From patchwork Thu Mar 8 15:40:18 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 883199 X-Patchwork-Delegate: sjg@chromium.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 3zxw0v2vQ1z9shn for ; Fri, 9 Mar 2018 02:49:03 +1100 (AEDT) Received: by lists.denx.de (Postfix, from userid 105) id 27777C21F99; Thu, 8 Mar 2018 15:46:05 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 61E9FC21FFB; Thu, 8 Mar 2018 15:41:21 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 7FE50C21FBF; Thu, 8 Mar 2018 15:40:56 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 6E36BC21F21 for ; Thu, 8 Mar 2018 15:40:49 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id D2C2520732; Thu, 8 Mar 2018 16:40:47 +0100 (CET) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id D05FC2087E; Thu, 8 Mar 2018 16:40:28 +0100 (CET) From: Miquel Raynal To: u-boot@lists.denx.de Date: Thu, 8 Mar 2018 16:40:18 +0100 Message-Id: <20180308154021.25255-16-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180308154021.25255-1-miquel.raynal@bootlin.com> References: <20180308154021.25255-1-miquel.raynal@bootlin.com> Subject: [U-Boot] [PATCH 15/18] tpm: add TPM2_GetCapability command support X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add support for the TPM2_GetCapability command. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal --- cmd/tpm.c | 31 ++++++++++++++++++++----------- include/tpm.h | 14 +++++++------- lib/tpm.c | 39 +++++++++++++++++++++++++++++++++++++-- 3 files changed, 64 insertions(+), 20 deletions(-) diff --git a/cmd/tpm.c b/cmd/tpm.c index 8630571b1a..7fcfbf8550 100644 --- a/cmd/tpm.c +++ b/cmd/tpm.c @@ -433,21 +433,30 @@ static int do_tpm_physical_set_deactivated(cmd_tbl_t *cmdtp, int flag, static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint32_t cap_area, sub_cap, rc; - void *cap; + u32 capability, property, rc; + u8 *data; size_t count; + int i, j; if (argc != 5) return CMD_RET_USAGE; - cap_area = simple_strtoul(argv[1], NULL, 0); - sub_cap = simple_strtoul(argv[2], NULL, 0); - cap = (void *)simple_strtoul(argv[3], NULL, 0); + capability = simple_strtoul(argv[1], NULL, 0); + property = simple_strtoul(argv[2], NULL, 0); + data = (void *)simple_strtoul(argv[3], NULL, 0); count = simple_strtoul(argv[4], NULL, 0); - rc = tpm_get_capability(cap_area, sub_cap, cap, count); + rc = tpm_get_capability(capability, property, data, count); if (!rc) { - puts("capability information:\n"); - print_byte_string(cap, count); + printf("Capabilities read from TPM:\n"); + for (i = 0; i < count; i++) { + printf("Property 0x"); + for (j = 0; j < 4; j++) + printf("%02x", data[(i * 8) + j]); + printf(": 0x"); + for (j = 4; j < 8; j++) + printf("%02x", data[(i * 8) + j]); + printf("\n"); + } } return report_return_code(rc); @@ -998,9 +1007,9 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, " tsc_physical_presence flags\n" " - Set TPM device's Physical Presence flags to .\n" "The Capability Commands:\n" -" get_capability cap_area sub_cap addr count\n" -" - Read bytes of TPM capability indexed by and\n" -" to memory address .\n" +" get_capability \n" +" - Read bytes of TPM capability indexed by \n" +" and to memory address .\n" #if defined(CONFIG_TPM_FLUSH_RESOURCES) || defined(CONFIG_TPM_LIST_RESOURCES) "Resource management functions\n" #endif diff --git a/include/tpm.h b/include/tpm.h index 2df2ea3c5b..369119fc1b 100644 --- a/include/tpm.h +++ b/include/tpm.h @@ -628,17 +628,17 @@ uint32_t tpm_physical_set_deactivated(uint8_t state); /** * Issue a TPM_GetCapability command. This implementation is limited - * to query sub_cap index that is 4-byte wide. + * to query property index that is 4-byte wide. * - * @param cap_area partition of capabilities - * @param sub_cap further definition of capability, which is + * @param capability partition of capabilities + * @param property further definition of capability, which is * limited to be 4-byte wide - * @param cap output buffer for capability information - * @param count size of ouput buffer + * @param buf output buffer for capability information + * @param propertycount size of output buffer * @return return code of the operation */ -uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap, - void *cap, size_t count); +int tpm_get_capability(u32 capability, u32 property, void *buf, + size_t property_count); /** * Issue a TPM_FlushSpecific command for a AUTH ressource. diff --git a/lib/tpm.c b/lib/tpm.c index 925b21e2d6..59f6cd6dba 100644 --- a/lib/tpm.c +++ b/lib/tpm.c @@ -789,8 +789,7 @@ uint32_t tpm_physical_set_deactivated(uint8_t state) return tpm_sendrecv_command(buf, NULL, NULL); } -uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap, - void *cap, size_t count) +int tpm1_get_capability(u32 cap_area, u32 sub_cap, void *cap, size_t count) { const uint8_t command[22] = { 0x0, 0xc1, /* TPM_TAG */ @@ -829,6 +828,42 @@ uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap, return 0; } +int tpm2_get_capability(u32 capability, u32 property, void *buf, + size_t property_count) +{ + u8 command_v2[COMMAND_BUFFER_SIZE] = { + STRINGIFY16(TPM2_ST_NO_SESSIONS), /* TAG */ + STRINGIFY32(22), /* Command size */ + STRINGIFY32(TPM2_CC_GET_CAPABILITY), /* Command code */ + + STRINGIFY32(capability), /* Capability */ + STRINGIFY32(property), /* Property */ + STRINGIFY32(property_count), /* Property count */ + }; + u8 response[COMMAND_BUFFER_SIZE]; + size_t response_len = COMMAND_BUFFER_SIZE; + int ret; + + ret = tpm_sendrecv_command(command_v2, response, &response_len); + if (ret) + return ret; + + memcpy(buf, &response[19], response_len - 19); + + return 0; +} + +int tpm_get_capability(u32 capability, u32 property, void *buf, + size_t property_count) +{ + if (!is_tpmv2) + return tpm1_get_capability(capability, property, buf, + property_count); + else + return tpm2_get_capability(capability, property, buf, + property_count); +} + uint32_t tpm_get_permanent_flags(struct tpm_permanent_flags *pflags) { const uint8_t command[22] = {