[U-Boot,17/25] tpm: Export the open/close functions

Message ID	20181106222142.94537-18-sjg@chromium.org
State	Superseded
Delegated to:	Simon Glass
Headers	show Return-Path: <u-boot-bounces@lists.denx.de> Date: Tue, 6 Nov 2018 15:21:34 -0700 In-Reply-To: <20181106222142.94537-1-sjg@chromium.org> Message-Id: <20181106222142.94537-18-sjg@chromium.org> Mime-Version: 1.0 References: <20181106222142.94537-1-sjg@chromium.org> From: Simon Glass <sjg@chromium.org> To: U-Boot Mailing List <u-boot@lists.denx.de> Cc: Miquel Raynal <miquel.raynal@bootlin.com> Subject: [U-Boot] [PATCH 17/25] tpm: Export the open/close functions Precedence: list Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
Series	sandbox: Changes and improvements to support verified boot \| expand [U-Boot,00/25] sandbox: Changes and improvements to support verified boot [U-Boot,01/25] cros_ec: Use uint instead of u8 for parameters [U-Boot,02/25] cros_ec: Add error logging on a few commands [U-Boot,03/25] cros_ec: Fail if we cannot determine the flash burst size [U-Boot,04/25] cros_ec: Align uclass data to a cache boundary [U-Boot,05/25] cros_ec: Add new features for events and power [U-Boot,06/25] sandbox: tpm: Allow debugging of data packages [U-Boot,07/25] sandbox: log: Add a category for sandbox [U-Boot,08/25] sandbox: Add a function to read a host file [U-Boot,09/25] sandbox: cros_ec: exynos: Drop use of cros_ec_get_error() [U-Boot,10/25] sandbox: Update some drivers to work in SPL/TPL [U-Boot,11/25] spl: Support bootstage, log, hash and early malloc in TPL [U-Boot,12/25] spl: Correct malloc debugging in board_init_r() [U-Boot,13/25] spl: lz4: Allow use of lz4 compression in SPL [U-Boot,14/25] binman: Add a way to enable debugging from the build [U-Boot,15/25] binman: Drop an unnecessary comma in blob handling [U-Boot,16/25] binman: Set the pathname correctly for ELF files [U-Boot,17/25] tpm: Export the open/close functions [U-Boot,18/25] tpm: Convert to use a device parameter [U-Boot,19/25] video: Update video_set_default_colors() to support invert [U-Boot,20/25] efi_loader: Don't enable in SPL/TPL by default [U-Boot,21/25] string: Include the config header [U-Boot,22/25] misc: Update read() and write() methods to return bytes xfered [U-Boot,23/25] test: sf: Add a simple SPI flash test [U-Boot,24/25] sf: Add a method to obtain the block-protect setting [U-Boot,25/25] mmc: Add hardware partition support

Message ID

20181106222142.94537-18-sjg@chromium.org

State

Superseded

Delegated to:

Simon Glass

Headers

Date: Tue,  6 Nov 2018 15:21:34 -0700
In-Reply-To: <20181106222142.94537-1-sjg@chromium.org>
Message-Id: <20181106222142.94537-18-sjg@chromium.org>
Mime-Version: 1.0
References: <20181106222142.94537-1-sjg@chromium.org>
From: Simon Glass <sjg@chromium.org>
To: U-Boot Mailing List <u-boot@lists.denx.de>
Cc: Miquel Raynal <miquel.raynal@bootlin.com>
Subject: [U-Boot] [PATCH 17/25] tpm: Export the open/close functions
Precedence: list
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>

Series

sandbox: Changes and improvements to support verified boot | expand

Commit Message

Simon Glass Nov. 6, 2018, 10:21 p.m. UTC

At present these functions are not accessible outside the TPM library, but
in some cases we need to call them. Export them in the header file and add
a define for the SHA1 digest size.

Also adjust tpm_open() to call tpm_close() first so that the TPM is in a
known state before opening (e.g. by a previous phase of U-Boot).

Signed-off-by: Simon Glass <sjg@chromium.org>
---

 drivers/tpm/tpm_tis_lpc.c | 50 +++++++++++++++++++++++----------------
 include/tpm-common.h      | 20 ++++++++++++++++
 lib/tpm-utils.h           | 18 --------------
 3 files changed, 50 insertions(+), 38 deletions(-)

Comments

Miquel Raynal Nov. 7, 2018, 7:52 a.m. UTC | #1

Hi Simon,

Simon Glass <sjg@chromium.org> wrote on Tue,  6 Nov 2018 15:21:34 -0700:

> At present these functions are not accessible outside the TPM library, but
> in some cases we need to call them.

I was not aware, what is the use case? I don't get it.

> Export them in the header file and add
> a define for the SHA1 digest size.
> 
> Also adjust tpm_open() to call tpm_close() first so that the TPM is in a
> known state before opening (e.g. by a previous phase of U-Boot).
> 
> Signed-off-by: Simon Glass <sjg@chromium.org>
> ---
> 

[...]

> @@ -408,29 +435,12 @@ static int tpm_tis_lpc_open(struct udevice *dev)
>  		return ret;
>  	}
>  
> +	/* Certain TPMs need some delay here or they hang */
> +	udelay(10);
> +
>  	tpm_write_word(priv, TIS_STS_COMMAND_READY,
>  		       &regs[locality].tpm_status);

This is not in the commit message.

Perhaps, due to the nature of the changes, this patch would be best
split in 2 or 3?


Thanks,
Miquèl

Simon Glass Nov. 18, 2018, 9:23 p.m. UTC | #2

Hi Miquel,

On Wed, 7 Nov 2018 at 00:52, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
>
> Hi Simon,
>
> Simon Glass <sjg@chromium.org> wrote on Tue,  6 Nov 2018 15:21:34 -0700:
>
> > At present these functions are not accessible outside the TPM library, but
> > in some cases we need to call them.
>
> I was not aware, what is the use case? I don't get it.

I believe this is for when TPL sets up the TPM but we need to access
it again in U-Boot proper, so close it before opening it again. I'm
not 100% sure though.

>
> > Export them in the header file and add
> > a define for the SHA1 digest size.
> >
> > Also adjust tpm_open() to call tpm_close() first so that the TPM is in a
> > known state before opening (e.g. by a previous phase of U-Boot).
> >
> > Signed-off-by: Simon Glass <sjg@chromium.org>
> > ---
> >
>
> [...]
>
> > @@ -408,29 +435,12 @@ static int tpm_tis_lpc_open(struct udevice *dev)
> >               return ret;
> >       }
> >
> > +     /* Certain TPMs need some delay here or they hang */
> > +     udelay(10);
> > +
> >       tpm_write_word(priv, TIS_STS_COMMAND_READY,
> >                      &regs[locality].tpm_status);
>
> This is not in the commit message.
>
> Perhaps, due to the nature of the changes, this patch would be best
> split in 2 or 3?

OK will do.

Regards,
Simon

Simon Glass Nov. 29, 2018, 5:42 p.m. UTC | #3

Hi Miquel,

On Wed, 7 Nov 2018 at 00:52, Miquel Raynal <miquel.raynal@bootlin.com> wrote:
>
> Hi Simon,
>
> Simon Glass <sjg@chromium.org> wrote on Tue,  6 Nov 2018 15:21:34 -0700:
>
> > At present these functions are not accessible outside the TPM library, but
> > in some cases we need to call them.
>
> I was not aware, what is the use case? I don't get it.

I believe this is for when TPL sets up the TPM but we need to access
it again in U-Boot proper, so close it before opening it again. I'm
not 100% sure though.

>
> > Export them in the header file and add
> > a define for the SHA1 digest size.
> >
> > Also adjust tpm_open() to call tpm_close() first so that the TPM is in a
> > known state before opening (e.g. by a previous phase of U-Boot).
> >
> > Signed-off-by: Simon Glass <sjg@chromium.org>
> > ---
> >
>
> [...]
>
> > @@ -408,29 +435,12 @@ static int tpm_tis_lpc_open(struct udevice *dev)
> >               return ret;
> >       }
> >
> > +     /* Certain TPMs need some delay here or they hang */
> > +     udelay(10);
> > +
> >       tpm_write_word(priv, TIS_STS_COMMAND_READY,
> >                      &regs[locality].tpm_status);
>
> This is not in the commit message.
>
> Perhaps, due to the nature of the changes, this patch would be best
> split in 2 or 3?

OK will do.

Regards,
Simon

Applied to u-boot-dm/master, thanks!

diff --git a/drivers/tpm/tpm_tis_lpc.c b/drivers/tpm/tpm_tis_lpc.c
index e993fd9f833..d76d7ca75af 100644
--- a/drivers/tpm/tpm_tis_lpc.c
+++ b/drivers/tpm/tpm_tis_lpc.c
@@ -388,6 +388,27 @@  static int tis_readresponse(struct udevice *dev, u8 *buffer, size_t len)
 	return offset;
 }
 
+static int tpm_tis_lpc_close(struct udevice *dev)
+{
+	struct tpm_tis_lpc_priv *priv = dev_get_priv(dev);
+	struct tpm_locality *regs = priv->regs;
+	u8 locality = 0;
+
+	if (tpm_read_word(priv, &regs[locality].access) &
+	    TIS_ACCESS_ACTIVE_LOCALITY) {
+		tpm_write_word(priv, TIS_ACCESS_ACTIVE_LOCALITY,
+			       &regs[locality].access);
+
+		if (tis_wait_reg(priv, &regs[locality].access,
+				 TIS_ACCESS_ACTIVE_LOCALITY, 0) == -ETIMEDOUT) {
+			printf("%s:%d - failed to release locality %d\n",
+			       __FILE__, __LINE__, locality);
+			return -ETIMEDOUT;
+		}
+	}
+	return 0;
+}
+
 static int tpm_tis_lpc_open(struct udevice *dev)
 {
 	struct tpm_tis_lpc_priv *priv = dev_get_priv(dev);
@@ -395,6 +416,12 @@  static int tpm_tis_lpc_open(struct udevice *dev)
 	u8 locality = 0; /* we use locality zero for everything. */
 	int ret;
 
+	ret = tpm_tis_lpc_close(dev);
+	if (ret) {
+		printf("%s: Failed to close TPM\n", __func__);
+		return ret;
+	}
+
 	/* now request access to locality. */
 	tpm_write_word(priv, TIS_ACCESS_REQUEST_USE, &regs[locality].access);
 
@@ -408,29 +435,12 @@  static int tpm_tis_lpc_open(struct udevice *dev)
 		return ret;
 	}
 
+	/* Certain TPMs need some delay here or they hang */
+	udelay(10);
+
 	tpm_write_word(priv, TIS_STS_COMMAND_READY,
 		       &regs[locality].tpm_status);
-	return 0;
-}
-
-static int tpm_tis_lpc_close(struct udevice *dev)
-{
-	struct tpm_tis_lpc_priv *priv = dev_get_priv(dev);
-	struct tpm_locality *regs = priv->regs;
-	u8 locality = 0;
-
-	if (tpm_read_word(priv, &regs[locality].access) &
-	    TIS_ACCESS_ACTIVE_LOCALITY) {
-		tpm_write_word(priv, TIS_ACCESS_ACTIVE_LOCALITY,
-			       &regs[locality].access);
 
-		if (tis_wait_reg(priv, &regs[locality].access,
-				 TIS_ACCESS_ACTIVE_LOCALITY, 0) == -ETIMEDOUT) {
-			printf("%s:%d - failed to release locality %d\n",
-			       __FILE__, __LINE__, locality);
-			return -ETIMEDOUT;
-		}
-	}
 	return 0;
 }
 
diff --git a/include/tpm-common.h b/include/tpm-common.h
index 5f8bc6bc528..f8c5569003e 100644
--- a/include/tpm-common.h
+++ b/include/tpm-common.h
@@ -26,6 +26,8 @@  enum tpm_duration {
 /* Max buffer size supported by our tpm */
 #define TPM_DEV_BUFSIZE		1260
 
+#define TPM_PCR_MINIMUM_DIGEST_SIZE 20
+
 /**
  * enum tpm_version - The version of the TPM stack to be used
  * @TPM_V1:		Use TPM v1.x stack
@@ -179,6 +181,24 @@  int do_##cmd(cmd_tbl_t *cmdtp, int flag,		\
 	return report_return_code(cmd());		\
 }
 
+/**
+ * tpm_open() - Request access to locality 0 for the caller
+ *
+ * After all commands have been completed the caller is supposed to
+ * call tpm_close().
+ *
+ * Returns 0 on success, -ve on failure.
+ */
+int tpm_open(struct udevice *dev);
+
+/**
+ * tpm_close() - Close the current session
+ *
+ * Releasing the locked locality. Returns 0 on success, -ve 1 on
+ * failure (in case lock removal did not succeed).
+ */
+int tpm_close(struct udevice *dev);
+
 /**
  * tpm_get_desc() - Get a text description of the TPM
  *
diff --git a/lib/tpm-utils.h b/lib/tpm-utils.h
index a9cb7dc7ee5..ac95f262f56 100644
--- a/lib/tpm-utils.h
+++ b/lib/tpm-utils.h
@@ -18,24 +18,6 @@ 
 #define tpm_u16(x) __MSB(x), __LSB(x)
 #define tpm_u32(x) tpm_u16((x) >> 16), tpm_u16((x) & 0xFFFF)
 
-/**
- * tpm_open() - Request access to locality 0 for the caller
- *
- * After all commands have been completed the caller is supposed to
- * call tpm_close().
- *
- * Returns 0 on success, -ve on failure.
- */
-int tpm_open(struct udevice *dev);
-
-/**
- * tpm_close() - Close the current session
- *
- * Releasing the locked locality. Returns 0 on success, -ve 1 on
- * failure (in case lock removal did not succeed).
- */
-int tpm_close(struct udevice *dev);
-
 /**
  * Pack data into a byte string.  The data types are specified in
  * the format string: 'b' means unsigned byte, 'w' unsigned word,

[U-Boot,17/25] tpm: Export the open/close functions

Commit Message

Comments

Patch