**
+ * Issue a TPM_PCR_SetAuthValue command.
+ *
+ * @pw Platform password
+ * @pw_sz Length of the password
+ * @index Index of the PCR
+ * @digest New key to access the PCR
+ * @key_sz Length of the new key
+ *
+ * @return code of the operation
+ */
+u32 tpm2_pcr_setauthvalue(const char *pw, const ssize_t pw_sz, u32 index,
+ const char *key, const ssize_t key_sz);
+
#endif /* __TPM_V2_H */
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index 219f0ee941..2c2f4529b4 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -317,3 +317,103 @@ int tpm2_change_auth(u32 handle, const char *newpw, const ssize_t newpw_sz,
return tpm_sendrecv_command(command_v2, NULL, NULL);
}
+
+u32 tpm2_pcr_setauthpolicy(const char *pw, const ssize_t pw_sz, u32 index,
+ const char *key)
+{
+ u8 command_v2[COMMAND_BUFFER_SIZE] = {
+ tpm_u16(TPM2_ST_SESSIONS), /* TAG */
+ tpm_u32(35 + pw_sz + TPM2_DIGEST_LEN), /* Length */
+ tpm_u32(TPM2_CC_PCR_SETAUTHPOL), /* Command code */
+
+ /* HANDLE */
+ tpm_u32(TPM2_RH_PLATFORM), /* TPM resource handle */
+
+ /* AUTH_SESSION */
+ tpm_u32(9 + pw_sz), /* Authorization size */
+ tpm_u32(TPM2_RS_PW), /* session handle */
+ tpm_u16(0), /* Size of <nonce> */
+ /* <nonce> (if any) */
+ 0, /* Attributes: Cont/Excl/Rst */
+ tpm_u16(pw_sz) /* Size of <hmac/password> */
+ /* STRING(pw) <hmac/password> (if any) */
+
+ /* TPM2B_AUTH (TPM2B_DIGEST) */
+ /* tpm_u16(TPM2_DIGEST_LEN) Digest size length */
+ /* STRING(key) Digest buffer (PCR key) */
+
+ /* TPMI_ALG_HASH */
+ /* tpm_u16(TPM2_ALG_SHA256) Algorithm of the hash */
+
+ /* TPMI_DH_PCR */
+ /* tpm_u32(index), PCR Index */
+ };
+ unsigned int offset = 27;
+ int ret;
+
+ /*
+ * Fill the command structure starting from the first buffer:
+ * - the password (if any)
+ * - the PCR key length
+ * - the PCR key
+ * - the hash algorithm
+ * - the PCR index
+ */
+ ret = pack_byte_string(command_v2, sizeof(command_v2), "swswd",
+ offset, pw, pw_sz,
+ offset + pw_sz, TPM2_DIGEST_LEN,
+ offset + pw_sz + 2, key, TPM2_DIGEST_LEN,
+ offset + pw_sz + 2 + TPM2_DIGEST_LEN,
+ TPM2_ALG_SHA256,
+ offset + pw_sz + 4 + TPM2_DIGEST_LEN, index);
+ offset += pw_sz + 2 + TPM2_DIGEST_LEN + 2 + 4;
+ if (ret)
+ return TPM_LIB_ERROR;
+
+ return tpm_sendrecv_command(command_v2, NULL, NULL);
+}
+
+u32 tpm2_pcr_setauthvalue(const char *pw, const ssize_t pw_sz, u32 index,
+ const char *key, const ssize_t key_sz)
+{
+ u8 command_v2[COMMAND_BUFFER_SIZE] = {
+ tpm_u16(TPM2_ST_SESSIONS), /* TAG */
+ tpm_u32(33 + pw_sz + TPM2_DIGEST_LEN), /* Length */
+ tpm_u32(TPM2_CC_PCR_SETAUTHVAL), /* Command code */
+
+ /* HANDLE */
+ tpm_u32(index), /* Handle (PCR Index) */
+
+ /* AUTH_SESSION */
+ tpm_u32(9 + pw_sz), /* Authorization size */
+ tpm_u32(TPM2_RS_PW), /* session handle */
+ tpm_u16(0), /* Size of <nonce> */
+ /* <nonce> (if any) */
+ 0, /* Attributes: Cont/Excl/Rst */
+ tpm_u16(pw_sz), /* Size of <hmac/password> */
+ /* STRING(pw) <hmac/password> (if any) */
+
+ /* TPM2B_DIGEST */
+ /* tpm_u16(key_sz) Key length */
+ /* STRING(key) Key */
+ };
+ unsigned int offset = 27;
+ int ret;
+
+ /*
+ * Fill the command structure starting from the first buffer:
+ * - the password (if any)
+ * - the number of digests, 1 in our case
+ * - the algorithm, sha256 in our case
+ * - the digest (64 bytes)
+ */
+ ret = pack_byte_string(command_v2, sizeof(command_v2), "sws",
+ offset, pw, pw_sz,
+ offset + pw_sz, key_sz,
+ offset + pw_sz + 2, key, key_sz);
+ offset += pw_sz + 2 + key_sz;
+ if (ret)
+ return TPM_LIB_ERROR;
+
+ return tpm_sendrecv_command(command_v2, NULL, NULL);
+}
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 25/32] tpm: add support for TPMv2.x SPI modules
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (23 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 24/32] tpm: add PCR authentication commands support Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
` (2 more replies)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 26/32] tpm: add the possibility to reset the chip with a gpio Miquel Raynal
` (7 subsequent siblings)
32 siblings, 3 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Add the tpm2_tis_spi driver that should support any TPMv2 compliant
(SPI) module.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
---
drivers/tpm/Kconfig | 10 +
drivers/tpm/Makefile | 2 +
drivers/tpm/tpm2_tis_spi.c | 664 +++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 676 insertions(+)
create mode 100644 drivers/tpm/tpm2_tis_spi.c
diff --git a/drivers/tpm/Kconfig b/drivers/tpm/Kconfig
index 01967ffd35..6661dcc1e3 100644
--- a/drivers/tpm/Kconfig
+++ b/drivers/tpm/Kconfig
@@ -141,6 +141,16 @@ config TPM_V2
if TPM_V2 && !TPM_V1
+config TPM2_TIS_SPI
+ bool "Enable support for TPMv2.x SPI chips"
+ depends on TPM_V2 && DM_SPI
+ select TPM_DRIVER_SELECTED
+ help
+ This driver supports TPMv2.x devices connected on the SPI bus.
+ The usual TPM operations and the 'tpm' command can be used to talk
+ to the device using the standard TPM Interface Specification (TIS)
+ protocol.
+
endif # TPM_V2
endmenu
diff --git a/drivers/tpm/Makefile b/drivers/tpm/Makefile
index c42a93f267..2c88b64659 100644
--- a/drivers/tpm/Makefile
+++ b/drivers/tpm/Makefile
@@ -11,3 +11,5 @@ obj-$(CONFIG_TPM_TIS_LPC) += tpm_tis_lpc.o
obj-$(CONFIG_TPM_TIS_SANDBOX) += tpm_tis_sandbox.o
obj-$(CONFIG_TPM_ST33ZP24_I2C) += tpm_tis_st33zp24_i2c.o
obj-$(CONFIG_TPM_ST33ZP24_SPI) += tpm_tis_st33zp24_spi.o
+
+obj-$(CONFIG_TPM2_TIS_SPI) += tpm2_tis_spi.o
diff --git a/drivers/tpm/tpm2_tis_spi.c b/drivers/tpm/tpm2_tis_spi.c
new file mode 100644
index 0000000000..6a4d5284c9
--- /dev/null
+++ b/drivers/tpm/tpm2_tis_spi.c
@@ -0,0 +1,664 @@
+/*
+ * Author:
+ * Miquel Raynal <miquel.raynal@bootlin.com>
+ *
+ * Description:
+ * SPI-level driver for TCG/TIS TPM (trusted platform module).
+ * Specifications at www.trustedcomputinggroup.org
+ *
+ * This device driver implements the TPM interface as defined in
+ * the TCG SPI protocol stack version 2.0.
+ *
+ * It is based on the U-Boot driver tpm_tis_infineon_i2c.c.
+ *
+ * SPDX-License-Identifier: GPL-2.0
+ */
+
+#include <common.h>
+#include <dm.h>
+#include <fdtdec.h>
+#include <log.h>
+#include <spi.h>
+#include <tpm-v2.h>
+#include <linux/errno.h>
+#include <linux/compiler.h>
+#include <linux/types.h>
+#include <linux/unaligned/be_byteshift.h>
+
+#include "tpm_tis.h"
+#include "tpm_internal.h"
+
+DECLARE_GLOBAL_DATA_PTR;
+
+#define TPM_ACCESS(l) (0x0000 | ((l) << 12))
+#define TPM_INT_ENABLE(l) (0x0008 | ((l) << 12))
+#define TPM_STS(l) (0x0018 | ((l) << 12))
+#define TPM_DATA_FIFO(l) (0x0024 | ((l) << 12))
+#define TPM_DID_VID(l) (0x0F00 | ((l) << 12))
+#define TPM_RID(l) (0x0F04 | ((l) << 12))
+
+#define MAX_SPI_FRAMESIZE 64
+
+/* Number of wait states to wait for */
+#define TPM_WAIT_STATES 100
+
+/**
+ * struct tpm_tis_chip_data - Non-discoverable TPM information
+ *
+ * @pcr_count: Number of PCR per bank
+ * @pcr_select_min: Size in octets of the pcrSelect array
+ */
+struct tpm_tis_chip_data {
+ unsigned int pcr_count;
+ unsigned int pcr_select_min;
+ unsigned int time_before_first_cmd_ms;
+};
+
+/**
+ * tpm_tis_spi_read() - Read from TPM register
+ *
+ * @addr: register address to read from
+ * @buffer: provided by caller
+ * @len: number of bytes to read
+ *
+ * Read len bytes from TPM register and put them into
+ * buffer (little-endian format, i.e. first byte is put into buffer[0]).
+ *
+ * NOTE: TPM is big-endian for multi-byte values. Multi-byte
+ * values have to be swapped.
+ *
+ * @return -EIO on error, 0 on success.
+ */
+static int tpm_tis_spi_xfer(struct udevice *dev, u32 addr, const u8 *out,
+ u8 *in, u16 len)
+{
+ struct spi_slave *slave = dev_get_parent_priv(dev);
+ int transfer_len, ret;
+ u8 tx_buf[MAX_SPI_FRAMESIZE];
+ u8 rx_buf[MAX_SPI_FRAMESIZE];
+
+ if (in && out) {
+ log(LOGC_NONE, LOGL_ERR, "%s: can't do full duplex\n",
+ __func__);
+ return -EINVAL;
+ }
+
+ ret = spi_claim_bus(slave);
+ if (ret < 0) {
+ log(LOGC_NONE, LOGL_ERR, "%s: could not claim bus\n", __func__);
+ return ret;
+ }
+
+ while (len) {
+ /* Request */
+ transfer_len = min_t(u16, len, MAX_SPI_FRAMESIZE);
+ tx_buf[0] = (in ? BIT(7) : 0) | (transfer_len - 1);
+ tx_buf[1] = 0xD4;
+ tx_buf[2] = addr >> 8;
+ tx_buf[3] = addr;
+
+ ret = spi_xfer(slave, 4 * 8, tx_buf, rx_buf, SPI_XFER_BEGIN);
+ if (ret < 0) {
+ log(LOGC_NONE, LOGL_ERR,
+ "%s: spi request transfer failed (err: %d)\n",
+ __func__, ret);
+ goto release_bus;
+ }
+
+ /* Wait state */
+ if (!(rx_buf[3] & 0x1)) {
+ int i;
+
+ for (i = 0; i < TPM_WAIT_STATES; i++) {
+ ret = spi_xfer(slave, 1 * 8, NULL, rx_buf, 0);
+ if (ret) {
+ log(LOGC_NONE, LOGL_ERR,
+ "%s: wait state failed: %d\n",
+ __func__, ret);
+ goto release_bus;
+ }
+
+ if (rx_buf[0] & 0x1)
+ break;
+ }
+
+ if (i == TPM_WAIT_STATES) {
+ log(LOGC_NONE, LOGL_ERR,
+ "%s: timeout on wait state\n", __func__);
+ ret = -ETIMEDOUT;
+ goto release_bus;
+ }
+ }
+
+ /* Read/Write */
+ if (out) {
+ memcpy(tx_buf, out, transfer_len);
+ out += transfer_len;
+ }
+
+ ret = spi_xfer(slave, transfer_len * 8,
+ out ? tx_buf : NULL,
+ in ? rx_buf : NULL,
+ SPI_XFER_END);
+ if (ret) {
+ log(LOGC_NONE, LOGL_ERR,
+ "%s: spi read transfer failed (err: %d)\n",
+ __func__, ret);
+ goto release_bus;
+ }
+
+ if (in) {
+ memcpy(in, rx_buf, transfer_len);
+ in += transfer_len;
+ }
+
+ len -= transfer_len;
+ }
+
+release_bus:
+ /* If an error occurred, release the chip by deasserting the CS */
+ if (ret < 0)
+ spi_xfer(slave, 0, NULL, NULL, SPI_XFER_END);
+
+ spi_release_bus(slave);
+
+ return ret;
+}
+
+static int tpm_tis_spi_read(struct udevice *dev, u16 addr, u8 *in, u16 len)
+{
+ return tpm_tis_spi_xfer(dev, addr, NULL, in, len);
+}
+
+static int tpm_tis_spi_read32(struct udevice *dev, u32 addr, u32 *result)
+{
+ __le32 result_le;
+ int ret;
+
+ ret = tpm_tis_spi_read(dev, addr, (u8 *)&result_le, sizeof(u32));
+ if (!ret)
+ *result = le32_to_cpu(result_le);
+
+ return ret;
+}
+
+static int tpm_tis_spi_write(struct udevice *dev, u16 addr, const u8 *out,
+ u16 len)
+{
+ return tpm_tis_spi_xfer(dev, addr, out, NULL, len);
+}
+
+static int tpm_tis_spi_check_locality(struct udevice *dev, int loc)
+{
+ const u8 mask = TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID;
+ struct tpm_chip *chip = dev_get_priv(dev);
+ u8 buf;
+ int ret;
+
+ ret = tpm_tis_spi_read(dev, TPM_ACCESS(loc), &buf, 1);
+ if (ret)
+ return ret;
+
+ if ((buf & mask) == mask) {
+ chip->locality = loc;
+ return 0;
+ }
+
+ return -ENOENT;
+}
+
+static void tpm_tis_spi_release_locality(struct udevice *dev, int loc,
+ bool force)
+{
+ const u8 mask = TPM_ACCESS_REQUEST_PENDING | TPM_ACCESS_VALID;
+ u8 buf;
+
+ if (tpm_tis_spi_read(dev, TPM_ACCESS(loc), &buf, 1) < 0)
+ return;
+
+ if (force || (buf & mask) == mask) {
+ buf = TPM_ACCESS_ACTIVE_LOCALITY;
+ tpm_tis_spi_write(dev, TPM_ACCESS(loc), &buf, 1);
+ }
+}
+
+static int tpm_tis_spi_request_locality(struct udevice *dev, int loc)
+{
+ struct tpm_chip *chip = dev_get_priv(dev);
+ unsigned long start, stop;
+ u8 buf = TPM_ACCESS_REQUEST_USE;
+ int ret;
+
+ ret = tpm_tis_spi_check_locality(dev, loc);
+ if (!ret)
+ return 0;
+
+ if (ret != -ENOENT) {
+ log(LOGC_NONE, LOGL_ERR, "%s: Failed to get locality: %d\n",
+ __func__, ret);
+ return ret;
+ }
+
+ ret = tpm_tis_spi_write(dev, TPM_ACCESS(loc), &buf, 1);
+ if (ret) {
+ log(LOGC_NONE, LOGL_ERR, "%s: Failed to write to TPM: %d\n",
+ __func__, ret);
+ return ret;
+ }
+
+ start = get_timer(0);
+ stop = chip->timeout_a;
+ do {
+ ret = tpm_tis_spi_check_locality(dev, loc);
+ if (!ret)
+ return 0;
+
+ if (ret != -ENOENT) {
+ log(LOGC_NONE, LOGL_ERR,
+ "%s: Failed to get locality: %d\n", __func__, ret);
+ return ret;
+ }
+
+ mdelay(TPM_TIMEOUT_MS);
+ } while (get_timer(start) < stop);
+
+ log(LOGC_NONE, LOGL_ERR, "%s: Timeout getting locality: %d\n", __func__,
+ ret);
+
+ return ret;
+}
+
+static u8 tpm_tis_spi_status(struct udevice *dev, u8 *status)
+{
+ struct tpm_chip *chip = dev_get_priv(dev);
+
+ return tpm_tis_spi_read(dev, TPM_STS(chip->locality), status, 1);
+}
+
+static int tpm_tis_spi_wait_for_stat(struct udevice *dev, u8 mask,
+ unsigned long timeout, u8 *status)
+{
+ unsigned long start = get_timer(0);
+ unsigned long stop = timeout;
+ int ret;
+
+ do {
+ mdelay(TPM_TIMEOUT_MS);
+ ret = tpm_tis_spi_status(dev, status);
+ if (ret)
+ return ret;
+
+ if ((*status & mask) == mask)
+ return 0;
+ } while (get_timer(start) < stop);
+
+ return -ETIMEDOUT;
+}
+
+static int tpm_tis_spi_get_burstcount(struct udevice *dev)
+{
+ struct tpm_chip *chip = dev_get_priv(dev);
+ unsigned long start, stop;
+ u32 burstcount, ret;
+
+ /* wait for burstcount */
+ start = get_timer(0);
+ stop = chip->timeout_d;
+ do {
+ ret = tpm_tis_spi_read32(dev, TPM_STS(chip->locality),
+ &burstcount);
+ if (ret)
+ return -EBUSY;
+
+ burstcount = (burstcount >> 8) & 0xFFFF;
+ if (burstcount)
+ return burstcount;
+
+ mdelay(TPM_TIMEOUT_MS);
+ } while (get_timer(start) < stop);
+
+ return -EBUSY;
+}
+
+static int tpm_tis_spi_cancel(struct udevice *dev)
+{
+ struct tpm_chip *chip = dev_get_priv(dev);
+ u8 data = TPM_STS_COMMAND_READY;
+
+ return tpm_tis_spi_write(dev, TPM_STS(chip->locality), &data, 1);
+}
+
+static int tpm_tis_spi_recv_data(struct udevice *dev, u8 *buf, size_t count)
+{
+ struct tpm_chip *chip = dev_get_priv(dev);
+ int size = 0, burstcnt, len, ret;
+ u8 status;
+
+ while (size < count &&
+ tpm_tis_spi_wait_for_stat(dev,
+ TPM_STS_DATA_AVAIL | TPM_STS_VALID,
+ chip->timeout_c, &status) == 0) {
+ burstcnt = tpm_tis_spi_get_burstcount(dev);
+ if (burstcnt < 0)
+ return burstcnt;
+
+ len = min_t(int, burstcnt, count - size);
+ ret = tpm_tis_spi_read(dev, TPM_DATA_FIFO(chip->locality),
+ buf + size, len);
+ if (ret < 0)
+ return ret;
+
+ size += len;
+ }
+
+ return size;
+}
+
+static int tpm_tis_spi_recv(struct udevice *dev, u8 *buf, size_t count)
+{
+ struct tpm_chip *chip = dev_get_priv(dev);
+ int size, expected;
+
+ if (!chip)
+ return -ENODEV;
+
+ if (count < TPM_HEADER_SIZE) {
+ size = -EIO;
+ goto out;
+ }
+
+ size = tpm_tis_spi_recv_data(dev, buf, TPM_HEADER_SIZE);
+ if (size < TPM_HEADER_SIZE) {
+ log(LOGC_NONE, LOGL_ERR, "TPM error, unable to read header\n");
+ goto out;
+ }
+
+ expected = get_unaligned_be32(buf + 2);
+ if (expected > count) {
+ size = -EIO;
+ goto out;
+ }
+
+ size += tpm_tis_spi_recv_data(dev, &buf[TPM_HEADER_SIZE],
+ expected - TPM_HEADER_SIZE);
+ if (size < expected) {
+ log(LOGC_NONE, LOGL_ERR,
+ "TPM error, unable to read remaining bytes of result\n");
+ size = -EIO;
+ goto out;
+ }
+
+out:
+ tpm_tis_spi_cancel(dev);
+ tpm_tis_spi_release_locality(dev, chip->locality, false);
+
+ return size;
+}
+
+static int tpm_tis_spi_send(struct udevice *dev, const u8 *buf, size_t len)
+{
+ struct tpm_chip *chip = dev_get_priv(dev);
+ u32 i, size;
+ u8 status;
+ int burstcnt, ret;
+ u8 data;
+
+ if (!chip)
+ return -ENODEV;
+
+ if (len > TPM_DEV_BUFSIZE)
+ return -E2BIG; /* Command is too long for our tpm, sorry */
+
+ ret = tpm_tis_spi_request_locality(dev, 0);
+ if (ret < 0)
+ return -EBUSY;
+
+ /*
+ * Check if the TPM is ready. If not, if not, cancel the pending command
+ * and poll on the status to be finally ready.
+ */
+ ret = tpm_tis_spi_status(dev, &status);
+ if (ret)
+ return ret;
+
+ if (!(status & TPM_STS_COMMAND_READY)) {
+ /* Force the transition, usually this will be done@startup */
+ ret = tpm_tis_spi_cancel(dev);
+ if (ret) {
+ log(LOGC_NONE, LOGL_ERR,
+ "%s: Could not cancel previous operation\n",
+ __func__);
+ goto out_err;
+ }
+
+ ret = tpm_tis_spi_wait_for_stat(dev, TPM_STS_COMMAND_READY,
+ chip->timeout_b, &status);
+ if (ret < 0 || !(status & TPM_STS_COMMAND_READY)) {
+ log(LOGC_NONE, LOGL_ERR,
+ "status %d after wait for stat returned %d\n",
+ status, ret);
+ goto out_err;
+ }
+ }
+
+ for (i = 0; i < len - 1;) {
+ burstcnt = tpm_tis_spi_get_burstcount(dev);
+ if (burstcnt < 0)
+ return burstcnt;
+
+ size = min_t(int, len - i - 1, burstcnt);
+ ret = tpm_tis_spi_write(dev, TPM_DATA_FIFO(chip->locality),
+ buf + i, size);
+ if (ret < 0)
+ goto out_err;
+
+ i += size;
+ }
+
+ ret = tpm_tis_spi_status(dev, &status);
+ if (ret)
+ goto out_err;
+
+ if ((status & TPM_STS_DATA_EXPECT) == 0) {
+ ret = -EIO;
+ goto out_err;
+ }
+
+ ret = tpm_tis_spi_write(dev, TPM_DATA_FIFO(chip->locality),
+ buf + len - 1, 1);
+ if (ret)
+ goto out_err;
+
+ ret = tpm_tis_spi_status(dev, &status);
+ if (ret)
+ goto out_err;
+
+ if ((status & TPM_STS_DATA_EXPECT) != 0) {
+ ret = -EIO;
+ goto out_err;
+ }
+
+ data = TPM_STS_GO;
+ ret = tpm_tis_spi_write(dev, TPM_STS(chip->locality), &data, 1);
+ if (ret)
+ goto out_err;
+
+ return len;
+
+out_err:
+ tpm_tis_spi_cancel(dev);
+ tpm_tis_spi_release_locality(dev, chip->locality, false);
+
+ return ret;
+}
+
+static int tpm_tis_spi_cleanup(struct udevice *dev)
+{
+ struct tpm_chip *chip = dev_get_priv(dev);
+
+ tpm_tis_spi_cancel(dev);
+ /*
+ * The TPM needs some time to clean up here,
+ * so we sleep rather than keeping the bus busy
+ */
+ mdelay(2);
+ tpm_tis_spi_release_locality(dev, chip->locality, false);
+
+ return 0;
+}
+
+static int tpm_tis_spi_open(struct udevice *dev)
+{
+ struct tpm_chip *chip = dev_get_priv(dev);
+
+ if (chip->is_open)
+ return -EBUSY;
+
+ chip->is_open = 1;
+
+ return 0;
+}
+
+static int tpm_tis_spi_close(struct udevice *dev)
+{
+ struct tpm_chip *chip = dev_get_priv(dev);
+
+ if (chip->is_open) {
+ tpm_tis_spi_release_locality(dev, chip->locality, true);
+ chip->is_open = 0;
+ }
+
+ return 0;
+}
+
+static int tpm_tis_get_desc(struct udevice *dev, char *buf, int size)
+{
+ struct tpm_chip *chip = dev_get_priv(dev);
+
+ if (size < 80)
+ return -ENOSPC;
+
+ return snprintf(buf, size,
+ "%s v2.0: VendorID 0x%04x, DeviceID 0x%04x, RevisionID 0x%02x [%s]",
+ dev->name, chip->vend_dev & 0xFFFF,
+ chip->vend_dev >> 16, chip->rid,
+ (chip->is_open ? "open" : "closed"));
+}
+
+static int tpm_tis_wait_init(struct udevice *dev, int loc)
+{
+ struct tpm_chip *chip = dev_get_priv(dev);
+ unsigned long start, stop;
+ u8 status;
+ int ret;
+
+ start = get_timer(0);
+ stop = chip->timeout_b;
+ do {
+ mdelay(TPM_TIMEOUT_MS);
+
+ ret = tpm_tis_spi_read(dev, TPM_ACCESS(loc), &status, 1);
+ if (ret)
+ break;
+
+ if (status & TPM_ACCESS_VALID)
+ return 0;
+ } while (get_timer(start) < stop);
+
+ return -EIO;
+}
+
+static int tpm_tis_spi_probe(struct udevice *dev)
+{
+ struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(dev);
+ struct tpm_chip_priv *priv = dev_get_uclass_priv(dev);
+ struct tpm_chip *chip = dev_get_priv(dev);
+ int ret;
+
+ /* Ensure a minimum amount of time elapsed since reset of the TPM */
+ mdelay(drv_data->time_before_first_cmd_ms);
+
+ chip->locality = 0;
+ chip->timeout_a = TIS_SHORT_TIMEOUT_MS;
+ chip->timeout_b = TIS_LONG_TIMEOUT_MS;
+ chip->timeout_c = TIS_SHORT_TIMEOUT_MS;
+ chip->timeout_d = TIS_SHORT_TIMEOUT_MS;
+ priv->pcr_count = drv_data->pcr_count;
+ priv->pcr_select_min = drv_data->pcr_select_min;
+
+ ret = tpm_tis_wait_init(dev, chip->locality);
+ if (ret) {
+ log(LOGC_DM, LOGL_ERR, "%s: no device found\n", __func__);
+ return ret;
+ }
+
+ ret = tpm_tis_spi_request_locality(dev, chip->locality);
+ if (ret) {
+ log(LOGC_NONE, LOGL_ERR, "%s: could not request locality %d\n",
+ __func__, chip->locality);
+ return ret;
+ }
+
+ ret = tpm_tis_spi_read32(dev, TPM_DID_VID(chip->locality),
+ &chip->vend_dev);
+ if (ret) {
+ log(LOGC_NONE, LOGL_ERR,
+ "%s: could not retrieve VendorID/DeviceID\n", __func__);
+ return ret;
+ }
+
+ ret = tpm_tis_spi_read(dev, TPM_RID(chip->locality), &chip->rid, 1);
+ if (ret) {
+ log(LOGC_NONE, LOGL_ERR, "%s: could not retrieve RevisionID\n",
+ __func__);
+ return ret;
+ }
+
+ log(LOGC_NONE, LOGL_ERR,
+ "SPI TPMv2.0 found (vid:%04x, did:%04x, rid:%02x)\n",
+ chip->vend_dev & 0xFFFF, chip->vend_dev >> 16, chip->rid);
+
+ return 0;
+}
+
+static int tpm_tis_spi_remove(struct udevice *dev)
+{
+ struct tpm_chip *chip = dev_get_priv(dev);
+
+ tpm_tis_spi_release_locality(dev, chip->locality, true);
+
+ return 0;
+}
+
+static const struct tpm_ops tpm_tis_spi_ops = {
+ .open = tpm_tis_spi_open,
+ .close = tpm_tis_spi_close,
+ .get_desc = tpm_tis_get_desc,
+ .send = tpm_tis_spi_send,
+ .recv = tpm_tis_spi_recv,
+ .cleanup = tpm_tis_spi_cleanup,
+};
+
+static const struct tpm_tis_chip_data tpm_tis_std_chip_data = {
+ .pcr_count = 24,
+ .pcr_select_min = 3,
+ .time_before_first_cmd_ms = 30,
+};
+
+static const struct udevice_id tpm_tis_spi_ids[] = {
+ {
+ .compatible = "tis,tpm2-spi",
+ .data = (ulong)&tpm_tis_std_chip_data,
+ },
+ { }
+};
+
+U_BOOT_DRIVER(tpm_tis_spi) = {
+ .name = "tpm_tis_spi",
+ .id = UCLASS_TPM,
+ .of_match = tpm_tis_spi_ids,
+ .ops = &tpm_tis_spi_ops,
+ .probe = tpm_tis_spi_probe,
+ .remove = tpm_tis_spi_remove,
+ .priv_auto_alloc_size = sizeof(struct tpm_chip),
+};
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 26/32] tpm: add the possibility to reset the chip with a gpio
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (24 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 25/32] tpm: add support for TPMv2.x SPI modules Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-15 16:05 ` Simon Glass
2018-05-15 9:57 ` [U-Boot] [PATCH v4 27/32] doc: device-tree-bindings: add TIS TPMv2.0 SPI module info Miquel Raynal
` (6 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
On some designs, the reset line could not be connected to the SoC reset
line, in this case, request the GPIO and ensure the chip gets reset.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
---
drivers/tpm/tpm2_tis_spi.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/drivers/tpm/tpm2_tis_spi.c b/drivers/tpm/tpm2_tis_spi.c
index 6a4d5284c9..1c7f8f3673 100644
--- a/drivers/tpm/tpm2_tis_spi.c
+++ b/drivers/tpm/tpm2_tis_spi.c
@@ -24,6 +24,9 @@
#include <linux/compiler.h>
#include <linux/types.h>
#include <linux/unaligned/be_byteshift.h>
+#ifdef CONFIG_DM_GPIO
+#include <asm-generic/gpio.h>
+#endif
#include "tpm_tis.h"
#include "tpm_internal.h"
@@ -574,6 +577,20 @@ static int tpm_tis_spi_probe(struct udevice *dev)
struct tpm_chip_priv *priv = dev_get_uclass_priv(dev);
struct tpm_chip *chip = dev_get_priv(dev);
int ret;
+#ifdef CONFIG_DM_GPIO
+ struct gpio_desc reset_gpio;
+
+ ret = gpio_request_by_name(dev, "gpio-reset", 0,
+ &reset_gpio, GPIOD_IS_OUT);
+ if (ret) {
+ log(LOGC_NONE, LOGL_NOTICE, "%s: missing reset GPIO\n",
+ __func__);
+ } else {
+ dm_gpio_set_value(&reset_gpio, 0);
+ mdelay(1);
+ dm_gpio_set_value(&reset_gpio, 1);
+ }
+#endif
/* Ensure a minimum amount of time elapsed since reset of the TPM */
mdelay(drv_data->time_before_first_cmd_ms);
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 27/32] doc: device-tree-bindings: add TIS TPMv2.0 SPI module info
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (25 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 26/32] tpm: add the possibility to reset the chip with a gpio Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 28/32] test/py: add TPMv2.x test suite Miquel Raynal
` (5 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Add TIS TPMv2.0 SPI module bindings.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
doc/device-tree-bindings/tpm2/tis-tpm2-spi.txt | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
create mode 100644 doc/device-tree-bindings/tpm2/tis-tpm2-spi.txt
diff --git a/doc/device-tree-bindings/tpm2/tis-tpm2-spi.txt b/doc/device-tree-bindings/tpm2/tis-tpm2-spi.txt
new file mode 100644
index 0000000000..b48a15112d
--- /dev/null
+++ b/doc/device-tree-bindings/tpm2/tis-tpm2-spi.txt
@@ -0,0 +1,18 @@
+ST33TPHF20 SPI TPMv2.0 bindings
+-------------------------------
+
+Required properties:
+- compatible : Should be "tis,tpm2-spi"
+- reg : SPI Chip select
+
+Optional properties:
+- gpio-reset : Reset GPIO (if not connected to the SoC reset line)
+- spi-max-frequency : See spi-bus.txt
+
+Example:
+
+ tpm at 1 {
+ compatible = "tis,tpm2-spi";
+ reg = <1>;
+ spi-max-frequency = <10000000>;
+ };
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 28/32] test/py: add TPMv2.x test suite
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (26 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 27/32] doc: device-tree-bindings: add TIS TPMv2.0 SPI module info Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot,v4,28/32] " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 29/32] tpm: add a Sandbox TPMv2.x driver Miquel Raynal
` (4 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Add tests for the TPMv2.x commands.
These commands may run both on a physical TPM and with the sandbox
driver.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
test/py/tests/test_tpm2.py | 234 +++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 234 insertions(+)
create mode 100644 test/py/tests/test_tpm2.py
diff --git a/test/py/tests/test_tpm2.py b/test/py/tests/test_tpm2.py
new file mode 100644
index 0000000000..2e0ef42fd4
--- /dev/null
+++ b/test/py/tests/test_tpm2.py
@@ -0,0 +1,234 @@
+# Copyright (c) 2018, Bootlin
+# Author: Miquel Raynal <miquel.raynal@bootlin.com>
+#
+# SPDX-License-Identifier: GPL-2.0+
+
+import os.path
+import pytest
+import u_boot_utils
+import re
+import time
+
+"""
+Test the TPMv2.x related commands. You must have a working hardware setup in
+order to do these tests.
+
+Notes:
+* These tests will prove the password mechanism. The TPM chip must be cleared of
+any password.
+* Commands like pcr_setauthpolicy and pcr_resetauthpolicy are not implemented
+here because they would fail the tests in most cases (TPMs do not implement them
+and return an error).
+"""
+
+updates = 0
+
+def force_init(u_boot_console, force=False):
+ """When a test fails, U-Boot is reset. Because TPM stack must be initialized
+ after each reboot, we must ensure these lines are always executed before
+ trying any command or they will fail with no reason. Executing 'tpm init'
+ twice will spawn an error used to detect that the TPM was not reset and no
+ initialization code should be run.
+ """
+ output = u_boot_console.run_command('tpm init')
+ if force or not 'Error' in output:
+ u_boot_console.run_command('echo --- start of init ---')
+ u_boot_console.run_command('tpm startup TPM2_SU_CLEAR')
+ u_boot_console.run_command('tpm self_test full')
+ u_boot_console.run_command('tpm clear TPM2_RH_LOCKOUT')
+ output = u_boot_console.run_command('echo $?')
+ if not output.endswith('0'):
+ u_boot_console.run_command('tpm clear TPM2_RH_PLATFORM')
+ u_boot_console.run_command('echo --- end of init ---')
+
+ at pytest.mark.buildconfigspec('cmd_tpm_v2')
+def test_tpm2_init(u_boot_console):
+ """Init the software stack to use TPMv2 commands."""
+
+ u_boot_console.run_command('tpm init')
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+
+ at pytest.mark.buildconfigspec('cmd_tpm_v2')
+def test_tpm2_startup(u_boot_console):
+ """Execute a TPM2_Startup command.
+
+ Initiate the TPM internal state machine.
+ """
+
+ u_boot_console.run_command('tpm startup TPM2_SU_CLEAR')
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+
+ at pytest.mark.buildconfigspec('cmd_tpm_v2')
+def test_tpm2_self_test_full(u_boot_console):
+ """Execute a TPM2_SelfTest (full) command.
+
+ Ask the TPM to perform all self tests to also enable full capabilities.
+ """
+
+ u_boot_console.run_command('tpm self_test full')
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+
+ at pytest.mark.buildconfigspec('cmd_tpm_v2')
+def test_tpm2_continue_self_test(u_boot_console):
+ """Execute a TPM2_SelfTest (continued) command.
+
+ Ask the TPM to finish its self tests (alternative to the full test) in order
+ to enter a fully operational state.
+ """
+
+ u_boot_console.run_command('tpm self_test continue')
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+
+ at pytest.mark.buildconfigspec('cmd_tpm_v2')
+def test_tpm2_clear(u_boot_console):
+ """Execute a TPM2_Clear command.
+
+ Ask the TPM to reset entirely its internal state (including internal
+ configuration, passwords, counters and DAM parameters). This is half of the
+ TAKE_OWNERSHIP command from TPMv1.
+
+ Use the LOCKOUT hierarchy for this. The LOCKOUT/PLATFORM hierarchies must
+ not have a password set, otherwise this test will fail. ENDORSEMENT and
+ PLATFORM hierarchies are also available.
+ """
+
+ u_boot_console.run_command('tpm clear TPM2_RH_LOCKOUT')
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+
+ u_boot_console.run_command('tpm clear TPM2_RH_PLATFORM')
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+
+ at pytest.mark.buildconfigspec('cmd_tpm_v2')
+def test_tpm2_change_auth(u_boot_console):
+ """Execute a TPM2_HierarchyChangeAuth command.
+
+ Ask the TPM to change the owner, ie. set a new password: 'unicorn'
+
+ Use the LOCKOUT hierarchy for this. ENDORSEMENT and PLATFORM hierarchies are
+ also available.
+ """
+
+ force_init(u_boot_console)
+
+ u_boot_console.run_command('tpm change_auth TPM2_RH_LOCKOUT unicorn')
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+
+ u_boot_console.run_command('tpm clear TPM2_RH_LOCKOUT unicorn')
+ output = u_boot_console.run_command('echo $?')
+ u_boot_console.run_command('tpm clear TPM2_RH_PLATFORM')
+ assert output.endswith('0')
+
+ at pytest.mark.buildconfigspec('cmd_tpm_v2')
+def test_tpm2_get_capability(u_boot_console):
+ """Execute a TPM_GetCapability command.
+
+ Display one capability. In our test case, let's display the default DAM
+ lockout counter that should be 0 since the CLEAR:
+ - TPM_CAP_TPM_PROPERTIES = 0x6
+ - TPM_PT_LOCKOUT_COUNTER (1st parameter) = PTR_VAR + 14
+
+ There is no expected default values because it would depend on the chip
+ used. We can still save them in order to check they have changed later.
+ """
+
+ force_init(u_boot_console)
+ ram = u_boot_utils.find_ram_base(u_boot_console)
+
+ read_cap = u_boot_console.run_command('tpm get_capability 0x6 0x20e 0x200 1') #0x%x 1' % ram)
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+ assert 'Property 0x0000020e: 0x00000000' in read_cap
+
+ at pytest.mark.buildconfigspec('cmd_tpm_v2')
+def test_tpm2_dam_parameters(u_boot_console):
+ """Execute a TPM2_DictionaryAttackParameters command.
+
+ Change Dictionary Attack Mitigation (DAM) parameters. Ask the TPM to change:
+ - Max number of failed authentication before lockout: 3
+ - Time before the failure counter is automatically decremented: 10 sec
+ - Time after a lockout failure before it can be attempted again: 0 sec
+
+ For an unknown reason, the DAM parameters must be changed before changing
+ the authentication, otherwise the lockout will be engaged after the first
+ failed authentication attempt.
+ """
+
+ force_init(u_boot_console)
+ ram = u_boot_utils.find_ram_base(u_boot_console)
+
+ # Set the DAM parameters to known values
+ u_boot_console.run_command('tpm dam_parameters 3 10 0')
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+
+ # Check the values have been saved
+ read_cap = u_boot_console.run_command('tpm get_capability 0x6 0x20f 0x%x 3' % ram)
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+ assert 'Property 0x0000020f: 0x00000003' in read_cap
+ assert 'Property 0x00000210: 0x0000000a' in read_cap
+ assert 'Property 0x00000211: 0x00000000' in read_cap
+
+ at pytest.mark.buildconfigspec('cmd_tpm_v2')
+def test_tpm2_pcr_read(u_boot_console):
+ """Execute a TPM2_PCR_Read command.
+
+ Perform a PCR read of the 0th PCR. Must be zero.
+ """
+
+ force_init(u_boot_console)
+ ram = u_boot_utils.find_ram_base(u_boot_console) + 1024
+
+ read_pcr = u_boot_console.run_command('tpm pcr_read 0 0x%x' % ram)
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+
+ # Save the number of PCR updates
+ str = re.findall(r'\d+ known updates', read_pcr)[0]
+ global updates
+ updates = int(re.findall(r'\d+', str)[0])
+
+ # Check the output value
+ assert 'PCR #0 content' in read_pcr
+ assert '00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00' in read_pcr
+
+ at pytest.mark.buildconfigspec('cmd_tpm_v2')
+def test_tpm2_pcr_extend(u_boot_console):
+ """Execute a TPM2_PCR_Extend command.
+
+ Perform a PCR extension with a known hash in memory (zeroed since the board
+ must have been rebooted).
+
+ No authentication mechanism is used here, not protecting against packet
+ replay, yet.
+ """
+
+ force_init(u_boot_console)
+ ram = u_boot_utils.find_ram_base(u_boot_console) + 1024
+
+ u_boot_console.run_command('tpm pcr_extend 0 0x%x' % ram)
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+
+ read_pcr = u_boot_console.run_command('tpm pcr_read 0 0x%x' % ram)
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+ assert 'f5 a5 fd 42 d1 6a 20 30 27 98 ef 6e d3 09 97 9b' in read_pcr
+ assert '43 00 3d 23 20 d9 f0 e8 ea 98 31 a9 27 59 fb 4b' in read_pcr
+
+ str = re.findall(r'\d+ known updates', read_pcr)[0]
+ new_updates = int(re.findall(r'\d+', str)[0])
+ assert (updates + 1) == new_updates
+
+ at pytest.mark.buildconfigspec('cmd_tpm_v2')
+def test_tpm2_cleanup(u_boot_console):
+ """Ensure the TPM is cleared from password or test related configuration."""
+
+ force_init(u_boot_console, True)
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 29/32] tpm: add a Sandbox TPMv2.x driver
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (27 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 28/32] test/py: add TPMv2.x test suite Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot,v4,29/32] " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 30/32] doc: device-tree-bindings: add Sandbox TPMv2.0 module info Miquel Raynal
` (3 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
This driver can emulate all the basic functionalities of a TPMv2.x
chip and should behave like them during regular testing.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
drivers/tpm/Kconfig | 11 +-
drivers/tpm/Makefile | 1 +
drivers/tpm/tpm2_tis_sandbox.c | 626 +++++++++++++++++++++++++++++++++++++++++
3 files changed, 637 insertions(+), 1 deletion(-)
create mode 100644 drivers/tpm/tpm2_tis_sandbox.c
diff --git a/drivers/tpm/Kconfig b/drivers/tpm/Kconfig
index 6661dcc1e3..b7bae5db30 100644
--- a/drivers/tpm/Kconfig
+++ b/drivers/tpm/Kconfig
@@ -26,7 +26,7 @@ config TPM_TIS_SANDBOX
depends on TPM_V1 && SANDBOX
select TPM_DRIVER_SELECTED
help
- This driver emulates a TPM, providing access to base functions
+ This driver emulates a TPMv1.x, providing access to base functions
such as reading and writing TPM private data. This is enough to
support Chrome OS verified boot. Extend functionality is not
implemented.
@@ -141,6 +141,15 @@ config TPM_V2
if TPM_V2 && !TPM_V1
+config TPM2_TIS_SANDBOX
+ bool "Enable sandbox TPMv2.x driver"
+ depends on TPM_V2 && SANDBOX
+ select TPM_DRIVER_SELECTED
+ help
+ This driver emulates a TPMv2.x, providing access to base functions
+ such as basic configuration, PCR extension and PCR read. Extended
+ functionalities are not implemented.
+
config TPM2_TIS_SPI
bool "Enable support for TPMv2.x SPI chips"
depends on TPM_V2 && DM_SPI
diff --git a/drivers/tpm/Makefile b/drivers/tpm/Makefile
index 2c88b64659..98dfbfa488 100644
--- a/drivers/tpm/Makefile
+++ b/drivers/tpm/Makefile
@@ -12,4 +12,5 @@ obj-$(CONFIG_TPM_TIS_SANDBOX) += tpm_tis_sandbox.o
obj-$(CONFIG_TPM_ST33ZP24_I2C) += tpm_tis_st33zp24_i2c.o
obj-$(CONFIG_TPM_ST33ZP24_SPI) += tpm_tis_st33zp24_spi.o
+obj-$(CONFIG_TPM2_TIS_SANDBOX) += tpm2_tis_sandbox.o
obj-$(CONFIG_TPM2_TIS_SPI) += tpm2_tis_spi.o
diff --git a/drivers/tpm/tpm2_tis_sandbox.c b/drivers/tpm/tpm2_tis_sandbox.c
new file mode 100644
index 0000000000..3fca082fb6
--- /dev/null
+++ b/drivers/tpm/tpm2_tis_sandbox.c
@@ -0,0 +1,626 @@
+/*
+ * Copyright (c) 2018, Bootlin
+ * Author: Miquel Raynal <miquel.raynal@bootlin.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0+
+ */
+
+#include <common.h>
+#include <dm.h>
+#include <tpm-v2.h>
+#include <asm/state.h>
+#include <asm/unaligned.h>
+#include <linux/crc8.h>
+
+/* Hierarchies */
+enum tpm2_hierarchy {
+ TPM2_HIERARCHY_LOCKOUT = 0,
+ TPM2_HIERARCHY_ENDORSEMENT,
+ TPM2_HIERARCHY_PLATFORM,
+ TPM2_HIERARCHY_NB,
+};
+
+/* Subset of supported capabilities */
+enum tpm2_capability {
+ TPM_CAP_TPM_PROPERTIES = 0x6,
+};
+
+/* Subset of supported properties */
+#define TPM2_PROPERTIES_OFFSET 0x0000020E
+
+enum tpm2_cap_tpm_property {
+ TPM2_FAIL_COUNTER = 0,
+ TPM2_PROP_MAX_TRIES,
+ TPM2_RECOVERY_TIME,
+ TPM2_LOCKOUT_RECOVERY,
+ TPM2_PROPERTY_NB,
+};
+
+#define SANDBOX_TPM_PCR_NB 1
+
+static const u8 sandbox_extended_once_pcr[] = {
+ 0xf5, 0xa5, 0xfd, 0x42, 0xd1, 0x6a, 0x20, 0x30,
+ 0x27, 0x98, 0xef, 0x6e, 0xd3, 0x09, 0x97, 0x9b,
+ 0x43, 0x00, 0x3d, 0x23, 0x20, 0xd9, 0xf0, 0xe8,
+ 0xea, 0x98, 0x31, 0xa9, 0x27, 0x59, 0xfb, 0x4b,
+};
+
+struct sandbox_tpm2 {
+ /* TPM internal states */
+ bool init_done;
+ bool startup_done;
+ bool tests_done;
+ /* TPM password per hierarchy */
+ char pw[TPM2_HIERARCHY_NB][TPM2_DIGEST_LEN + 1];
+ int pw_sz[TPM2_HIERARCHY_NB];
+ /* TPM properties */
+ u32 properties[TPM2_PROPERTY_NB];
+ /* TPM PCRs */
+ u8 pcr[SANDBOX_TPM_PCR_NB][TPM2_DIGEST_LEN];
+ /* TPM PCR extensions */
+ u32 pcr_extensions[SANDBOX_TPM_PCR_NB];
+};
+
+/*
+ * Check the tag validity depending on the command (authentication required or
+ * not). If authentication is required, check it is valid. Update the auth
+ * pointer to point to the next chunk of data to process if needed.
+ */
+static int sandbox_tpm2_check_session(struct udevice *dev, u32 command, u16 tag,
+ const u8 **auth,
+ enum tpm2_hierarchy *hierarchy)
+{
+ struct sandbox_tpm2 *tpm = dev_get_priv(dev);
+ u32 handle, auth_sz, session_handle;
+ u16 nonce_sz, pw_sz;
+ const char *pw;
+
+ switch (command) {
+ case TPM2_CC_STARTUP:
+ case TPM2_CC_SELF_TEST:
+ case TPM2_CC_GET_CAPABILITY:
+ case TPM2_CC_PCR_READ:
+ if (tag != TPM2_ST_NO_SESSIONS) {
+ printf("No session required for command 0x%x\n",
+ command);
+ return TPM2_RC_BAD_TAG;
+ }
+
+ return 0;
+
+ case TPM2_CC_CLEAR:
+ case TPM2_CC_HIERCHANGEAUTH:
+ case TPM2_CC_DAM_RESET:
+ case TPM2_CC_DAM_PARAMETERS:
+ case TPM2_CC_PCR_EXTEND:
+ if (tag != TPM2_ST_SESSIONS) {
+ printf("Session required for command 0x%x\n", command);
+ return TPM2_RC_AUTH_CONTEXT;
+ }
+
+ handle = get_unaligned_be32(*auth);
+ *auth += sizeof(handle);
+
+ /*
+ * PCR_Extend had a different protection mechanism and does not
+ * use the same standards as other commands.
+ */
+ if (command == TPM2_CC_PCR_EXTEND)
+ break;
+
+ switch (handle) {
+ case TPM2_RH_LOCKOUT:
+ *hierarchy = TPM2_HIERARCHY_LOCKOUT;
+ break;
+ case TPM2_RH_ENDORSEMENT:
+ if (command == TPM2_CC_CLEAR) {
+ printf("Endorsement hierarchy unsupported\n");
+ return TPM2_RC_AUTH_MISSING;
+ }
+ *hierarchy = TPM2_HIERARCHY_ENDORSEMENT;
+ break;
+ case TPM2_RH_PLATFORM:
+ *hierarchy = TPM2_HIERARCHY_PLATFORM;
+ break;
+ default:
+ printf("Wrong handle 0x%x\n", handle);
+ return TPM2_RC_VALUE;
+ }
+
+ break;
+
+ default:
+ printf("Command code not recognized: 0x%x\n", command);
+ return TPM2_RC_COMMAND_CODE;
+ }
+
+ auth_sz = get_unaligned_be32(*auth);
+ *auth += sizeof(auth_sz);
+
+ session_handle = get_unaligned_be32(*auth);
+ *auth += sizeof(session_handle);
+ if (session_handle != TPM2_RS_PW) {
+ printf("Wrong session handle 0x%x\n", session_handle);
+ return TPM2_RC_VALUE;
+ }
+
+ nonce_sz = get_unaligned_be16(*auth);
+ *auth += sizeof(nonce_sz);
+ if (nonce_sz) {
+ printf("Nonces not supported in Sandbox, aborting\n");
+ return TPM2_RC_HANDLE;
+ }
+
+ /* Ignore attributes */
+ *auth += sizeof(u8);
+
+ pw_sz = get_unaligned_be16(*auth);
+ *auth += sizeof(pw_sz);
+ if (auth_sz != (9 + nonce_sz + pw_sz)) {
+ printf("Authentication size (%d) do not match %d\n",
+ auth_sz, 9 + nonce_sz + pw_sz);
+ return TPM2_RC_SIZE;
+ }
+
+ /* No passwork is acceptable */
+ if (!pw_sz && !tpm->pw_sz[*hierarchy])
+ return TPM2_RC_SUCCESS;
+
+ /* Password is too long */
+ if (pw_sz > TPM2_DIGEST_LEN) {
+ printf("Password should not be more than %dB\n",
+ TPM2_DIGEST_LEN);
+ return TPM2_RC_AUTHSIZE;
+ }
+
+ pw = (const char *)*auth;
+ *auth += pw_sz;
+
+ /* Password is wrong */
+ if (pw_sz != tpm->pw_sz[*hierarchy] ||
+ strncmp(pw, tpm->pw[*hierarchy], tpm->pw_sz[*hierarchy])) {
+ printf("Authentication failed: wrong password.\n");
+ return TPM2_RC_BAD_AUTH;
+ }
+
+ return TPM2_RC_SUCCESS;
+}
+
+static int sandbox_tpm2_check_readyness(struct udevice *dev, int command)
+{
+ struct sandbox_tpm2 *tpm = dev_get_priv(dev);
+
+ switch (command) {
+ case TPM2_CC_STARTUP:
+ if (!tpm->init_done || tpm->startup_done)
+ return TPM2_RC_INITIALIZE;
+
+ break;
+ case TPM2_CC_GET_CAPABILITY:
+ if (!tpm->init_done || !tpm->startup_done)
+ return TPM2_RC_INITIALIZE;
+
+ break;
+ case TPM2_CC_SELF_TEST:
+ if (!tpm->startup_done)
+ return TPM2_RC_INITIALIZE;
+
+ break;
+ default:
+ if (!tpm->tests_done)
+ return TPM2_RC_NEEDS_TEST;
+
+ break;
+ }
+
+ return 0;
+}
+
+static int sandbox_tpm2_fill_buf(u8 **recv, size_t *recv_len, u16 tag, u32 rc)
+{
+ *recv_len = sizeof(tag) + sizeof(u32) + sizeof(rc);
+
+ /* Write tag */
+ put_unaligned_be16(tag, *recv);
+ *recv += sizeof(tag);
+
+ /* Write length */
+ put_unaligned_be32(*recv_len, *recv);
+ *recv += sizeof(u32);
+
+ /* Write return code */
+ put_unaligned_be32(rc, *recv);
+ *recv += sizeof(rc);
+
+ /* Add trailing \0 */
+ *recv = '\0';
+
+ return 0;
+}
+
+static int sandbox_tpm2_extend(struct udevice *dev, int pcr_index,
+ const u8 *extension)
+{
+ struct sandbox_tpm2 *tpm = dev_get_priv(dev);
+ int i;
+
+ /* Only simulate the first extensions from all '0' with only '0' */
+ for (i = 0; i < TPM2_DIGEST_LEN; i++)
+ if (tpm->pcr[pcr_index][i] || extension[i])
+ return TPM2_RC_FAILURE;
+
+ memcpy(tpm->pcr[pcr_index], sandbox_extended_once_pcr,
+ TPM2_DIGEST_LEN);
+ tpm->pcr_extensions[pcr_index]++;
+
+ return 0;
+};
+
+static int sandbox_tpm2_xfer(struct udevice *dev, const u8 *sendbuf,
+ size_t send_size, u8 *recvbuf,
+ size_t *recv_len)
+{
+ struct sandbox_tpm2 *tpm = dev_get_priv(dev);
+ enum tpm2_hierarchy hierarchy = 0;
+ const u8 *sent = sendbuf;
+ u8 *recv = recvbuf;
+ u32 length, command, rc = 0;
+ u16 tag, mode, new_pw_sz;
+ u8 yes_no;
+ int i, j;
+
+ /* TPM2_GetProperty */
+ u32 capability, property, property_count;
+
+ /* TPM2_PCR_Read/Extend variables */
+ int pcr_index;
+ u64 pcr_map = 0;
+ u32 selections, pcr_nb;
+ u16 alg;
+ u8 pcr_array_sz;
+
+ tag = get_unaligned_be16(sent);
+ sent += sizeof(tag);
+
+ length = get_unaligned_be32(sent);
+ sent += sizeof(length);
+ if (length != send_size) {
+ printf("TPM2: Unmatching length, received: %ld, expected: %d\n",
+ send_size, length);
+ rc = TPM2_RC_SIZE;
+ sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ return 0;
+ }
+
+ command = get_unaligned_be32(sent);
+ sent += sizeof(command);
+ rc = sandbox_tpm2_check_readyness(dev, command);
+ if (rc) {
+ sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ return 0;
+ }
+
+ rc = sandbox_tpm2_check_session(dev, command, tag, &sent, &hierarchy);
+ if (rc) {
+ sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ return 0;
+ }
+
+ switch (command) {
+ case TPM2_CC_STARTUP:
+ mode = get_unaligned_be16(sent);
+ sent += sizeof(mode);
+ switch (mode) {
+ case TPM2_SU_CLEAR:
+ case TPM2_SU_STATE:
+ break;
+ default:
+ rc = TPM2_RC_VALUE;
+ }
+
+ tpm->startup_done = true;
+
+ sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ break;
+
+ case TPM2_CC_SELF_TEST:
+ yes_no = *sent;
+ sent += sizeof(yes_no);
+ switch (yes_no) {
+ case TPMI_YES:
+ case TPMI_NO:
+ break;
+ default:
+ rc = TPM2_RC_VALUE;
+ }
+
+ tpm->tests_done = true;
+
+ sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ break;
+
+ case TPM2_CC_CLEAR:
+ /* Reset this hierarchy password */
+ tpm->pw_sz[hierarchy] = 0;
+
+ /* Reset all password if thisis the PLATFORM hierarchy */
+ if (hierarchy == TPM2_HIERARCHY_PLATFORM)
+ for (i = 0; i < TPM2_HIERARCHY_NB; i++)
+ tpm->pw_sz[i] = 0;
+
+ /* Reset the properties */
+ for (i = 0; i < TPM2_PROPERTY_NB; i++)
+ tpm->properties[i] = 0;
+
+ /* Reset the PCRs and their number of extensions */
+ for (i = 0; i < SANDBOX_TPM_PCR_NB; i++) {
+ tpm->pcr_extensions[i] = 0;
+ for (j = 0; j < TPM2_DIGEST_LEN; j++)
+ tpm->pcr[i][j] = 0;
+ }
+
+ sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ break;
+
+ case TPM2_CC_HIERCHANGEAUTH:
+ new_pw_sz = get_unaligned_be16(sent);
+ sent += sizeof(new_pw_sz);
+ if (new_pw_sz > TPM2_DIGEST_LEN) {
+ rc = TPM2_RC_SIZE;
+ } else if (new_pw_sz) {
+ tpm->pw_sz[hierarchy] = new_pw_sz;
+ memcpy(tpm->pw[hierarchy], sent, new_pw_sz);
+ sent += new_pw_sz;
+ }
+
+ sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ break;
+
+ case TPM2_CC_GET_CAPABILITY:
+ capability = get_unaligned_be32(sent);
+ sent += sizeof(capability);
+ if (capability != TPM_CAP_TPM_PROPERTIES) {
+ printf("Sandbox TPM only support TPM_CAPABILITIES\n");
+ return TPM2_RC_HANDLE;
+ }
+
+ property = get_unaligned_be32(sent);
+ sent += sizeof(property);
+ property -= TPM2_PROPERTIES_OFFSET;
+
+ property_count = get_unaligned_be32(sent);
+ sent += sizeof(property_count);
+ if (!property_count ||
+ property + property_count > TPM2_PROPERTY_NB) {
+ rc = TPM2_RC_HANDLE;
+ return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ }
+
+ /* Write tag */
+ put_unaligned_be16(tag, recv);
+ recv += sizeof(tag);
+
+ /* Ignore length for now */
+ recv += sizeof(u32);
+
+ /* Write return code */
+ put_unaligned_be32(rc, recv);
+ recv += sizeof(rc);
+
+ /* Tell there is more data to read */
+ *recv = TPMI_YES;
+ recv += sizeof(yes_no);
+
+ /* Repeat the capability */
+ put_unaligned_be32(capability, recv);
+ recv += sizeof(capability);
+
+ /* Give the number of properties that follow */
+ put_unaligned_be32(property_count, recv);
+ recv += sizeof(property_count);
+
+ /* Fill with the properties */
+ for (i = 0; i < property_count; i++) {
+ put_unaligned_be32(TPM2_PROPERTIES_OFFSET + property +
+ i, recv);
+ recv += sizeof(property);
+ put_unaligned_be32(tpm->properties[property + i],
+ recv);
+ recv += sizeof(property);
+ }
+
+ /* Add trailing \0 */
+ *recv = '\0';
+
+ /* Write response length */
+ *recv_len = recv - recvbuf;
+ put_unaligned_be32(*recv_len, recvbuf + sizeof(tag));
+
+ break;
+
+ case TPM2_CC_DAM_PARAMETERS:
+ tpm->properties[TPM2_PROP_MAX_TRIES] = get_unaligned_be32(sent);
+ sent += sizeof(*tpm->properties);
+ tpm->properties[TPM2_RECOVERY_TIME] = get_unaligned_be32(sent);
+ sent += sizeof(*tpm->properties);
+ tpm->properties[TPM2_LOCKOUT_RECOVERY] = get_unaligned_be32(sent);
+ sent += sizeof(*tpm->properties);
+
+ sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ break;
+
+ case TPM2_CC_PCR_READ:
+ selections = get_unaligned_be32(sent);
+ sent += sizeof(selections);
+ if (selections != 1) {
+ printf("Sandbox cannot handle more than one PCR\n");
+ rc = TPM2_RC_VALUE;
+ return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ }
+
+ alg = get_unaligned_be16(sent);
+ sent += sizeof(alg);
+ if (alg != TPM2_ALG_SHA256) {
+ printf("Sandbox TPM only handle SHA256 algorithm\n");
+ rc = TPM2_RC_VALUE;
+ return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ }
+
+ pcr_array_sz = *sent;
+ sent += sizeof(pcr_array_sz);
+ if (!pcr_array_sz || pcr_array_sz > 8) {
+ printf("Sandbox TPM cannot handle so much PCRs\n");
+ rc = TPM2_RC_VALUE;
+ return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ }
+
+ for (i = 0; i < pcr_array_sz; i++)
+ pcr_map += (u64)sent[i] << (i * 8);
+
+ if (pcr_map >> SANDBOX_TPM_PCR_NB) {
+ printf("Sandbox TPM handles up to %d PCR(s)\n",
+ SANDBOX_TPM_PCR_NB);
+ rc = TPM2_RC_VALUE;
+ return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ }
+
+ if (pcr_map >> SANDBOX_TPM_PCR_NB) {
+ printf("Wrong PCR map.\n");
+ rc = TPM2_RC_VALUE;
+ return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ }
+
+ for (i = 0; i < SANDBOX_TPM_PCR_NB; i++)
+ if (pcr_map & BIT(i))
+ pcr_index = i;
+
+ /* Write tag */
+ put_unaligned_be16(tag, recv);
+ recv += sizeof(tag);
+
+ /* Ignore length for now */
+ recv += sizeof(u32);
+
+ /* Write return code */
+ put_unaligned_be32(rc, recv);
+ recv += sizeof(rc);
+
+ /* Number of extensions */
+ put_unaligned_be32(tpm->pcr_extensions[pcr_index], recv);
+ recv += sizeof(u32);
+
+ /* Copy the PCR */
+ memcpy(recv, tpm->pcr[pcr_index], TPM2_DIGEST_LEN);
+ recv += TPM2_DIGEST_LEN;
+
+ /* Add trailing \0 */
+ *recv = '\0';
+
+ /* Write response length */
+ *recv_len = recv - recvbuf;
+ put_unaligned_be32(*recv_len, recvbuf + sizeof(tag));
+
+ break;
+
+ case TPM2_CC_PCR_EXTEND:
+ /* Get the PCR index */
+ pcr_index = get_unaligned_be32(sendbuf + sizeof(tag) +
+ sizeof(length) +
+ sizeof(command));
+ if (pcr_index > SANDBOX_TPM_PCR_NB) {
+ printf("Sandbox TPM handles up to %d PCR(s)\n",
+ SANDBOX_TPM_PCR_NB);
+ rc = TPM2_RC_VALUE;
+ }
+
+ /* Check the number of hashes */
+ pcr_nb = get_unaligned_be32(sent);
+ sent += sizeof(pcr_nb);
+ if (pcr_nb != 1) {
+ printf("Sandbox cannot handle more than one PCR\n");
+ rc = TPM2_RC_VALUE;
+ return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ }
+
+ /* Check the hash algorithm */
+ alg = get_unaligned_be16(sent);
+ sent += sizeof(alg);
+ if (alg != TPM2_ALG_SHA256) {
+ printf("Sandbox TPM only handle SHA256 algorithm\n");
+ rc = TPM2_RC_VALUE;
+ return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ }
+
+ /* Extend the PCR */
+ rc = sandbox_tpm2_extend(dev, pcr_index, sent);
+
+ sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ break;
+
+ default:
+ printf("TPM2 command %02x unknown in Sandbox\n", command);
+ rc = TPM2_RC_COMMAND_CODE;
+ sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc);
+ }
+
+ return 0;
+}
+
+static int sandbox_tpm2_get_desc(struct udevice *dev, char *buf, int size)
+{
+ if (size < 15)
+ return -ENOSPC;
+
+ return snprintf(buf, size, "Sandbox TPM2.x");
+}
+
+static int sandbox_tpm2_open(struct udevice *dev)
+{
+ struct sandbox_tpm2 *tpm = dev_get_priv(dev);
+
+ if (tpm->init_done)
+ return -EIO;
+
+ tpm->init_done = true;
+
+ return 0;
+}
+
+static int sandbox_tpm2_probe(struct udevice *dev)
+{
+ struct sandbox_tpm2 *tpm = dev_get_priv(dev);
+ struct tpm_chip_priv *priv = dev_get_uclass_priv(dev);
+
+ memset(tpm, 0, sizeof(*tpm));
+
+ priv->pcr_count = 32;
+ priv->pcr_select_min = 2;
+
+ return 0;
+}
+
+static int sandbox_tpm2_close(struct udevice *dev)
+{
+ return 0;
+}
+
+static const struct tpm_ops sandbox_tpm2_ops = {
+ .open = sandbox_tpm2_open,
+ .close = sandbox_tpm2_close,
+ .get_desc = sandbox_tpm2_get_desc,
+ .xfer = sandbox_tpm2_xfer,
+};
+
+static const struct udevice_id sandbox_tpm2_ids[] = {
+ { .compatible = "sandbox,tpm2" },
+ { }
+};
+
+U_BOOT_DRIVER(sandbox_tpm2) = {
+ .name = "sandbox_tpm2",
+ .id = UCLASS_TPM,
+ .of_match = sandbox_tpm2_ids,
+ .ops = &sandbox_tpm2_ops,
+ .probe = sandbox_tpm2_probe,
+ .priv_auto_alloc_size = sizeof(struct sandbox_tpm2),
+};
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 30/32] doc: device-tree-bindings: add Sandbox TPMv2.0 module info
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (28 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 29/32] tpm: add a Sandbox TPMv2.x driver Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:56 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 31/32] sandbox: dts: add Sandbox TPMv2.x node Miquel Raynal
` (2 subsequent siblings)
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Add Sandbox TPMv2.0 module bindings.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
doc/device-tree-bindings/tpm2/sandbox.txt | 11 +++++++++++
1 file changed, 11 insertions(+)
create mode 100644 doc/device-tree-bindings/tpm2/sandbox.txt
diff --git a/doc/device-tree-bindings/tpm2/sandbox.txt b/doc/device-tree-bindings/tpm2/sandbox.txt
new file mode 100644
index 0000000000..3d0f727cc4
--- /dev/null
+++ b/doc/device-tree-bindings/tpm2/sandbox.txt
@@ -0,0 +1,11 @@
+Sandbox TPMv2.0 bindings
+------------------------
+
+Required properties:
+- compatible : Should be "sandbox,tpm2"
+
+Example:
+
+ tpm {
+ compatible = "sandbox,tpm2";
+ };
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 31/32] sandbox: dts: add Sandbox TPMv2.x node
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (29 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 30/32] doc: device-tree-bindings: add Sandbox TPMv2.0 module info Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:01 ` Tom Rini
2018-05-26 15:56 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 32/32] configs: add TPMv2.x support in Sandbox Miquel Raynal
2018-05-15 16:01 ` [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Tom Rini
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
This node declares the presence of the Sandbox TPMv2.x emulated chip,
available for testing.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
arch/sandbox/dts/sandbox.dts | 4 ++++
arch/sandbox/dts/sandbox64.dts | 4 ++++
arch/sandbox/dts/test.dts | 4 ++++
3 files changed, 12 insertions(+)
diff --git a/arch/sandbox/dts/sandbox.dts b/arch/sandbox/dts/sandbox.dts
index 1fb8225fbb..09194684c6 100644
--- a/arch/sandbox/dts/sandbox.dts
+++ b/arch/sandbox/dts/sandbox.dts
@@ -238,6 +238,10 @@
compatible = "google,sandbox-tpm";
};
+ tpm2 {
+ compatible = "sandbox,tpm2";
+ };
+
triangle {
compatible = "demo-shape";
colour = "cyan";
diff --git a/arch/sandbox/dts/sandbox64.dts b/arch/sandbox/dts/sandbox64.dts
index d6efc011de..6c6bcd4fce 100644
--- a/arch/sandbox/dts/sandbox64.dts
+++ b/arch/sandbox/dts/sandbox64.dts
@@ -238,6 +238,10 @@
compatible = "google,sandbox-tpm";
};
+ tpm2 {
+ compatible = "sandbox,tpm2";
+ };
+
triangle {
compatible = "demo-shape";
colour = "cyan";
diff --git a/arch/sandbox/dts/test.dts b/arch/sandbox/dts/test.dts
index b0f0ca8f19..4a66dbdca3 100644
--- a/arch/sandbox/dts/test.dts
+++ b/arch/sandbox/dts/test.dts
@@ -394,6 +394,10 @@
clock-frequency = <1000000>;
};
+ tpm2 {
+ compatible = "sandbox,tpm2";
+ };
+
uart0: serial {
compatible = "sandbox,serial";
u-boot,dm-pre-reloc;
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 32/32] configs: add TPMv2.x support in Sandbox
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (30 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 31/32] sandbox: dts: add Sandbox TPMv2.x node Miquel Raynal
@ 2018-05-15 9:57 ` Miquel Raynal
2018-05-15 16:01 ` Tom Rini
2018-05-26 15:56 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 16:01 ` [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Tom Rini
32 siblings, 2 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 9:57 UTC (permalink / raw)
To: u-boot
Enable the Sandbox TPMv2 driver in all possible configurations.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
configs/sandbox64_defconfig | 1 +
configs/sandbox_defconfig | 1 +
configs/sandbox_flattree_defconfig | 1 +
configs/sandbox_noblk_defconfig | 1 +
configs/sandbox_spl_defconfig | 1 +
5 files changed, 5 insertions(+)
diff --git a/configs/sandbox64_defconfig b/configs/sandbox64_defconfig
index 8f96c16d42..2123e38c57 100644
--- a/configs/sandbox64_defconfig
+++ b/configs/sandbox64_defconfig
@@ -175,6 +175,7 @@ CONFIG_TIMER=y
CONFIG_TIMER_EARLY=y
CONFIG_SANDBOX_TIMER=y
CONFIG_TPM_TIS_SANDBOX=y
+CONFIG_TPM2_TIS_SANDBOX=y
CONFIG_USB=y
CONFIG_DM_USB=y
CONFIG_USB_EMUL=y
diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig
index 063828333d..0cc315148c 100644
--- a/configs/sandbox_defconfig
+++ b/configs/sandbox_defconfig
@@ -175,6 +175,7 @@ CONFIG_TIMER=y
CONFIG_TIMER_EARLY=y
CONFIG_SANDBOX_TIMER=y
CONFIG_TPM_TIS_SANDBOX=y
+CONFIG_TPM2_TIS_SANDBOX=y
CONFIG_USB=y
CONFIG_DM_USB=y
CONFIG_USB_EMUL=y
diff --git a/configs/sandbox_flattree_defconfig b/configs/sandbox_flattree_defconfig
index d5f23796b8..29b8a1fb48 100644
--- a/configs/sandbox_flattree_defconfig
+++ b/configs/sandbox_flattree_defconfig
@@ -155,6 +155,7 @@ CONFIG_TIMER=y
CONFIG_TIMER_EARLY=y
CONFIG_SANDBOX_TIMER=y
CONFIG_TPM_TIS_SANDBOX=y
+CONFIG_TPM2_TIS_SANDBOX=y
CONFIG_USB=y
CONFIG_DM_USB=y
CONFIG_USB_EMUL=y
diff --git a/configs/sandbox_noblk_defconfig b/configs/sandbox_noblk_defconfig
index b01a9fdf7e..7bad141007 100644
--- a/configs/sandbox_noblk_defconfig
+++ b/configs/sandbox_noblk_defconfig
@@ -155,6 +155,7 @@ CONFIG_TIMER=y
CONFIG_TIMER_EARLY=y
CONFIG_SANDBOX_TIMER=y
CONFIG_TPM_TIS_SANDBOX=y
+CONFIG_TPM2_TIS_SANDBOX=y
CONFIG_USB=y
CONFIG_DM_USB=y
CONFIG_USB_EMUL=y
diff --git a/configs/sandbox_spl_defconfig b/configs/sandbox_spl_defconfig
index 802dc30f26..647e67f533 100644
--- a/configs/sandbox_spl_defconfig
+++ b/configs/sandbox_spl_defconfig
@@ -173,6 +173,7 @@ CONFIG_TIMER=y
CONFIG_TIMER_EARLY=y
CONFIG_SANDBOX_TIMER=y
CONFIG_TPM_TIS_SANDBOX=y
+CONFIG_TPM2_TIS_SANDBOX=y
CONFIG_USB=y
CONFIG_DM_USB=y
CONFIG_USB_EMUL=y
--
2.14.1
^ permalink raw reply related [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 01/32] tpm: remove redundant blank line
2018-05-15 9:56 ` [U-Boot] [PATCH v4 01/32] tpm: remove redundant blank line Miquel Raynal
@ 2018-05-15 15:58 ` Tom Rini
2018-05-15 16:02 ` Simon Glass
2018-05-26 15:53 ` [U-Boot] [U-Boot,v4,01/32] " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 15:58 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:56:57AM +0200, Miquel Raynal wrote:
> Fix following checkpatch.pl issue in TPM-related code:
>
> CHECK: Please don't use multiple blank lines
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/216169c7/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 02/32] tpm: remove extra spaces between a function and its opening bracket
2018-05-15 9:56 ` [U-Boot] [PATCH v4 02/32] tpm: remove extra spaces between a function and its opening bracket Miquel Raynal
@ 2018-05-15 15:58 ` Tom Rini
2018-05-15 16:02 ` Simon Glass
2018-05-26 15:53 ` [U-Boot] [U-Boot, v4, " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 15:58 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:56:58AM +0200, Miquel Raynal wrote:
> Fix following checkpatch.pl issue in TPM-related code:
>
> WARNING: space prohibited between function name and open
> parenthesis '('
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/2a9ea660/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 03/32] tpm: substitute deprecated uint<x>_t types with their u<x> equivalent
2018-05-15 9:56 ` [U-Boot] [PATCH v4 03/32] tpm: substitute deprecated uint<x>_t types with their u<x> equivalent Miquel Raynal
@ 2018-05-15 15:58 ` Tom Rini
2018-05-15 16:04 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 15:58 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:56:59AM +0200, Miquel Raynal wrote:
> Fix following checkpatch.pl issues in TPM-related code:
>
> CHECK: Prefer kernel type 'u8' over 'uint8_t'
> CHECK: Prefer kernel type 'u16' over 'uint16_t'
> CHECK: Prefer kernel type 'u32' over 'uint32_t'
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/6d7396d0/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 04/32] tpm: align arguments with open parenthesis
2018-05-15 9:57 ` [U-Boot] [PATCH v4 04/32] tpm: align arguments with open parenthesis Miquel Raynal
@ 2018-05-15 15:58 ` Tom Rini
2018-05-15 16:02 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 15:58 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:00AM +0200, Miquel Raynal wrote:
> Fix following checkpatch.pl issue in TPM-related code:
>
> CHECK: Alignment should match open parenthesis
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/029d6539/attachment-0001.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 05/32] tpm: use the BIT() macro where applicable
2018-05-15 9:57 ` [U-Boot] [PATCH v4 05/32] tpm: use the BIT() macro where applicable Miquel Raynal
@ 2018-05-15 15:58 ` Tom Rini
2018-05-15 16:03 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 15:58 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:01AM +0200, Miquel Raynal wrote:
> Fix following checkpatch.pl issue in TPM-related code:
>
> CHECK: Prefer using the BIT macro
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/dc2be590/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 06/32] tpm: fix spelling
2018-05-15 9:57 ` [U-Boot] [PATCH v4 06/32] tpm: fix spelling Miquel Raynal
@ 2018-05-15 15:58 ` Tom Rini
2018-05-15 16:03 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot,v4,06/32] " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 15:58 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:02AM +0200, Miquel Raynal wrote:
> Fix following checkpatch.pl issues in TPM-related code:
>
> CHECK: '<x>' may be misspelled - perhaps '<y>'?
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/faf90df6/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 07/32] tpm: add extra blank lines between declarations and code
2018-05-15 9:57 ` [U-Boot] [PATCH v4 07/32] tpm: add extra blank lines between declarations and code Miquel Raynal
@ 2018-05-15 15:58 ` Tom Rini
2018-05-15 16:04 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 15:58 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:03AM +0200, Miquel Raynal wrote:
> Fix following checkpatch.pl issue in TPM-related code:
>
> WARNING: Missing a blank line after declarations
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/d9d9f833/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 08/32] tpm: add Revision ID field in the chip structure
2018-05-15 9:57 ` [U-Boot] [PATCH v4 08/32] tpm: add Revision ID field in the chip structure Miquel Raynal
@ 2018-05-15 15:58 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 15:58 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:04AM +0200, Miquel Raynal wrote:
> TPM are shipped with a few read-only register from which we can retrieve
> for instance:
> - vendor ID
> - product ID
> - revision ID
>
> Product and vendor ID share the same register and are already referenced
> in the tpm_chip structure. Add the revision ID entry which is missing.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/362c8046/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 09/32] tpm: prepare introduction of TPMv2.x support in Kconfig
2018-05-15 9:57 ` [U-Boot] [PATCH v4 09/32] tpm: prepare introduction of TPMv2.x support in Kconfig Miquel Raynal
@ 2018-05-15 15:58 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 15:58 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:05AM +0200, Miquel Raynal wrote:
> Because both major revisions are not compatible at all, let's make them
> mutually exclusive in Kconfig. This way we will be sure, when using a
> command or a library function that it is supported by the right
> revision.
>
> Current drivers are currently prefixed by "tpm_", we will prefix TPMv2.x
> files by "tpm2_" to make the distinction without moving everything.
>
> The Kconfig menu about TPM drivers is now divided into two sections, one
> for each specification. Compliant drivers with one specification will
> only show up if this specification _only_ has been selected, otherwise a
> comment is displayed.
>
> Once a driver is selected by the user, it selects automatically a
> boolean value, that is needed in order to activate the TPM commands.
> Selecting the TPM commands will automatically select the right
> command/library files.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/4918847c/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 10/32] tpm: disociate TPMv1.x specific and generic code
2018-05-15 9:57 ` [U-Boot] [PATCH v4 10/32] tpm: disociate TPMv1.x specific and generic code Miquel Raynal
@ 2018-05-15 15:58 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 15:58 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:06AM +0200, Miquel Raynal wrote:
> There are no changes in this commit but a new organization of the code
> as follow.
>
> * cmd/ directory:
> > move existing code from cmd/tpm.c in cmd/tpm-common.c
> > move specific code in cmd/tpm-v1.c
> > create a specific header file with generic definitions for
> commands only called cmd/tpm-user-utils.h
>
> * lib/ directory:
> > move existing code from lib/tpm.c in lib/tpm-common.c
> > move specific code in lib/tpm-v1.c
> > create a specific header file with generic definitions for
> the library itself called lib/tpm-utils.h
>
> * include/ directory:
> > move existing code from include/tpm.h in include/tpm-common.h
> > move specific code in include/tpm-v1.h
>
> Code designated as 'common' is compiled if TPM are used. Code designated
> as 'specific' is compiled only if the right specification has been
> selected.
>
> All files include tpm-common.h.
> Files in cmd/ include tpm-user-utils.h.
> Files in lib/ include tpm-utils.h.
> Depending on the specification, files may include either (not both)
> tpm-v1.h or tpm-v2.h.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Doing some out-of-band copy/diff'ing to check before/after in the parts
git couldn't just see as a move looks good to me:
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/f430ecb5/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 11/32] tpm: add missing parameter in private data structure description
2018-05-15 9:57 ` [U-Boot] [PATCH v4 11/32] tpm: add missing parameter in private data structure description Miquel Raynal
@ 2018-05-15 15:58 ` Tom Rini
2018-05-15 16:04 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 15:58 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:07AM +0200, Miquel Raynal wrote:
> Both parameters 'duration_ms' and 'retry_time_ms' of the tpm_chip_priv
> structure are documented is the comment above the declaration but 'buf'
> was forgotten. Add the missing description.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/c62f2337/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 12/32] tpm: prepare support for TPMv2.x commands
2018-05-15 9:57 ` [U-Boot] [PATCH v4 12/32] tpm: prepare support for TPMv2.x commands Miquel Raynal
@ 2018-05-15 15:58 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 15:58 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:08AM +0200, Miquel Raynal wrote:
> Choice between v1 and v2 compliant functions is done with the
> configuration.
>
> Create the various files that will receive TPMv2-only code on the same
> scheme as for the TPMv1 code.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/c743595e/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 13/32] tpm: add macros to enhance TPM commands readability
2018-05-15 9:57 ` [U-Boot] [PATCH v4 13/32] tpm: add macros to enhance TPM commands readability Miquel Raynal
@ 2018-05-15 15:59 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 15:59 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:09AM +0200, Miquel Raynal wrote:
> TPM commands are much easier to read/write with these macros that will
> transform words or integers into byte strings. This way, there is no
> need to call pack_byte_string() while all variable length in a command
> are known (and at must 4 bytes, which is a lot of them).
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/c0f770b9/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 14/32] tpm: add possible traces to analyze buffers returned by the TPM
2018-05-15 9:57 ` [U-Boot] [PATCH v4 14/32] tpm: add possible traces to analyze buffers returned by the TPM Miquel Raynal
@ 2018-05-15 15:59 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 15:59 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:10AM +0200, Miquel Raynal wrote:
> When debugging, it is welcome to get more information about what the TPM
> returns. Add the possibility to print the packets received to show their
> exact content.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/58fad844/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 15/32] tpm: report driver error code to upper layer
2018-05-15 9:57 ` [U-Boot] [PATCH v4 15/32] tpm: report driver error code to upper layer Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:11AM +0200, Miquel Raynal wrote:
> Instead of returning a generic 'library' error, report back the actual
> error code so it can be displayed to the user by the regular error path.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/068ff1e0/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 16/32] tpm: add TPM2_Startup command support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 16/32] tpm: add TPM2_Startup command support Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:12AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_Startup command.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/e7537cf6/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 17/32] tpm: add TPM2_SelfTest command support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 17/32] tpm: add TPM2_SelfTest " Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:13AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_Selftest command.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/1f564317/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 18/32] tpm: add TPM2_Clear command support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 18/32] tpm: add TPM2_Clear " Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot,v4,18/32] " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:14AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_Clear command.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/1cf5df89/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 19/32] tpm: add TPM2_PCR_Extend command support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 19/32] tpm: add TPM2_PCR_Extend " Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:15AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_PCR_Extend command.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/bd9c54fe/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 20/32] tpm: add TPM2_PCR_Read command support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 20/32] tpm: add TPM2_PCR_Read " Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:16AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_PCR_Read command.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/b73deff1/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 21/32] tpm: add TPM2_GetCapability command support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 21/32] tpm: add TPM2_GetCapability " Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:17AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_GetCapability command.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/43ac03a1/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 22/32] tpm: add dictionary attack mitigation commands support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 22/32] tpm: add dictionary attack mitigation commands support Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:18AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_DictionaryAttackParameters and
> TPM2_DictionaryAttackLockReset commands.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/7d44cb2f/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 23/32] tpm: add TPM2_HierarchyChangeAuth command support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 23/32] tpm: add TPM2_HierarchyChangeAuth command support Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:19AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_HierarchyChangeAuth command.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/51a48c65/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 24/32] tpm: add PCR authentication commands support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 24/32] tpm: add PCR authentication commands support Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:20AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_PCR_SetAuthPolicy and
> TPM2_PCR_SetAuthValue commands.
>
> Change the command file and the help accordingly.
>
> Note: These commands could not be tested because the TPMs available
> do not support them, however they could be useful for someone else.
> The user is warned by the command help.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/31845903/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 25/32] tpm: add support for TPMv2.x SPI modules
2018-05-15 9:57 ` [U-Boot] [PATCH v4 25/32] tpm: add support for TPMv2.x SPI modules Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-15 16:04 ` Simon Glass
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:21AM +0200, Miquel Raynal wrote:
> Add the tpm2_tis_spi driver that should support any TPMv2 compliant
> (SPI) module.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/a5f5a272/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 26/32] tpm: add the possibility to reset the chip with a gpio
2018-05-15 9:57 ` [U-Boot] [PATCH v4 26/32] tpm: add the possibility to reset the chip with a gpio Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-15 16:05 ` Simon Glass
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:22AM +0200, Miquel Raynal wrote:
> On some designs, the reset line could not be connected to the SoC reset
> line, in this case, request the GPIO and ensure the chip gets reset.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/ad69d3ce/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 27/32] doc: device-tree-bindings: add TIS TPMv2.0 SPI module info
2018-05-15 9:57 ` [U-Boot] [PATCH v4 27/32] doc: device-tree-bindings: add TIS TPMv2.0 SPI module info Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:23AM +0200, Miquel Raynal wrote:
> Add TIS TPMv2.0 SPI module bindings.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/b2530523/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 28/32] test/py: add TPMv2.x test suite
2018-05-15 9:57 ` [U-Boot] [PATCH v4 28/32] test/py: add TPMv2.x test suite Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot,v4,28/32] " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:24AM +0200, Miquel Raynal wrote:
> Add tests for the TPMv2.x commands.
> These commands may run both on a physical TPM and with the sandbox
> driver.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/a53a064a/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 29/32] tpm: add a Sandbox TPMv2.x driver
2018-05-15 9:57 ` [U-Boot] [PATCH v4 29/32] tpm: add a Sandbox TPMv2.x driver Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot,v4,29/32] " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:25AM +0200, Miquel Raynal wrote:
> This driver can emulate all the basic functionalities of a TPMv2.x
> chip and should behave like them during regular testing.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/69b94c58/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 30/32] doc: device-tree-bindings: add Sandbox TPMv2.0 module info
2018-05-15 9:57 ` [U-Boot] [PATCH v4 30/32] doc: device-tree-bindings: add Sandbox TPMv2.0 module info Miquel Raynal
@ 2018-05-15 16:00 ` Tom Rini
2018-05-26 15:56 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:00 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:26AM +0200, Miquel Raynal wrote:
> Add Sandbox TPMv2.0 module bindings.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/dc73e05b/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 31/32] sandbox: dts: add Sandbox TPMv2.x node
2018-05-15 9:57 ` [U-Boot] [PATCH v4 31/32] sandbox: dts: add Sandbox TPMv2.x node Miquel Raynal
@ 2018-05-15 16:01 ` Tom Rini
2018-05-26 15:56 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:01 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:27AM +0200, Miquel Raynal wrote:
> This node declares the presence of the Sandbox TPMv2.x emulated chip,
> available for testing.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/100d6a14/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 32/32] configs: add TPMv2.x support in Sandbox
2018-05-15 9:57 ` [U-Boot] [PATCH v4 32/32] configs: add TPMv2.x support in Sandbox Miquel Raynal
@ 2018-05-15 16:01 ` Tom Rini
2018-05-26 15:56 ` [U-Boot] [U-Boot, v4, " Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:01 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:28AM +0200, Miquel Raynal wrote:
> Enable the Sandbox TPMv2 driver in all possible configurations.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/6da1da48/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
` (31 preceding siblings ...)
2018-05-15 9:57 ` [U-Boot] [PATCH v4 32/32] configs: add TPMv2.x support in Sandbox Miquel Raynal
@ 2018-05-15 16:01 ` Tom Rini
32 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 16:01 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:56:56AM +0200, Miquel Raynal wrote:
> Current U-Boot supports TPM v1.2 specification. The new specification
> (v2.0) is not backward compatible and renames/introduces several
> functions. This series introduces the support for TPMv2.x chips.
>
> First, some cleaning is done in TPM-related code. Then, the code is
> split in two categories: generic code (common for both specifications)
> and specific code (only used by one specification).
>
> Then, basic functionalities are introduced one by one for the v2.x
> specification. TPMv1 vs TPMv2 commands/support distinction is done with
> Kconfig options. Drivers of only one specification can be selected at a
> time.
>
> A new SPI driver following the TPM v2.x specification is introduced. It
> has been tested on a ST TPM but should be usable with others v2.0
> compliant chips.
>
> Finally a full Python test suite is added, as well as a Sandbox driver.
> Regular testing may be done through the test/py/ framework when using
> real hardware as well as the Sandbox driver. The following test has run
> more than 300 times without failing with my setup:
>
> test/py/test.py --bd <board> -k tpm2
>
> Available commands for v2.0 TPMs are:
> * STARTUP
> * SELF TEST
> * CLEAR
> * PCR EXTEND
> * PCR READ
> * GET CAPABILITY
> * DICTIONARY ATTACK LOCK RESET
> * DICTIONARY ATTACK CHANGE PARAMETERS
> * HIERARCHY CHANGE AUTH
>
> Two commands have been written but could not be tested (unsupported by
> the TPM chosen):
> * PCR CHANGE AUTH POLICY
> * PCR CHANGE AUTH VALUE
>
> With this set of function, minimal TPMv2.0 handling is possible with the
> following sequence.
>
> * First, initialize the TPM stack in U-Boot.
>
> > tpm init
>
> * Then send the STARTUP command to the TPM. The flag is slightly
> different between the revisions.
>
> > tpm startup TPM2_SU_CLEAR
>
> * To enable full TPM capabilities, continue the tests (or do them all
> again). It seems like self_test_full always waits for the operation to
> finish, while continue_self_test returns a busy state if called to
> early.
>
> > tpm self_test full
> > tpm self_test continue
>
> * Manage passwords (force_clear also resets a lot of internal stuff).
> Olderly, TAKE OWNERSHIP == CLEAR + CHANGE AUTH. LOCKOUT is an example,
> ENDORSEMENT and PLATFORM hierarchies are available too:
>
> > tpm clear TPM2_RH_LOCKOUT [<pw>]
> > tpm change_auth TPM2_RH_LOCKOUT <new_pw> [<old_pw>]
>
> * Dictionary Attack Mitigation (DAM) parameters can be changed. It is
> possible to reset the failure counter and disable the lockout (values
> erased after a CLEAR). It is then possible to check the parameters
> have been correctly applied.
>
> > tpm dam_reset [<pw>]
> > tpm dam_parameters 0xffff 1 0 [<pw>]
> > tpm get_capability 0x0006 0x020e 0x4000000 4
>
> * PCR policy may be changed (untested).
> PCR can be extended (no protection against packet replay yet).
> PCR can be read (the counter with the number of "extensions" is also
> given).
>
> > tpm pcr_setauthpolicy 0 12345678901234567890123456789012 [<pw>]
> > tpm pcr_read 0 0x4000000
> > tpm pcr_extend 0 0x4000000
>
> Thanks,
> Miquèl
>
> Changes since v3:
> =================
> * Added Simon Glass's RB tags.
> * Moved all the small fixes about lines, alignments, spellings, etc out
> of the big commit splitting the TPM code structure. Multiple commits
> have been made for these changes. Now the split is still done in one
> commit, but it is supposed to be only code moves and headers changes.
> * Used map_sysmem() calls to let Sandbox run TPM commands instead of my
> hack (allocating memory on the go).
> * Updated the documentation to use the new way of declaring parameters:
> s/@param x: y/@x: y/.
> * Added two parameters in the chip private structure to store the number
> of PCRs and the minimum number of bytes needed to address one in a TPM
> command. This should fit all the TIS TPM2 compliant modules.
> * The above change removes some (wrongly) hardcoded values.
> * Changed the error path as suggested in tpm2_get_capability().
> * Minor rephrasing.
> * Explained in tpm2_get_capability() the offset '19'.
> * Removed useless reset of rx_buf[0] in tpm_tis_spi_xfer().
> * Changed the way spi_xfer return code is checked: error out on any
> value != 0 instead of just negative ones.
> * Removed unused functions flagged __maybe_unused as well as well as the
> __maybe_unused flags themselves when not needed.
> * Simplified the validity check of the GPIO as suggested.
> * Updated the compatible property for the SPI modules (as well as the
> bindings docuementation) to be simply "tis,tpm2-spi" which should work
> with most compliant chips. Data is linked to this generic compatible
> in the TPM driver, other values may be added if needed in the future
> to fit other chips that would use different values than the current
> ones (used by Infineon SLB 9670 and ST ST33TPHF20 modules, for
> instance).
Some of the new files have old-style SPDX tags. If there's no further
changes requested, I'll fix these up when applying. Thanks again!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/294c0a54/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 01/32] tpm: remove redundant blank line
2018-05-15 9:56 ` [U-Boot] [PATCH v4 01/32] tpm: remove redundant blank line Miquel Raynal
2018-05-15 15:58 ` Tom Rini
@ 2018-05-15 16:02 ` Simon Glass
2018-05-26 15:53 ` [U-Boot] [U-Boot,v4,01/32] " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Simon Glass @ 2018-05-15 16:02 UTC (permalink / raw)
To: u-boot
On 15 May 2018 at 19:56, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
> Fix following checkpatch.pl issue in TPM-related code:
>
> CHECK: Please don't use multiple blank lines
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> ---
> lib/tpm.c | 1 -
> 1 file changed, 1 deletion(-)
Reviewed-by: Simon Glass <sjg@chromium.org>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 02/32] tpm: remove extra spaces between a function and its opening bracket
2018-05-15 9:56 ` [U-Boot] [PATCH v4 02/32] tpm: remove extra spaces between a function and its opening bracket Miquel Raynal
2018-05-15 15:58 ` Tom Rini
@ 2018-05-15 16:02 ` Simon Glass
2018-05-26 15:53 ` [U-Boot] [U-Boot, v4, " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Simon Glass @ 2018-05-15 16:02 UTC (permalink / raw)
To: u-boot
On 15 May 2018 at 19:56, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
> Fix following checkpatch.pl issue in TPM-related code:
>
> WARNING: space prohibited between function name and open
> parenthesis '('
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> ---
> lib/tpm.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
Reviewed-by: Simon Glass <sjg@chromium.org>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 04/32] tpm: align arguments with open parenthesis
2018-05-15 9:57 ` [U-Boot] [PATCH v4 04/32] tpm: align arguments with open parenthesis Miquel Raynal
2018-05-15 15:58 ` Tom Rini
@ 2018-05-15 16:02 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Simon Glass @ 2018-05-15 16:02 UTC (permalink / raw)
To: u-boot
On 15 May 2018 at 19:57, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
> Fix following checkpatch.pl issue in TPM-related code:
>
> CHECK: Alignment should match open parenthesis
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> ---
> cmd/tpm.c | 120 ++++++++++++++++++++++++++++++--------------------------------
> lib/tpm.c | 100 ++++++++++++++++++++++++++-------------------------
> 2 files changed, 110 insertions(+), 110 deletions(-)
Reviewed-by: Simon Glass <sjg@chromium.org>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 05/32] tpm: use the BIT() macro where applicable
2018-05-15 9:57 ` [U-Boot] [PATCH v4 05/32] tpm: use the BIT() macro where applicable Miquel Raynal
2018-05-15 15:58 ` Tom Rini
@ 2018-05-15 16:03 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Simon Glass @ 2018-05-15 16:03 UTC (permalink / raw)
To: u-boot
On 15 May 2018 at 19:57, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
> Fix following checkpatch.pl issue in TPM-related code:
>
> CHECK: Prefer using the BIT macro
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> ---
> include/tpm.h | 14 +++++++-------
> 1 file changed, 7 insertions(+), 7 deletions(-)
Reviewed-by: Simon Glass <sjg@chromium.org>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 06/32] tpm: fix spelling
2018-05-15 9:57 ` [U-Boot] [PATCH v4 06/32] tpm: fix spelling Miquel Raynal
2018-05-15 15:58 ` Tom Rini
@ 2018-05-15 16:03 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot,v4,06/32] " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Simon Glass @ 2018-05-15 16:03 UTC (permalink / raw)
To: u-boot
On 15 May 2018 at 19:57, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
> Fix following checkpatch.pl issues in TPM-related code:
>
> CHECK: '<x>' may be misspelled - perhaps '<y>'?
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> ---
> include/tpm.h | 8 ++++----
> lib/tpm.c | 2 +-
> 2 files changed, 5 insertions(+), 5 deletions(-)
Reviewed-by: Simon Glass <sjg@chromium.org>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 07/32] tpm: add extra blank lines between declarations and code
2018-05-15 9:57 ` [U-Boot] [PATCH v4 07/32] tpm: add extra blank lines between declarations and code Miquel Raynal
2018-05-15 15:58 ` Tom Rini
@ 2018-05-15 16:04 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Simon Glass @ 2018-05-15 16:04 UTC (permalink / raw)
To: u-boot
On 15 May 2018 at 19:57, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
> Fix following checkpatch.pl issue in TPM-related code:
>
> WARNING: Missing a blank line after declarations
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> ---
> lib/tpm.c | 3 +++
> 1 file changed, 3 insertions(+)
Reviewed-by: Simon Glass <sjg@chromium.org>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 03/32] tpm: substitute deprecated uint<x>_t types with their u<x> equivalent
2018-05-15 9:56 ` [U-Boot] [PATCH v4 03/32] tpm: substitute deprecated uint<x>_t types with their u<x> equivalent Miquel Raynal
2018-05-15 15:58 ` Tom Rini
@ 2018-05-15 16:04 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Simon Glass @ 2018-05-15 16:04 UTC (permalink / raw)
To: u-boot
On 15 May 2018 at 19:56, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
> Fix following checkpatch.pl issues in TPM-related code:
>
> CHECK: Prefer kernel type 'u8' over 'uint8_t'
> CHECK: Prefer kernel type 'u16' over 'uint16_t'
> CHECK: Prefer kernel type 'u32' over 'uint32_t'
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> ---
> cmd/tpm.c | 86 ++++++++---------
> include/tpm.h | 72 +++++++--------
> lib/tpm.c | 290 +++++++++++++++++++++++++++++-----------------------------
> 3 files changed, 220 insertions(+), 228 deletions(-)
Reviewed-by: Simon Glass <sjg@chromium.org>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 11/32] tpm: add missing parameter in private data structure description
2018-05-15 9:57 ` [U-Boot] [PATCH v4 11/32] tpm: add missing parameter in private data structure description Miquel Raynal
2018-05-15 15:58 ` Tom Rini
@ 2018-05-15 16:04 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Simon Glass @ 2018-05-15 16:04 UTC (permalink / raw)
To: u-boot
On 15 May 2018 at 19:57, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
> Both parameters 'duration_ms' and 'retry_time_ms' of the tpm_chip_priv
> structure are documented is the comment above the declaration but 'buf'
> was forgotten. Add the missing description.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> ---
> include/tpm-common.h | 1 +
> 1 file changed, 1 insertion(+)
Reviewed-by: Simon Glass <sjg@chromium.org>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 25/32] tpm: add support for TPMv2.x SPI modules
2018-05-15 9:57 ` [U-Boot] [PATCH v4 25/32] tpm: add support for TPMv2.x SPI modules Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-15 16:04 ` Simon Glass
2018-05-15 16:20 ` Miquel Raynal
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2 siblings, 1 reply; 112+ messages in thread
From: Simon Glass @ 2018-05-15 16:04 UTC (permalink / raw)
To: u-boot
Hi Miquel,
On 15 May 2018 at 19:57, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
> Add the tpm2_tis_spi driver that should support any TPMv2 compliant
> (SPI) module.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> ---
> drivers/tpm/Kconfig | 10 +
> drivers/tpm/Makefile | 2 +
> drivers/tpm/tpm2_tis_spi.c | 664 +++++++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 676 insertions(+)
> create mode 100644 drivers/tpm/tpm2_tis_spi.c
>
Is there a change log for this patch?
Regards,
Simon
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 26/32] tpm: add the possibility to reset the chip with a gpio
2018-05-15 9:57 ` [U-Boot] [PATCH v4 26/32] tpm: add the possibility to reset the chip with a gpio Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-15 16:05 ` Simon Glass
2018-05-15 16:32 ` Miquel Raynal
1 sibling, 1 reply; 112+ messages in thread
From: Simon Glass @ 2018-05-15 16:05 UTC (permalink / raw)
To: u-boot
On 15 May 2018 at 19:57, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
> On some designs, the reset line could not be connected to the SoC reset
> line, in this case, request the GPIO and ensure the chip gets reset.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> ---
> drivers/tpm/tpm2_tis_spi.c | 17 +++++++++++++++++
> 1 file changed, 17 insertions(+)
Reviewed-by: Simon Glass <sjg@chromium.org>
Question below
>
> diff --git a/drivers/tpm/tpm2_tis_spi.c b/drivers/tpm/tpm2_tis_spi.c
> index 6a4d5284c9..1c7f8f3673 100644
> --- a/drivers/tpm/tpm2_tis_spi.c
> +++ b/drivers/tpm/tpm2_tis_spi.c
> @@ -24,6 +24,9 @@
> #include <linux/compiler.h>
> #include <linux/types.h>
> #include <linux/unaligned/be_byteshift.h>
> +#ifdef CONFIG_DM_GPIO
> +#include <asm-generic/gpio.h>
> +#endif
>
> #include "tpm_tis.h"
> #include "tpm_internal.h"
> @@ -574,6 +577,20 @@ static int tpm_tis_spi_probe(struct udevice *dev)
> struct tpm_chip_priv *priv = dev_get_uclass_priv(dev);
> struct tpm_chip *chip = dev_get_priv(dev);
> int ret;
> +#ifdef CONFIG_DM_GPIO
Can this use if (IS_ENABLED(CONFIG_DM_GPIO)) ?
It helps to improve build coverage.
> + struct gpio_desc reset_gpio;
> +
> + ret = gpio_request_by_name(dev, "gpio-reset", 0,
> + &reset_gpio, GPIOD_IS_OUT);
> + if (ret) {
> + log(LOGC_NONE, LOGL_NOTICE, "%s: missing reset GPIO\n",
> + __func__);
> + } else {
> + dm_gpio_set_value(&reset_gpio, 0);
> + mdelay(1);
> + dm_gpio_set_value(&reset_gpio, 1);
> + }
> +#endif
>
> /* Ensure a minimum amount of time elapsed since reset of the TPM */
> mdelay(drv_data->time_before_first_cmd_ms);
> --
> 2.14.1
>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 25/32] tpm: add support for TPMv2.x SPI modules
2018-05-15 16:04 ` Simon Glass
@ 2018-05-15 16:20 ` Miquel Raynal
2018-05-15 16:26 ` Simon Glass
0 siblings, 1 reply; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 16:20 UTC (permalink / raw)
To: u-boot
Hi Simon,
On Wed, 16 May 2018 02:04:58 +1000, Simon Glass <sjg@chromium.org>
wrote:
> Hi Miquel,
>
> On 15 May 2018 at 19:57, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
> > Add the tpm2_tis_spi driver that should support any TPMv2 compliant
> > (SPI) module.
> >
> > Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> > ---
> > drivers/tpm/Kconfig | 10 +
> > drivers/tpm/Makefile | 2 +
> > drivers/tpm/tpm2_tis_spi.c | 664 +++++++++++++++++++++++++++++++++++++++++++++
> > 3 files changed, 676 insertions(+)
> > create mode 100644 drivers/tpm/tpm2_tis_spi.c
> >
>
> Is there a change log for this patch?
Yes there is one in the cover letter but your are right it was not
clear enough what file I was talking about:
<snip>
> * Removed useless reset of rx_buf[0] in tpm_tis_spi_xfer().
> * Changed the way spi_xfer return code is checked: error out on any
> value != 0 instead of just negative ones.
> * Removed unused functions flagged __maybe_unused as well as well as the
> __maybe_unused flags themselves when not needed.
> * Simplified the validity check of the GPIO as suggested.
> * Updated the compatible property for the SPI modules (as well as the
> bindings docuementation) to be simply "tis,tpm2-spi" which should work
> with most compliant chips. Data is linked to this generic compatible
> in the TPM driver, other values may be added if needed in the future
> to fit other chips that would use different values than the current
> ones (used by Infineon SLB 9670 and ST ST33TPHF20 modules, for
> instance).
</snip>
Regards,
Miquèl
--
Miquel Raynal, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 25/32] tpm: add support for TPMv2.x SPI modules
2018-05-15 16:20 ` Miquel Raynal
@ 2018-05-15 16:26 ` Simon Glass
0 siblings, 0 replies; 112+ messages in thread
From: Simon Glass @ 2018-05-15 16:26 UTC (permalink / raw)
To: u-boot
On 16 May 2018 at 02:20, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
> Hi Simon,
>
> On Wed, 16 May 2018 02:04:58 +1000, Simon Glass <sjg@chromium.org>
> wrote:
>
>> Hi Miquel,
>>
>> On 15 May 2018 at 19:57, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
>> > Add the tpm2_tis_spi driver that should support any TPMv2 compliant
>> > (SPI) module.
>> >
>> > Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
>> > ---
>> > drivers/tpm/Kconfig | 10 +
>> > drivers/tpm/Makefile | 2 +
>> > drivers/tpm/tpm2_tis_spi.c | 664 +++++++++++++++++++++++++++++++++++++++++++++
>> > 3 files changed, 676 insertions(+)
>> > create mode 100644 drivers/tpm/tpm2_tis_spi.c
>> >
>>
>> Is there a change log for this patch?
>
> Yes there is one in the cover letter but your are right it was not
> clear enough what file I was talking about:
>
> <snip>
>> * Removed useless reset of rx_buf[0] in tpm_tis_spi_xfer().
>> * Changed the way spi_xfer return code is checked: error out on any
>> value != 0 instead of just negative ones.
>> * Removed unused functions flagged __maybe_unused as well as well as the
>> __maybe_unused flags themselves when not needed.
>> * Simplified the validity check of the GPIO as suggested.
>> * Updated the compatible property for the SPI modules (as well as the
>> bindings docuementation) to be simply "tis,tpm2-spi" which should work
>> with most compliant chips. Data is linked to this generic compatible
>> in the TPM driver, other values may be added if needed in the future
>> to fit other chips that would use different values than the current
>> ones (used by Infineon SLB 9670 and ST ST33TPHF20 modules, for
>> instance).
> </snip>
Thanks!
Reviewed-by: Simon Glass <sjg@chromium.org>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 26/32] tpm: add the possibility to reset the chip with a gpio
2018-05-15 16:05 ` Simon Glass
@ 2018-05-15 16:32 ` Miquel Raynal
2018-05-15 17:01 ` Tom Rini
0 siblings, 1 reply; 112+ messages in thread
From: Miquel Raynal @ 2018-05-15 16:32 UTC (permalink / raw)
To: u-boot
Simon, Tom,
On Wed, 16 May 2018 02:05:01 +1000, Simon Glass <sjg@chromium.org>
wrote:
> On 15 May 2018 at 19:57, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
> > On some designs, the reset line could not be connected to the SoC reset
> > line, in this case, request the GPIO and ensure the chip gets reset.
> >
> > Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> > ---
> > drivers/tpm/tpm2_tis_spi.c | 17 +++++++++++++++++
> > 1 file changed, 17 insertions(+)
>
> Reviewed-by: Simon Glass <sjg@chromium.org>
>
> Question below
>
> >
> > diff --git a/drivers/tpm/tpm2_tis_spi.c b/drivers/tpm/tpm2_tis_spi.c
> > index 6a4d5284c9..1c7f8f3673 100644
> > --- a/drivers/tpm/tpm2_tis_spi.c
> > +++ b/drivers/tpm/tpm2_tis_spi.c
> > @@ -24,6 +24,9 @@
> > #include <linux/compiler.h>
> > #include <linux/types.h>
> > #include <linux/unaligned/be_byteshift.h>
> > +#ifdef CONFIG_DM_GPIO
> > +#include <asm-generic/gpio.h>
> > +#endif
> >
> > #include "tpm_tis.h"
> > #include "tpm_internal.h"
> > @@ -574,6 +577,20 @@ static int tpm_tis_spi_probe(struct udevice *dev)
> > struct tpm_chip_priv *priv = dev_get_uclass_priv(dev);
> > struct tpm_chip *chip = dev_get_priv(dev);
> > int ret;
> > +#ifdef CONFIG_DM_GPIO
>
> Can this use if (IS_ENABLED(CONFIG_DM_GPIO)) ?
>
> It helps to improve build coverage.
>
Sure!
Tom, I guess the series needs the following changes:
- update the old license identifiers
- two occurrences of "#ifdef CONFIG_DM_GPIO" in this patch to be
replaced by "#if (IS_ENABLED(CONFIG_DM_GPIO))"
I can either repost a new iteration of the whole series/just this patch
or let you make the changes. Let me know what is best for you.
Thanks you very much, both of you, for your guidance.
Regards,
Miquèl
--
Miquel Raynal, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [PATCH v4 26/32] tpm: add the possibility to reset the chip with a gpio
2018-05-15 16:32 ` Miquel Raynal
@ 2018-05-15 17:01 ` Tom Rini
0 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-15 17:01 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 06:32:43PM +0200, Miquel Raynal wrote:
> Simon, Tom,
>
> On Wed, 16 May 2018 02:05:01 +1000, Simon Glass <sjg@chromium.org>
> wrote:
>
> > On 15 May 2018 at 19:57, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
> > > On some designs, the reset line could not be connected to the SoC reset
> > > line, in this case, request the GPIO and ensure the chip gets reset.
> > >
> > > Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> > > ---
> > > drivers/tpm/tpm2_tis_spi.c | 17 +++++++++++++++++
> > > 1 file changed, 17 insertions(+)
> >
> > Reviewed-by: Simon Glass <sjg@chromium.org>
> >
> > Question below
> >
> > >
> > > diff --git a/drivers/tpm/tpm2_tis_spi.c b/drivers/tpm/tpm2_tis_spi.c
> > > index 6a4d5284c9..1c7f8f3673 100644
> > > --- a/drivers/tpm/tpm2_tis_spi.c
> > > +++ b/drivers/tpm/tpm2_tis_spi.c
> > > @@ -24,6 +24,9 @@
> > > #include <linux/compiler.h>
> > > #include <linux/types.h>
> > > #include <linux/unaligned/be_byteshift.h>
> > > +#ifdef CONFIG_DM_GPIO
> > > +#include <asm-generic/gpio.h>
> > > +#endif
> > >
> > > #include "tpm_tis.h"
> > > #include "tpm_internal.h"
> > > @@ -574,6 +577,20 @@ static int tpm_tis_spi_probe(struct udevice *dev)
> > > struct tpm_chip_priv *priv = dev_get_uclass_priv(dev);
> > > struct tpm_chip *chip = dev_get_priv(dev);
> > > int ret;
> > > +#ifdef CONFIG_DM_GPIO
> >
> > Can this use if (IS_ENABLED(CONFIG_DM_GPIO)) ?
> >
> > It helps to improve build coverage.
> >
>
> Sure!
>
> Tom, I guess the series needs the following changes:
> - update the old license identifiers
> - two occurrences of "#ifdef CONFIG_DM_GPIO" in this patch to be
> replaced by "#if (IS_ENABLED(CONFIG_DM_GPIO))"
>
> I can either repost a new iteration of the whole series/just this patch
> or let you make the changes. Let me know what is best for you.
>
> Thanks you very much, both of you, for your guidance.
Just this patch is fine and thanks for iterating over it all!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180515/2306db9c/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot,v4,01/32] tpm: remove redundant blank line
2018-05-15 9:56 ` [U-Boot] [PATCH v4 01/32] tpm: remove redundant blank line Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:02 ` Simon Glass
@ 2018-05-26 15:53 ` Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:53 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:56:57AM +0200, Miquel Raynal wrote:
> Fix following checkpatch.pl issue in TPM-related code:
>
> CHECK: Please don't use multiple blank lines
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Tom Rini <trini@konsulko.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/2dafb32b/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 02/32] tpm: remove extra spaces between a function and its opening bracket
2018-05-15 9:56 ` [U-Boot] [PATCH v4 02/32] tpm: remove extra spaces between a function and its opening bracket Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:02 ` Simon Glass
@ 2018-05-26 15:53 ` Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:53 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:56:58AM +0200, Miquel Raynal wrote:
> Fix following checkpatch.pl issue in TPM-related code:
>
> WARNING: space prohibited between function name and open
> parenthesis '('
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Tom Rini <trini@konsulko.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/c0b1bae5/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 03/32] tpm: substitute deprecated uint<x>_t types with their u<x> equivalent
2018-05-15 9:56 ` [U-Boot] [PATCH v4 03/32] tpm: substitute deprecated uint<x>_t types with their u<x> equivalent Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:04 ` Simon Glass
@ 2018-05-26 15:54 ` Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:54 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:56:59AM +0200, Miquel Raynal wrote:
> Fix following checkpatch.pl issues in TPM-related code:
>
> CHECK: Prefer kernel type 'u8' over 'uint8_t'
> CHECK: Prefer kernel type 'u16' over 'uint16_t'
> CHECK: Prefer kernel type 'u32' over 'uint32_t'
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Tom Rini <trini@konsulko.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/9c2a6c7b/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 04/32] tpm: align arguments with open parenthesis
2018-05-15 9:57 ` [U-Boot] [PATCH v4 04/32] tpm: align arguments with open parenthesis Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:02 ` Simon Glass
@ 2018-05-26 15:54 ` Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:54 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:00AM +0200, Miquel Raynal wrote:
> Fix following checkpatch.pl issue in TPM-related code:
>
> CHECK: Alignment should match open parenthesis
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Tom Rini <trini@konsulko.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/732f55cb/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 05/32] tpm: use the BIT() macro where applicable
2018-05-15 9:57 ` [U-Boot] [PATCH v4 05/32] tpm: use the BIT() macro where applicable Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:03 ` Simon Glass
@ 2018-05-26 15:54 ` Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:54 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:01AM +0200, Miquel Raynal wrote:
> Fix following checkpatch.pl issue in TPM-related code:
>
> CHECK: Prefer using the BIT macro
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Tom Rini <trini@konsulko.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/04b4305a/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot,v4,06/32] tpm: fix spelling
2018-05-15 9:57 ` [U-Boot] [PATCH v4 06/32] tpm: fix spelling Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:03 ` Simon Glass
@ 2018-05-26 15:54 ` Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:54 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:02AM +0200, Miquel Raynal wrote:
> Fix following checkpatch.pl issues in TPM-related code:
>
> CHECK: '<x>' may be misspelled - perhaps '<y>'?
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Tom Rini <trini@konsulko.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/5684c5c9/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 07/32] tpm: add extra blank lines between declarations and code
2018-05-15 9:57 ` [U-Boot] [PATCH v4 07/32] tpm: add extra blank lines between declarations and code Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:04 ` Simon Glass
@ 2018-05-26 15:54 ` Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:54 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:03AM +0200, Miquel Raynal wrote:
> Fix following checkpatch.pl issue in TPM-related code:
>
> WARNING: Missing a blank line after declarations
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Tom Rini <trini@konsulko.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/8b656378/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 08/32] tpm: add Revision ID field in the chip structure
2018-05-15 9:57 ` [U-Boot] [PATCH v4 08/32] tpm: add Revision ID field in the chip structure Miquel Raynal
2018-05-15 15:58 ` Tom Rini
@ 2018-05-26 15:54 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:54 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:04AM +0200, Miquel Raynal wrote:
> TPM are shipped with a few read-only register from which we can retrieve
> for instance:
> - vendor ID
> - product ID
> - revision ID
>
> Product and vendor ID share the same register and are already referenced
> in the tpm_chip structure. Add the revision ID entry which is missing.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/14fb11d1/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 09/32] tpm: prepare introduction of TPMv2.x support in Kconfig
2018-05-15 9:57 ` [U-Boot] [PATCH v4 09/32] tpm: prepare introduction of TPMv2.x support in Kconfig Miquel Raynal
2018-05-15 15:58 ` Tom Rini
@ 2018-05-26 15:54 ` Tom Rini
2018-05-27 22:22 ` Miquel Raynal
1 sibling, 1 reply; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:54 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:05AM +0200, Miquel Raynal wrote:
> Because both major revisions are not compatible at all, let's make them
> mutually exclusive in Kconfig. This way we will be sure, when using a
> command or a library function that it is supported by the right
> revision.
>
> Current drivers are currently prefixed by "tpm_", we will prefix TPMv2.x
> files by "tpm2_" to make the distinction without moving everything.
>
> The Kconfig menu about TPM drivers is now divided into two sections, one
> for each specification. Compliant drivers with one specification will
> only show up if this specification _only_ has been selected, otherwise a
> comment is displayed.
>
> Once a driver is selected by the user, it selects automatically a
> boolean value, that is needed in order to activate the TPM commands.
> Selecting the TPM commands will automatically select the right
> command/library files.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
There was a thinko in here that I noticed when building for everything,
that I have fixed. Both TPM_V1 and TPM_V2 need to depend on TPM (which
comes from lib/Kconfig) otherwise we would start building TPMv1 support
for all platforms. I also ended up dropping out TPM_DRIVER_SELECTED and
instead making CMD_TPM depend on TPM_V1 || TPM_V2 as that ended up being
a cleaner way to deal with the gdsys boards with TPM but without a
dedicated driver exactly. With that fixed:
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/f572fb84/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 10/32] tpm: disociate TPMv1.x specific and generic code
2018-05-15 9:57 ` [U-Boot] [PATCH v4 10/32] tpm: disociate TPMv1.x specific and generic code Miquel Raynal
2018-05-15 15:58 ` Tom Rini
@ 2018-05-26 15:54 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:54 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:06AM +0200, Miquel Raynal wrote:
> There are no changes in this commit but a new organization of the code
> as follow.
>
> * cmd/ directory:
> > move existing code from cmd/tpm.c in cmd/tpm-common.c
> > move specific code in cmd/tpm-v1.c
> > create a specific header file with generic definitions for
> commands only called cmd/tpm-user-utils.h
>
> * lib/ directory:
> > move existing code from lib/tpm.c in lib/tpm-common.c
> > move specific code in lib/tpm-v1.c
> > create a specific header file with generic definitions for
> the library itself called lib/tpm-utils.h
>
> * include/ directory:
> > move existing code from include/tpm.h in include/tpm-common.h
> > move specific code in include/tpm-v1.h
>
> Code designated as 'common' is compiled if TPM are used. Code designated
> as 'specific' is compiled only if the right specification has been
> selected.
>
> All files include tpm-common.h.
> Files in cmd/ include tpm-user-utils.h.
> Files in lib/ include tpm-utils.h.
> Depending on the specification, files may include either (not both)
> tpm-v1.h or tpm-v2.h.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/a08eb103/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 11/32] tpm: add missing parameter in private data structure description
2018-05-15 9:57 ` [U-Boot] [PATCH v4 11/32] tpm: add missing parameter in private data structure description Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:04 ` Simon Glass
@ 2018-05-26 15:54 ` Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:54 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:07AM +0200, Miquel Raynal wrote:
> Both parameters 'duration_ms' and 'retry_time_ms' of the tpm_chip_priv
> structure are documented is the comment above the declaration but 'buf'
> was forgotten. Add the missing description.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Tom Rini <trini@konsulko.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/62a31448/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 12/32] tpm: prepare support for TPMv2.x commands
2018-05-15 9:57 ` [U-Boot] [PATCH v4 12/32] tpm: prepare support for TPMv2.x commands Miquel Raynal
2018-05-15 15:58 ` Tom Rini
@ 2018-05-26 15:54 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:54 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:08AM +0200, Miquel Raynal wrote:
> Choice between v1 and v2 compliant functions is done with the
> configuration.
>
> Create the various files that will receive TPMv2-only code on the same
> scheme as for the TPMv1 code.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/adc4d1d6/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 13/32] tpm: add macros to enhance TPM commands readability
2018-05-15 9:57 ` [U-Boot] [PATCH v4 13/32] tpm: add macros to enhance TPM commands readability Miquel Raynal
2018-05-15 15:59 ` Tom Rini
@ 2018-05-26 15:54 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:54 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:09AM +0200, Miquel Raynal wrote:
> TPM commands are much easier to read/write with these macros that will
> transform words or integers into byte strings. This way, there is no
> need to call pack_byte_string() while all variable length in a command
> are known (and at must 4 bytes, which is a lot of them).
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/ad32032c/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 14/32] tpm: add possible traces to analyze buffers returned by the TPM
2018-05-15 9:57 ` [U-Boot] [PATCH v4 14/32] tpm: add possible traces to analyze buffers returned by the TPM Miquel Raynal
2018-05-15 15:59 ` Tom Rini
@ 2018-05-26 15:54 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:54 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:10AM +0200, Miquel Raynal wrote:
> When debugging, it is welcome to get more information about what the TPM
> returns. Add the possibility to print the packets received to show their
> exact content.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/ae4a9cc2/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 15/32] tpm: report driver error code to upper layer
2018-05-15 9:57 ` [U-Boot] [PATCH v4 15/32] tpm: report driver error code to upper layer Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-26 15:54 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:54 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:11AM +0200, Miquel Raynal wrote:
> Instead of returning a generic 'library' error, report back the actual
> error code so it can be displayed to the user by the regular error path.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/436cf742/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 16/32] tpm: add TPM2_Startup command support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 16/32] tpm: add TPM2_Startup command support Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-26 15:55 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:55 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:12AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_Startup command.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/0c383094/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 17/32] tpm: add TPM2_SelfTest command support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 17/32] tpm: add TPM2_SelfTest " Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-26 15:55 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:55 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:13AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_Selftest command.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/1611aae3/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot,v4,18/32] tpm: add TPM2_Clear command support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 18/32] tpm: add TPM2_Clear " Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-26 15:55 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:55 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:14AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_Clear command.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/3b65edf0/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 19/32] tpm: add TPM2_PCR_Extend command support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 19/32] tpm: add TPM2_PCR_Extend " Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-26 15:55 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:55 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:15AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_PCR_Extend command.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/58031f5b/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 20/32] tpm: add TPM2_PCR_Read command support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 20/32] tpm: add TPM2_PCR_Read " Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-26 15:55 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:55 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:16AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_PCR_Read command.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/a27f223a/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 21/32] tpm: add TPM2_GetCapability command support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 21/32] tpm: add TPM2_GetCapability " Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-26 15:55 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:55 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:17AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_GetCapability command.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/7504fe57/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 22/32] tpm: add dictionary attack mitigation commands support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 22/32] tpm: add dictionary attack mitigation commands support Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-26 15:55 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:55 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:18AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_DictionaryAttackParameters and
> TPM2_DictionaryAttackLockReset commands.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/6028ba8d/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 23/32] tpm: add TPM2_HierarchyChangeAuth command support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 23/32] tpm: add TPM2_HierarchyChangeAuth command support Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-26 15:55 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:55 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:19AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_HierarchyChangeAuth command.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/d63c9804/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 24/32] tpm: add PCR authentication commands support
2018-05-15 9:57 ` [U-Boot] [PATCH v4 24/32] tpm: add PCR authentication commands support Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-26 15:55 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:55 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:20AM +0200, Miquel Raynal wrote:
> Add support for the TPM2_PCR_SetAuthPolicy and
> TPM2_PCR_SetAuthValue commands.
>
> Change the command file and the help accordingly.
>
> Note: These commands could not be tested because the TPMs available
> do not support them, however they could be useful for someone else.
> The user is warned by the command help.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/d77b525a/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 25/32] tpm: add support for TPMv2.x SPI modules
2018-05-15 9:57 ` [U-Boot] [PATCH v4 25/32] tpm: add support for TPMv2.x SPI modules Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-15 16:04 ` Simon Glass
@ 2018-05-26 15:55 ` Tom Rini
2 siblings, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:55 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:21AM +0200, Miquel Raynal wrote:
> Add the tpm2_tis_spi driver that should support any TPMv2 compliant
> (SPI) module.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Tom Rini <trini@konsulko.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/2a23e61a/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 27/32] doc: device-tree-bindings: add TIS TPMv2.0 SPI module info
2018-05-15 9:57 ` [U-Boot] [PATCH v4 27/32] doc: device-tree-bindings: add TIS TPMv2.0 SPI module info Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-26 15:55 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:55 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:23AM +0200, Miquel Raynal wrote:
> Add TIS TPMv2.0 SPI module bindings.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/536557f7/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot,v4,28/32] test/py: add TPMv2.x test suite
2018-05-15 9:57 ` [U-Boot] [PATCH v4 28/32] test/py: add TPMv2.x test suite Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-26 15:55 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:55 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:24AM +0200, Miquel Raynal wrote:
> Add tests for the TPMv2.x commands.
> These commands may run both on a physical TPM and with the sandbox
> driver.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/324337de/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot,v4,29/32] tpm: add a Sandbox TPMv2.x driver
2018-05-15 9:57 ` [U-Boot] [PATCH v4 29/32] tpm: add a Sandbox TPMv2.x driver Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-26 15:55 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:55 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:25AM +0200, Miquel Raynal wrote:
> This driver can emulate all the basic functionalities of a TPMv2.x
> chip and should behave like them during regular testing.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/f4af022b/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 30/32] doc: device-tree-bindings: add Sandbox TPMv2.0 module info
2018-05-15 9:57 ` [U-Boot] [PATCH v4 30/32] doc: device-tree-bindings: add Sandbox TPMv2.0 module info Miquel Raynal
2018-05-15 16:00 ` Tom Rini
@ 2018-05-26 15:56 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:56 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:26AM +0200, Miquel Raynal wrote:
> Add Sandbox TPMv2.0 module bindings.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/e4485aea/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 31/32] sandbox: dts: add Sandbox TPMv2.x node
2018-05-15 9:57 ` [U-Boot] [PATCH v4 31/32] sandbox: dts: add Sandbox TPMv2.x node Miquel Raynal
2018-05-15 16:01 ` Tom Rini
@ 2018-05-26 15:56 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:56 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:27AM +0200, Miquel Raynal wrote:
> This node declares the presence of the Sandbox TPMv2.x emulated chip,
> available for testing.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/fe4a7e5e/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 32/32] configs: add TPMv2.x support in Sandbox
2018-05-15 9:57 ` [U-Boot] [PATCH v4 32/32] configs: add TPMv2.x support in Sandbox Miquel Raynal
2018-05-15 16:01 ` Tom Rini
@ 2018-05-26 15:56 ` Tom Rini
1 sibling, 0 replies; 112+ messages in thread
From: Tom Rini @ 2018-05-26 15:56 UTC (permalink / raw)
To: u-boot
On Tue, May 15, 2018 at 11:57:28AM +0200, Miquel Raynal wrote:
> Enable the Sandbox TPMv2 driver in all possible configurations.
>
> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180526/e2d47465/attachment.sig>
^ permalink raw reply [flat|nested] 112+ messages in thread
* [U-Boot] [U-Boot, v4, 09/32] tpm: prepare introduction of TPMv2.x support in Kconfig
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
@ 2018-05-27 22:22 ` Miquel Raynal
0 siblings, 0 replies; 112+ messages in thread
From: Miquel Raynal @ 2018-05-27 22:22 UTC (permalink / raw)
To: u-boot
Hi Tom,
On Sat, 26 May 2018 11:54:29 -0400, Tom Rini <trini@konsulko.com> wrote:
> On Tue, May 15, 2018 at 11:57:05AM +0200, Miquel Raynal wrote:
>
> > Because both major revisions are not compatible at all, let's make them
> > mutually exclusive in Kconfig. This way we will be sure, when using a
> > command or a library function that it is supported by the right
> > revision.
> >
> > Current drivers are currently prefixed by "tpm_", we will prefix TPMv2.x
> > files by "tpm2_" to make the distinction without moving everything.
> >
> > The Kconfig menu about TPM drivers is now divided into two sections, one
> > for each specification. Compliant drivers with one specification will
> > only show up if this specification _only_ has been selected, otherwise a
> > comment is displayed.
> >
> > Once a driver is selected by the user, it selects automatically a
> > boolean value, that is needed in order to activate the TPM commands.
> > Selecting the TPM commands will automatically select the right
> > command/library files.
> >
> > Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
> > Reviewed-by: Simon Glass <sjg@chromium.org>
> > Reviewed-by: Tom Rini <trini@konsulko.com>
>
> There was a thinko in here that I noticed when building for everything,
> that I have fixed. Both TPM_V1 and TPM_V2 need to depend on TPM (which
> comes from lib/Kconfig) otherwise we would start building TPMv1 support
> for all platforms. I also ended up dropping out TPM_DRIVER_SELECTED and
> instead making CMD_TPM depend on TPM_V1 || TPM_V2 as that ended up being
> a cleaner way to deal with the gdsys boards with TPM but without a
> dedicated driver exactly. With that fixed:
>
> Applied to u-boot/master, thanks!
>
Ok, thanks for the update.
Nice to see all that series merged!
Regards,
Miquèl
^ permalink raw reply [flat|nested] 112+ messages in thread
end of thread, other threads:[~2018-05-27 22:22 UTC | newest]
Thread overview: 112+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-05-15 9:56 [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Miquel Raynal
2018-05-15 9:56 ` [U-Boot] [PATCH v4 01/32] tpm: remove redundant blank line Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:02 ` Simon Glass
2018-05-26 15:53 ` [U-Boot] [U-Boot,v4,01/32] " Tom Rini
2018-05-15 9:56 ` [U-Boot] [PATCH v4 02/32] tpm: remove extra spaces between a function and its opening bracket Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:02 ` Simon Glass
2018-05-26 15:53 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:56 ` [U-Boot] [PATCH v4 03/32] tpm: substitute deprecated uint<x>_t types with their u<x> equivalent Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:04 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 04/32] tpm: align arguments with open parenthesis Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:02 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 05/32] tpm: use the BIT() macro where applicable Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:03 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 06/32] tpm: fix spelling Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:03 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot,v4,06/32] " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 07/32] tpm: add extra blank lines between declarations and code Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:04 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 08/32] tpm: add Revision ID field in the chip structure Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 09/32] tpm: prepare introduction of TPMv2.x support in Kconfig Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-27 22:22 ` Miquel Raynal
2018-05-15 9:57 ` [U-Boot] [PATCH v4 10/32] tpm: disociate TPMv1.x specific and generic code Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 11/32] tpm: add missing parameter in private data structure description Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-15 16:04 ` Simon Glass
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 12/32] tpm: prepare support for TPMv2.x commands Miquel Raynal
2018-05-15 15:58 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 13/32] tpm: add macros to enhance TPM commands readability Miquel Raynal
2018-05-15 15:59 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 14/32] tpm: add possible traces to analyze buffers returned by the TPM Miquel Raynal
2018-05-15 15:59 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 15/32] tpm: report driver error code to upper layer Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:54 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 16/32] tpm: add TPM2_Startup command support Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 17/32] tpm: add TPM2_SelfTest " Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 18/32] tpm: add TPM2_Clear " Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot,v4,18/32] " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 19/32] tpm: add TPM2_PCR_Extend " Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 20/32] tpm: add TPM2_PCR_Read " Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 21/32] tpm: add TPM2_GetCapability " Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 22/32] tpm: add dictionary attack mitigation commands support Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 23/32] tpm: add TPM2_HierarchyChangeAuth command support Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 24/32] tpm: add PCR authentication commands support Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 25/32] tpm: add support for TPMv2.x SPI modules Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-15 16:04 ` Simon Glass
2018-05-15 16:20 ` Miquel Raynal
2018-05-15 16:26 ` Simon Glass
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 26/32] tpm: add the possibility to reset the chip with a gpio Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-15 16:05 ` Simon Glass
2018-05-15 16:32 ` Miquel Raynal
2018-05-15 17:01 ` Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 27/32] doc: device-tree-bindings: add TIS TPMv2.0 SPI module info Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 28/32] test/py: add TPMv2.x test suite Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot,v4,28/32] " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 29/32] tpm: add a Sandbox TPMv2.x driver Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:55 ` [U-Boot] [U-Boot,v4,29/32] " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 30/32] doc: device-tree-bindings: add Sandbox TPMv2.0 module info Miquel Raynal
2018-05-15 16:00 ` Tom Rini
2018-05-26 15:56 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 31/32] sandbox: dts: add Sandbox TPMv2.x node Miquel Raynal
2018-05-15 16:01 ` Tom Rini
2018-05-26 15:56 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 9:57 ` [U-Boot] [PATCH v4 32/32] configs: add TPMv2.x support in Sandbox Miquel Raynal
2018-05-15 16:01 ` Tom Rini
2018-05-26 15:56 ` [U-Boot] [U-Boot, v4, " Tom Rini
2018-05-15 16:01 ` [U-Boot] [PATCH v4 00/32] Introduce TPMv2.0 support Tom Rini
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.