All of lore.kernel.org
 help / color / mirror / Atom feed
From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Simon Glass <sjg@chromium.org>
Cc: U-Boot Mailing List <u-boot@lists.denx.de>,
	Heinrich Schuchardt <xypron.glpk@gmx.de>,
	 Masahisa Kojima <masahisa.kojima@linaro.org>,
	Ruchika Gupta <ruchika.gupta@linaro.org>
Subject: Re: [PATCH v2 7/7] tpm: Allow committing non-volatile data
Date: Tue, 16 Aug 2022 16:09:33 +0300	[thread overview]
Message-ID: <CAC_iWj+Pj3x45O8ymr4rAs6ZyB6mjP2qJ24ctkUAg7kUO665rg@mail.gmail.com> (raw)
In-Reply-To: <20220813195639.1824765-8-sjg@chromium.org>

Hi Simon,

On Sat, 13 Aug 2022 at 22:56, Simon Glass <sjg@chromium.org> wrote:
>
> Add an option to tell the TPM to commit non-volatile data immediately it
> is changed, rather than waiting until later. This is needed in some
> situations, since if the device reboots it may not write the data.

Similar to the previous patch, I think this is fine, but the functions
don't belong to the generic TPM API

Regards
/Ilias
>
> Add definitions for the rest of the Cr50 commands while we are here.
>
> Signed-off-by: Simon Glass <sjg@chromium.org>
> ---
>
> (no changes since v1)
>
>  include/tpm-v2.h | 14 ++++++++++++++
>  lib/tpm-v2.c     | 20 ++++++++++++++++++++
>  2 files changed, 34 insertions(+)
>
> diff --git a/include/tpm-v2.h b/include/tpm-v2.h
> index 8e90a616220..0a03994740d 100644
> --- a/include/tpm-v2.h
> +++ b/include/tpm-v2.h
> @@ -712,4 +712,18 @@ u32 tpm2_submit_command(struct udevice *dev, const u8 *sendbuf,
>   */
>  u32 tpm2_cr50_report_state(struct udevice *dev, u8 *recvbuf, size_t *recv_size);
>
> +/*
> + * tpm2_cr50_enable_nvcommits() - Tell Cr50 to commit NV data immediately
> + *
> + * For Chromium OS verified boot, we may reboot or reset at different times,
> + * possibly leaving non-volatile data unwritten by the TPM.
> + *
> + * This vendor command is used to indicate that non-volatile data should be
> + * written to its store immediately.
> + *
> + * @dev                TPM device
> + * Return: result of the operation
> + */
> +u32 tpm2_cr50_enable_nvcommits(struct udevice *dev);
> +
>  #endif /* __TPM_V2_H */
> diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
> index 3de4841974a..d68c311651b 100644
> --- a/lib/tpm-v2.c
> +++ b/lib/tpm-v2.c
> @@ -703,3 +703,23 @@ u32 tpm2_cr50_report_state(struct udevice *dev, u8 *recvbuf, size_t *recv_size)
>
>         return 0;
>  }
> +
> +u32 tpm2_cr50_enable_nvcommits(struct udevice *dev)
> +{
> +       u8 command_v2[COMMAND_BUFFER_SIZE] = {
> +               /* header 10 bytes */
> +               tpm_u16(TPM2_ST_NO_SESSIONS),           /* TAG */
> +               tpm_u32(10 + 2),                        /* Length */
> +               tpm_u32(TPM2_CR50_VENDOR_COMMAND),      /* Command code */
> +
> +               tpm_u16(TPM2_CR50_SUB_CMD_NVMEM_ENABLE_COMMITS),
> +       };
> +       int ret;
> +
> +       ret = tpm_sendrecv_command(dev, command_v2, NULL, NULL);
> +       log_debug("ret=%s, %x\n", dev->name, ret);
> +       if (ret)
> +               return ret;
> +
> +       return 0;
> +}
> --
> 2.37.1.595.g718a3a8f04-goog
>

      reply	other threads:[~2022-08-16 13:10 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-08-13 19:56 [PATCH v2 0/7] tpm: Various minor fixes and enhancements Simon Glass
2022-08-13 19:56 ` [PATCH v2 1/7] tpm: Require a digest source when extending the PCR Simon Glass
2022-08-14  5:42   ` Heinrich Schuchardt
2022-08-13 19:56 ` [PATCH v2 2/7] tpm: Correct the permissions command in TPMv1 Simon Glass
2022-08-16 13:58   ` Ilias Apalodimas
2022-08-17 18:53     ` Simon Glass
2022-08-13 19:56 ` [PATCH v2 3/7] tpm: Correct the define-space command in TPMv2 Simon Glass
2022-08-13 19:56 ` [PATCH v2 4/7] tpm: sandbox: Allow init of TPM in a different phase Simon Glass
2022-08-13 19:56 ` [PATCH v2 5/7] tpm: Allow reporting the internal state Simon Glass
2022-08-13 19:56 ` [PATCH v2 6/7] tpm: Implement state command for Cr50 Simon Glass
2022-08-16 12:43   ` Ilias Apalodimas
2022-08-17 18:53     ` Simon Glass
2022-08-18  7:29       ` Ilias Apalodimas
2022-08-19 13:46         ` Simon Glass
2022-08-22  6:00           ` Ilias Apalodimas
2022-08-22 16:39             ` Simon Glass
2022-08-13 19:56 ` [PATCH v2 7/7] tpm: Allow committing non-volatile data Simon Glass
2022-08-16 13:09   ` Ilias Apalodimas [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAC_iWj+Pj3x45O8ymr4rAs6ZyB6mjP2qJ24ctkUAg7kUO665rg@mail.gmail.com \
    --to=ilias.apalodimas@linaro.org \
    --cc=masahisa.kojima@linaro.org \
    --cc=ruchika.gupta@linaro.org \
    --cc=sjg@chromium.org \
    --cc=u-boot@lists.denx.de \
    --cc=xypron.glpk@gmx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.