All of lore.kernel.org
 help / color / mirror / Atom feed
From: Simon Glass <sjg@chromium.org>
To: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: U-Boot Mailing List <u-boot@lists.denx.de>,
	Heinrich Schuchardt <xypron.glpk@gmx.de>,
	 Masahisa Kojima <masahisa.kojima@linaro.org>,
	Ruchika Gupta <ruchika.gupta@linaro.org>
Subject: Re: [PATCH v2 6/7] tpm: Implement state command for Cr50
Date: Wed, 17 Aug 2022 12:53:48 -0600	[thread overview]
Message-ID: <CAPnjgZ3y2rV18jkFRV2PPza-uW3EJnT-tS3X8XUqBQFAH-=3RA@mail.gmail.com> (raw)
In-Reply-To: <CAC_iWj+XJNOb_Fhfgyq5FPjTeN8ATkfhAg+9_0kkA1McEretsA@mail.gmail.com>

Hi Ilias,

On Tue, 16 Aug 2022 at 06:43, Ilias Apalodimas
<ilias.apalodimas@linaro.org> wrote:
>
> Hi Simon,
>
> I know little of this device and the whole patch seems fine apart from
> the definitions and declarations of the state functions.
>
>
> On Sat, 13 Aug 2022 at 22:56, Simon Glass <sjg@chromium.org> wrote:
> >
>
> >
> >  drivers/tpm/cr50_i2c.c | 117 +++++++++++++++++++++++++++++++++++++++++
> >  include/tpm-v2.h       |  54 +++++++++++++++++++
> >  lib/tpm-v2.c           |  24 +++++++++
>
> [...]
>
> > diff --git a/include/tpm-v2.h b/include/tpm-v2.h
> > index e79c90b9395..8e90a616220 100644
> > --- a/include/tpm-v2.h
> > +++ b/include/tpm-v2.h
> > @@ -419,6 +419,50 @@ enum {
> >         HR_NV_INDEX             = TPM_HT_NV_INDEX << HR_SHIFT,
> >  };
> >
> > +/*
> > + * Operations specific to the Cr50 TPM used on Chromium OS and Android devices
> > + *
> > + * FIXME: below is not enough to differentiate between vendors commands
> > + * of numerous devices. However, the current tpm2 APIs aren't very amenable
> > + * to extending generically because the marshaling code is assuming all
> > + * knowledge of all commands.
> > + */
> > +#define TPM2_CC_VENDOR_BIT_MASK                        0x20000000
> > +
> > +#define TPM2_CR50_VENDOR_COMMAND               (TPM2_CC_VENDOR_BIT_MASK | 0)
> > +#define TPM2_CR50_SUB_CMD_IMMEDIATE_RESET      19
> > +#define TPM2_CR50_SUB_CMD_NVMEM_ENABLE_COMMITS 21
> > +#define TPM2_CR50_SUB_CMD_REPORT_TPM_STATE     23
> > +#define TPM2_CR50_SUB_CMD_TURN_UPDATE_ON       24
> > +#define TPM2_CR50_SUB_CMD_GET_REC_BTN          29
> > +#define TPM2_CR50_SUB_CMD_TPM_MODE             40
> > +#define TPM2_CR50_SUB_CMD_GET_BOOT_MODE                52
> > +#define TPM2_CR50_SUB_CMD_RESET_EC             53
> > +
> > +/* Cr50 vendor-specific error codes. */
> > +#define VENDOR_RC_ERR              0x00000500
> > +enum cr50_vendor_rc {
> > +       VENDOR_RC_INTERNAL_ERROR        = (VENDOR_RC_ERR | 6),
> > +       VENDOR_RC_NO_SUCH_SUBCOMMAND    = (VENDOR_RC_ERR | 8),
> > +       VENDOR_RC_NO_SUCH_COMMAND       = (VENDOR_RC_ERR | 127),
> > +};
> > +
> > +enum cr50_tpm_mode {
> > +       /*
> > +        * Default state: TPM is enabled, and may be set to either
> > +        * TPM_MODE_ENABLED or TPM_MODE_DISABLED.
> > +        */
> > +       TPM_MODE_ENABLED_TENTATIVE = 0,
> > +
> > +       /* TPM is enabled, and mode may not be changed. */
> > +       TPM_MODE_ENABLED = 1,
> > +
> > +       /* TPM is disabled, and mode may not be changed. */
> > +       TPM_MODE_DISABLED = 2,
> > +
> > +       TPM_MODE_INVALID,
> > +};
> > +
> >  /**
> >   * Issue a TPM2_Startup command.
> >   *
> > @@ -658,4 +702,14 @@ u32 tpm2_disable_platform_hierarchy(struct udevice *dev);
> >  u32 tpm2_submit_command(struct udevice *dev, const u8 *sendbuf,
> >                         u8 *recvbuf, size_t *recv_size);
> >
> > +/**
> > + * tpm_cr50_report_state() - Report the Cr50 internal state
> > + *
> > + * @dev:       TPM device
> > + * @recvbuf:   Buffer to save the response to
> > + * @recv_size: Pointer to the size of the response buffer
> > + * Return: result of the operation
> > + */
> > +u32 tpm2_cr50_report_state(struct udevice *dev, u8 *recvbuf, size_t *recv_size);
> > +
>
> I think we should keep the generic include files clean for hardware
> specific details.
>
> >  #endif /* __TPM_V2_H */
> > diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
> > index 3e240bb4c67..3de4841974a 100644
> > --- a/lib/tpm-v2.c
> > +++ b/lib/tpm-v2.c
> > @@ -679,3 +679,27 @@ u32 tpm2_submit_command(struct udevice *dev, const u8 *sendbuf,
> >  {
> >         return tpm_sendrecv_command(dev, sendbuf, recvbuf, recv_size);
> >  }
> > +
> > +u32 tpm2_cr50_report_state(struct udevice *dev, u8 *recvbuf, size_t *recv_size)
> > +{
> > +       u8 command_v2[COMMAND_BUFFER_SIZE] = {
> > +               /* header 10 bytes */
> > +               tpm_u16(TPM2_ST_NO_SESSIONS),           /* TAG */
> > +               tpm_u32(10 + 2),                        /* Length */
> > +               tpm_u32(TPM2_CR50_VENDOR_COMMAND),      /* Command code */
> > +
> > +               tpm_u16(TPM2_CR50_SUB_CMD_REPORT_TPM_STATE),
> > +       };
> > +       int ret;
> > +
> > +       ret = tpm_sendrecv_command(dev, command_v2, recvbuf, recv_size);
> > +       log_debug("ret=%s, %x\n", dev->name, ret);
> > +       if (ret)
> > +               return ret;
> > +       if (*recv_size < 12)
> > +               return -ENODATA;
> > +       *recv_size -= 12;
> > +       memcpy(recvbuf, recvbuf + 12, *recv_size);
> > +
> > +       return 0;
> > +}
>
> Same here, this functions seems ok but shouldn't land in the generic TPM API

So shall I create a new tpm_cr50.h header file? What about the C file?

>
> Thanks
> /Ilias
> > --
> > 2.37.1.595.g718a3a8f04-goog
> >

Regards,
Simon

  reply	other threads:[~2022-08-17 18:54 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-08-13 19:56 [PATCH v2 0/7] tpm: Various minor fixes and enhancements Simon Glass
2022-08-13 19:56 ` [PATCH v2 1/7] tpm: Require a digest source when extending the PCR Simon Glass
2022-08-14  5:42   ` Heinrich Schuchardt
2022-08-13 19:56 ` [PATCH v2 2/7] tpm: Correct the permissions command in TPMv1 Simon Glass
2022-08-16 13:58   ` Ilias Apalodimas
2022-08-17 18:53     ` Simon Glass
2022-08-13 19:56 ` [PATCH v2 3/7] tpm: Correct the define-space command in TPMv2 Simon Glass
2022-08-13 19:56 ` [PATCH v2 4/7] tpm: sandbox: Allow init of TPM in a different phase Simon Glass
2022-08-13 19:56 ` [PATCH v2 5/7] tpm: Allow reporting the internal state Simon Glass
2022-08-13 19:56 ` [PATCH v2 6/7] tpm: Implement state command for Cr50 Simon Glass
2022-08-16 12:43   ` Ilias Apalodimas
2022-08-17 18:53     ` Simon Glass [this message]
2022-08-18  7:29       ` Ilias Apalodimas
2022-08-19 13:46         ` Simon Glass
2022-08-22  6:00           ` Ilias Apalodimas
2022-08-22 16:39             ` Simon Glass
2022-08-13 19:56 ` [PATCH v2 7/7] tpm: Allow committing non-volatile data Simon Glass
2022-08-16 13:09   ` Ilias Apalodimas

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAPnjgZ3y2rV18jkFRV2PPza-uW3EJnT-tS3X8XUqBQFAH-=3RA@mail.gmail.com' \
    --to=sjg@chromium.org \
    --cc=ilias.apalodimas@linaro.org \
    --cc=masahisa.kojima@linaro.org \
    --cc=ruchika.gupta@linaro.org \
    --cc=u-boot@lists.denx.de \
    --cc=xypron.glpk@gmx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.