From patchwork Tue May 15 09:56:57 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913527 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lY1n4LGCz9s0q for ; Tue, 15 May 2018 19:59:09 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 25F6BC21EB4; Tue, 15 May 2018 09:58:13 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id D4CCBC21C93; Tue, 15 May 2018 09:57:35 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 99930C21C51; Tue, 15 May 2018 09:57:33 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 4ED4EC21C57 for ; Tue, 15 May 2018 09:57:33 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 1003120794; Tue, 15 May 2018 11:57:32 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id C351420737; Tue, 15 May 2018 11:57:31 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:56:57 +0200 Message-Id: <20180515095728.16572-2-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 01/32] tpm: remove redundant blank line X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Fix following checkpatch.pl issue in TPM-related code: CHECK: Please don't use multiple blank lines Signed-off-by: Miquel Raynal Reviewed-by: Tom Rini Reviewed-by: Simon Glass --- lib/tpm.c | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/tpm.c b/lib/tpm.c index c8bf06178f..0d8cdf9651 100644 --- a/lib/tpm.c +++ b/lib/tpm.c @@ -821,7 +821,6 @@ static uint32_t verify_response_auth(uint32_t command_code, return TPM_SUCCESS; } - uint32_t tpm_terminate_auth_session(uint32_t auth_handle) { const uint8_t command[18] = { From patchwork Tue May 15 09:56:58 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913528 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lY2W6v7zz9s1R for ; Tue, 15 May 2018 19:59:47 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 9602DC21E7F; Tue, 15 May 2018 09:58:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id BE7F1C21E44; Tue, 15 May 2018 09:57:36 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id C6B04C21D56; Tue, 15 May 2018 09:57:33 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 75932C21C93 for ; Tue, 15 May 2018 09:57:33 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 3B26A20898; Tue, 15 May 2018 11:57:32 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 05EC420720; Tue, 15 May 2018 11:57:32 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:56:58 +0200 Message-Id: <20180515095728.16572-3-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 02/32] tpm: remove extra spaces between a function and its opening bracket X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Fix following checkpatch.pl issue in TPM-related code: WARNING: space prohibited between function name and open parenthesis '(' Signed-off-by: Miquel Raynal Reviewed-by: Tom Rini Reviewed-by: Simon Glass --- lib/tpm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/tpm.c b/lib/tpm.c index 0d8cdf9651..58b0a76b97 100644 --- a/lib/tpm.c +++ b/lib/tpm.c @@ -611,7 +611,7 @@ uint32_t tpm_get_permanent_flags(struct tpm_permanent_flags *pflags) 0x0, 0x0, 0x1, 0x8, /* subcap value */ }; const size_t data_size_offset = TPM_HEADER_SIZE; - const size_t data_offset = TPM_HEADER_SIZE + sizeof (uint32_t); + const size_t data_offset = TPM_HEADER_SIZE + sizeof(uint32_t); uint8_t response[COMMAND_BUFFER_SIZE]; size_t response_length = sizeof(response); uint32_t err; @@ -1069,7 +1069,7 @@ uint32_t tpm_get_random(void *data, uint32_t count) while (count > 0) { uint32_t this_bytes = min((size_t)count, - sizeof (response) - data_offset); + sizeof(response) - data_offset); uint32_t err; if (pack_byte_string(buf, sizeof(buf), "sd", From patchwork Tue May 15 09:56:59 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913531 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lY4c03fKz9s0q for ; Tue, 15 May 2018 20:01:35 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id A42E4C21D9A; Tue, 15 May 2018 10:00:50 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 81621C21EFD; Tue, 15 May 2018 09:57:40 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id E34C9C21D56; Tue, 15 May 2018 09:57:34 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id B9A0FC21C57 for ; Tue, 15 May 2018 09:57:33 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 83D1020737; Tue, 15 May 2018 11:57:32 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 3313220737; Tue, 15 May 2018 11:57:32 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:56:59 +0200 Message-Id: <20180515095728.16572-4-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 03/32] tpm: substitute deprecated uint_t types with their u equivalent X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Fix following checkpatch.pl issues in TPM-related code: CHECK: Prefer kernel type 'u8' over 'uint8_t' CHECK: Prefer kernel type 'u16' over 'uint16_t' CHECK: Prefer kernel type 'u32' over 'uint32_t' Signed-off-by: Miquel Raynal Reviewed-by: Tom Rini Reviewed-by: Simon Glass --- cmd/tpm.c | 86 ++++++++--------- include/tpm.h | 72 +++++++-------- lib/tpm.c | 290 +++++++++++++++++++++++++++++----------------------------- 3 files changed, 220 insertions(+), 228 deletions(-) diff --git a/cmd/tpm.c b/cmd/tpm.c index d9b433582c..4109ace362 100644 --- a/cmd/tpm.c +++ b/cmd/tpm.c @@ -25,7 +25,7 @@ enum { * @param data byte string to be printed * @param count number of bytes to be printed */ -static void print_byte_string(uint8_t *data, size_t count) +static void print_byte_string(u8 *data, size_t count) { int i, print_newline = 0; @@ -52,7 +52,7 @@ static void print_byte_string(uint8_t *data, size_t count) * @param count_ptr output variable for the length of byte string * @return pointer to output buffer */ -static void *parse_byte_string(char *bytes, uint8_t *data, size_t *count_ptr) +static void *parse_byte_string(char *bytes, u8 *data, size_t *count_ptr) { char byte[3]; size_t count, length; @@ -72,7 +72,7 @@ static void *parse_byte_string(char *bytes, uint8_t *data, size_t *count_ptr) for (i = 0; i < length; i += 2) { byte[0] = bytes[i]; byte[1] = bytes[i + 1]; - data[i / 2] = (uint8_t)simple_strtoul(byte, NULL, 16); + data[i / 2] = (u8)simple_strtoul(byte, NULL, 16); } if (count_ptr) @@ -146,7 +146,7 @@ static size_t type_string_get_space_size(const char *type_str) * @param count pointer for storing size of buffer * @return pointer to buffer or NULL on error */ -static void *type_string_alloc(const char *type_str, uint32_t *count) +static void *type_string_alloc(const char *type_str, u32 *count) { void *data; size_t size; @@ -171,10 +171,10 @@ static void *type_string_alloc(const char *type_str, uint32_t *count) * @return 0 on success, non-0 on error */ static int type_string_pack(const char *type_str, char * const values[], - uint8_t *data) + u8 *data) { size_t offset; - uint32_t value; + u32 value; for (offset = 0; *type_str; type_str++, values++) { value = simple_strtoul(values[0], NULL, 0); @@ -208,11 +208,11 @@ static int type_string_pack(const char *type_str, char * const values[], * @param vars names of environment variables * @return 0 on success, non-0 on error */ -static int type_string_write_vars(const char *type_str, uint8_t *data, - char * const vars[]) +static int type_string_write_vars(const char *type_str, u8 *data, + char * const vars[]) { size_t offset; - uint32_t value; + u32 value; for (offset = 0; *type_str; type_str++, vars++) { switch (*type_str) { @@ -262,7 +262,7 @@ static int do_tpm_startup(cmd_tbl_t *cmdtp, int flag, static int do_tpm_nv_define_space(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint32_t index, perm, size; + u32 index, perm, size; if (argc != 4) return CMD_RET_USAGE; @@ -276,7 +276,7 @@ static int do_tpm_nv_define_space(cmd_tbl_t *cmdtp, int flag, static int do_tpm_nv_read_value(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint32_t index, count, rc; + u32 index, count, rc; void *data; if (argc != 4) @@ -297,7 +297,7 @@ static int do_tpm_nv_read_value(cmd_tbl_t *cmdtp, int flag, static int do_tpm_nv_write_value(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint32_t index, rc; + u32 index, rc; size_t count; void *data; @@ -319,8 +319,8 @@ static int do_tpm_nv_write_value(cmd_tbl_t *cmdtp, int flag, static int do_tpm_extend(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint32_t index, rc; - uint8_t in_digest[20], out_digest[20]; + u32 index, rc; + u8 in_digest[20], out_digest[20]; if (argc != 3) return CMD_RET_USAGE; @@ -342,7 +342,7 @@ static int do_tpm_extend(cmd_tbl_t *cmdtp, int flag, static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint32_t index, count, rc; + u32 index, count, rc; void *data; if (argc != 4) @@ -363,11 +363,11 @@ static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, static int do_tpm_tsc_physical_presence(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint16_t presence; + u16 presence; if (argc != 2) return CMD_RET_USAGE; - presence = (uint16_t)simple_strtoul(argv[1], NULL, 0); + presence = (u16)simple_strtoul(argv[1], NULL, 0); return report_return_code(tpm_tsc_physical_presence(presence)); } @@ -375,7 +375,7 @@ static int do_tpm_tsc_physical_presence(cmd_tbl_t *cmdtp, int flag, static int do_tpm_read_pubek(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint32_t count, rc; + u32 count, rc; void *data; if (argc != 3) @@ -395,11 +395,11 @@ static int do_tpm_read_pubek(cmd_tbl_t *cmdtp, int flag, static int do_tpm_physical_set_deactivated(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint8_t state; + u8 state; if (argc != 2) return CMD_RET_USAGE; - state = (uint8_t)simple_strtoul(argv[1], NULL, 0); + state = (u8)simple_strtoul(argv[1], NULL, 0); return report_return_code(tpm_physical_set_deactivated(state)); } @@ -407,7 +407,7 @@ static int do_tpm_physical_set_deactivated(cmd_tbl_t *cmdtp, int flag, static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint32_t cap_area, sub_cap, rc; + u32 cap_area, sub_cap, rc; void *cap; size_t count; @@ -481,9 +481,9 @@ static int do_tpm_raw_transfer(cmd_tbl_t *cmdtp, int flag, { struct udevice *dev; void *command; - uint8_t response[1024]; + u8 response[1024]; size_t count, response_length = sizeof(response); - uint32_t rc; + u32 rc; command = parse_byte_string(argv[1], NULL, &count); if (!command) { @@ -508,7 +508,7 @@ static int do_tpm_raw_transfer(cmd_tbl_t *cmdtp, int flag, static int do_tpm_nv_define(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint32_t index, perm, size; + u32 index, perm, size; if (argc != 4) return CMD_RET_USAGE; @@ -526,7 +526,7 @@ static int do_tpm_nv_define(cmd_tbl_t *cmdtp, int flag, static int do_tpm_nv_read(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint32_t index, count, err; + u32 index, count, err; void *data; if (argc < 3) @@ -555,7 +555,7 @@ static int do_tpm_nv_read(cmd_tbl_t *cmdtp, int flag, static int do_tpm_nv_write(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint32_t index, count, err; + u32 index, count, err; void *data; if (argc < 3) @@ -585,7 +585,7 @@ static int do_tpm_nv_write(cmd_tbl_t *cmdtp, int flag, static int do_tpm_oiap(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint32_t auth_handle, err; + u32 auth_handle, err; err = tpm_oiap(&auth_handle); @@ -596,10 +596,10 @@ static int do_tpm_oiap(cmd_tbl_t *cmdtp, int flag, static int do_tpm_load_key_by_sha1(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint32_t parent_handle = 0; - uint32_t key_len, key_handle, err; - uint8_t usage_auth[DIGEST_LENGTH]; - uint8_t parent_hash[DIGEST_LENGTH]; + u32 parent_handle = 0; + u32 key_len, key_handle, err; + u8 usage_auth[DIGEST_LENGTH]; + u8 parent_hash[DIGEST_LENGTH]; void *key; if (argc < 5) @@ -634,8 +634,8 @@ static int do_tpm_load_key_by_sha1(cmd_tbl_t *cmdtp, int flag, int argc, char * static int do_tpm_load_key2_oiap(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint32_t parent_handle, key_len, key_handle, err; - uint8_t usage_auth[DIGEST_LENGTH]; + u32 parent_handle, key_len, key_handle, err; + u8 usage_auth[DIGEST_LENGTH]; void *key; if (argc < 5) @@ -659,9 +659,9 @@ static int do_tpm_load_key2_oiap(cmd_tbl_t *cmdtp, int flag, static int do_tpm_get_pub_key_oiap(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { - uint32_t key_handle, err; - uint8_t usage_auth[DIGEST_LENGTH]; - uint8_t pub_key_buffer[TPM_PUBKEY_MAX_LENGTH]; + u32 key_handle, err; + u8 usage_auth[DIGEST_LENGTH]; + u8 pub_key_buffer[TPM_PUBKEY_MAX_LENGTH]; size_t pub_key_len = sizeof(pub_key_buffer); if (argc < 3) @@ -721,9 +721,9 @@ static int do_tpm_flush(cmd_tbl_t *cmdtp, int flag, int argc, } if (!strcasecmp(argv[2], "all")) { - uint16_t res_count; - uint8_t buf[288]; - uint8_t *ptr; + u16 res_count; + u8 buf[288]; + u8 *ptr; int err; uint i; @@ -739,7 +739,7 @@ static int do_tpm_flush(cmd_tbl_t *cmdtp, int flag, int argc, for (i = 0; i < res_count; ++i, ptr += 4) tpm_flush_specific(get_unaligned_be32(ptr), type); } else { - uint32_t handle = simple_strtoul(argv[2], NULL, 0); + u32 handle = simple_strtoul(argv[2], NULL, 0); if (!handle) { printf("Illegal resource handle %s\n", argv[2]); @@ -757,9 +757,9 @@ static int do_tpm_list(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { int type = 0; - uint16_t res_count; - uint8_t buf[288]; - uint8_t *ptr; + u16 res_count; + u8 buf[288]; + u8 *ptr; int err; uint i; diff --git a/include/tpm.h b/include/tpm.h index 760d94865c..62117f6cc2 100644 --- a/include/tpm.h +++ b/include/tpm.h @@ -309,8 +309,7 @@ struct tpm_ops { * * Returns 0 on success or -ve on failure. */ - int (*send)(struct udevice *dev, const uint8_t *sendbuf, - size_t send_size); + int (*send)(struct udevice *dev, const u8 *sendbuf, size_t send_size); /** * recv() - receive a response from the TPM @@ -323,7 +322,7 @@ struct tpm_ops { * response is not ready, -EINTR if cancelled, or other -ve value on * failure. */ - int (*recv)(struct udevice *dev, uint8_t *recvbuf, size_t max_size); + int (*recv)(struct udevice *dev, u8 *recvbuf, size_t max_size); /** * cleanup() - clean up after an operation in progress @@ -352,8 +351,8 @@ struct tpm_ops { * Returns 0 on success (and places the number of response bytes at * recv_size) or -ve on failure. */ - int (*xfer)(struct udevice *dev, const uint8_t *sendbuf, - size_t send_size, uint8_t *recvbuf, size_t *recv_size); + int (*xfer)(struct udevice *dev, const u8 *sendbuf, size_t send_size, + u8 *recvbuf, size_t *recv_size); }; #define tpm_get_ops(dev) ((struct tpm_ops *)device_get_ops(dev)) @@ -407,8 +406,8 @@ int tpm_get_desc(struct udevice *dev, char *buf, int size); * Returns 0 on success (and places the number of response bytes at * recv_len) or -ve on failure. */ -int tpm_xfer(struct udevice *dev, const uint8_t *sendbuf, size_t send_size, - uint8_t *recvbuf, size_t *recv_size); +int tpm_xfer(struct udevice *dev, const u8 *sendbuf, size_t send_size, + u8 *recvbuf, size_t *recv_size); /** * Initialize TPM device. It must be called before any TPM commands. @@ -423,21 +422,21 @@ int tpm_init(void); * @param mode TPM startup mode * @return return code of the operation */ -uint32_t tpm_startup(enum tpm_startup_type mode); +u32 tpm_startup(enum tpm_startup_type mode); /** * Issue a TPM_SelfTestFull command. * * @return return code of the operation */ -uint32_t tpm_self_test_full(void); +u32 tpm_self_test_full(void); /** * Issue a TPM_ContinueSelfTest command. * * @return return code of the operation */ -uint32_t tpm_continue_self_test(void); +u32 tpm_continue_self_test(void); /** * Issue a TPM_NV_DefineSpace command. The implementation is limited @@ -449,7 +448,7 @@ uint32_t tpm_continue_self_test(void); * @param size size of the area * @return return code of the operation */ -uint32_t tpm_nv_define_space(uint32_t index, uint32_t perm, uint32_t size); +u32 tpm_nv_define_space(u32 index, u32 perm, u32 size); /** * Issue a TPM_NV_ReadValue command. This implementation is limited @@ -461,7 +460,7 @@ uint32_t tpm_nv_define_space(uint32_t index, uint32_t perm, uint32_t size); * @param count size of output buffer * @return return code of the operation */ -uint32_t tpm_nv_read_value(uint32_t index, void *data, uint32_t count); +u32 tpm_nv_read_value(u32 index, void *data, u32 count); /** * Issue a TPM_NV_WriteValue command. This implementation is limited @@ -473,7 +472,7 @@ uint32_t tpm_nv_read_value(uint32_t index, void *data, uint32_t count); * @param length length of data bytes of input buffer * @return return code of the operation */ -uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length); +u32 tpm_nv_write_value(u32 index, const void *data, u32 length); /** * Issue a TPM_Extend command. @@ -485,7 +484,7 @@ uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length); * command * @return return code of the operation */ -uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest); +u32 tpm_extend(u32 index, const void *in_digest, void *out_digest); /** * Issue a TPM_PCRRead command. @@ -495,7 +494,7 @@ uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest); * @param count size of output buffer * @return return code of the operation */ -uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count); +u32 tpm_pcr_read(u32 index, void *data, size_t count); /** * Issue a TSC_PhysicalPresence command. TPM physical presence flag @@ -504,7 +503,7 @@ uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count); * @param presence TPM physical presence flag * @return return code of the operation */ -uint32_t tpm_tsc_physical_presence(uint16_t presence); +u32 tpm_tsc_physical_presence(u16 presence); /** * Issue a TPM_ReadPubek command. @@ -513,28 +512,28 @@ uint32_t tpm_tsc_physical_presence(uint16_t presence); * @param count size of ouput buffer * @return return code of the operation */ -uint32_t tpm_read_pubek(void *data, size_t count); +u32 tpm_read_pubek(void *data, size_t count); /** * Issue a TPM_ForceClear command. * * @return return code of the operation */ -uint32_t tpm_force_clear(void); +u32 tpm_force_clear(void); /** * Issue a TPM_PhysicalEnable command. * * @return return code of the operation */ -uint32_t tpm_physical_enable(void); +u32 tpm_physical_enable(void); /** * Issue a TPM_PhysicalDisable command. * * @return return code of the operation */ -uint32_t tpm_physical_disable(void); +u32 tpm_physical_disable(void); /** * Issue a TPM_PhysicalSetDeactivated command. @@ -542,7 +541,7 @@ uint32_t tpm_physical_disable(void); * @param state boolean state of the deactivated flag * @return return code of the operation */ -uint32_t tpm_physical_set_deactivated(uint8_t state); +u32 tpm_physical_set_deactivated(u8 state); /** * Issue a TPM_GetCapability command. This implementation is limited @@ -555,8 +554,7 @@ uint32_t tpm_physical_set_deactivated(uint8_t state); * @param count size of ouput buffer * @return return code of the operation */ -uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap, - void *cap, size_t count); +u32 tpm_get_capability(u32 cap_area, u32 sub_cap, void *cap, size_t count); /** * Issue a TPM_FlushSpecific command for a AUTH ressource. @@ -564,7 +562,7 @@ uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap, * @param auth_handle handle of the auth session * @return return code of the operation */ -uint32_t tpm_terminate_auth_session(uint32_t auth_handle); +u32 tpm_terminate_auth_session(u32 auth_handle); /** * Issue a TPM_OIAP command to setup an object independant authorization @@ -576,14 +574,14 @@ uint32_t tpm_terminate_auth_session(uint32_t auth_handle); * @param auth_handle pointer to the (new) auth handle or NULL. * @return return code of the operation */ -uint32_t tpm_oiap(uint32_t *auth_handle); +u32 tpm_oiap(u32 *auth_handle); /** * Ends an active OIAP session. * * @return return code of the operation */ -uint32_t tpm_end_oiap(void); +u32 tpm_end_oiap(void); /** * Issue a TPM_LoadKey2 (Auth1) command using an OIAP session for authenticating @@ -596,10 +594,8 @@ uint32_t tpm_end_oiap(void); * @param key_handle pointer to the key handle * @return return code of the operation */ -uint32_t tpm_load_key2_oiap(uint32_t parent_handle, - const void *key, size_t key_length, - const void *parent_key_usage_auth, - uint32_t *key_handle); +u32 tpm_load_key2_oiap(u32 parent_handle, const void *key, size_t key_length, + const void *parent_key_usage_auth, u32 *key_handle); /** * Issue a TPM_GetPubKey (Auth1) command using an OIAP session for @@ -614,8 +610,8 @@ uint32_t tpm_load_key2_oiap(uint32_t parent_handle, * of the stored TPM_PUBKEY structure (iff pubkey != NULL). * @return return code of the operation */ -uint32_t tpm_get_pub_key_oiap(uint32_t key_handle, const void *usage_auth, - void *pubkey, size_t *pubkey_len); +u32 tpm_get_pub_key_oiap(u32 key_handle, const void *usage_auth, void *pubkey, + size_t *pubkey_len); /** * Get the TPM permanent flags value @@ -623,7 +619,7 @@ uint32_t tpm_get_pub_key_oiap(uint32_t key_handle, const void *usage_auth, * @param pflags Place to put permanent flags * @return return code of the operation */ -uint32_t tpm_get_permanent_flags(struct tpm_permanent_flags *pflags); +u32 tpm_get_permanent_flags(struct tpm_permanent_flags *pflags); /** * Get the TPM permissions @@ -631,7 +627,7 @@ uint32_t tpm_get_permanent_flags(struct tpm_permanent_flags *pflags); * @param perm Returns permissions value * @return return code of the operation */ -uint32_t tpm_get_permissions(uint32_t index, uint32_t *perm); +u32 tpm_get_permissions(u32 index, u32 *perm); /** * Flush a resource with a given handle and type from the TPM @@ -640,7 +636,7 @@ uint32_t tpm_get_permissions(uint32_t index, uint32_t *perm); * @param resource_type type of the resource * @return return code of the operation */ -uint32_t tpm_flush_specific(uint32_t key_handle, uint32_t resource_type); +u32 tpm_flush_specific(u32 key_handle, u32 resource_type); #ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1 /** @@ -651,8 +647,8 @@ uint32_t tpm_flush_specific(uint32_t key_handle, uint32_t resource_type); * @param[out] handle The handle of the key (Non-null iff found) * @return 0 if key was found in TPM; != 0 if not. */ -uint32_t tpm_find_key_sha1(const uint8_t auth[20], const uint8_t - pubkey_digest[20], uint32_t *handle); +u32 tpm_find_key_sha1(const u8 auth[20], const u8 pubkey_digest[20], + u32 *handle); #endif /* CONFIG_TPM_LOAD_KEY_BY_SHA1 */ /** @@ -664,6 +660,6 @@ uint32_t tpm_find_key_sha1(const uint8_t auth[20], const uint8_t * @param count size of output buffer * @return return code of the operation */ -uint32_t tpm_get_random(void *data, uint32_t count); +u32 tpm_get_random(void *data, u32 count); #endif /* __TPM_H */ diff --git a/lib/tpm.c b/lib/tpm.c index 58b0a76b97..1c4ce2e71d 100644 --- a/lib/tpm.c +++ b/lib/tpm.c @@ -12,7 +12,7 @@ #include /* Internal error of TPM command library */ -#define TPM_LIB_ERROR ((uint32_t)~0u) +#define TPM_LIB_ERROR ((u32)~0u) /* Useful constants */ enum { @@ -36,9 +36,9 @@ enum { struct session_data { int valid; - uint32_t handle; - uint8_t nonce_even[DIGEST_LENGTH]; - uint8_t nonce_odd[DIGEST_LENGTH]; + u32 handle; + u8 nonce_even[DIGEST_LENGTH]; + u8 nonce_odd[DIGEST_LENGTH]; }; static struct session_data oiap_session = {0, }; @@ -60,12 +60,12 @@ static struct session_data oiap_session = {0, }; * @param ... data points * @return 0 on success, non-0 on error */ -int pack_byte_string(uint8_t *str, size_t size, const char *format, ...) +int pack_byte_string(u8 *str, size_t size, const char *format, ...) { va_list args; size_t offset = 0, length = 0; - uint8_t *data = NULL; - uint32_t value = 0; + u8 *data = NULL; + u32 value = 0; va_start(args, format); for (; *format; format++) { @@ -82,13 +82,13 @@ int pack_byte_string(uint8_t *str, size_t size, const char *format, ...) break; case 'd': offset = va_arg(args, size_t); - value = va_arg(args, uint32_t); + value = va_arg(args, u32); length = 4; break; case 's': offset = va_arg(args, size_t); - data = va_arg(args, uint8_t *); - length = va_arg(args, uint32_t); + data = va_arg(args, u8 *); + length = va_arg(args, u32); break; default: debug("Couldn't recognize format string\n"); @@ -134,36 +134,36 @@ int pack_byte_string(uint8_t *str, size_t size, const char *format, ...) * @param ... data points * @return 0 on success, non-0 on error */ -int unpack_byte_string(const uint8_t *str, size_t size, const char *format, ...) +int unpack_byte_string(const u8 *str, size_t size, const char *format, ...) { va_list args; size_t offset = 0, length = 0; - uint8_t *ptr8 = NULL; - uint16_t *ptr16 = NULL; - uint32_t *ptr32 = NULL; + u8 *ptr8 = NULL; + u16 *ptr16 = NULL; + u32 *ptr32 = NULL; va_start(args, format); for (; *format; format++) { switch (*format) { case 'b': offset = va_arg(args, size_t); - ptr8 = va_arg(args, uint8_t *); + ptr8 = va_arg(args, u8 *); length = 1; break; case 'w': offset = va_arg(args, size_t); - ptr16 = va_arg(args, uint16_t *); + ptr16 = va_arg(args, u16 *); length = 2; break; case 'd': offset = va_arg(args, size_t); - ptr32 = va_arg(args, uint32_t *); + ptr32 = va_arg(args, u32 *); length = 4; break; case 's': offset = va_arg(args, size_t); - ptr8 = va_arg(args, uint8_t *); - length = va_arg(args, uint32_t); + ptr8 = va_arg(args, u8 *); + length = va_arg(args, u32); break; default: va_end(args); @@ -202,7 +202,7 @@ int unpack_byte_string(const uint8_t *str, size_t size, const char *format, ...) * @param command byte string of TPM command * @return command size of the TPM command */ -static uint32_t tpm_command_size(const void *command) +static u32 tpm_command_size(const void *command) { const size_t command_size_offset = 2; return get_unaligned_be32(command + command_size_offset); @@ -214,7 +214,7 @@ static uint32_t tpm_command_size(const void *command) * @param response byte string of TPM response * @return return code of the TPM response */ -static uint32_t tpm_return_code(const void *response) +static u32 tpm_return_code(const void *response) { const size_t return_code_offset = 6; return get_unaligned_be32(response + return_code_offset); @@ -232,12 +232,12 @@ static uint32_t tpm_return_code(const void *response) * is a bidirectional * @return return code of the TPM response */ -static uint32_t tpm_sendrecv_command(const void *command, - void *response, size_t *size_ptr) +static u32 tpm_sendrecv_command(const void *command, void *response, + size_t *size_ptr) { struct udevice *dev; int err, ret; - uint8_t response_buffer[COMMAND_BUFFER_SIZE]; + u8 response_buffer[COMMAND_BUFFER_SIZE]; size_t response_length; if (response) { @@ -272,13 +272,13 @@ int tpm_init(void) return tpm_open(dev); } -uint32_t tpm_startup(enum tpm_startup_type mode) +u32 tpm_startup(enum tpm_startup_type mode) { - const uint8_t command[12] = { + const u8 command[12] = { 0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x0, }; const size_t mode_offset = 10; - uint8_t buf[COMMAND_BUFFER_SIZE]; + u8 buf[COMMAND_BUFFER_SIZE]; if (pack_byte_string(buf, sizeof(buf), "sw", 0, command, sizeof(command), @@ -288,25 +288,25 @@ uint32_t tpm_startup(enum tpm_startup_type mode) return tpm_sendrecv_command(buf, NULL, NULL); } -uint32_t tpm_self_test_full(void) +u32 tpm_self_test_full(void) { - const uint8_t command[10] = { + const u8 command[10] = { 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x50, }; return tpm_sendrecv_command(command, NULL, NULL); } -uint32_t tpm_continue_self_test(void) +u32 tpm_continue_self_test(void) { - const uint8_t command[10] = { + const u8 command[10] = { 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x53, }; return tpm_sendrecv_command(command, NULL, NULL); } -uint32_t tpm_nv_define_space(uint32_t index, uint32_t perm, uint32_t size) +u32 tpm_nv_define_space(u32 index, u32 perm, u32 size) { - const uint8_t command[101] = { + const u8 command[101] = { 0x0, 0xc1, /* TPM_TAG */ 0x0, 0x0, 0x0, 0x65, /* parameter size */ 0x0, 0x0, 0x0, 0xcc, /* TPM_COMMAND_CODE */ @@ -335,7 +335,7 @@ uint32_t tpm_nv_define_space(uint32_t index, uint32_t perm, uint32_t size) const size_t index_offset = 12; const size_t perm_offset = 70; const size_t size_offset = 77; - uint8_t buf[COMMAND_BUFFER_SIZE]; + u8 buf[COMMAND_BUFFER_SIZE]; if (pack_byte_string(buf, sizeof(buf), "sddd", 0, command, sizeof(command), @@ -347,19 +347,19 @@ uint32_t tpm_nv_define_space(uint32_t index, uint32_t perm, uint32_t size) return tpm_sendrecv_command(buf, NULL, NULL); } -uint32_t tpm_nv_read_value(uint32_t index, void *data, uint32_t count) +u32 tpm_nv_read_value(u32 index, void *data, u32 count) { - const uint8_t command[22] = { + const u8 command[22] = { 0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0xcf, }; const size_t index_offset = 10; const size_t length_offset = 18; const size_t data_size_offset = 10; const size_t data_offset = 14; - uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; + u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; size_t response_length = sizeof(response); - uint32_t data_size; - uint32_t err; + u32 data_size; + u32 err; if (pack_byte_string(buf, sizeof(buf), "sdd", 0, command, sizeof(command), @@ -381,9 +381,9 @@ uint32_t tpm_nv_read_value(uint32_t index, void *data, uint32_t count) return 0; } -uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length) +u32 tpm_nv_write_value(u32 index, const void *data, u32 length) { - const uint8_t command[256] = { + const u8 command[256] = { 0x0, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd, }; const size_t command_size_offset = 2; @@ -391,11 +391,11 @@ uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length) const size_t length_offset = 18; const size_t data_offset = 22; const size_t write_info_size = 12; - const uint32_t total_length = + const u32 total_length = TPM_REQUEST_HEADER_LENGTH + write_info_size + length; - uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; + u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; size_t response_length = sizeof(response); - uint32_t err; + u32 err; if (pack_byte_string(buf, sizeof(buf), "sddds", 0, command, sizeof(command), @@ -411,18 +411,18 @@ uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length) return 0; } -uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest) +u32 tpm_extend(u32 index, const void *in_digest, void *out_digest) { - const uint8_t command[34] = { + const u8 command[34] = { 0x0, 0xc1, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x14, }; const size_t index_offset = 10; const size_t in_digest_offset = 14; const size_t out_digest_offset = 10; - uint8_t buf[COMMAND_BUFFER_SIZE]; - uint8_t response[TPM_RESPONSE_HEADER_LENGTH + PCR_DIGEST_LENGTH]; + u8 buf[COMMAND_BUFFER_SIZE]; + u8 response[TPM_RESPONSE_HEADER_LENGTH + PCR_DIGEST_LENGTH]; size_t response_length = sizeof(response); - uint32_t err; + u32 err; if (pack_byte_string(buf, sizeof(buf), "sds", 0, command, sizeof(command), @@ -442,16 +442,16 @@ uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest) return 0; } -uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count) +u32 tpm_pcr_read(u32 index, void *data, size_t count) { - const uint8_t command[14] = { + const u8 command[14] = { 0x0, 0xc1, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x15, }; const size_t index_offset = 10; const size_t out_digest_offset = 10; - uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; + u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; size_t response_length = sizeof(response); - uint32_t err; + u32 err; if (count < PCR_DIGEST_LENGTH) return TPM_LIB_ERROR; @@ -470,13 +470,13 @@ uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count) return 0; } -uint32_t tpm_tsc_physical_presence(uint16_t presence) +u32 tpm_tsc_physical_presence(u16 presence) { - const uint8_t command[12] = { + const u8 command[12] = { 0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x40, 0x0, 0x0, 0xa, 0x0, 0x0, }; const size_t presence_offset = 10; - uint8_t buf[COMMAND_BUFFER_SIZE]; + u8 buf[COMMAND_BUFFER_SIZE]; if (pack_byte_string(buf, sizeof(buf), "sw", 0, command, sizeof(command), @@ -486,18 +486,18 @@ uint32_t tpm_tsc_physical_presence(uint16_t presence) return tpm_sendrecv_command(buf, NULL, NULL); } -uint32_t tpm_read_pubek(void *data, size_t count) +u32 tpm_read_pubek(void *data, size_t count) { - const uint8_t command[30] = { + const u8 command[30] = { 0x0, 0xc1, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x7c, }; const size_t response_size_offset = 2; const size_t data_offset = 10; const size_t header_and_checksum_size = TPM_RESPONSE_HEADER_LENGTH + 20; - uint8_t response[COMMAND_BUFFER_SIZE + TPM_PUBEK_SIZE]; + u8 response[COMMAND_BUFFER_SIZE + TPM_PUBEK_SIZE]; size_t response_length = sizeof(response); - uint32_t data_size; - uint32_t err; + u32 data_size; + u32 err; err = tpm_sendrecv_command(command, response, &response_length); if (err) @@ -517,40 +517,40 @@ uint32_t tpm_read_pubek(void *data, size_t count) return 0; } -uint32_t tpm_force_clear(void) +u32 tpm_force_clear(void) { - const uint8_t command[10] = { + const u8 command[10] = { 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5d, }; return tpm_sendrecv_command(command, NULL, NULL); } -uint32_t tpm_physical_enable(void) +u32 tpm_physical_enable(void) { - const uint8_t command[10] = { + const u8 command[10] = { 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6f, }; return tpm_sendrecv_command(command, NULL, NULL); } -uint32_t tpm_physical_disable(void) +u32 tpm_physical_disable(void) { - const uint8_t command[10] = { + const u8 command[10] = { 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x70, }; return tpm_sendrecv_command(command, NULL, NULL); } -uint32_t tpm_physical_set_deactivated(uint8_t state) +u32 tpm_physical_set_deactivated(u8 state) { - const uint8_t command[11] = { + const u8 command[11] = { 0x0, 0xc1, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x72, }; const size_t state_offset = 10; - uint8_t buf[COMMAND_BUFFER_SIZE]; + u8 buf[COMMAND_BUFFER_SIZE]; if (pack_byte_string(buf, sizeof(buf), "sb", 0, command, sizeof(command), @@ -560,10 +560,9 @@ uint32_t tpm_physical_set_deactivated(uint8_t state) return tpm_sendrecv_command(buf, NULL, NULL); } -uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap, - void *cap, size_t count) +u32 tpm_get_capability(u32 cap_area, u32 sub_cap, void *cap, size_t count) { - const uint8_t command[22] = { + const u8 command[22] = { 0x0, 0xc1, /* TPM_TAG */ 0x0, 0x0, 0x0, 0x16, /* parameter size */ 0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */ @@ -575,10 +574,10 @@ uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap, const size_t sub_cap_offset = 18; const size_t cap_offset = 14; const size_t cap_size_offset = 10; - uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; + u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; size_t response_length = sizeof(response); - uint32_t cap_size; - uint32_t err; + u32 cap_size; + u32 err; if (pack_byte_string(buf, sizeof(buf), "sdd", 0, command, sizeof(command), @@ -600,9 +599,9 @@ uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap, return 0; } -uint32_t tpm_get_permanent_flags(struct tpm_permanent_flags *pflags) +u32 tpm_get_permanent_flags(struct tpm_permanent_flags *pflags) { - const uint8_t command[22] = { + const u8 command[22] = { 0x0, 0xc1, /* TPM_TAG */ 0x0, 0x0, 0x0, 0x16, /* parameter size */ 0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */ @@ -611,11 +610,11 @@ uint32_t tpm_get_permanent_flags(struct tpm_permanent_flags *pflags) 0x0, 0x0, 0x1, 0x8, /* subcap value */ }; const size_t data_size_offset = TPM_HEADER_SIZE; - const size_t data_offset = TPM_HEADER_SIZE + sizeof(uint32_t); - uint8_t response[COMMAND_BUFFER_SIZE]; + const size_t data_offset = TPM_HEADER_SIZE + sizeof(u32); + u8 response[COMMAND_BUFFER_SIZE]; size_t response_length = sizeof(response); - uint32_t err; - uint32_t data_size; + u32 err; + u32 data_size; err = tpm_sendrecv_command(command, response, &response_length); if (err) @@ -632,9 +631,9 @@ uint32_t tpm_get_permanent_flags(struct tpm_permanent_flags *pflags) return 0; } -uint32_t tpm_get_permissions(uint32_t index, uint32_t *perm) +u32 tpm_get_permissions(u32 index, u32 *perm) { - const uint8_t command[22] = { + const u8 command[22] = { 0x0, 0xc1, /* TPM_TAG */ 0x0, 0x0, 0x0, 0x16, /* parameter size */ 0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */ @@ -643,9 +642,9 @@ uint32_t tpm_get_permissions(uint32_t index, uint32_t *perm) }; const size_t index_offset = 18; const size_t perm_offset = 60; - uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; + u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; size_t response_length = sizeof(response); - uint32_t err; + u32 err; if (pack_byte_string(buf, sizeof(buf), "d", 0, command, sizeof(command), index_offset, index)) @@ -661,9 +660,9 @@ uint32_t tpm_get_permissions(uint32_t index, uint32_t *perm) } #ifdef CONFIG_TPM_FLUSH_RESOURCES -uint32_t tpm_flush_specific(uint32_t key_handle, uint32_t resource_type) +u32 tpm_flush_specific(u32 key_handle, u32 resource_type) { - const uint8_t command[18] = { + const u8 command[18] = { 0x00, 0xc1, /* TPM_TAG */ 0x00, 0x00, 0x00, 0x12, /* parameter size */ 0x00, 0x00, 0x00, 0xba, /* TPM_COMMAND_CODE */ @@ -672,9 +671,9 @@ uint32_t tpm_flush_specific(uint32_t key_handle, uint32_t resource_type) }; const size_t key_handle_offset = 10; const size_t resource_type_offset = 14; - uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; + u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; size_t response_length = sizeof(response); - uint32_t err; + u32 err; if (pack_byte_string(buf, sizeof(buf), "sdd", 0, command, sizeof(command), @@ -703,12 +702,12 @@ uint32_t tpm_flush_specific(uint32_t key_handle, uint32_t resource_type) * @param request_auth pointer to the auth block of the request to be filled * @param auth authentication data (HMAC key) */ -static uint32_t create_request_auth(const void *request, size_t request_len0, - size_t handles_len, - struct session_data *auth_session, - void *request_auth, const void *auth) +static u32 create_request_auth(const void *request, size_t request_len0, + size_t handles_len, + struct session_data *auth_session, + void *request_auth, const void *auth) { - uint8_t hmac_data[DIGEST_LENGTH * 3 + 1]; + u8 hmac_data[DIGEST_LENGTH * 3 + 1]; sha1_context hash_ctx; const size_t command_code_offset = 6; const size_t auth_nonce_odd_offset = 4; @@ -766,19 +765,18 @@ static uint32_t create_request_auth(const void *request, size_t request_len0, * @param response_auth pointer to the auth block of the response to be verified * @param auth authentication data (HMAC key) */ -static uint32_t verify_response_auth(uint32_t command_code, - const void *response, size_t response_len0, - size_t handles_len, - struct session_data *auth_session, - const void *response_auth, const void *auth) +static u32 verify_response_auth(u32 command_code, const void *response, + size_t response_len0, size_t handles_len, + struct session_data *auth_session, + const void *response_auth, const void *auth) { - uint8_t hmac_data[DIGEST_LENGTH * 3 + 1]; - uint8_t computed_auth[DIGEST_LENGTH]; + u8 hmac_data[DIGEST_LENGTH * 3 + 1]; + u8 computed_auth[DIGEST_LENGTH]; sha1_context hash_ctx; const size_t return_code_offset = 6; const size_t auth_continue_offset = 20; const size_t auth_auth_offset = 21; - uint8_t auth_continue; + u8 auth_continue; if (!auth_session || !auth_session->valid) return TPM_AUTHFAIL; @@ -799,7 +797,7 @@ static uint32_t verify_response_auth(uint32_t command_code, sha1_finish(&hash_ctx, hmac_data); memcpy(auth_session->nonce_even, response_auth, DIGEST_LENGTH); - auth_continue = ((uint8_t *)response_auth)[auth_continue_offset]; + auth_continue = ((u8 *)response_auth)[auth_continue_offset]; if (pack_byte_string(hmac_data, sizeof(hmac_data), "ssb", DIGEST_LENGTH, response_auth, @@ -821,9 +819,9 @@ static uint32_t verify_response_auth(uint32_t command_code, return TPM_SUCCESS; } -uint32_t tpm_terminate_auth_session(uint32_t auth_handle) +u32 tpm_terminate_auth_session(u32 auth_handle) { - const uint8_t command[18] = { + const u8 command[18] = { 0x00, 0xc1, /* TPM_TAG */ 0x00, 0x00, 0x00, 0x00, /* parameter size */ 0x00, 0x00, 0x00, 0xba, /* TPM_COMMAND_CODE */ @@ -831,7 +829,7 @@ uint32_t tpm_terminate_auth_session(uint32_t auth_handle) 0x00, 0x00, 0x00, 0x02, /* TPM_RESSOURCE_TYPE */ }; const size_t req_handle_offset = TPM_REQUEST_HEADER_LENGTH; - uint8_t request[COMMAND_BUFFER_SIZE]; + u8 request[COMMAND_BUFFER_SIZE]; if (pack_byte_string(request, sizeof(request), "sd", 0, command, sizeof(command), @@ -843,26 +841,26 @@ uint32_t tpm_terminate_auth_session(uint32_t auth_handle) return tpm_sendrecv_command(request, NULL, NULL); } -uint32_t tpm_end_oiap(void) +u32 tpm_end_oiap(void) { - uint32_t err = TPM_SUCCESS; + u32 err = TPM_SUCCESS; if (oiap_session.valid) err = tpm_terminate_auth_session(oiap_session.handle); return err; } -uint32_t tpm_oiap(uint32_t *auth_handle) +u32 tpm_oiap(u32 *auth_handle) { - const uint8_t command[10] = { + const u8 command[10] = { 0x00, 0xc1, /* TPM_TAG */ 0x00, 0x00, 0x00, 0x0a, /* parameter size */ 0x00, 0x00, 0x00, 0x0a, /* TPM_COMMAND_CODE */ }; const size_t res_auth_handle_offset = TPM_RESPONSE_HEADER_LENGTH; const size_t res_nonce_even_offset = TPM_RESPONSE_HEADER_LENGTH + 4; - uint8_t response[COMMAND_BUFFER_SIZE]; + u8 response[COMMAND_BUFFER_SIZE]; size_t response_length = sizeof(response); - uint32_t err; + u32 err; if (oiap_session.valid) tpm_terminate_auth_session(oiap_session.handle); @@ -873,7 +871,7 @@ uint32_t tpm_oiap(uint32_t *auth_handle) if (unpack_byte_string(response, response_length, "ds", res_auth_handle_offset, &oiap_session.handle, res_nonce_even_offset, &oiap_session.nonce_even, - (uint32_t)DIGEST_LENGTH)) + (u32)DIGEST_LENGTH)) return TPM_LIB_ERROR; oiap_session.valid = 1; if (auth_handle) @@ -881,12 +879,10 @@ uint32_t tpm_oiap(uint32_t *auth_handle) return 0; } -uint32_t tpm_load_key2_oiap(uint32_t parent_handle, - const void *key, size_t key_length, - const void *parent_key_usage_auth, - uint32_t *key_handle) +u32 tpm_load_key2_oiap(u32 parent_handle, const void *key, size_t key_length, + const void *parent_key_usage_auth, u32 *key_handle) { - const uint8_t command[14] = { + const u8 command[14] = { 0x00, 0xc2, /* TPM_TAG */ 0x00, 0x00, 0x00, 0x00, /* parameter size */ 0x00, 0x00, 0x00, 0x41, /* TPM_COMMAND_CODE */ @@ -896,11 +892,11 @@ uint32_t tpm_load_key2_oiap(uint32_t parent_handle, const size_t req_parent_handle_offset = TPM_REQUEST_HEADER_LENGTH; const size_t req_key_offset = TPM_REQUEST_HEADER_LENGTH + 4; const size_t res_handle_offset = TPM_RESPONSE_HEADER_LENGTH; - uint8_t request[sizeof(command) + TPM_KEY12_MAX_LENGTH - + TPM_REQUEST_AUTH_LENGTH]; - uint8_t response[COMMAND_BUFFER_SIZE]; + u8 request[sizeof(command) + TPM_KEY12_MAX_LENGTH + + TPM_REQUEST_AUTH_LENGTH]; + u8 response[COMMAND_BUFFER_SIZE]; size_t response_length = sizeof(response); - uint32_t err; + u32 err; if (!oiap_session.valid) { err = tpm_oiap(NULL); @@ -947,10 +943,10 @@ uint32_t tpm_load_key2_oiap(uint32_t parent_handle, return 0; } -uint32_t tpm_get_pub_key_oiap(uint32_t key_handle, const void *usage_auth, - void *pubkey, size_t *pubkey_len) +u32 tpm_get_pub_key_oiap(u32 key_handle, const void *usage_auth, void *pubkey, + size_t *pubkey_len) { - const uint8_t command[14] = { + const u8 command[14] = { 0x00, 0xc2, /* TPM_TAG */ 0x00, 0x00, 0x00, 0x00, /* parameter size */ 0x00, 0x00, 0x00, 0x21, /* TPM_COMMAND_CODE */ @@ -959,11 +955,11 @@ uint32_t tpm_get_pub_key_oiap(uint32_t key_handle, const void *usage_auth, const size_t req_size_offset = 2; const size_t req_key_handle_offset = TPM_REQUEST_HEADER_LENGTH; const size_t res_pubkey_offset = TPM_RESPONSE_HEADER_LENGTH; - uint8_t request[sizeof(command) + TPM_REQUEST_AUTH_LENGTH]; - uint8_t response[TPM_RESPONSE_HEADER_LENGTH + TPM_PUBKEY_MAX_LENGTH - + TPM_RESPONSE_AUTH_LENGTH]; + u8 request[sizeof(command) + TPM_REQUEST_AUTH_LENGTH]; + u8 response[TPM_RESPONSE_HEADER_LENGTH + TPM_PUBKEY_MAX_LENGTH + + TPM_RESPONSE_AUTH_LENGTH]; size_t response_length = sizeof(response); - uint32_t err; + u32 err; if (!oiap_session.valid) { err = tpm_oiap(NULL); @@ -973,7 +969,7 @@ uint32_t tpm_get_pub_key_oiap(uint32_t key_handle, const void *usage_auth, if (pack_byte_string(request, sizeof(request), "sdd", 0, command, sizeof(command), req_size_offset, - (uint32_t)(sizeof(command) + (u32)(sizeof(command) + TPM_REQUEST_AUTH_LENGTH), req_key_handle_offset, key_handle )) @@ -1011,15 +1007,15 @@ uint32_t tpm_get_pub_key_oiap(uint32_t key_handle, const void *usage_auth, } #ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1 -uint32_t tpm_find_key_sha1(const uint8_t auth[20], const uint8_t - pubkey_digest[20], uint32_t *handle) +u32 tpm_find_key_sha1(const u8 auth[20], const u8 pubkey_digest[20], + u32 *handle) { - uint16_t key_count; - uint32_t key_handles[10]; - uint8_t buf[288]; - uint8_t *ptr; - uint32_t err; - uint8_t digest[20]; + u16 key_count; + u32 key_handles[10]; + u8 buf[288]; + u8 *ptr; + u32 err; + u8 digest[20]; size_t buf_len; unsigned int i; @@ -1052,9 +1048,9 @@ uint32_t tpm_find_key_sha1(const uint8_t auth[20], const uint8_t #endif /* CONFIG_TPM_AUTH_SESSIONS */ -uint32_t tpm_get_random(void *data, uint32_t count) +u32 tpm_get_random(void *data, u32 count) { - const uint8_t command[14] = { + const u8 command[14] = { 0x0, 0xc1, /* TPM_TAG */ 0x0, 0x0, 0x0, 0xe, /* parameter size */ 0x0, 0x0, 0x0, 0x46, /* TPM_COMMAND_CODE */ @@ -1062,15 +1058,15 @@ uint32_t tpm_get_random(void *data, uint32_t count) const size_t length_offset = 10; const size_t data_size_offset = 10; const size_t data_offset = 14; - uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; + u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; size_t response_length = sizeof(response); - uint32_t data_size; - uint8_t *out = data; + u32 data_size; + u8 *out = data; while (count > 0) { - uint32_t this_bytes = min((size_t)count, - sizeof(response) - data_offset); - uint32_t err; + u32 this_bytes = min((size_t)count, + sizeof(response) - data_offset); + u32 err; if (pack_byte_string(buf, sizeof(buf), "sd", 0, command, sizeof(command), From patchwork Tue May 15 09:57:00 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913529 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lY2r5tv8z9s0q for ; Tue, 15 May 2018 20:00:04 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 7DBDDC21DFB; Tue, 15 May 2018 09:59:06 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id B9FDDC21EB4; Tue, 15 May 2018 09:57:38 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 8C6F9C21D83; Tue, 15 May 2018 09:57:34 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id E76F9C21C51 for ; Tue, 15 May 2018 09:57:33 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id AF9CD208BC; Tue, 15 May 2018 11:57:32 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 6807D20750; Tue, 15 May 2018 11:57:32 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:00 +0200 Message-Id: <20180515095728.16572-5-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 04/32] tpm: align arguments with open parenthesis X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Fix following checkpatch.pl issue in TPM-related code: CHECK: Alignment should match open parenthesis Signed-off-by: Miquel Raynal Reviewed-by: Tom Rini Reviewed-by: Simon Glass --- cmd/tpm.c | 120 ++++++++++++++++++++++++++++++-------------------------------- lib/tpm.c | 100 ++++++++++++++++++++++++++------------------------- 2 files changed, 110 insertions(+), 110 deletions(-) diff --git a/cmd/tpm.c b/cmd/tpm.c index 4109ace362..a7ea1c9012 100644 --- a/cmd/tpm.c +++ b/cmd/tpm.c @@ -238,8 +238,8 @@ static int type_string_write_vars(const char *type_str, u8 *data, return 0; } -static int do_tpm_startup(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_startup(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { enum tpm_startup_type mode; @@ -259,8 +259,8 @@ static int do_tpm_startup(cmd_tbl_t *cmdtp, int flag, return report_return_code(tpm_startup(mode)); } -static int do_tpm_nv_define_space(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_nv_define_space(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { u32 index, perm, size; @@ -273,8 +273,8 @@ static int do_tpm_nv_define_space(cmd_tbl_t *cmdtp, int flag, return report_return_code(tpm_nv_define_space(index, perm, size)); } -static int do_tpm_nv_read_value(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_nv_read_value(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { u32 index, count, rc; void *data; @@ -294,8 +294,8 @@ static int do_tpm_nv_read_value(cmd_tbl_t *cmdtp, int flag, return report_return_code(rc); } -static int do_tpm_nv_write_value(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_nv_write_value(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { u32 index, rc; size_t count; @@ -316,8 +316,8 @@ static int do_tpm_nv_write_value(cmd_tbl_t *cmdtp, int flag, return report_return_code(rc); } -static int do_tpm_extend(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_extend(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { u32 index, rc; u8 in_digest[20], out_digest[20]; @@ -339,8 +339,8 @@ static int do_tpm_extend(cmd_tbl_t *cmdtp, int flag, return report_return_code(rc); } -static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { u32 index, count, rc; void *data; @@ -360,8 +360,8 @@ static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, return report_return_code(rc); } -static int do_tpm_tsc_physical_presence(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_tsc_physical_presence(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { u16 presence; @@ -372,8 +372,8 @@ static int do_tpm_tsc_physical_presence(cmd_tbl_t *cmdtp, int flag, return report_return_code(tpm_tsc_physical_presence(presence)); } -static int do_tpm_read_pubek(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_read_pubek(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { u32 count, rc; void *data; @@ -392,8 +392,8 @@ static int do_tpm_read_pubek(cmd_tbl_t *cmdtp, int flag, return report_return_code(rc); } -static int do_tpm_physical_set_deactivated(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_physical_set_deactivated(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { u8 state; @@ -404,8 +404,8 @@ static int do_tpm_physical_set_deactivated(cmd_tbl_t *cmdtp, int flag, return report_return_code(tpm_physical_set_deactivated(state)); } -static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { u32 cap_area, sub_cap, rc; void *cap; @@ -429,7 +429,7 @@ static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag, #define TPM_COMMAND_NO_ARG(cmd) \ static int do_##cmd(cmd_tbl_t *cmdtp, int flag, \ - int argc, char * const argv[]) \ + int argc, char * const argv[]) \ { \ if (argc != 1) \ return CMD_RET_USAGE; \ @@ -456,8 +456,7 @@ static int get_tpm(struct udevice **devp) return 0; } -static int do_tpm_info(cmd_tbl_t *cmdtp, int flag, int argc, - char *const argv[]) +static int do_tpm_info(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[]) { struct udevice *dev; char buf[80]; @@ -476,8 +475,8 @@ static int do_tpm_info(cmd_tbl_t *cmdtp, int flag, int argc, return 0; } -static int do_tpm_raw_transfer(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_raw_transfer(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { struct udevice *dev; void *command; @@ -505,8 +504,8 @@ static int do_tpm_raw_transfer(cmd_tbl_t *cmdtp, int flag, return report_return_code(rc); } -static int do_tpm_nv_define(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_nv_define(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { u32 index, perm, size; @@ -523,8 +522,8 @@ static int do_tpm_nv_define(cmd_tbl_t *cmdtp, int flag, return report_return_code(tpm_nv_define_space(index, perm, size)); } -static int do_tpm_nv_read(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_nv_read(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { u32 index, count, err; void *data; @@ -552,8 +551,8 @@ static int do_tpm_nv_read(cmd_tbl_t *cmdtp, int flag, return report_return_code(err); } -static int do_tpm_nv_write(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_nv_write(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { u32 index, count, err; void *data; @@ -582,8 +581,8 @@ static int do_tpm_nv_write(cmd_tbl_t *cmdtp, int flag, #ifdef CONFIG_TPM_AUTH_SESSIONS -static int do_tpm_oiap(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_oiap(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { u32 auth_handle, err; @@ -631,8 +630,8 @@ static int do_tpm_load_key_by_sha1(cmd_tbl_t *cmdtp, int flag, int argc, char * } #endif /* CONFIG_TPM_LOAD_KEY_BY_SHA1 */ -static int do_tpm_load_key2_oiap(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_load_key2_oiap(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { u32 parent_handle, key_len, key_handle, err; u8 usage_auth[DIGEST_LENGTH]; @@ -649,15 +648,15 @@ static int do_tpm_load_key2_oiap(cmd_tbl_t *cmdtp, int flag, parse_byte_string(argv[4], usage_auth, NULL); err = tpm_load_key2_oiap(parent_handle, key, key_len, usage_auth, - &key_handle); + &key_handle); if (!err) printf("Key handle is 0x%x\n", key_handle); return report_return_code(err); } -static int do_tpm_get_pub_key_oiap(cmd_tbl_t *cmdtp, int flag, - int argc, char * const argv[]) +static int do_tpm_get_pub_key_oiap(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) { u32 key_handle, err; u8 usage_auth[DIGEST_LENGTH]; @@ -672,8 +671,8 @@ static int do_tpm_get_pub_key_oiap(cmd_tbl_t *cmdtp, int flag, return CMD_RET_FAILURE; parse_byte_string(argv[2], usage_auth, NULL); - err = tpm_get_pub_key_oiap(key_handle, usage_auth, - pub_key_buffer, &pub_key_len); + err = tpm_get_pub_key_oiap(key_handle, usage_auth, pub_key_buffer, + &pub_key_len); if (!err) { printf("dump of received pub key structure:\n"); print_byte_string(pub_key_buffer, pub_key_len); @@ -819,46 +818,45 @@ static int do_tpm_list(cmd_tbl_t *cmdtp, int flag, int argc, static cmd_tbl_t tpm_commands[] = { U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), - U_BOOT_CMD_MKENT(init, 0, 1, - do_tpm_init, "", ""), + U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), U_BOOT_CMD_MKENT(startup, 0, 1, - do_tpm_startup, "", ""), + do_tpm_startup, "", ""), U_BOOT_CMD_MKENT(self_test_full, 0, 1, - do_tpm_self_test_full, "", ""), + do_tpm_self_test_full, "", ""), U_BOOT_CMD_MKENT(continue_self_test, 0, 1, - do_tpm_continue_self_test, "", ""), + do_tpm_continue_self_test, "", ""), U_BOOT_CMD_MKENT(force_clear, 0, 1, - do_tpm_force_clear, "", ""), + do_tpm_force_clear, "", ""), U_BOOT_CMD_MKENT(physical_enable, 0, 1, - do_tpm_physical_enable, "", ""), + do_tpm_physical_enable, "", ""), U_BOOT_CMD_MKENT(physical_disable, 0, 1, - do_tpm_physical_disable, "", ""), + do_tpm_physical_disable, "", ""), U_BOOT_CMD_MKENT(nv_define_space, 0, 1, - do_tpm_nv_define_space, "", ""), + do_tpm_nv_define_space, "", ""), U_BOOT_CMD_MKENT(nv_read_value, 0, 1, - do_tpm_nv_read_value, "", ""), + do_tpm_nv_read_value, "", ""), U_BOOT_CMD_MKENT(nv_write_value, 0, 1, - do_tpm_nv_write_value, "", ""), + do_tpm_nv_write_value, "", ""), U_BOOT_CMD_MKENT(extend, 0, 1, - do_tpm_extend, "", ""), + do_tpm_extend, "", ""), U_BOOT_CMD_MKENT(pcr_read, 0, 1, - do_tpm_pcr_read, "", ""), + do_tpm_pcr_read, "", ""), U_BOOT_CMD_MKENT(tsc_physical_presence, 0, 1, - do_tpm_tsc_physical_presence, "", ""), + do_tpm_tsc_physical_presence, "", ""), U_BOOT_CMD_MKENT(read_pubek, 0, 1, - do_tpm_read_pubek, "", ""), + do_tpm_read_pubek, "", ""), U_BOOT_CMD_MKENT(physical_set_deactivated, 0, 1, - do_tpm_physical_set_deactivated, "", ""), + do_tpm_physical_set_deactivated, "", ""), U_BOOT_CMD_MKENT(get_capability, 0, 1, - do_tpm_get_capability, "", ""), + do_tpm_get_capability, "", ""), U_BOOT_CMD_MKENT(raw_transfer, 0, 1, - do_tpm_raw_transfer, "", ""), + do_tpm_raw_transfer, "", ""), U_BOOT_CMD_MKENT(nv_define, 0, 1, - do_tpm_nv_define, "", ""), + do_tpm_nv_define, "", ""), U_BOOT_CMD_MKENT(nv_read, 0, 1, - do_tpm_nv_read, "", ""), + do_tpm_nv_read, "", ""), U_BOOT_CMD_MKENT(nv_write, 0, 1, - do_tpm_nv_write, "", ""), + do_tpm_nv_write, "", ""), #ifdef CONFIG_TPM_AUTH_SESSIONS U_BOOT_CMD_MKENT(oiap, 0, 1, do_tpm_oiap, "", ""), diff --git a/lib/tpm.c b/lib/tpm.c index 1c4ce2e71d..0c57910f53 100644 --- a/lib/tpm.c +++ b/lib/tpm.c @@ -281,8 +281,8 @@ u32 tpm_startup(enum tpm_startup_type mode) u8 buf[COMMAND_BUFFER_SIZE]; if (pack_byte_string(buf, sizeof(buf), "sw", - 0, command, sizeof(command), - mode_offset, mode)) + 0, command, sizeof(command), + mode_offset, mode)) return TPM_LIB_ERROR; return tpm_sendrecv_command(buf, NULL, NULL); @@ -338,10 +338,10 @@ u32 tpm_nv_define_space(u32 index, u32 perm, u32 size) u8 buf[COMMAND_BUFFER_SIZE]; if (pack_byte_string(buf, sizeof(buf), "sddd", - 0, command, sizeof(command), - index_offset, index, - perm_offset, perm, - size_offset, size)) + 0, command, sizeof(command), + index_offset, index, + perm_offset, perm, + size_offset, size)) return TPM_LIB_ERROR; return tpm_sendrecv_command(buf, NULL, NULL); @@ -362,20 +362,20 @@ u32 tpm_nv_read_value(u32 index, void *data, u32 count) u32 err; if (pack_byte_string(buf, sizeof(buf), "sdd", - 0, command, sizeof(command), - index_offset, index, - length_offset, count)) + 0, command, sizeof(command), + index_offset, index, + length_offset, count)) return TPM_LIB_ERROR; err = tpm_sendrecv_command(buf, response, &response_length); if (err) return err; if (unpack_byte_string(response, response_length, "d", - data_size_offset, &data_size)) + data_size_offset, &data_size)) return TPM_LIB_ERROR; if (data_size > count) return TPM_LIB_ERROR; if (unpack_byte_string(response, response_length, "s", - data_offset, data, data_size)) + data_offset, data, data_size)) return TPM_LIB_ERROR; return 0; @@ -398,11 +398,11 @@ u32 tpm_nv_write_value(u32 index, const void *data, u32 length) u32 err; if (pack_byte_string(buf, sizeof(buf), "sddds", - 0, command, sizeof(command), - command_size_offset, total_length, - index_offset, index, - length_offset, length, - data_offset, data, length)) + 0, command, sizeof(command), + command_size_offset, total_length, + index_offset, index, + length_offset, length, + data_offset, data, length)) return TPM_LIB_ERROR; err = tpm_sendrecv_command(buf, response, &response_length); if (err) @@ -425,18 +425,18 @@ u32 tpm_extend(u32 index, const void *in_digest, void *out_digest) u32 err; if (pack_byte_string(buf, sizeof(buf), "sds", - 0, command, sizeof(command), - index_offset, index, - in_digest_offset, in_digest, - PCR_DIGEST_LENGTH)) + 0, command, sizeof(command), + index_offset, index, + in_digest_offset, in_digest, + PCR_DIGEST_LENGTH)) return TPM_LIB_ERROR; err = tpm_sendrecv_command(buf, response, &response_length); if (err) return err; if (unpack_byte_string(response, response_length, "s", - out_digest_offset, out_digest, - PCR_DIGEST_LENGTH)) + out_digest_offset, out_digest, + PCR_DIGEST_LENGTH)) return TPM_LIB_ERROR; return 0; @@ -457,14 +457,14 @@ u32 tpm_pcr_read(u32 index, void *data, size_t count) return TPM_LIB_ERROR; if (pack_byte_string(buf, sizeof(buf), "sd", - 0, command, sizeof(command), - index_offset, index)) + 0, command, sizeof(command), + index_offset, index)) return TPM_LIB_ERROR; err = tpm_sendrecv_command(buf, response, &response_length); if (err) return err; if (unpack_byte_string(response, response_length, "s", - out_digest_offset, data, PCR_DIGEST_LENGTH)) + out_digest_offset, data, PCR_DIGEST_LENGTH)) return TPM_LIB_ERROR; return 0; @@ -479,8 +479,8 @@ u32 tpm_tsc_physical_presence(u16 presence) u8 buf[COMMAND_BUFFER_SIZE]; if (pack_byte_string(buf, sizeof(buf), "sw", - 0, command, sizeof(command), - presence_offset, presence)) + 0, command, sizeof(command), + presence_offset, presence)) return TPM_LIB_ERROR; return tpm_sendrecv_command(buf, NULL, NULL); @@ -503,7 +503,7 @@ u32 tpm_read_pubek(void *data, size_t count) if (err) return err; if (unpack_byte_string(response, response_length, "d", - response_size_offset, &data_size)) + response_size_offset, &data_size)) return TPM_LIB_ERROR; if (data_size < header_and_checksum_size) return TPM_LIB_ERROR; @@ -511,7 +511,7 @@ u32 tpm_read_pubek(void *data, size_t count) if (data_size > count) return TPM_LIB_ERROR; if (unpack_byte_string(response, response_length, "s", - data_offset, data, data_size)) + data_offset, data, data_size)) return TPM_LIB_ERROR; return 0; @@ -553,8 +553,8 @@ u32 tpm_physical_set_deactivated(u8 state) u8 buf[COMMAND_BUFFER_SIZE]; if (pack_byte_string(buf, sizeof(buf), "sb", - 0, command, sizeof(command), - state_offset, state)) + 0, command, sizeof(command), + state_offset, state)) return TPM_LIB_ERROR; return tpm_sendrecv_command(buf, NULL, NULL); @@ -580,20 +580,20 @@ u32 tpm_get_capability(u32 cap_area, u32 sub_cap, void *cap, size_t count) u32 err; if (pack_byte_string(buf, sizeof(buf), "sdd", - 0, command, sizeof(command), - cap_area_offset, cap_area, - sub_cap_offset, sub_cap)) + 0, command, sizeof(command), + cap_area_offset, cap_area, + sub_cap_offset, sub_cap)) return TPM_LIB_ERROR; err = tpm_sendrecv_command(buf, response, &response_length); if (err) return err; if (unpack_byte_string(response, response_length, "d", - cap_size_offset, &cap_size)) + cap_size_offset, &cap_size)) return TPM_LIB_ERROR; if (cap_size > response_length || cap_size > count) return TPM_LIB_ERROR; if (unpack_byte_string(response, response_length, "s", - cap_offset, cap, cap_size)) + cap_offset, cap, cap_size)) return TPM_LIB_ERROR; return 0; @@ -914,9 +914,9 @@ u32 tpm_load_key2_oiap(u32 parent_handle, const void *key, size_t key_length, return TPM_LIB_ERROR; err = create_request_auth(request, sizeof(command) + key_length, 4, - &oiap_session, - request + sizeof(command) + key_length, - parent_key_usage_auth); + &oiap_session, + request + sizeof(command) + key_length, + parent_key_usage_auth); if (err) return err; err = tpm_sendrecv_command(request, response, &response_length); @@ -927,10 +927,11 @@ u32 tpm_load_key2_oiap(u32 parent_handle, const void *key, size_t key_length, } err = verify_response_auth(0x00000041, response, - response_length - TPM_RESPONSE_AUTH_LENGTH, - 4, &oiap_session, - response + response_length - TPM_RESPONSE_AUTH_LENGTH, - parent_key_usage_auth); + response_length - TPM_RESPONSE_AUTH_LENGTH, + 4, &oiap_session, + response + response_length - + TPM_RESPONSE_AUTH_LENGTH, + parent_key_usage_auth); if (err) return err; @@ -975,7 +976,7 @@ u32 tpm_get_pub_key_oiap(u32 key_handle, const void *usage_auth, void *pubkey, )) return TPM_LIB_ERROR; err = create_request_auth(request, sizeof(command), 4, &oiap_session, - request + sizeof(command), usage_auth); + request + sizeof(command), usage_auth); if (err) return err; err = tpm_sendrecv_command(request, response, &response_length); @@ -985,16 +986,17 @@ u32 tpm_get_pub_key_oiap(u32 key_handle, const void *usage_auth, void *pubkey, return err; } err = verify_response_auth(0x00000021, response, - response_length - TPM_RESPONSE_AUTH_LENGTH, - 0, &oiap_session, - response + response_length - TPM_RESPONSE_AUTH_LENGTH, - usage_auth); + response_length - TPM_RESPONSE_AUTH_LENGTH, + 0, &oiap_session, + response + response_length - + TPM_RESPONSE_AUTH_LENGTH, + usage_auth); if (err) return err; if (pubkey) { if ((response_length - TPM_RESPONSE_HEADER_LENGTH - - TPM_RESPONSE_AUTH_LENGTH) > *pubkey_len) + - TPM_RESPONSE_AUTH_LENGTH) > *pubkey_len) return TPM_LIB_ERROR; *pubkey_len = response_length - TPM_RESPONSE_HEADER_LENGTH - TPM_RESPONSE_AUTH_LENGTH; From patchwork Tue May 15 09:57:01 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913533 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lY6S6QlSz9s28 for ; Tue, 15 May 2018 20:03:12 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 6DD69C21DFF; Tue, 15 May 2018 10:02:26 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 23137C21F04; Tue, 15 May 2018 09:57:42 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 24109C21D8E; Tue, 15 May 2018 09:57:34 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 09E00C21C93 for ; Tue, 15 May 2018 09:57:34 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id D2F5120794; Tue, 15 May 2018 11:57:32 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 9998B208BA; Tue, 15 May 2018 11:57:32 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:01 +0200 Message-Id: <20180515095728.16572-6-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 05/32] tpm: use the BIT() macro where applicable X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Fix following checkpatch.pl issue in TPM-related code: CHECK: Prefer using the BIT macro Signed-off-by: Miquel Raynal Reviewed-by: Tom Rini Reviewed-by: Simon Glass --- include/tpm.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/include/tpm.h b/include/tpm.h index 62117f6cc2..241597d879 100644 --- a/include/tpm.h +++ b/include/tpm.h @@ -83,13 +83,13 @@ enum tpm_capability_areas { TPM_CAP_VERSION_VAL = 0x0000001A, }; -#define TPM_NV_PER_GLOBALLOCK (1U << 15) -#define TPM_NV_PER_PPREAD (1U << 16) -#define TPM_NV_PER_PPWRITE (1U << 0) -#define TPM_NV_PER_READ_STCLEAR (1U << 31) -#define TPM_NV_PER_WRITE_STCLEAR (1U << 14) -#define TPM_NV_PER_WRITEDEFINE (1U << 13) -#define TPM_NV_PER_WRITEALL (1U << 12) +#define TPM_NV_PER_GLOBALLOCK BIT(15) +#define TPM_NV_PER_PPREAD BIT(16) +#define TPM_NV_PER_PPWRITE BIT(0) +#define TPM_NV_PER_READ_STCLEAR BIT(31) +#define TPM_NV_PER_WRITE_STCLEAR BIT(14) +#define TPM_NV_PER_WRITEDEFINE BIT(13) +#define TPM_NV_PER_WRITEALL BIT(12) enum { TPM_PUBEK_SIZE = 256, From patchwork Tue May 15 09:57:02 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913530 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lY3f19Tkz9s0q for ; Tue, 15 May 2018 20:00:46 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id DD0DBC21E07; Tue, 15 May 2018 10:00:21 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 92F92C21EEB; Tue, 15 May 2018 09:57:39 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id CE086C21DA2; Tue, 15 May 2018 09:57:34 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 46AD6C21D56 for ; Tue, 15 May 2018 09:57:34 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 0EAAD208BA; Tue, 15 May 2018 11:57:33 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id C67A920720; Tue, 15 May 2018 11:57:32 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:02 +0200 Message-Id: <20180515095728.16572-7-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 06/32] tpm: fix spelling X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Fix following checkpatch.pl issues in TPM-related code: CHECK: '' may be misspelled - perhaps ''? Signed-off-by: Miquel Raynal Reviewed-by: Tom Rini Reviewed-by: Simon Glass --- include/tpm.h | 8 ++++---- lib/tpm.c | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/tpm.h b/include/tpm.h index 241597d879..e1fc2ec252 100644 --- a/include/tpm.h +++ b/include/tpm.h @@ -509,7 +509,7 @@ u32 tpm_tsc_physical_presence(u16 presence); * Issue a TPM_ReadPubek command. * * @param data output buffer for the public endorsement key - * @param count size of ouput buffer + * @param count size of output buffer * @return return code of the operation */ u32 tpm_read_pubek(void *data, size_t count); @@ -551,13 +551,13 @@ u32 tpm_physical_set_deactivated(u8 state); * @param sub_cap further definition of capability, which is * limited to be 4-byte wide * @param cap output buffer for capability information - * @param count size of ouput buffer + * @param count size of output buffer * @return return code of the operation */ u32 tpm_get_capability(u32 cap_area, u32 sub_cap, void *cap, size_t count); /** - * Issue a TPM_FlushSpecific command for a AUTH ressource. + * Issue a TPM_FlushSpecific command for a AUTH resource. * * @param auth_handle handle of the auth session * @return return code of the operation @@ -565,7 +565,7 @@ u32 tpm_get_capability(u32 cap_area, u32 sub_cap, void *cap, size_t count); u32 tpm_terminate_auth_session(u32 auth_handle); /** - * Issue a TPM_OIAP command to setup an object independant authorization + * Issue a TPM_OIAP command to setup an object independent authorization * session. * Information about the session is stored internally. * If there was already an OIAP session active it is terminated and a new diff --git a/lib/tpm.c b/lib/tpm.c index 0c57910f53..cc76a46e78 100644 --- a/lib/tpm.c +++ b/lib/tpm.c @@ -826,7 +826,7 @@ u32 tpm_terminate_auth_session(u32 auth_handle) 0x00, 0x00, 0x00, 0x00, /* parameter size */ 0x00, 0x00, 0x00, 0xba, /* TPM_COMMAND_CODE */ 0x00, 0x00, 0x00, 0x00, /* TPM_HANDLE */ - 0x00, 0x00, 0x00, 0x02, /* TPM_RESSOURCE_TYPE */ + 0x00, 0x00, 0x00, 0x02, /* TPM_RESOURCE_TYPE */ }; const size_t req_handle_offset = TPM_REQUEST_HEADER_LENGTH; u8 request[COMMAND_BUFFER_SIZE]; From patchwork Tue May 15 09:57:03 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913532 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lY5H6lvlz9s0q for ; Tue, 15 May 2018 20:02:11 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 96E3EC21E56; Tue, 15 May 2018 10:02:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 4E8F6C21EEF; Tue, 15 May 2018 09:57:41 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 0AD4AC21DA6; Tue, 15 May 2018 09:57:34 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 6DDE8C21D74 for ; Tue, 15 May 2018 09:57:34 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 38A0A208B2; Tue, 15 May 2018 11:57:33 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id F3D3F20750; Tue, 15 May 2018 11:57:32 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:03 +0200 Message-Id: <20180515095728.16572-8-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 07/32] tpm: add extra blank lines between declarations and code X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Fix following checkpatch.pl issue in TPM-related code: WARNING: Missing a blank line after declarations Signed-off-by: Miquel Raynal Reviewed-by: Tom Rini Reviewed-by: Simon Glass --- lib/tpm.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/tpm.c b/lib/tpm.c index cc76a46e78..e8ebbbe6cd 100644 --- a/lib/tpm.c +++ b/lib/tpm.c @@ -205,6 +205,7 @@ int unpack_byte_string(const u8 *str, size_t size, const char *format, ...) static u32 tpm_command_size(const void *command) { const size_t command_size_offset = 2; + return get_unaligned_be32(command + command_size_offset); } @@ -217,6 +218,7 @@ static u32 tpm_command_size(const void *command) static u32 tpm_return_code(const void *response) { const size_t return_code_offset = 6; + return get_unaligned_be32(response + return_code_offset); } @@ -844,6 +846,7 @@ u32 tpm_terminate_auth_session(u32 auth_handle) u32 tpm_end_oiap(void) { u32 err = TPM_SUCCESS; + if (oiap_session.valid) err = tpm_terminate_auth_session(oiap_session.handle); return err; From patchwork Tue May 15 09:57:04 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913535 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lY7V12LNz9s28 for ; Tue, 15 May 2018 20:04:06 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id CF5FDC21E85; Tue, 15 May 2018 10:02:44 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 1138FC21EC9; Tue, 15 May 2018 09:57:43 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 53D3EC21DDC; Tue, 15 May 2018 09:57:34 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id A0323C21C51 for ; Tue, 15 May 2018 09:57:34 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 67E6E208BB; Tue, 15 May 2018 11:57:33 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 2CF5020720; Tue, 15 May 2018 11:57:33 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:04 +0200 Message-Id: <20180515095728.16572-9-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 08/32] tpm: add Revision ID field in the chip structure X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" TPM are shipped with a few read-only register from which we can retrieve for instance: - vendor ID - product ID - revision ID Product and vendor ID share the same register and are already referenced in the tpm_chip structure. Add the revision ID entry which is missing. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- drivers/tpm/tpm_tis.h | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/tpm/tpm_tis.h b/drivers/tpm/tpm_tis.h index 25b152b321..2b81f3be50 100644 --- a/drivers/tpm/tpm_tis.h +++ b/drivers/tpm/tpm_tis.h @@ -41,6 +41,7 @@ struct tpm_chip { int is_open; int locality; u32 vend_dev; + u8 rid; unsigned long timeout_a, timeout_b, timeout_c, timeout_d; /* msec */ ulong chip_type; }; From patchwork Tue May 15 09:57:05 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913534 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lY7635tfz9s0q for ; Tue, 15 May 2018 20:03:46 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 2B0E1C21F04; Tue, 15 May 2018 10:03:03 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 0A705C21DFF; Tue, 15 May 2018 09:57:44 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id C89CBC21E50; Tue, 15 May 2018 09:57:35 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id D9626C21C57 for ; Tue, 15 May 2018 09:57:34 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id A0CBE208B2; Tue, 15 May 2018 11:57:33 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 59A0120750; Tue, 15 May 2018 11:57:33 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:05 +0200 Message-Id: <20180515095728.16572-10-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 09/32] tpm: prepare introduction of TPMv2.x support in Kconfig X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Because both major revisions are not compatible at all, let's make them mutually exclusive in Kconfig. This way we will be sure, when using a command or a library function that it is supported by the right revision. Current drivers are currently prefixed by "tpm_", we will prefix TPMv2.x files by "tpm2_" to make the distinction without moving everything. The Kconfig menu about TPM drivers is now divided into two sections, one for each specification. Compliant drivers with one specification will only show up if this specification _only_ has been selected, otherwise a comment is displayed. Once a driver is selected by the user, it selects automatically a boolean value, that is needed in order to activate the TPM commands. Selecting the TPM commands will automatically select the right command/library files. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- cmd/Kconfig | 24 +++++++++++++++------ cmd/Makefile | 2 +- drivers/tpm/Kconfig | 62 +++++++++++++++++++++++++++++++++++++++++++---------- lib/Makefile | 2 +- 4 files changed, 71 insertions(+), 19 deletions(-) diff --git a/cmd/Kconfig b/cmd/Kconfig index 136836d146..7c09c94d6d 100644 --- a/cmd/Kconfig +++ b/cmd/Kconfig @@ -1354,25 +1354,37 @@ config HASH_VERIFY help Add -v option to verify data against a hash. +config CMD_TPM_V1 + bool + +config CMD_TPM_V2 + bool + config CMD_TPM bool "Enable the 'tpm' command" - depends on TPM + depends on TPM_DRIVER_SELECTED + select CMD_TPM_V1 if TPM_V1 + select CMD_TPM_V2 if TPM_V2 help This provides a means to talk to a TPM from the command line. A wide range of commands if provided - see 'tpm help' for details. The command requires a suitable TPM on your board and the correct driver must be enabled. +if CMD_TPM + config CMD_TPM_TEST bool "Enable the 'tpm test' command" - depends on CMD_TPM + depends on TPM_V1 help - This provides a a series of tests to confirm that the TPM is working - correctly. The tests cover initialisation, non-volatile RAM, extend, - global lock and checking that timing is within expectations. The - tests pass correctly on Infineon TPMs but may need to be adjusted + This provides a a series of tests to confirm that the TPMv1.x is + working correctly. The tests cover initialisation, non-volatile RAM, + extend, global lock and checking that timing is within expectations. + The tests pass correctly on Infineon TPMs but may need to be adjusted for other devices. +endif + endmenu menu "Firmware commands" diff --git a/cmd/Makefile b/cmd/Makefile index 9a358e4801..bbeeb7e7f7 100644 --- a/cmd/Makefile +++ b/cmd/Makefile @@ -117,7 +117,7 @@ obj-$(CONFIG_CMD_TERMINAL) += terminal.o obj-$(CONFIG_CMD_TIME) += time.o obj-$(CONFIG_CMD_TRACE) += trace.o obj-$(CONFIG_HUSH_PARSER) += test.o -obj-$(CONFIG_CMD_TPM) += tpm.o +obj-$(CONFIG_CMD_TPM_V1) += tpm.o obj-$(CONFIG_CMD_TPM_TEST) += tpm_test.o obj-$(CONFIG_CMD_CROS_EC) += cros_ec.o obj-$(CONFIG_CMD_TSI148) += tsi148.o diff --git a/drivers/tpm/Kconfig b/drivers/tpm/Kconfig index 2a64bc49c3..01967ffd35 100644 --- a/drivers/tpm/Kconfig +++ b/drivers/tpm/Kconfig @@ -4,9 +4,27 @@ menu "TPM support" +comment "Please select only one TPM revision" + depends on TPM_V1 && TPM_V2 + +config TPM_DRIVER_SELECTED + bool + help + A valid TPM driver has been selected. + +config TPM_V1 + bool "TPMv1.x support" + default y + help + Major TPM versions are not compatible at all, choose either + one or the other. This option enables TPMv1.x drivers/commands. + +if TPM_V1 && !TPM_V2 + config TPM_TIS_SANDBOX bool "Enable sandbox TPM driver" - depends on SANDBOX + depends on TPM_V1 && SANDBOX + select TPM_DRIVER_SELECTED help This driver emulates a TPM, providing access to base functions such as reading and writing TPM private data. This is enough to @@ -15,7 +33,8 @@ config TPM_TIS_SANDBOX config TPM_ATMEL_TWI bool "Enable Atmel TWI TPM device driver" - depends on TPM + depends on TPM_V1 + select TPM_DRIVER_SELECTED help This driver supports an Atmel TPM device connected on the I2C bus. The usual tpm operations and the 'tpm' command can be used to talk @@ -24,7 +43,8 @@ config TPM_ATMEL_TWI config TPM_TIS_INFINEON bool "Enable support for Infineon SLB9635/45 TPMs on I2C" - depends on TPM && DM_I2C + depends on TPM_V1 && DM_I2C + select TPM_DRIVER_SELECTED help This driver supports Infineon TPM devices connected on the I2C bus. The usual tpm operations and the 'tpm' command can be used to talk @@ -33,7 +53,7 @@ config TPM_TIS_INFINEON config TPM_TIS_I2C_BURST_LIMITATION bool "Enable I2C burst length limitation" - depends on TPM_TIS_INFINEON + depends on TPM_V1 && TPM_TIS_INFINEON help Some broken TPMs have a limitation on the number of bytes they can receive in one message. Enable this option to allow you to set this @@ -48,7 +68,7 @@ config TPM_TIS_I2C_BURST_LIMITATION_LEN config TPM_TIS_LPC bool "Enable support for Infineon SLB9635/45 TPMs on LPC" - depends on TPM && X86 + depends on TPM_V1 && X86 help This driver supports Infineon TPM devices connected on the LPC bus. The usual tpm operations and the 'tpm' command can be used to talk @@ -57,7 +77,8 @@ config TPM_TIS_LPC config TPM_AUTH_SESSIONS bool "Enable TPM authentication session support" - depends on TPM + depends on TPM_V1 + select TPM_DRIVER_SELECTED help Enable support for authorised (AUTH1) commands as specified in the TCG Main Specification 1.2. OIAP-authorised versions of the commands @@ -66,7 +87,8 @@ config TPM_AUTH_SESSIONS config TPM_ST33ZP24_I2C bool "STMicroelectronics ST33ZP24 I2C TPM" - depends on TPM && DM_I2C + depends on TPM_V1 && DM_I2C + select TPM_DRIVER_SELECTED ---help--- This driver supports STMicroelectronics TPM devices connected on the I2C bus. The usual tpm operations and the 'tpm' command can be used to talk @@ -75,7 +97,8 @@ config TPM_ST33ZP24_I2C config TPM_ST33ZP24_SPI bool "STMicroelectronics ST33ZP24 SPI TPM" - depends on TPM && DM_SPI + depends on TPM_V1 && DM_SPI + select TPM_DRIVER_SELECTED ---help--- This driver supports STMicroelectronics TPM devices connected on the SPI bus. The usual tpm operations and the 'tpm' command can be used to talk @@ -84,14 +107,16 @@ config TPM_ST33ZP24_SPI config TPM_FLUSH_RESOURCES bool "Enable TPM resource flushing support" - depends on TPM + depends on TPM_V1 + select TPM_DRIVER_SELECTED help Enable support to flush specific resources (e.g. keys) from the TPM. The functionality is available via the 'tpm' command as well. config TPM_LOAD_KEY_BY_SHA1 bool "Enable TPM key loading by SHA1 support" - depends on TPM + depends on TPM_V1 + select TPM_DRIVER_SELECTED help Enable support to load keys into the TPM by identifying their parent via the public key's SHA1 hash. @@ -99,8 +124,23 @@ config TPM_LOAD_KEY_BY_SHA1 config TPM_LIST_RESOURCES bool "Enable TPM resource listing support" - depends on TPM + depends on TPM_V1 + select TPM_DRIVER_SELECTED help Enable support to list specific resources (e.g. keys) within the TPM. The functionality is available via the 'tpm' command as well. + +endif # TPM_V1 + +config TPM_V2 + bool "TPMv2.x support" + default n + help + Major TPM versions are not compatible at all, choose either + one or the other. This option enables TPMv2.x drivers/commands. + +if TPM_V2 && !TPM_V1 + +endif # TPM_V2 + endmenu diff --git a/lib/Makefile b/lib/Makefile index 0db41c19f3..9ec4a93043 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -40,7 +40,7 @@ obj-$(CONFIG_PHYSMEM) += physmem.o obj-y += qsort.o obj-y += rc4.o obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o -obj-$(CONFIG_TPM) += tpm.o +obj-$(CONFIG_TPM_V1) += tpm.o obj-$(CONFIG_RBTREE) += rbtree.o obj-$(CONFIG_BITREVERSE) += bitrev.o obj-y += list_sort.o From patchwork Tue May 15 09:57:06 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913536 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lY8w6smlz9ry1 for ; Tue, 15 May 2018 20:05:20 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 5C4E5C21E1B; Tue, 15 May 2018 10:03:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 1335BC21EE5; Tue, 15 May 2018 09:57:47 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 8459FC21EE5; Tue, 15 May 2018 09:57:38 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 1E628C21C51 for ; Tue, 15 May 2018 09:57:35 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id E56AB208BA; Tue, 15 May 2018 11:57:33 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 8A32B20720; Tue, 15 May 2018 11:57:33 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:06 +0200 Message-Id: <20180515095728.16572-11-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 10/32] tpm: disociate TPMv1.x specific and generic code X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" There are no changes in this commit but a new organization of the code as follow. * cmd/ directory: > move existing code from cmd/tpm.c in cmd/tpm-common.c > move specific code in cmd/tpm-v1.c > create a specific header file with generic definitions for commands only called cmd/tpm-user-utils.h * lib/ directory: > move existing code from lib/tpm.c in lib/tpm-common.c > move specific code in lib/tpm-v1.c > create a specific header file with generic definitions for the library itself called lib/tpm-utils.h * include/ directory: > move existing code from include/tpm.h in include/tpm-common.h > move specific code in include/tpm-v1.h Code designated as 'common' is compiled if TPM are used. Code designated as 'specific' is compiled only if the right specification has been selected. All files include tpm-common.h. Files in cmd/ include tpm-user-utils.h. Files in lib/ include tpm-utils.h. Depending on the specification, files may include either (not both) tpm-v1.h or tpm-v2.h. Signed-off-by: Miquel Raynal Reviewed-by: Tom Rini --- cmd/Makefile | 3 +- cmd/tpm-common.c | 289 +++++++++++++++++++++++++++++++++++ cmd/tpm-user-utils.h | 25 +++ cmd/{tpm.c => tpm-v1.c} | 304 ++----------------------------------- cmd/tpm_test.c | 2 +- drivers/tpm/tpm-uclass.c | 4 +- drivers/tpm/tpm_atmel_twi.c | 2 +- drivers/tpm/tpm_tis_infineon.c | 2 +- drivers/tpm/tpm_tis_lpc.c | 2 +- drivers/tpm/tpm_tis_sandbox.c | 2 +- drivers/tpm/tpm_tis_st33zp24_i2c.c | 2 +- drivers/tpm/tpm_tis_st33zp24_spi.c | 2 +- include/tpm-common.h | 211 +++++++++++++++++++++++++ include/{tpm.h => tpm-v1.h} | 214 ++------------------------ lib/Makefile | 3 +- lib/tpm-common.c | 189 +++++++++++++++++++++++ lib/tpm-utils.h | 96 ++++++++++++ lib/{tpm.c => tpm-v1.c} | 250 +----------------------------- 18 files changed, 855 insertions(+), 747 deletions(-) create mode 100644 cmd/tpm-common.c create mode 100644 cmd/tpm-user-utils.h rename cmd/{tpm.c => tpm-v1.c} (76%) create mode 100644 include/tpm-common.h rename include/{tpm.h => tpm-v1.h} (70%) create mode 100644 lib/tpm-common.c create mode 100644 lib/tpm-utils.h rename lib/{tpm.c => tpm-v1.c} (81%) diff --git a/cmd/Makefile b/cmd/Makefile index bbeeb7e7f7..66732085e8 100644 --- a/cmd/Makefile +++ b/cmd/Makefile @@ -117,7 +117,8 @@ obj-$(CONFIG_CMD_TERMINAL) += terminal.o obj-$(CONFIG_CMD_TIME) += time.o obj-$(CONFIG_CMD_TRACE) += trace.o obj-$(CONFIG_HUSH_PARSER) += test.o -obj-$(CONFIG_CMD_TPM_V1) += tpm.o +obj-$(CONFIG_CMD_TPM) += tpm-common.o +obj-$(CONFIG_CMD_TPM_V1) += tpm-v1.o obj-$(CONFIG_CMD_TPM_TEST) += tpm_test.o obj-$(CONFIG_CMD_CROS_EC) += cros_ec.o obj-$(CONFIG_CMD_TSI148) += tsi148.o diff --git a/cmd/tpm-common.c b/cmd/tpm-common.c new file mode 100644 index 0000000000..235bdf39da --- /dev/null +++ b/cmd/tpm-common.c @@ -0,0 +1,289 @@ +/* + * Copyright (c) 2013 The Chromium OS Authors. + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include +#include +#include +#include +#include +#include "tpm-user-utils.h" + +/** + * Print a byte string in hexdecimal format, 16-bytes per line. + * + * @param data byte string to be printed + * @param count number of bytes to be printed + */ +void print_byte_string(u8 *data, size_t count) +{ + int i, print_newline = 0; + + for (i = 0; i < count; i++) { + printf(" %02x", data[i]); + print_newline = (i % 16 == 15); + if (print_newline) + putc('\n'); + } + /* Avoid duplicated newline at the end */ + if (!print_newline) + putc('\n'); +} + +/** + * Convert a text string of hexdecimal values into a byte string. + * + * @param bytes text string of hexdecimal values with no space + * between them + * @param data output buffer for byte string. The caller has to make + * sure it is large enough for storing the output. If + * NULL is passed, a large enough buffer will be allocated, + * and the caller must free it. + * @param count_ptr output variable for the length of byte string + * @return pointer to output buffer + */ +void *parse_byte_string(char *bytes, u8 *data, size_t *count_ptr) +{ + char byte[3]; + size_t count, length; + int i; + + if (!bytes) + return NULL; + length = strlen(bytes); + count = length / 2; + + if (!data) + data = malloc(count); + if (!data) + return NULL; + + byte[2] = '\0'; + for (i = 0; i < length; i += 2) { + byte[0] = bytes[i]; + byte[1] = bytes[i + 1]; + data[i / 2] = (u8)simple_strtoul(byte, NULL, 16); + } + + if (count_ptr) + *count_ptr = count; + + return data; +} + +/** + * report_return_code() - Report any error and return failure or success + * + * @param return_code TPM command return code + * @return value of enum command_ret_t + */ +int report_return_code(int return_code) +{ + if (return_code) { + printf("Error: %d\n", return_code); + return CMD_RET_FAILURE; + } else { + return CMD_RET_SUCCESS; + } +} + +/** + * Return number of values defined by a type string. + * + * @param type_str type string + * @return number of values of type string + */ +int type_string_get_num_values(const char *type_str) +{ + return strlen(type_str); +} + +/** + * Return total size of values defined by a type string. + * + * @param type_str type string + * @return total size of values of type string, or 0 if type string + * contains illegal type character. + */ +size_t type_string_get_space_size(const char *type_str) +{ + size_t size; + + for (size = 0; *type_str; type_str++) { + switch (*type_str) { + case 'b': + size += 1; + break; + case 'w': + size += 2; + break; + case 'd': + size += 4; + break; + default: + return 0; + } + } + + return size; +} + +/** + * Allocate a buffer large enough to hold values defined by a type + * string. The caller has to free the buffer. + * + * @param type_str type string + * @param count pointer for storing size of buffer + * @return pointer to buffer or NULL on error + */ +void *type_string_alloc(const char *type_str, u32 *count) +{ + void *data; + size_t size; + + size = type_string_get_space_size(type_str); + if (!size) + return NULL; + data = malloc(size); + if (data) + *count = size; + + return data; +} + +/** + * Pack values defined by a type string into a buffer. The buffer must have + * large enough space. + * + * @param type_str type string + * @param values text strings of values to be packed + * @param data output buffer of values + * @return 0 on success, non-0 on error + */ +int type_string_pack(const char *type_str, char * const values[], + u8 *data) +{ + size_t offset; + u32 value; + + for (offset = 0; *type_str; type_str++, values++) { + value = simple_strtoul(values[0], NULL, 0); + switch (*type_str) { + case 'b': + data[offset] = value; + offset += 1; + break; + case 'w': + put_unaligned_be16(value, data + offset); + offset += 2; + break; + case 'd': + put_unaligned_be32(value, data + offset); + offset += 4; + break; + default: + return -1; + } + } + + return 0; +} + +/** + * Read values defined by a type string from a buffer, and write these values + * to environment variables. + * + * @param type_str type string + * @param data input buffer of values + * @param vars names of environment variables + * @return 0 on success, non-0 on error + */ +int type_string_write_vars(const char *type_str, u8 *data, + char * const vars[]) +{ + size_t offset; + u32 value; + + for (offset = 0; *type_str; type_str++, vars++) { + switch (*type_str) { + case 'b': + value = data[offset]; + offset += 1; + break; + case 'w': + value = get_unaligned_be16(data + offset); + offset += 2; + break; + case 'd': + value = get_unaligned_be32(data + offset); + offset += 4; + break; + default: + return -1; + } + if (env_set_ulong(*vars, value)) + return -1; + } + + return 0; +} + +int get_tpm(struct udevice **devp) +{ + int rc; + + rc = uclass_first_device_err(UCLASS_TPM, devp); + if (rc) { + printf("Could not find TPM (ret=%d)\n", rc); + return CMD_RET_FAILURE; + } + + return 0; +} + +int do_tpm_info(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[]) +{ + struct udevice *dev; + char buf[80]; + int rc; + + rc = get_tpm(&dev); + if (rc) + return rc; + rc = tpm_get_desc(dev, buf, sizeof(buf)); + if (rc < 0) { + printf("Couldn't get TPM info (%d)\n", rc); + return CMD_RET_FAILURE; + } + printf("%s\n", buf); + + return 0; +} + +int do_tpm_init(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) +{ + if (argc != 1) + return CMD_RET_USAGE; + + return report_return_code(tpm_init()); +} + +int do_tpm(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) +{ + cmd_tbl_t *tpm_commands, *cmd; + unsigned int size; + + if (argc < 2) + return CMD_RET_USAGE; + + tpm_commands = get_tpm_commands(&size); + + cmd = find_cmd_tbl(argv[1], tpm_commands, size); + if (!cmd) + return CMD_RET_USAGE; + + return cmd->cmd(cmdtp, flag, argc - 1, argv + 1); +} diff --git a/cmd/tpm-user-utils.h b/cmd/tpm-user-utils.h new file mode 100644 index 0000000000..6017090971 --- /dev/null +++ b/cmd/tpm-user-utils.h @@ -0,0 +1,25 @@ +/* + * Copyright (c) 2013 The Chromium OS Authors. + * Coypright (c) 2013 Guntermann & Drunck GmbH + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#ifndef __TPM_USER_UTILS_H +#define __TPM_USER_UTILS_H + +void print_byte_string(u8 *data, size_t count); +void *parse_byte_string(char *bytes, u8 *data, size_t *count_ptr); +int report_return_code(int return_code); +int type_string_get_num_values(const char *type_str); +size_t type_string_get_space_size(const char *type_str); +void *type_string_alloc(const char *type_str, u32 *count); +int type_string_pack(const char *type_str, char * const values[], u8 *data); +int type_string_write_vars(const char *type_str, u8 *data, char * const vars[]); +int get_tpm(struct udevice **devp); + +int do_tpm_init(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[]); +int do_tpm_info(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[]); +int do_tpm(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]); + +#endif /* __TPM_USER_UTILS_H */ diff --git a/cmd/tpm.c b/cmd/tpm-v1.c similarity index 76% rename from cmd/tpm.c rename to cmd/tpm-v1.c index a7ea1c9012..75a2cf2386 100644 --- a/cmd/tpm.c +++ b/cmd/tpm-v1.c @@ -5,238 +5,11 @@ */ #include -#include -#include #include -#include #include -#include - -/* Useful constants */ -enum { - DIGEST_LENGTH = 20, - /* max lengths, valid for RSA keys <= 2048 bits */ - TPM_PUBKEY_MAX_LENGTH = 288, -}; - -/** - * Print a byte string in hexdecimal format, 16-bytes per line. - * - * @param data byte string to be printed - * @param count number of bytes to be printed - */ -static void print_byte_string(u8 *data, size_t count) -{ - int i, print_newline = 0; - - for (i = 0; i < count; i++) { - printf(" %02x", data[i]); - print_newline = (i % 16 == 15); - if (print_newline) - putc('\n'); - } - /* Avoid duplicated newline at the end */ - if (!print_newline) - putc('\n'); -} - -/** - * Convert a text string of hexdecimal values into a byte string. - * - * @param bytes text string of hexdecimal values with no space - * between them - * @param data output buffer for byte string. The caller has to make - * sure it is large enough for storing the output. If - * NULL is passed, a large enough buffer will be allocated, - * and the caller must free it. - * @param count_ptr output variable for the length of byte string - * @return pointer to output buffer - */ -static void *parse_byte_string(char *bytes, u8 *data, size_t *count_ptr) -{ - char byte[3]; - size_t count, length; - int i; - - if (!bytes) - return NULL; - length = strlen(bytes); - count = length / 2; - - if (!data) - data = malloc(count); - if (!data) - return NULL; - - byte[2] = '\0'; - for (i = 0; i < length; i += 2) { - byte[0] = bytes[i]; - byte[1] = bytes[i + 1]; - data[i / 2] = (u8)simple_strtoul(byte, NULL, 16); - } - - if (count_ptr) - *count_ptr = count; - - return data; -} - -/** - * report_return_code() - Report any error and return failure or success - * - * @param return_code TPM command return code - * @return value of enum command_ret_t - */ -static int report_return_code(int return_code) -{ - if (return_code) { - printf("Error: %d\n", return_code); - return CMD_RET_FAILURE; - } else { - return CMD_RET_SUCCESS; - } -} - -/** - * Return number of values defined by a type string. - * - * @param type_str type string - * @return number of values of type string - */ -static int type_string_get_num_values(const char *type_str) -{ - return strlen(type_str); -} - -/** - * Return total size of values defined by a type string. - * - * @param type_str type string - * @return total size of values of type string, or 0 if type string - * contains illegal type character. - */ -static size_t type_string_get_space_size(const char *type_str) -{ - size_t size; - - for (size = 0; *type_str; type_str++) { - switch (*type_str) { - case 'b': - size += 1; - break; - case 'w': - size += 2; - break; - case 'd': - size += 4; - break; - default: - return 0; - } - } - - return size; -} - -/** - * Allocate a buffer large enough to hold values defined by a type - * string. The caller has to free the buffer. - * - * @param type_str type string - * @param count pointer for storing size of buffer - * @return pointer to buffer or NULL on error - */ -static void *type_string_alloc(const char *type_str, u32 *count) -{ - void *data; - size_t size; - - size = type_string_get_space_size(type_str); - if (!size) - return NULL; - data = malloc(size); - if (data) - *count = size; - - return data; -} - -/** - * Pack values defined by a type string into a buffer. The buffer must have - * large enough space. - * - * @param type_str type string - * @param values text strings of values to be packed - * @param data output buffer of values - * @return 0 on success, non-0 on error - */ -static int type_string_pack(const char *type_str, char * const values[], - u8 *data) -{ - size_t offset; - u32 value; - - for (offset = 0; *type_str; type_str++, values++) { - value = simple_strtoul(values[0], NULL, 0); - switch (*type_str) { - case 'b': - data[offset] = value; - offset += 1; - break; - case 'w': - put_unaligned_be16(value, data + offset); - offset += 2; - break; - case 'd': - put_unaligned_be32(value, data + offset); - offset += 4; - break; - default: - return -1; - } - } - - return 0; -} - -/** - * Read values defined by a type string from a buffer, and write these values - * to environment variables. - * - * @param type_str type string - * @param data input buffer of values - * @param vars names of environment variables - * @return 0 on success, non-0 on error - */ -static int type_string_write_vars(const char *type_str, u8 *data, - char * const vars[]) -{ - size_t offset; - u32 value; - - for (offset = 0; *type_str; type_str++, vars++) { - switch (*type_str) { - case 'b': - value = data[offset]; - offset += 1; - break; - case 'w': - value = get_unaligned_be16(data + offset); - offset += 2; - break; - case 'd': - value = get_unaligned_be32(data + offset); - offset += 4; - break; - default: - return -1; - } - if (env_set_ulong(*vars, value)) - return -1; - } - - return 0; -} +#include +#include +#include "tpm-user-utils.h" static int do_tpm_startup(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) @@ -427,54 +200,6 @@ static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag, int argc, return report_return_code(rc); } -#define TPM_COMMAND_NO_ARG(cmd) \ -static int do_##cmd(cmd_tbl_t *cmdtp, int flag, \ - int argc, char * const argv[]) \ -{ \ - if (argc != 1) \ - return CMD_RET_USAGE; \ - return report_return_code(cmd()); \ -} - -TPM_COMMAND_NO_ARG(tpm_init) -TPM_COMMAND_NO_ARG(tpm_self_test_full) -TPM_COMMAND_NO_ARG(tpm_continue_self_test) -TPM_COMMAND_NO_ARG(tpm_force_clear) -TPM_COMMAND_NO_ARG(tpm_physical_enable) -TPM_COMMAND_NO_ARG(tpm_physical_disable) - -static int get_tpm(struct udevice **devp) -{ - int rc; - - rc = uclass_first_device_err(UCLASS_TPM, devp); - if (rc) { - printf("Could not find TPM (ret=%d)\n", rc); - return CMD_RET_FAILURE; - } - - return 0; -} - -static int do_tpm_info(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[]) -{ - struct udevice *dev; - char buf[80]; - int rc; - - rc = get_tpm(&dev); - if (rc) - return rc; - rc = tpm_get_desc(dev, buf, sizeof(buf)); - if (rc < 0) { - printf("Couldn't get TPM info (%d)\n", rc); - return CMD_RET_FAILURE; - } - printf("%s\n", buf); - - return 0; -} - static int do_tpm_raw_transfer(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { @@ -813,10 +538,13 @@ static int do_tpm_list(cmd_tbl_t *cmdtp, int flag, int argc, } #endif /* CONFIG_TPM_LIST_RESOURCES */ -#define MAKE_TPM_CMD_ENTRY(cmd) \ - U_BOOT_CMD_MKENT(cmd, 0, 1, do_tpm_ ## cmd, "", "") +TPM_COMMAND_NO_ARG(tpm_self_test_full) +TPM_COMMAND_NO_ARG(tpm_continue_self_test) +TPM_COMMAND_NO_ARG(tpm_force_clear) +TPM_COMMAND_NO_ARG(tpm_physical_enable) +TPM_COMMAND_NO_ARG(tpm_physical_disable) -static cmd_tbl_t tpm_commands[] = { +static cmd_tbl_t tpm1_commands[] = { U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), U_BOOT_CMD_MKENT(startup, 0, 1, @@ -881,21 +609,15 @@ static cmd_tbl_t tpm_commands[] = { #endif /* CONFIG_TPM_LIST_RESOURCES */ }; -static int do_tpm(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) +cmd_tbl_t *get_tpm_commands(unsigned int *size) { - cmd_tbl_t *tpm_cmd; + *size = ARRAY_SIZE(tpm1_commands); - if (argc < 2) - return CMD_RET_USAGE; - tpm_cmd = find_cmd_tbl(argv[1], tpm_commands, ARRAY_SIZE(tpm_commands)); - if (!tpm_cmd) - return CMD_RET_USAGE; - - return tpm_cmd->cmd(cmdtp, flag, argc - 1, argv + 1); + return tpm1_commands; } U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, -"Issue a TPM command", +"Issue a TPMv1.x command", "cmd args...\n" " - Issue TPM command with arguments .\n" "Admin Startup and State Commands:\n" diff --git a/cmd/tpm_test.c b/cmd/tpm_test.c index 37ad2ff33d..c9d641f0ce 100644 --- a/cmd/tpm_test.c +++ b/cmd/tpm_test.c @@ -7,7 +7,7 @@ #include #include #include -#include +#include /* Prints error and returns on failure */ #define TPM_CHECK(tpm_command) do { \ diff --git a/drivers/tpm/tpm-uclass.c b/drivers/tpm/tpm-uclass.c index b6e1fc5e62..eb0e511c8f 100644 --- a/drivers/tpm/tpm-uclass.c +++ b/drivers/tpm/tpm-uclass.c @@ -7,8 +7,10 @@ #include #include -#include #include +#if defined(CONFIG_TPM_V1) +#include +#endif #include "tpm_internal.h" int tpm_open(struct udevice *dev) diff --git a/drivers/tpm/tpm_atmel_twi.c b/drivers/tpm/tpm_atmel_twi.c index 4fd772dc4f..a6f5a333dd 100644 --- a/drivers/tpm/tpm_atmel_twi.c +++ b/drivers/tpm/tpm_atmel_twi.c @@ -8,7 +8,7 @@ #include #include -#include +#include #include #include diff --git a/drivers/tpm/tpm_tis_infineon.c b/drivers/tpm/tpm_tis_infineon.c index 41b748e7a2..30170afce0 100644 --- a/drivers/tpm/tpm_tis_infineon.c +++ b/drivers/tpm/tpm_tis_infineon.c @@ -24,7 +24,7 @@ #include #include #include -#include +#include #include #include #include diff --git a/drivers/tpm/tpm_tis_lpc.c b/drivers/tpm/tpm_tis_lpc.c index c00a2d030b..bf955e73f2 100644 --- a/drivers/tpm/tpm_tis_lpc.c +++ b/drivers/tpm/tpm_tis_lpc.c @@ -16,7 +16,7 @@ #include #include #include -#include +#include #include #define PREFIX "lpc_tpm: " diff --git a/drivers/tpm/tpm_tis_sandbox.c b/drivers/tpm/tpm_tis_sandbox.c index e7746dc675..a19c1ba33d 100644 --- a/drivers/tpm/tpm_tis_sandbox.c +++ b/drivers/tpm/tpm_tis_sandbox.c @@ -6,7 +6,7 @@ #include #include -#include +#include #include #include #include diff --git a/drivers/tpm/tpm_tis_st33zp24_i2c.c b/drivers/tpm/tpm_tis_st33zp24_i2c.c index 245218fc07..21c2b56034 100644 --- a/drivers/tpm/tpm_tis_st33zp24_i2c.c +++ b/drivers/tpm/tpm_tis_st33zp24_i2c.c @@ -17,7 +17,7 @@ #include #include #include -#include +#include #include #include #include diff --git a/drivers/tpm/tpm_tis_st33zp24_spi.c b/drivers/tpm/tpm_tis_st33zp24_spi.c index c4c5e05286..07daad7beb 100644 --- a/drivers/tpm/tpm_tis_st33zp24_spi.c +++ b/drivers/tpm/tpm_tis_st33zp24_spi.c @@ -17,7 +17,7 @@ #include #include #include -#include +#include #include #include #include diff --git a/include/tpm-common.h b/include/tpm-common.h new file mode 100644 index 0000000000..ecc7bc067a --- /dev/null +++ b/include/tpm-common.h @@ -0,0 +1,211 @@ +/* + * Copyright (c) 2013 The Chromium OS Authors. + * Coypright (c) 2013 Guntermann & Drunck GmbH + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#ifndef __TPM_COMMON_H +#define __TPM_COMMON_H + +enum tpm_duration { + TPM_SHORT = 0, + TPM_MEDIUM = 1, + TPM_LONG = 2, + TPM_UNDEFINED, + + TPM_DURATION_COUNT, +}; + +/* + * Here is a partial implementation of TPM commands. Please consult TCG Main + * Specification for definitions of TPM commands. + */ + +#define TPM_HEADER_SIZE 10 + +/* Max buffer size supported by our tpm */ +#define TPM_DEV_BUFSIZE 1260 + +/** + * struct tpm_chip_priv - Information about a TPM, stored by the uclass + * + * These values must be set up by the device's probe() method before + * communcation is attempted. If the device has an xfer() method, this is + * not needed. There is no need to set up @buf. + * + * @duration_ms: Length of each duration type in milliseconds + * @retry_time_ms: Time to wait before retrying receive + */ +struct tpm_chip_priv { + uint duration_ms[TPM_DURATION_COUNT]; + uint retry_time_ms; + u8 buf[TPM_DEV_BUFSIZE + sizeof(u8)]; /* Max buffer size + addr */ +}; + +/** + * struct tpm_ops - low-level TPM operations + * + * These are designed to avoid loops and delays in the driver itself. These + * should be handled in the uclass. + * + * In gneral you should implement everything except xfer(). Where you need + * complete control of the transfer, then xfer() can be provided and will + * override the other methods. + * + * This interface is for low-level TPM access. It does not understand the + * concept of localities or the various TPM messages. That interface is + * defined in the functions later on in this file, but they all translate + * to bytes which are sent and received. + */ +struct tpm_ops { + /** + * open() - Request access to locality 0 for the caller + * + * After all commands have been completed the caller should call + * close(). + * + * @dev: Device to close + * @return 0 ok OK, -ve on error + */ + int (*open)(struct udevice *dev); + + /** + * close() - Close the current session + * + * Releasing the locked locality. Returns 0 on success, -ve 1 on + * failure (in case lock removal did not succeed). + * + * @dev: Device to close + * @return 0 ok OK, -ve on error + */ + int (*close)(struct udevice *dev); + + /** + * get_desc() - Get a text description of the TPM + * + * @dev: Device to check + * @buf: Buffer to put the string + * @size: Maximum size of buffer + * @return length of string, or -ENOSPC it no space + */ + int (*get_desc)(struct udevice *dev, char *buf, int size); + + /** + * send() - send data to the TPM + * + * @dev: Device to talk to + * @sendbuf: Buffer of the data to send + * @send_size: Size of the data to send + * + * Returns 0 on success or -ve on failure. + */ + int (*send)(struct udevice *dev, const u8 *sendbuf, size_t send_size); + + /** + * recv() - receive a response from the TPM + * + * @dev: Device to talk to + * @recvbuf: Buffer to save the response to + * @max_size: Maximum number of bytes to receive + * + * Returns number of bytes received on success, -EAGAIN if the TPM + * response is not ready, -EINTR if cancelled, or other -ve value on + * failure. + */ + int (*recv)(struct udevice *dev, u8 *recvbuf, size_t max_size); + + /** + * cleanup() - clean up after an operation in progress + * + * This is called if receiving times out. The TPM may need to abort + * the current transaction if it did not complete, and make itself + * ready for another. + * + * @dev: Device to talk to + */ + int (*cleanup)(struct udevice *dev); + + /** + * xfer() - send data to the TPM and get response + * + * This method is optional. If it exists it is used in preference + * to send(), recv() and cleanup(). It should handle all aspects of + * TPM communication for a single transfer. + * + * @dev: Device to talk to + * @sendbuf: Buffer of the data to send + * @send_size: Size of the data to send + * @recvbuf: Buffer to save the response to + * @recv_size: Pointer to the size of the response buffer + * + * Returns 0 on success (and places the number of response bytes at + * recv_size) or -ve on failure. + */ + int (*xfer)(struct udevice *dev, const u8 *sendbuf, size_t send_size, + u8 *recvbuf, size_t *recv_size); +}; + +#define tpm_get_ops(dev) ((struct tpm_ops *)device_get_ops(dev)) + +#define MAKE_TPM_CMD_ENTRY(cmd) \ + U_BOOT_CMD_MKENT(cmd, 0, 1, do_tpm_ ## cmd, "", "") + +#define TPM_COMMAND_NO_ARG(cmd) \ +int do_##cmd(cmd_tbl_t *cmdtp, int flag, \ + int argc, char * const argv[]) \ +{ \ + if (argc != 1) \ + return CMD_RET_USAGE; \ + return report_return_code(cmd()); \ +} + +/** + * tpm_get_desc() - Get a text description of the TPM + * + * @dev: Device to check + * @buf: Buffer to put the string + * @size: Maximum size of buffer + * @return length of string, or -ENOSPC it no space + */ +int tpm_get_desc(struct udevice *dev, char *buf, int size); + +/** + * tpm_xfer() - send data to the TPM and get response + * + * This first uses the device's send() method to send the bytes. Then it calls + * recv() to get the reply. If recv() returns -EAGAIN then it will delay a + * short time and then call recv() again. + * + * Regardless of whether recv() completes successfully, it will then call + * cleanup() to finish the transaction. + * + * Note that the outgoing data is inspected to determine command type + * (ordinal) and a timeout is used for that command type. + * + * @sendbuf - buffer of the data to send + * @send_size size of the data to send + * @recvbuf - memory to save the response to + * @recv_len - pointer to the size of the response buffer + * + * Returns 0 on success (and places the number of response bytes at + * recv_len) or -ve on failure. + */ +int tpm_xfer(struct udevice *dev, const u8 *sendbuf, size_t send_size, + u8 *recvbuf, size_t *recv_size); + +/** + * Initialize TPM device. It must be called before any TPM commands. + * + * @return 0 on success, non-0 on error. + */ +int tpm_init(void); + +/** + * Retrieve the array containing all the commands. + * + * @return a cmd_tbl_t array. + */ +cmd_tbl_t *get_tpm_commands(unsigned int *size); + +#endif /* __TPM_COMMON_H */ diff --git a/include/tpm.h b/include/tpm-v1.h similarity index 70% rename from include/tpm.h rename to include/tpm-v1.h index e1fc2ec252..9bb322ecbb 100644 --- a/include/tpm.h +++ b/include/tpm-v1.h @@ -5,23 +5,22 @@ * SPDX-License-Identifier: GPL-2.0+ */ -#ifndef __TPM_H -#define __TPM_H +#ifndef __TPM_V1_H +#define __TPM_V1_H -/* - * Here is a partial implementation of TPM commands. Please consult TCG Main - * Specification for definitions of TPM commands. - */ +#include -#define TPM_HEADER_SIZE 10 - -enum tpm_duration { - TPM_SHORT = 0, - TPM_MEDIUM = 1, - TPM_LONG = 2, - TPM_UNDEFINED, - - TPM_DURATION_COUNT, +/* Useful constants */ +enum { + TPM_REQUEST_HEADER_LENGTH = 10, + TPM_RESPONSE_HEADER_LENGTH = 10, + PCR_DIGEST_LENGTH = 20, + DIGEST_LENGTH = 20, + TPM_REQUEST_AUTH_LENGTH = 45, + TPM_RESPONSE_AUTH_LENGTH = 41, + /* some max lengths, valid for RSA keys <= 2048 bits */ + TPM_KEY12_MAX_LENGTH = 618, + TPM_PUBKEY_MAX_LENGTH = 288, }; enum tpm_startup_type { @@ -233,189 +232,6 @@ struct tpm_permanent_flags { u8 disable_full_da_logic_info; } __packed; -/* Max buffer size supported by our tpm */ -#define TPM_DEV_BUFSIZE 1260 - -/** - * struct tpm_chip_priv - Information about a TPM, stored by the uclass - * - * These values must be set up by the device's probe() method before - * communcation is attempted. If the device has an xfer() method, this is - * not needed. There is no need to set up @buf. - * - * @duration_ms: Length of each duration type in milliseconds - * @retry_time_ms: Time to wait before retrying receive - */ -struct tpm_chip_priv { - uint duration_ms[TPM_DURATION_COUNT]; - uint retry_time_ms; - u8 buf[TPM_DEV_BUFSIZE + sizeof(u8)]; /* Max buffer size + addr */ -}; - -/** - * struct tpm_ops - low-level TPM operations - * - * These are designed to avoid loops and delays in the driver itself. These - * should be handled in the uclass. - * - * In gneral you should implement everything except xfer(). Where you need - * complete control of the transfer, then xfer() can be provided and will - * override the other methods. - * - * This interface is for low-level TPM access. It does not understand the - * concept of localities or the various TPM messages. That interface is - * defined in the functions later on in this file, but they all translate - * to bytes which are sent and received. - */ -struct tpm_ops { - /** - * open() - Request access to locality 0 for the caller - * - * After all commands have been completed the caller should call - * close(). - * - * @dev: Device to close - * @return 0 ok OK, -ve on error - */ - int (*open)(struct udevice *dev); - - /** - * close() - Close the current session - * - * Releasing the locked locality. Returns 0 on success, -ve 1 on - * failure (in case lock removal did not succeed). - * - * @dev: Device to close - * @return 0 ok OK, -ve on error - */ - int (*close)(struct udevice *dev); - - /** - * get_desc() - Get a text description of the TPM - * - * @dev: Device to check - * @buf: Buffer to put the string - * @size: Maximum size of buffer - * @return length of string, or -ENOSPC it no space - */ - int (*get_desc)(struct udevice *dev, char *buf, int size); - - /** - * send() - send data to the TPM - * - * @dev: Device to talk to - * @sendbuf: Buffer of the data to send - * @send_size: Size of the data to send - * - * Returns 0 on success or -ve on failure. - */ - int (*send)(struct udevice *dev, const u8 *sendbuf, size_t send_size); - - /** - * recv() - receive a response from the TPM - * - * @dev: Device to talk to - * @recvbuf: Buffer to save the response to - * @max_size: Maximum number of bytes to receive - * - * Returns number of bytes received on success, -EAGAIN if the TPM - * response is not ready, -EINTR if cancelled, or other -ve value on - * failure. - */ - int (*recv)(struct udevice *dev, u8 *recvbuf, size_t max_size); - - /** - * cleanup() - clean up after an operation in progress - * - * This is called if receiving times out. The TPM may need to abort - * the current transaction if it did not complete, and make itself - * ready for another. - * - * @dev: Device to talk to - */ - int (*cleanup)(struct udevice *dev); - - /** - * xfer() - send data to the TPM and get response - * - * This method is optional. If it exists it is used in preference - * to send(), recv() and cleanup(). It should handle all aspects of - * TPM communication for a single transfer. - * - * @dev: Device to talk to - * @sendbuf: Buffer of the data to send - * @send_size: Size of the data to send - * @recvbuf: Buffer to save the response to - * @recv_size: Pointer to the size of the response buffer - * - * Returns 0 on success (and places the number of response bytes at - * recv_size) or -ve on failure. - */ - int (*xfer)(struct udevice *dev, const u8 *sendbuf, size_t send_size, - u8 *recvbuf, size_t *recv_size); -}; - -#define tpm_get_ops(dev) ((struct tpm_ops *)device_get_ops(dev)) - -/** - * tpm_open() - Request access to locality 0 for the caller - * - * After all commands have been completed the caller is supposed to - * call tpm_close(). - * - * Returns 0 on success, -ve on failure. - */ -int tpm_open(struct udevice *dev); - -/** - * tpm_close() - Close the current session - * - * Releasing the locked locality. Returns 0 on success, -ve 1 on - * failure (in case lock removal did not succeed). - */ -int tpm_close(struct udevice *dev); - -/** - * tpm_get_desc() - Get a text description of the TPM - * - * @dev: Device to check - * @buf: Buffer to put the string - * @size: Maximum size of buffer - * @return length of string, or -ENOSPC it no space - */ -int tpm_get_desc(struct udevice *dev, char *buf, int size); - -/** - * tpm_xfer() - send data to the TPM and get response - * - * This first uses the device's send() method to send the bytes. Then it calls - * recv() to get the reply. If recv() returns -EAGAIN then it will delay a - * short time and then call recv() again. - * - * Regardless of whether recv() completes successfully, it will then call - * cleanup() to finish the transaction. - * - * Note that the outgoing data is inspected to determine command type - * (ordinal) and a timeout is used for that command type. - * - * @sendbuf - buffer of the data to send - * @send_size size of the data to send - * @recvbuf - memory to save the response to - * @recv_len - pointer to the size of the response buffer - * - * Returns 0 on success (and places the number of response bytes at - * recv_len) or -ve on failure. - */ -int tpm_xfer(struct udevice *dev, const u8 *sendbuf, size_t send_size, - u8 *recvbuf, size_t *recv_size); - -/** - * Initialize TPM device. It must be called before any TPM commands. - * - * @return 0 on success, non-0 on error. - */ -int tpm_init(void); - /** * Issue a TPM_Startup command. * @@ -662,4 +478,4 @@ u32 tpm_find_key_sha1(const u8 auth[20], const u8 pubkey_digest[20], */ u32 tpm_get_random(void *data, u32 count); -#endif /* __TPM_H */ +#endif /* __TPM_V1_H */ diff --git a/lib/Makefile b/lib/Makefile index 9ec4a93043..2052954841 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -40,7 +40,8 @@ obj-$(CONFIG_PHYSMEM) += physmem.o obj-y += qsort.o obj-y += rc4.o obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o -obj-$(CONFIG_TPM_V1) += tpm.o +obj-$(CONFIG_TPM) += tpm-common.o +obj-$(CONFIG_TPM_V1) += tpm-v1.o obj-$(CONFIG_RBTREE) += rbtree.o obj-$(CONFIG_BITREVERSE) += bitrev.o obj-y += list_sort.o diff --git a/lib/tpm-common.c b/lib/tpm-common.c new file mode 100644 index 0000000000..0812b73220 --- /dev/null +++ b/lib/tpm-common.c @@ -0,0 +1,189 @@ +/* + * Copyright (c) 2013 The Chromium OS Authors. + * Coypright (c) 2013 Guntermann & Drunck GmbH + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include +#include +#include +#include "tpm-utils.h" + +int pack_byte_string(u8 *str, size_t size, const char *format, ...) +{ + va_list args; + size_t offset = 0, length = 0; + u8 *data = NULL; + u32 value = 0; + + va_start(args, format); + for (; *format; format++) { + switch (*format) { + case 'b': + offset = va_arg(args, size_t); + value = va_arg(args, int); + length = 1; + break; + case 'w': + offset = va_arg(args, size_t); + value = va_arg(args, int); + length = 2; + break; + case 'd': + offset = va_arg(args, size_t); + value = va_arg(args, u32); + length = 4; + break; + case 's': + offset = va_arg(args, size_t); + data = va_arg(args, u8 *); + length = va_arg(args, u32); + break; + default: + debug("Couldn't recognize format string\n"); + va_end(args); + return -1; + } + + if (offset + length > size) { + va_end(args); + return -1; + } + + switch (*format) { + case 'b': + str[offset] = value; + break; + case 'w': + put_unaligned_be16(value, str + offset); + break; + case 'd': + put_unaligned_be32(value, str + offset); + break; + case 's': + memcpy(str + offset, data, length); + break; + } + } + va_end(args); + + return 0; +} + +int unpack_byte_string(const u8 *str, size_t size, const char *format, ...) +{ + va_list args; + size_t offset = 0, length = 0; + u8 *ptr8 = NULL; + u16 *ptr16 = NULL; + u32 *ptr32 = NULL; + + va_start(args, format); + for (; *format; format++) { + switch (*format) { + case 'b': + offset = va_arg(args, size_t); + ptr8 = va_arg(args, u8 *); + length = 1; + break; + case 'w': + offset = va_arg(args, size_t); + ptr16 = va_arg(args, u16 *); + length = 2; + break; + case 'd': + offset = va_arg(args, size_t); + ptr32 = va_arg(args, u32 *); + length = 4; + break; + case 's': + offset = va_arg(args, size_t); + ptr8 = va_arg(args, u8 *); + length = va_arg(args, u32); + break; + default: + va_end(args); + debug("Couldn't recognize format string\n"); + return -1; + } + + if (offset + length > size) { + va_end(args); + return -1; + } + + switch (*format) { + case 'b': + *ptr8 = str[offset]; + break; + case 'w': + *ptr16 = get_unaligned_be16(str + offset); + break; + case 'd': + *ptr32 = get_unaligned_be32(str + offset); + break; + case 's': + memcpy(ptr8, str + offset, length); + break; + } + } + va_end(args); + + return 0; +} + +u32 tpm_command_size(const void *command) +{ + const size_t command_size_offset = 2; + + return get_unaligned_be32(command + command_size_offset); +} + +u32 tpm_return_code(const void *response) +{ + const size_t return_code_offset = 6; + + return get_unaligned_be32(response + return_code_offset); +} + +u32 tpm_sendrecv_command(const void *command, void *response, size_t *size_ptr) +{ + struct udevice *dev; + int err, ret; + u8 response_buffer[COMMAND_BUFFER_SIZE]; + size_t response_length; + + if (response) { + response_length = *size_ptr; + } else { + response = response_buffer; + response_length = sizeof(response_buffer); + } + + ret = uclass_first_device_err(UCLASS_TPM, &dev); + if (ret) + return ret; + err = tpm_xfer(dev, command, tpm_command_size(command), + response, &response_length); + + if (err < 0) + return TPM_LIB_ERROR; + if (size_ptr) + *size_ptr = response_length; + + return tpm_return_code(response); +} + +int tpm_init(void) +{ + struct udevice *dev; + int err; + + err = uclass_first_device_err(UCLASS_TPM, &dev); + if (err) + return err; + + return tpm_open(dev); +} diff --git a/lib/tpm-utils.h b/lib/tpm-utils.h new file mode 100644 index 0000000000..429da46232 --- /dev/null +++ b/lib/tpm-utils.h @@ -0,0 +1,96 @@ +/* + * Copyright (c) 2013 The Chromium OS Authors. + * Coypright (c) 2013 Guntermann & Drunck GmbH + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#ifndef __TPM_UTILS_H +#define __TPM_UTILS_H + +#define COMMAND_BUFFER_SIZE 256 + +/* Internal error of TPM command library */ +#define TPM_LIB_ERROR ((u32)~0u) + +/** + * tpm_open() - Request access to locality 0 for the caller + * + * After all commands have been completed the caller is supposed to + * call tpm_close(). + * + * Returns 0 on success, -ve on failure. + */ +int tpm_open(struct udevice *dev); + +/** + * tpm_close() - Close the current session + * + * Releasing the locked locality. Returns 0 on success, -ve 1 on + * failure (in case lock removal did not succeed). + */ +int tpm_close(struct udevice *dev); + +/** + * Pack data into a byte string. The data types are specified in + * the format string: 'b' means unsigned byte, 'w' unsigned word, + * 'd' unsigned double word, and 's' byte string. The data are a + * series of offsets and values (for type byte string there are also + * lengths). The data values are packed into the byte string + * sequentially, and so a latter value could over-write a former + * value. + * + * @param str output string + * @param size size of output string + * @param format format string + * @param ... data points + * @return 0 on success, non-0 on error + */ +int pack_byte_string(u8 *str, size_t size, const char *format, ...); + +/** + * Unpack data from a byte string. The data types are specified in + * the format string: 'b' means unsigned byte, 'w' unsigned word, + * 'd' unsigned double word, and 's' byte string. The data are a + * series of offsets and pointers (for type byte string there are also + * lengths). + * + * @param str output string + * @param size size of output string + * @param format format string + * @param ... data points + * @return 0 on success, non-0 on error + */ +int unpack_byte_string(const u8 *str, size_t size, const char *format, ...); + +/** + * Get TPM command size. + * + * @param command byte string of TPM command + * @return command size of the TPM command + */ +u32 tpm_command_size(const void *command); + +/** + * Get TPM response return code, which is one of TPM_RESULT values. + * + * @param response byte string of TPM response + * @return return code of the TPM response + */ +u32 tpm_return_code(const void *response); + +/** + * Send a TPM command and return response's return code, and optionally + * return response to caller. + * + * @param command byte string of TPM command + * @param response output buffer for TPM response, or NULL if the + * caller does not care about it + * @param size_ptr output buffer size (input parameter) and TPM + * response length (output parameter); this parameter + * is a bidirectional + * @return return code of the TPM response + */ +u32 tpm_sendrecv_command(const void *command, void *response, size_t *size_ptr); + +#endif /* __TPM_UTILS_H */ diff --git a/lib/tpm.c b/lib/tpm-v1.c similarity index 81% rename from lib/tpm.c rename to lib/tpm-v1.c index e8ebbbe6cd..7893a8bd34 100644 --- a/lib/tpm.c +++ b/lib/tpm-v1.c @@ -7,26 +7,11 @@ #include #include -#include #include #include - -/* Internal error of TPM command library */ -#define TPM_LIB_ERROR ((u32)~0u) - -/* Useful constants */ -enum { - COMMAND_BUFFER_SIZE = 256, - TPM_REQUEST_HEADER_LENGTH = 10, - TPM_RESPONSE_HEADER_LENGTH = 10, - PCR_DIGEST_LENGTH = 20, - DIGEST_LENGTH = 20, - TPM_REQUEST_AUTH_LENGTH = 45, - TPM_RESPONSE_AUTH_LENGTH = 41, - /* some max lengths, valid for RSA keys <= 2048 bits */ - TPM_KEY12_MAX_LENGTH = 618, - TPM_PUBKEY_MAX_LENGTH = 288, -}; +#include +#include +#include "tpm-utils.h" #ifdef CONFIG_TPM_AUTH_SESSIONS @@ -45,235 +30,6 @@ static struct session_data oiap_session = {0, }; #endif /* CONFIG_TPM_AUTH_SESSIONS */ -/** - * Pack data into a byte string. The data types are specified in - * the format string: 'b' means unsigned byte, 'w' unsigned word, - * 'd' unsigned double word, and 's' byte string. The data are a - * series of offsets and values (for type byte string there are also - * lengths). The data values are packed into the byte string - * sequentially, and so a latter value could over-write a former - * value. - * - * @param str output string - * @param size size of output string - * @param format format string - * @param ... data points - * @return 0 on success, non-0 on error - */ -int pack_byte_string(u8 *str, size_t size, const char *format, ...) -{ - va_list args; - size_t offset = 0, length = 0; - u8 *data = NULL; - u32 value = 0; - - va_start(args, format); - for (; *format; format++) { - switch (*format) { - case 'b': - offset = va_arg(args, size_t); - value = va_arg(args, int); - length = 1; - break; - case 'w': - offset = va_arg(args, size_t); - value = va_arg(args, int); - length = 2; - break; - case 'd': - offset = va_arg(args, size_t); - value = va_arg(args, u32); - length = 4; - break; - case 's': - offset = va_arg(args, size_t); - data = va_arg(args, u8 *); - length = va_arg(args, u32); - break; - default: - debug("Couldn't recognize format string\n"); - va_end(args); - return -1; - } - - if (offset + length > size) { - va_end(args); - return -1; - } - - switch (*format) { - case 'b': - str[offset] = value; - break; - case 'w': - put_unaligned_be16(value, str + offset); - break; - case 'd': - put_unaligned_be32(value, str + offset); - break; - case 's': - memcpy(str + offset, data, length); - break; - } - } - va_end(args); - - return 0; -} - -/** - * Unpack data from a byte string. The data types are specified in - * the format string: 'b' means unsigned byte, 'w' unsigned word, - * 'd' unsigned double word, and 's' byte string. The data are a - * series of offsets and pointers (for type byte string there are also - * lengths). - * - * @param str output string - * @param size size of output string - * @param format format string - * @param ... data points - * @return 0 on success, non-0 on error - */ -int unpack_byte_string(const u8 *str, size_t size, const char *format, ...) -{ - va_list args; - size_t offset = 0, length = 0; - u8 *ptr8 = NULL; - u16 *ptr16 = NULL; - u32 *ptr32 = NULL; - - va_start(args, format); - for (; *format; format++) { - switch (*format) { - case 'b': - offset = va_arg(args, size_t); - ptr8 = va_arg(args, u8 *); - length = 1; - break; - case 'w': - offset = va_arg(args, size_t); - ptr16 = va_arg(args, u16 *); - length = 2; - break; - case 'd': - offset = va_arg(args, size_t); - ptr32 = va_arg(args, u32 *); - length = 4; - break; - case 's': - offset = va_arg(args, size_t); - ptr8 = va_arg(args, u8 *); - length = va_arg(args, u32); - break; - default: - va_end(args); - debug("Couldn't recognize format string\n"); - return -1; - } - - if (offset + length > size) { - va_end(args); - return -1; - } - - switch (*format) { - case 'b': - *ptr8 = str[offset]; - break; - case 'w': - *ptr16 = get_unaligned_be16(str + offset); - break; - case 'd': - *ptr32 = get_unaligned_be32(str + offset); - break; - case 's': - memcpy(ptr8, str + offset, length); - break; - } - } - va_end(args); - - return 0; -} - -/** - * Get TPM command size. - * - * @param command byte string of TPM command - * @return command size of the TPM command - */ -static u32 tpm_command_size(const void *command) -{ - const size_t command_size_offset = 2; - - return get_unaligned_be32(command + command_size_offset); -} - -/** - * Get TPM response return code, which is one of TPM_RESULT values. - * - * @param response byte string of TPM response - * @return return code of the TPM response - */ -static u32 tpm_return_code(const void *response) -{ - const size_t return_code_offset = 6; - - return get_unaligned_be32(response + return_code_offset); -} - -/** - * Send a TPM command and return response's return code, and optionally - * return response to caller. - * - * @param command byte string of TPM command - * @param response output buffer for TPM response, or NULL if the - * caller does not care about it - * @param size_ptr output buffer size (input parameter) and TPM - * response length (output parameter); this parameter - * is a bidirectional - * @return return code of the TPM response - */ -static u32 tpm_sendrecv_command(const void *command, void *response, - size_t *size_ptr) -{ - struct udevice *dev; - int err, ret; - u8 response_buffer[COMMAND_BUFFER_SIZE]; - size_t response_length; - - if (response) { - response_length = *size_ptr; - } else { - response = response_buffer; - response_length = sizeof(response_buffer); - } - - ret = uclass_first_device_err(UCLASS_TPM, &dev); - if (ret) - return ret; - err = tpm_xfer(dev, command, tpm_command_size(command), - response, &response_length); - - if (err < 0) - return TPM_LIB_ERROR; - if (size_ptr) - *size_ptr = response_length; - - return tpm_return_code(response); -} - -int tpm_init(void) -{ - int err; - struct udevice *dev; - - err = uclass_first_device_err(UCLASS_TPM, &dev); - if (err) - return err; - return tpm_open(dev); -} - u32 tpm_startup(enum tpm_startup_type mode) { const u8 command[12] = { From patchwork Tue May 15 09:57:07 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913537 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYBq0VjQz9s1R for ; Tue, 15 May 2018 20:06:58 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id B03FBC21E18; Tue, 15 May 2018 10:05:00 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id EFADAC21E74; Tue, 15 May 2018 09:57:47 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id A2C3DC21EEF; Tue, 15 May 2018 09:57:37 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 3C7B4C21D56 for ; Tue, 15 May 2018 09:57:35 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 06795208BC; Tue, 15 May 2018 11:57:34 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id C35F920750; Tue, 15 May 2018 11:57:33 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:07 +0200 Message-Id: <20180515095728.16572-12-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 11/32] tpm: add missing parameter in private data structure description X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Both parameters 'duration_ms' and 'retry_time_ms' of the tpm_chip_priv structure are documented is the comment above the declaration but 'buf' was forgotten. Add the missing description. Signed-off-by: Miquel Raynal Reviewed-by: Tom Rini Reviewed-by: Simon Glass --- include/tpm-common.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/tpm-common.h b/include/tpm-common.h index ecc7bc067a..6b15466781 100644 --- a/include/tpm-common.h +++ b/include/tpm-common.h @@ -36,6 +36,7 @@ enum tpm_duration { * * @duration_ms: Length of each duration type in milliseconds * @retry_time_ms: Time to wait before retrying receive + * @buf: Buffer used during the exchanges with the chip */ struct tpm_chip_priv { uint duration_ms[TPM_DURATION_COUNT]; From patchwork Tue May 15 09:57:08 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913540 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYF86Z6mz9s1R for ; Tue, 15 May 2018 20:09:00 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 71C04C21DDC; Tue, 15 May 2018 10:05:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id C99A9C21EFF; Tue, 15 May 2018 09:57:48 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id E5F99C21EE3; Tue, 15 May 2018 09:57:40 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 78870C21DF8 for ; Tue, 15 May 2018 09:57:35 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 43599208BB; Tue, 15 May 2018 11:57:34 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id F202220720; Tue, 15 May 2018 11:57:33 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:08 +0200 Message-Id: <20180515095728.16572-13-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 12/32] tpm: prepare support for TPMv2.x commands X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Choice between v1 and v2 compliant functions is done with the configuration. Create the various files that will receive TPMv2-only code on the same scheme as for the TPMv1 code. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- cmd/Makefile | 1 + cmd/tpm-v2.c | 33 ++++++++++++ drivers/tpm/tpm-uclass.c | 2 + include/tpm-common.h | 6 +++ include/tpm-v2.h | 128 +++++++++++++++++++++++++++++++++++++++++++++++ lib/Makefile | 1 + lib/tpm-v2.c | 11 ++++ 7 files changed, 182 insertions(+) create mode 100644 cmd/tpm-v2.c create mode 100644 include/tpm-v2.h create mode 100644 lib/tpm-v2.c diff --git a/cmd/Makefile b/cmd/Makefile index 66732085e8..bdb5475e07 100644 --- a/cmd/Makefile +++ b/cmd/Makefile @@ -120,6 +120,7 @@ obj-$(CONFIG_HUSH_PARSER) += test.o obj-$(CONFIG_CMD_TPM) += tpm-common.o obj-$(CONFIG_CMD_TPM_V1) += tpm-v1.o obj-$(CONFIG_CMD_TPM_TEST) += tpm_test.o +obj-$(CONFIG_CMD_TPM_V2) += tpm-v2.o obj-$(CONFIG_CMD_CROS_EC) += cros_ec.o obj-$(CONFIG_CMD_TSI148) += tsi148.o obj-$(CONFIG_CMD_UBI) += ubi.o diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c new file mode 100644 index 0000000000..606aa92409 --- /dev/null +++ b/cmd/tpm-v2.c @@ -0,0 +1,33 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright (c) 2018 Bootlin + * Author: Miquel Raynal + */ + +#include +#include +#include +#include +#include +#include "tpm-user-utils.h" + +static cmd_tbl_t tpm2_commands[] = { + U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), + U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), +}; + +cmd_tbl_t *get_tpm_commands(unsigned int *size) +{ + *size = ARRAY_SIZE(tpm2_commands); + + return tpm2_commands; +} + +U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command", +" []\n" +"\n" +"info\n" +" Show information about the TPM.\n" +"init\n" +" Initialize the software stack. Always the first command to issue.\n" +); diff --git a/drivers/tpm/tpm-uclass.c b/drivers/tpm/tpm-uclass.c index eb0e511c8f..cbf4873cbb 100644 --- a/drivers/tpm/tpm-uclass.c +++ b/drivers/tpm/tpm-uclass.c @@ -10,6 +10,8 @@ #include #if defined(CONFIG_TPM_V1) #include +#elif defined(CONFIG_TPM_V2) +#include #endif #include "tpm_internal.h" diff --git a/include/tpm-common.h b/include/tpm-common.h index 6b15466781..94f0f310b4 100644 --- a/include/tpm-common.h +++ b/include/tpm-common.h @@ -36,11 +36,17 @@ enum tpm_duration { * * @duration_ms: Length of each duration type in milliseconds * @retry_time_ms: Time to wait before retrying receive + * @pcr_count: Number of PCR per bank + * @pcr_select_min: Minimum size in bytes of the pcrSelect array * @buf: Buffer used during the exchanges with the chip */ struct tpm_chip_priv { uint duration_ms[TPM_DURATION_COUNT]; uint retry_time_ms; +#if defined(CONFIG_TPM_V2) + uint pcr_count; + uint pcr_select_min; +#endif u8 buf[TPM_DEV_BUFSIZE + sizeof(u8)]; /* Max buffer size + addr */ }; diff --git a/include/tpm-v2.h b/include/tpm-v2.h new file mode 100644 index 0000000000..09a7a8b183 --- /dev/null +++ b/include/tpm-v2.h @@ -0,0 +1,128 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright (c) 2018 Bootlin + * Author: Miquel Raynal + */ + +#ifndef __TPM_V2_H +#define __TPM_V2_H + +#include + +#define TPM2_DIGEST_LEN 32 + +/** + * TPM2 Structure Tags for command/response buffers. + * + * @TPM2_ST_NO_SESSIONS: the command does not need an authentication. + * @TPM2_ST_SESSIONS: the command needs an authentication. + */ +enum tpm2_structures { + TPM2_ST_NO_SESSIONS = 0x8001, + TPM2_ST_SESSIONS = 0x8002, +}; + +/** + * TPM2 type of boolean. + */ +enum tpm2_yes_no { + TPMI_YES = 1, + TPMI_NO = 0, +}; + +/** + * TPM2 startup values. + * + * @TPM2_SU_CLEAR: reset the internal state. + * @TPM2_SU_STATE: restore saved state (if any). + */ +enum tpm2_startup_types { + TPM2_SU_CLEAR = 0x0000, + TPM2_SU_STATE = 0x0001, +}; + +/** + * TPM2 permanent handles. + * + * @TPM2_RH_OWNER: refers to the 'owner' hierarchy. + * @TPM2_RS_PW: indicates a password. + * @TPM2_RH_LOCKOUT: refers to the 'lockout' hierarchy. + * @TPM2_RH_ENDORSEMENT: refers to the 'endorsement' hierarchy. + * @TPM2_RH_PLATFORM: refers to the 'platform' hierarchy. + */ +enum tpm2_handles { + TPM2_RH_OWNER = 0x40000001, + TPM2_RS_PW = 0x40000009, + TPM2_RH_LOCKOUT = 0x4000000A, + TPM2_RH_ENDORSEMENT = 0x4000000B, + TPM2_RH_PLATFORM = 0x4000000C, +}; + +/** + * TPM2 command codes used at the beginning of a buffer, gives the command. + * + * @TPM2_CC_STARTUP: TPM2_Startup(). + * @TPM2_CC_SELF_TEST: TPM2_SelfTest(). + * @TPM2_CC_CLEAR: TPM2_Clear(). + * @TPM2_CC_CLEARCONTROL: TPM2_ClearControl(). + * @TPM2_CC_HIERCHANGEAUTH: TPM2_HierarchyChangeAuth(). + * @TPM2_CC_PCR_SETAUTHPOL: TPM2_PCR_SetAuthPolicy(). + * @TPM2_CC_DAM_RESET: TPM2_DictionaryAttackLockReset(). + * @TPM2_CC_DAM_PARAMETERS: TPM2_DictionaryAttackParameters(). + * @TPM2_CC_GET_CAPABILITY: TPM2_GetCapibility(). + * @TPM2_CC_PCR_READ: TPM2_PCR_Read(). + * @TPM2_CC_PCR_EXTEND: TPM2_PCR_Extend(). + * @TPM2_CC_PCR_SETAUTHVAL: TPM2_PCR_SetAuthValue(). + */ +enum tpm2_command_codes { + TPM2_CC_STARTUP = 0x0144, + TPM2_CC_SELF_TEST = 0x0143, + TPM2_CC_CLEAR = 0x0126, + TPM2_CC_CLEARCONTROL = 0x0127, + TPM2_CC_HIERCHANGEAUTH = 0x0129, + TPM2_CC_DAM_RESET = 0x0139, + TPM2_CC_DAM_PARAMETERS = 0x013A, + TPM2_CC_GET_CAPABILITY = 0x017A, + TPM2_CC_PCR_READ = 0x017E, + TPM2_CC_PCR_EXTEND = 0x0182, +}; + +/** + * TPM2 return codes. + */ +enum tpm2_return_codes { + TPM2_RC_SUCCESS = 0x0000, + TPM2_RC_BAD_TAG = 0x001E, + TPM2_RC_FMT1 = 0x0080, + TPM2_RC_HASH = TPM2_RC_FMT1 + 0x0003, + TPM2_RC_VALUE = TPM2_RC_FMT1 + 0x0004, + TPM2_RC_SIZE = TPM2_RC_FMT1 + 0x0015, + TPM2_RC_BAD_AUTH = TPM2_RC_FMT1 + 0x0022, + TPM2_RC_HANDLE = TPM2_RC_FMT1 + 0x000B, + TPM2_RC_VER1 = 0x0100, + TPM2_RC_INITIALIZE = TPM2_RC_VER1 + 0x0000, + TPM2_RC_FAILURE = TPM2_RC_VER1 + 0x0001, + TPM2_RC_DISABLED = TPM2_RC_VER1 + 0x0020, + TPM2_RC_AUTH_MISSING = TPM2_RC_VER1 + 0x0025, + TPM2_RC_COMMAND_CODE = TPM2_RC_VER1 + 0x0043, + TPM2_RC_AUTHSIZE = TPM2_RC_VER1 + 0x0044, + TPM2_RC_AUTH_CONTEXT = TPM2_RC_VER1 + 0x0045, + TPM2_RC_NEEDS_TEST = TPM2_RC_VER1 + 0x0053, + TPM2_RC_WARN = 0x0900, + TPM2_RC_TESTING = TPM2_RC_WARN + 0x000A, + TPM2_RC_REFERENCE_H0 = TPM2_RC_WARN + 0x0010, + TPM2_RC_LOCKOUT = TPM2_RC_WARN + 0x0021, +}; + +/** + * TPM2 algorithms. + */ +enum tpm2_algorithms { + TPM2_ALG_XOR = 0x0A, + TPM2_ALG_SHA256 = 0x0B, + TPM2_ALG_SHA384 = 0x0C, + TPM2_ALG_SHA512 = 0x0D, + TPM2_ALG_NULL = 0x10, +}; + +#endif /* __TPM_V2_H */ diff --git a/lib/Makefile b/lib/Makefile index 2052954841..ddf8db6be8 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -42,6 +42,7 @@ obj-y += rc4.o obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o obj-$(CONFIG_TPM) += tpm-common.o obj-$(CONFIG_TPM_V1) += tpm-v1.o +obj-$(CONFIG_TPM_V2) += tpm-v2.o obj-$(CONFIG_RBTREE) += rbtree.o obj-$(CONFIG_BITREVERSE) += bitrev.o obj-y += list_sort.o diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c new file mode 100644 index 0000000000..ef4ebcd8ac --- /dev/null +++ b/lib/tpm-v2.c @@ -0,0 +1,11 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright (c) 2018 Bootlin + * Author: Miquel Raynal + */ + +#include +#include +#include +#include +#include "tpm-utils.h" From patchwork Tue May 15 09:57:09 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913538 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYC13pxSz9ry1 for ; Tue, 15 May 2018 20:07:09 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 2A80BC21D56; Tue, 15 May 2018 10:05:38 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id D65A3C21F5E; Tue, 15 May 2018 09:57:49 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id DF81BC21F3B; Tue, 15 May 2018 09:57:41 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id A2038C21DFF for ; Tue, 15 May 2018 09:57:35 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 69810208BC; Tue, 15 May 2018 11:57:34 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 2DEFB20750; Tue, 15 May 2018 11:57:34 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:09 +0200 Message-Id: <20180515095728.16572-14-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 13/32] tpm: add macros to enhance TPM commands readability X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" TPM commands are much easier to read/write with these macros that will transform words or integers into byte strings. This way, there is no need to call pack_byte_string() while all variable length in a command are known (and at must 4 bytes, which is a lot of them). Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- lib/tpm-utils.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/tpm-utils.h b/lib/tpm-utils.h index 429da46232..9c875e6fa7 100644 --- a/lib/tpm-utils.h +++ b/lib/tpm-utils.h @@ -13,6 +13,12 @@ /* Internal error of TPM command library */ #define TPM_LIB_ERROR ((u32)~0u) +/* To make strings of commands more easily */ +#define __MSB(x) ((x) >> 8) +#define __LSB(x) ((x) & 0xFF) +#define tpm_u16(x) __MSB(x), __LSB(x) +#define tpm_u32(x) tpm_u16((x) >> 16), tpm_u16((x) & 0xFFFF) + /** * tpm_open() - Request access to locality 0 for the caller * From patchwork Tue May 15 09:57:10 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913541 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYGq0H5dz9s28 for ; Tue, 15 May 2018 20:10:23 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 91FAFC21E6C; Tue, 15 May 2018 10:07:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 5110EC21F1A; Tue, 15 May 2018 09:57:54 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id B0428C21EC8; Tue, 15 May 2018 09:57:41 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id C6FC3C21C57 for ; Tue, 15 May 2018 09:57:35 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 98FD0208B2; Tue, 15 May 2018 11:57:34 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 5B18120720; Tue, 15 May 2018 11:57:34 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:10 +0200 Message-Id: <20180515095728.16572-15-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 14/32] tpm: add possible traces to analyze buffers returned by the TPM X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" When debugging, it is welcome to get more information about what the TPM returns. Add the possibility to print the packets received to show their exact content. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- lib/tpm-common.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/tpm-common.c b/lib/tpm-common.c index 0812b73220..57832debf3 100644 --- a/lib/tpm-common.c +++ b/lib/tpm-common.c @@ -154,6 +154,7 @@ u32 tpm_sendrecv_command(const void *command, void *response, size_t *size_ptr) int err, ret; u8 response_buffer[COMMAND_BUFFER_SIZE]; size_t response_length; + int i; if (response) { response_length = *size_ptr; @@ -173,7 +174,14 @@ u32 tpm_sendrecv_command(const void *command, void *response, size_t *size_ptr) if (size_ptr) *size_ptr = response_length; - return tpm_return_code(response); + ret = tpm_return_code(response); + + log(LOGC_NONE, LOGL_DEBUG, "TPM response [ret:%d]: ", ret); + for (i = 0; i < response_length; i++) + log(LOGC_NONE, LOGL_DEBUG, "%02x ", ((u8 *)response)[i]); + log(LOGC_NONE, LOGL_DEBUG, "\n"); + + return ret; } int tpm_init(void) From patchwork Tue May 15 09:57:11 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913549 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYP33Vvcz9s08 for ; Tue, 15 May 2018 20:15:51 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 35A9CC21E7F; Tue, 15 May 2018 10:05:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id BEC33C21DB5; Tue, 15 May 2018 09:57:50 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 4AAF0C21EBD; Tue, 15 May 2018 09:57:41 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 05EECC21E1A for ; Tue, 15 May 2018 09:57:36 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id C490B208BF; Tue, 15 May 2018 11:57:34 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 884B120750; Tue, 15 May 2018 11:57:34 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:11 +0200 Message-Id: <20180515095728.16572-16-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 15/32] tpm: report driver error code to upper layer X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Instead of returning a generic 'library' error, report back the actual error code so it can be displayed to the user by the regular error path. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- lib/tpm-common.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/tpm-common.c b/lib/tpm-common.c index 57832debf3..08e2c2ad44 100644 --- a/lib/tpm-common.c +++ b/lib/tpm-common.c @@ -170,7 +170,8 @@ u32 tpm_sendrecv_command(const void *command, void *response, size_t *size_ptr) response, &response_length); if (err < 0) - return TPM_LIB_ERROR; + return err; + if (size_ptr) *size_ptr = response_length; From patchwork Tue May 15 09:57:12 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913544 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYMx0H34z9s08 for ; Tue, 15 May 2018 20:14:52 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id AEC08C21F1F; Tue, 15 May 2018 10:06:28 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 7B82BC21DDC; Tue, 15 May 2018 09:57:52 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 373ACC21E90; Tue, 15 May 2018 09:57:42 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 3951FC21E26 for ; Tue, 15 May 2018 09:57:36 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 0320C208B2; Tue, 15 May 2018 11:57:35 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id B732320720; Tue, 15 May 2018 11:57:34 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:12 +0200 Message-Id: <20180515095728.16572-17-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 16/32] tpm: add TPM2_Startup command support X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add support for the TPM2_Startup command. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- cmd/tpm-v2.c | 26 ++++++++++++++++++++++++++ include/tpm-v2.h | 9 +++++++++ lib/tpm-v2.c | 21 +++++++++++++++++++++ 3 files changed, 56 insertions(+) diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c index 606aa92409..d11820404e 100644 --- a/cmd/tpm-v2.c +++ b/cmd/tpm-v2.c @@ -11,9 +11,30 @@ #include #include "tpm-user-utils.h" +static int do_tpm2_startup(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) +{ + enum tpm2_startup_types mode; + + if (argc != 2) + return CMD_RET_USAGE; + + if (!strcasecmp("TPM2_SU_CLEAR", argv[1])) { + mode = TPM2_SU_CLEAR; + } else if (!strcasecmp("TPM2_SU_STATE", argv[1])) { + mode = TPM2_SU_STATE; + } else { + printf("Couldn't recognize mode string: %s\n", argv[1]); + return CMD_RET_FAILURE; + } + + return report_return_code(tpm2_startup(mode)); +} + static cmd_tbl_t tpm2_commands[] = { U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), + U_BOOT_CMD_MKENT(startup, 0, 1, do_tpm2_startup, "", ""), }; cmd_tbl_t *get_tpm_commands(unsigned int *size) @@ -30,4 +51,9 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command", " Show information about the TPM.\n" "init\n" " Initialize the software stack. Always the first command to issue.\n" +"startup \n" +" Issue a TPM2_Startup command.\n" +" is one of:\n" +" * TPM2_SU_CLEAR (reset state)\n" +" * TPM2_SU_STATE (preserved state)\n" ); diff --git a/include/tpm-v2.h b/include/tpm-v2.h index 09a7a8b183..b9d6488b4c 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -125,4 +125,13 @@ enum tpm2_algorithms { TPM2_ALG_NULL = 0x10, }; +/** + * Issue a TPM2_Startup command. + * + * @mode TPM startup mode + * + * @return code of the operation + */ +u32 tpm2_startup(enum tpm2_startup_types mode); + #endif /* __TPM_V2_H */ diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index ef4ebcd8ac..0d5ecebd32 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -9,3 +9,24 @@ #include #include #include "tpm-utils.h" + +u32 tpm2_startup(enum tpm2_startup_types mode) +{ + const u8 command_v2[12] = { + tpm_u16(TPM2_ST_NO_SESSIONS), + tpm_u32(12), + tpm_u32(TPM2_CC_STARTUP), + tpm_u16(mode), + }; + int ret; + + /* + * Note TPM2_Startup command will return RC_SUCCESS the first time, + * but will return RC_INITIALIZE otherwise. + */ + ret = tpm_sendrecv_command(command_v2, NULL, NULL); + if (ret && ret != TPM2_RC_INITIALIZE) + return ret; + + return 0; +} From patchwork Tue May 15 09:57:13 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913539 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYF74W36z9ry1 for ; Tue, 15 May 2018 20:08:59 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 48FE3C21DA6; Tue, 15 May 2018 10:06:11 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 8E0B3C21F7E; Tue, 15 May 2018 09:57:51 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 5FEC2C21E47; Tue, 15 May 2018 09:57:43 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 6582AC21E2C for ; Tue, 15 May 2018 09:57:36 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 2FCCB208BB; Tue, 15 May 2018 11:57:35 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id E60D420750; Tue, 15 May 2018 11:57:34 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:13 +0200 Message-Id: <20180515095728.16572-18-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 17/32] tpm: add TPM2_SelfTest command support X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add support for the TPM2_Selftest command. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- cmd/tpm-v2.c | 26 ++++++++++++++++++++++++++ include/tpm-v2.h | 9 +++++++++ lib/tpm-v2.c | 12 ++++++++++++ 3 files changed, 47 insertions(+) diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c index d11820404e..1e746a7f09 100644 --- a/cmd/tpm-v2.c +++ b/cmd/tpm-v2.c @@ -31,10 +31,31 @@ static int do_tpm2_startup(cmd_tbl_t *cmdtp, int flag, int argc, return report_return_code(tpm2_startup(mode)); } +static int do_tpm2_self_test(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) +{ + enum tpm2_yes_no full_test; + + if (argc != 2) + return CMD_RET_USAGE; + + if (!strcasecmp("full", argv[1])) { + full_test = TPMI_YES; + } else if (!strcasecmp("continue", argv[1])) { + full_test = TPMI_NO; + } else { + printf("Couldn't recognize test mode: %s\n", argv[1]); + return CMD_RET_FAILURE; + } + + return report_return_code(tpm2_self_test(full_test)); +} + static cmd_tbl_t tpm2_commands[] = { U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), U_BOOT_CMD_MKENT(startup, 0, 1, do_tpm2_startup, "", ""), + U_BOOT_CMD_MKENT(self_test, 0, 1, do_tpm2_self_test, "", ""), }; cmd_tbl_t *get_tpm_commands(unsigned int *size) @@ -56,4 +77,9 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command", " is one of:\n" " * TPM2_SU_CLEAR (reset state)\n" " * TPM2_SU_STATE (preserved state)\n" +"self_test \n" +" Test the TPM capabilities.\n" +" is one of:\n" +" * full (perform all tests)\n" +" * continue (only check untested tests)\n" ); diff --git a/include/tpm-v2.h b/include/tpm-v2.h index b9d6488b4c..f6d50a3a0b 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -134,4 +134,13 @@ enum tpm2_algorithms { */ u32 tpm2_startup(enum tpm2_startup_types mode); +/** + * Issue a TPM2_SelfTest command. + * + * @full_test Asking to perform all tests or only the untested ones + * + * @return code of the operation + */ +u32 tpm2_self_test(enum tpm2_yes_no full_test); + #endif /* __TPM_V2_H */ diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index 0d5ecebd32..c7156e569b 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -30,3 +30,15 @@ u32 tpm2_startup(enum tpm2_startup_types mode) return 0; } + +u32 tpm2_self_test(enum tpm2_yes_no full_test) +{ + const u8 command_v2[12] = { + tpm_u16(TPM2_ST_NO_SESSIONS), + tpm_u32(11), + tpm_u32(TPM2_CC_SELF_TEST), + full_test, + }; + + return tpm_sendrecv_command(command_v2, NULL, NULL); +} From patchwork Tue May 15 09:57:14 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913552 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYQp2CkSz9s08 for ; Tue, 15 May 2018 20:17:22 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 01047C21D4A; Tue, 15 May 2018 10:06:45 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 7451FC21F92; Tue, 15 May 2018 09:57:53 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 1CD17C21E90; Tue, 15 May 2018 09:57:43 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 8989CC21E02 for ; Tue, 15 May 2018 09:57:36 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 5D33F208C1; Tue, 15 May 2018 11:57:35 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 1FD7B20720; Tue, 15 May 2018 11:57:35 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:14 +0200 Message-Id: <20180515095728.16572-19-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 18/32] tpm: add TPM2_Clear command support X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add support for the TPM2_Clear command. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- cmd/tpm-v2.c | 29 +++++++++++++++++++++++++++++ include/tpm-v2.h | 11 +++++++++++ lib/tpm-v2.c | 35 +++++++++++++++++++++++++++++++++++ 3 files changed, 75 insertions(+) diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c index 1e746a7f09..9f6a8fc0b6 100644 --- a/cmd/tpm-v2.c +++ b/cmd/tpm-v2.c @@ -51,11 +51,35 @@ static int do_tpm2_self_test(cmd_tbl_t *cmdtp, int flag, int argc, return report_return_code(tpm2_self_test(full_test)); } +static int do_tpm2_clear(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) +{ + u32 handle = 0; + const char *pw = (argc < 3) ? NULL : argv[2]; + const ssize_t pw_sz = pw ? strlen(pw) : 0; + + if (argc < 2 || argc > 3) + return CMD_RET_USAGE; + + if (pw_sz > TPM2_DIGEST_LEN) + return -EINVAL; + + if (!strcasecmp("TPM2_RH_LOCKOUT", argv[1])) + handle = TPM2_RH_LOCKOUT; + else if (!strcasecmp("TPM2_RH_PLATFORM", argv[1])) + handle = TPM2_RH_PLATFORM; + else + return CMD_RET_USAGE; + + return report_return_code(tpm2_clear(handle, pw, pw_sz)); +} + static cmd_tbl_t tpm2_commands[] = { U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), U_BOOT_CMD_MKENT(startup, 0, 1, do_tpm2_startup, "", ""), U_BOOT_CMD_MKENT(self_test, 0, 1, do_tpm2_self_test, "", ""), + U_BOOT_CMD_MKENT(clear, 0, 1, do_tpm2_clear, "", ""), }; cmd_tbl_t *get_tpm_commands(unsigned int *size) @@ -82,4 +106,9 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command", " is one of:\n" " * full (perform all tests)\n" " * continue (only check untested tests)\n" +"clear \n" +" Issue a TPM2_Clear command.\n" +" is one of:\n" +" * TPM2_RH_LOCKOUT\n" +" * TPM2_RH_PLATFORM\n" ); diff --git a/include/tpm-v2.h b/include/tpm-v2.h index f6d50a3a0b..0d02e4a89b 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -143,4 +143,15 @@ u32 tpm2_startup(enum tpm2_startup_types mode); */ u32 tpm2_self_test(enum tpm2_yes_no full_test); +/** + * Issue a TPM2_Clear command. + * + * @handle Handle + * @pw Password + * @pw_sz Length of the password + * + * @return code of the operation + */ +u32 tpm2_clear(u32 handle, const char *pw, const ssize_t pw_sz); + #endif /* __TPM_V2_H */ diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index c7156e569b..e3bfec5082 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -42,3 +42,38 @@ u32 tpm2_self_test(enum tpm2_yes_no full_test) return tpm_sendrecv_command(command_v2, NULL, NULL); } + +u32 tpm2_clear(u32 handle, const char *pw, const ssize_t pw_sz) +{ + u8 command_v2[COMMAND_BUFFER_SIZE] = { + tpm_u16(TPM2_ST_SESSIONS), /* TAG */ + tpm_u32(27 + pw_sz), /* Length */ + tpm_u32(TPM2_CC_CLEAR), /* Command code */ + + /* HANDLE */ + tpm_u32(handle), /* TPM resource handle */ + + /* AUTH_SESSION */ + tpm_u32(9 + pw_sz), /* Authorization size */ + tpm_u32(TPM2_RS_PW), /* Session handle */ + tpm_u16(0), /* Size of */ + /* (if any) */ + 0, /* Attributes: Cont/Excl/Rst */ + tpm_u16(pw_sz), /* Size of */ + /* STRING(pw) (if any) */ + }; + unsigned int offset = 27; + int ret; + + /* + * Fill the command structure starting from the first buffer: + * - the password (if any) + */ + ret = pack_byte_string(command_v2, sizeof(command_v2), "s", + offset, pw, pw_sz); + offset += pw_sz; + if (ret) + return TPM_LIB_ERROR; + + return tpm_sendrecv_command(command_v2, NULL, NULL); +} From patchwork Tue May 15 09:57:15 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913546 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYNJ3RtZz9s08 for ; Tue, 15 May 2018 20:15:12 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 2C435C21EBF; Tue, 15 May 2018 10:07:21 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 12040C21F67; Tue, 15 May 2018 09:57:55 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id ABBFCC21EA8; Tue, 15 May 2018 09:57:44 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id C1343C21E47 for ; Tue, 15 May 2018 09:57:36 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 8AB85208BC; Tue, 15 May 2018 11:57:35 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 4C37F20794; Tue, 15 May 2018 11:57:35 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:15 +0200 Message-Id: <20180515095728.16572-20-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 19/32] tpm: add TPM2_PCR_Extend command support X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add support for the TPM2_PCR_Extend command. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- cmd/tpm-v2.c | 37 +++++++++++++++++++++++++++++++++++++ include/tpm-v2.h | 10 ++++++++++ lib/tpm-v2.c | 38 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 85 insertions(+) diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c index 9f6a8fc0b6..df6cd6919c 100644 --- a/cmd/tpm-v2.c +++ b/cmd/tpm-v2.c @@ -7,6 +7,7 @@ #include #include #include +#include #include #include #include "tpm-user-utils.h" @@ -74,12 +75,44 @@ static int do_tpm2_clear(cmd_tbl_t *cmdtp, int flag, int argc, return report_return_code(tpm2_clear(handle, pw, pw_sz)); } +static int do_tpm2_pcr_extend(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) +{ + struct udevice *dev; + struct tpm_chip_priv *priv; + u32 index = simple_strtoul(argv[1], NULL, 0); + void *digest = map_sysmem(simple_strtoul(argv[2], NULL, 0), 0); + int ret; + u32 rc; + + if (argc != 3) + return CMD_RET_USAGE; + + ret = uclass_first_device_err(UCLASS_TPM, &dev); + if (ret) + return ret; + + priv = dev_get_uclass_priv(dev); + if (!priv) + return -EINVAL; + + if (index >= priv->pcr_count) + return -EINVAL; + + rc = tpm2_pcr_extend(index, digest); + + unmap_sysmem(digest); + + return report_return_code(rc); +} + static cmd_tbl_t tpm2_commands[] = { U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), U_BOOT_CMD_MKENT(startup, 0, 1, do_tpm2_startup, "", ""), U_BOOT_CMD_MKENT(self_test, 0, 1, do_tpm2_self_test, "", ""), U_BOOT_CMD_MKENT(clear, 0, 1, do_tpm2_clear, "", ""), + U_BOOT_CMD_MKENT(pcr_extend, 0, 1, do_tpm2_pcr_extend, "", ""), }; cmd_tbl_t *get_tpm_commands(unsigned int *size) @@ -111,4 +144,8 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command", " is one of:\n" " * TPM2_RH_LOCKOUT\n" " * TPM2_RH_PLATFORM\n" +"pcr_extend \n" +" Extend PCR # with digest at .\n" +" : index of the PCR\n" +" : address of a 32-byte SHA256 digest\n" ); diff --git a/include/tpm-v2.h b/include/tpm-v2.h index 0d02e4a89b..0706a925ce 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -154,4 +154,14 @@ u32 tpm2_self_test(enum tpm2_yes_no full_test); */ u32 tpm2_clear(u32 handle, const char *pw, const ssize_t pw_sz); +/** + * Issue a TPM2_PCR_Extend command. + * + * @index Index of the PCR + * @digest Value representing the event to be recorded + * + * @return code of the operation + */ +u32 tpm2_pcr_extend(u32 index, const uint8_t *digest); + #endif /* __TPM_V2_H */ diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index e3bfec5082..2696f8145d 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -77,3 +77,41 @@ u32 tpm2_clear(u32 handle, const char *pw, const ssize_t pw_sz) return tpm_sendrecv_command(command_v2, NULL, NULL); } + +u32 tpm2_pcr_extend(u32 index, const uint8_t *digest) +{ + u8 command_v2[COMMAND_BUFFER_SIZE] = { + tpm_u16(TPM2_ST_SESSIONS), /* TAG */ + tpm_u32(33 + TPM2_DIGEST_LEN), /* Length */ + tpm_u32(TPM2_CC_PCR_EXTEND), /* Command code */ + + /* HANDLE */ + tpm_u32(index), /* Handle (PCR Index) */ + + /* AUTH_SESSION */ + tpm_u32(9), /* Authorization size */ + tpm_u32(TPM2_RS_PW), /* Session handle */ + tpm_u16(0), /* Size of */ + /* (if any) */ + 0, /* Attributes: Cont/Excl/Rst */ + tpm_u16(0), /* Size of */ + /* (if any) */ + tpm_u32(1), /* Count (number of hashes) */ + tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */ + /* STRING(digest) Digest */ + }; + unsigned int offset = 33; + int ret; + + /* + * Fill the command structure starting from the first buffer: + * - the digest + */ + ret = pack_byte_string(command_v2, sizeof(command_v2), "s", + offset, digest, TPM2_DIGEST_LEN); + offset += TPM2_DIGEST_LEN; + if (ret) + return TPM_LIB_ERROR; + + return tpm_sendrecv_command(command_v2, NULL, NULL); +} From patchwork Tue May 15 09:57:16 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913555 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYSG0L8Cz9s1R for ; Tue, 15 May 2018 20:18:37 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id A136EC21E74; Tue, 15 May 2018 10:09:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 41710C21FF3; Tue, 15 May 2018 09:58:02 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 1210BC21F92; Tue, 15 May 2018 09:57:44 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id F227AC21E6C for ; Tue, 15 May 2018 09:57:36 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id BC841208C3; Tue, 15 May 2018 11:57:35 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 7AAC720720; Tue, 15 May 2018 11:57:35 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:16 +0200 Message-Id: <20180515095728.16572-21-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 20/32] tpm: add TPM2_PCR_Read command support X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add support for the TPM2_PCR_Read command. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- cmd/tpm-v2.c | 43 +++++++++++++++++++++++++++++++++++++++++++ include/tpm-v2.h | 13 +++++++++++++ lib/tpm-v2.c | 42 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 98 insertions(+) diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c index df6cd6919c..49c22aaeaa 100644 --- a/cmd/tpm-v2.c +++ b/cmd/tpm-v2.c @@ -106,6 +106,44 @@ static int do_tpm2_pcr_extend(cmd_tbl_t *cmdtp, int flag, int argc, return report_return_code(rc); } +static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) +{ + struct udevice *dev; + struct tpm_chip_priv *priv; + u32 index, rc; + unsigned int updates; + void *data; + int ret; + + if (argc != 3) + return CMD_RET_USAGE; + + ret = uclass_first_device_err(UCLASS_TPM, &dev); + if (ret) + return ret; + + priv = dev_get_uclass_priv(dev); + if (!priv) + return -EINVAL; + + index = simple_strtoul(argv[1], NULL, 0); + if (index >= priv->pcr_count) + return -EINVAL; + + data = map_sysmem(simple_strtoul(argv[2], NULL, 0), 0); + + rc = tpm2_pcr_read(index, priv->pcr_select_min, data, &updates); + if (!rc) { + printf("PCR #%u content (%d known updates):\n", index, updates); + print_byte_string(data, TPM2_DIGEST_LEN); + } + + unmap_sysmem(data); + + return report_return_code(rc); +} + static cmd_tbl_t tpm2_commands[] = { U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), @@ -113,6 +151,7 @@ static cmd_tbl_t tpm2_commands[] = { U_BOOT_CMD_MKENT(self_test, 0, 1, do_tpm2_self_test, "", ""), U_BOOT_CMD_MKENT(clear, 0, 1, do_tpm2_clear, "", ""), U_BOOT_CMD_MKENT(pcr_extend, 0, 1, do_tpm2_pcr_extend, "", ""), + U_BOOT_CMD_MKENT(pcr_read, 0, 1, do_tpm_pcr_read, "", ""), }; cmd_tbl_t *get_tpm_commands(unsigned int *size) @@ -148,4 +187,8 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command", " Extend PCR # with digest at .\n" " : index of the PCR\n" " : address of a 32-byte SHA256 digest\n" +"pcr_read \n" +" Read PCR # to memory address .\n" +" : index of the PCR\n" +" : address to store the a 32-byte SHA256 digest\n" ); diff --git a/include/tpm-v2.h b/include/tpm-v2.h index 0706a925ce..b9f36b22ba 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -164,4 +164,17 @@ u32 tpm2_clear(u32 handle, const char *pw, const ssize_t pw_sz); */ u32 tpm2_pcr_extend(u32 index, const uint8_t *digest); +/** + * Issue a TPM2_PCR_Read command. + * + * @idx Index of the PCR + * @idx_min_sz Minimum size in bytes of the pcrSelect array + * @data Output buffer for contents of the named PCR + * @updates Optional out parameter: number of updates for this PCR + * + * @return code of the operation + */ +u32 tpm2_pcr_read(u32 idx, unsigned int idx_min_sz, void *data, + unsigned int *updates); + #endif /* __TPM_V2_H */ diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index 2696f8145d..a1f1dbc3d6 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -115,3 +115,45 @@ u32 tpm2_pcr_extend(u32 index, const uint8_t *digest) return tpm_sendrecv_command(command_v2, NULL, NULL); } + +u32 tpm2_pcr_read(u32 idx, unsigned int idx_min_sz, void *data, + unsigned int *updates) +{ + u8 idx_array_sz = max(idx_min_sz, DIV_ROUND_UP(idx, 8)); + u8 command_v2[COMMAND_BUFFER_SIZE] = { + tpm_u16(TPM2_ST_NO_SESSIONS), /* TAG */ + tpm_u32(17 + idx_array_sz), /* Length */ + tpm_u32(TPM2_CC_PCR_READ), /* Command code */ + + /* TPML_PCR_SELECTION */ + tpm_u32(1), /* Number of selections */ + tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */ + idx_array_sz, /* Array size for selection */ + /* bitmap(idx) Selected PCR bitmap */ + }; + size_t response_len = COMMAND_BUFFER_SIZE; + u8 response[COMMAND_BUFFER_SIZE]; + unsigned int pcr_sel_idx = idx / 8; + u8 pcr_sel_bit = BIT(idx % 8); + unsigned int counter = 0; + int ret; + + if (pack_byte_string(command_v2, COMMAND_BUFFER_SIZE, "b", + 17 + pcr_sel_idx, pcr_sel_bit)) + return TPM_LIB_ERROR; + + ret = tpm_sendrecv_command(command_v2, response, &response_len); + if (ret) + return ret; + + if (unpack_byte_string(response, response_len, "ds", + 10, &counter, + response_len - TPM2_DIGEST_LEN, data, + TPM2_DIGEST_LEN)) + return TPM_LIB_ERROR; + + if (updates) + *updates = counter; + + return 0; +} From patchwork Tue May 15 09:57:17 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913557 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYSl5QKgz9s1R for ; Tue, 15 May 2018 20:19:03 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 9ACF1C21E42; Tue, 15 May 2018 10:09:36 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 00A55C21FE7; Tue, 15 May 2018 09:58:03 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 7433DC21E3E; Tue, 15 May 2018 09:57:44 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 2247CC21E50 for ; Tue, 15 May 2018 09:57:37 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id E8486208BF; Tue, 15 May 2018 11:57:35 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id A80A820794; Tue, 15 May 2018 11:57:35 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:17 +0200 Message-Id: <20180515095728.16572-22-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 21/32] tpm: add TPM2_GetCapability command support X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add support for the TPM2_GetCapability command. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- cmd/tpm-v2.c | 45 +++++++++++++++++++++++++++++++++++++++++++++ include/tpm-v2.h | 14 ++++++++++++++ lib/tpm-v2.c | 33 +++++++++++++++++++++++++++++++++ 3 files changed, 92 insertions(+) diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c index 49c22aaeaa..3599763e90 100644 --- a/cmd/tpm-v2.c +++ b/cmd/tpm-v2.c @@ -144,6 +144,43 @@ static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, int argc, return report_return_code(rc); } +static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) +{ + u32 capability, property, rc; + u8 *data; + size_t count; + int i, j; + + if (argc != 5) + return CMD_RET_USAGE; + + capability = simple_strtoul(argv[1], NULL, 0); + property = simple_strtoul(argv[2], NULL, 0); + data = map_sysmem(simple_strtoul(argv[3], NULL, 0), 0); + count = simple_strtoul(argv[4], NULL, 0); + + rc = tpm2_get_capability(capability, property, data, count); + if (rc) + goto unmap_data; + + printf("Capabilities read from TPM:\n"); + for (i = 0; i < count; i++) { + printf("Property 0x"); + for (j = 0; j < 4; j++) + printf("%02x", data[(i * 8) + j]); + printf(": 0x"); + for (j = 4; j < 8; j++) + printf("%02x", data[(i * 8) + j]); + printf("\n"); + } + +unmap_data: + unmap_sysmem(data); + + return report_return_code(rc); +} + static cmd_tbl_t tpm2_commands[] = { U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), @@ -152,6 +189,7 @@ static cmd_tbl_t tpm2_commands[] = { U_BOOT_CMD_MKENT(clear, 0, 1, do_tpm2_clear, "", ""), U_BOOT_CMD_MKENT(pcr_extend, 0, 1, do_tpm2_pcr_extend, "", ""), U_BOOT_CMD_MKENT(pcr_read, 0, 1, do_tpm_pcr_read, "", ""), + U_BOOT_CMD_MKENT(get_capability, 0, 1, do_tpm_get_capability, "", ""), }; cmd_tbl_t *get_tpm_commands(unsigned int *size) @@ -191,4 +229,11 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command", " Read PCR # to memory address .\n" " : index of the PCR\n" " : address to store the a 32-byte SHA256 digest\n" +"get_capability \n" +" Read and display entries indexed by /.\n" +" Values are 4 bytes long and are written at .\n" +" : capability\n" +" : property\n" +" : address to store entries of 4 bytes\n" +" : number of entries to retrieve\n" ); diff --git a/include/tpm-v2.h b/include/tpm-v2.h index b9f36b22ba..618026ce2a 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -177,4 +177,18 @@ u32 tpm2_pcr_extend(u32 index, const uint8_t *digest); u32 tpm2_pcr_read(u32 idx, unsigned int idx_min_sz, void *data, unsigned int *updates); +/** + * Issue a TPM2_GetCapability command. This implementation is limited + * to query property index that is 4-byte wide. + * + * @capability Partition of capabilities + * @property Further definition of capability, limited to be 4 bytes wide + * @buf Output buffer for capability information + * @prop_count Size of output buffer + * + * @return code of the operation + */ +u32 tpm2_get_capability(u32 capability, u32 property, void *buf, + size_t prop_count); + #endif /* __TPM_V2_H */ diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index a1f1dbc3d6..330844ee31 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -157,3 +157,36 @@ u32 tpm2_pcr_read(u32 idx, unsigned int idx_min_sz, void *data, return 0; } + +u32 tpm2_get_capability(u32 capability, u32 property, void *buf, + size_t prop_count) +{ + u8 command_v2[COMMAND_BUFFER_SIZE] = { + tpm_u16(TPM2_ST_NO_SESSIONS), /* TAG */ + tpm_u32(22), /* Length */ + tpm_u32(TPM2_CC_GET_CAPABILITY), /* Command code */ + + tpm_u32(capability), /* Capability */ + tpm_u32(property), /* Property */ + tpm_u32(prop_count), /* Property count */ + }; + u8 response[COMMAND_BUFFER_SIZE]; + size_t response_len = COMMAND_BUFFER_SIZE; + unsigned int properties_off; + int ret; + + ret = tpm_sendrecv_command(command_v2, response, &response_len); + if (ret) + return ret; + + /* + * In the response buffer, the properties are located after the: + * tag (u16), response size (u32), response code (u32), + * YES/NO flag (u8), TPM_CAP (u32) and TPMU_CAPABILITIES (u32). + */ + properties_off = sizeof(u16) + sizeof(u32) + sizeof(u32) + + sizeof(u8) + sizeof(u32) + sizeof(u32); + memcpy(buf, &response[properties_off], response_len - properties_off); + + return 0; +} From patchwork Tue May 15 09:57:18 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913547 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYNf3jn4z9s08 for ; Tue, 15 May 2018 20:15:30 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 1A475C21DA6; Tue, 15 May 2018 10:07:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id E3AACC21FBA; Tue, 15 May 2018 09:57:55 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id CA34AC21F58; Tue, 15 May 2018 09:57:46 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 6B696C21E85 for ; Tue, 15 May 2018 09:57:37 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 334C6208B2; Tue, 15 May 2018 11:57:36 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id D4FC820720; Tue, 15 May 2018 11:57:35 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:18 +0200 Message-Id: <20180515095728.16572-23-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 22/32] tpm: add dictionary attack mitigation commands support X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add support for the TPM2_DictionaryAttackParameters and TPM2_DictionaryAttackLockReset commands. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- cmd/tpm-v2.c | 67 +++++++++++++++++++++++++++++++++++++++++++++ include/tpm-v2.h | 25 +++++++++++++++++ lib/tpm-v2.c | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 175 insertions(+) diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c index 3599763e90..5e3ebc7984 100644 --- a/cmd/tpm-v2.c +++ b/cmd/tpm-v2.c @@ -181,6 +181,59 @@ unmap_data: return report_return_code(rc); } +static int do_tpm_dam_reset(cmd_tbl_t *cmdtp, int flag, int argc, + char *const argv[]) +{ + const char *pw = (argc < 2) ? NULL : argv[1]; + const ssize_t pw_sz = pw ? strlen(pw) : 0; + + if (argc > 2) + return CMD_RET_USAGE; + + if (pw_sz > TPM2_DIGEST_LEN) + return -EINVAL; + + return report_return_code(tpm2_dam_reset(pw, pw_sz)); +} + +static int do_tpm_dam_parameters(cmd_tbl_t *cmdtp, int flag, int argc, + char *const argv[]) +{ + const char *pw = (argc < 5) ? NULL : argv[4]; + const ssize_t pw_sz = pw ? strlen(pw) : 0; + /* + * No Dictionary Attack Mitigation (DAM) means: + * maxtries = 0xFFFFFFFF, recovery_time = 1, lockout_recovery = 0 + */ + unsigned long int max_tries; + unsigned long int recovery_time; + unsigned long int lockout_recovery; + + if (argc < 4 || argc > 5) + return CMD_RET_USAGE; + + if (pw_sz > TPM2_DIGEST_LEN) + return -EINVAL; + + if (strict_strtoul(argv[1], 0, &max_tries)) + return CMD_RET_USAGE; + + if (strict_strtoul(argv[2], 0, &recovery_time)) + return CMD_RET_USAGE; + + if (strict_strtoul(argv[3], 0, &lockout_recovery)) + return CMD_RET_USAGE; + + log(LOGC_NONE, LOGL_INFO, "Changing dictionary attack parameters:\n"); + log(LOGC_NONE, LOGL_INFO, "- maxTries: %lu", max_tries); + log(LOGC_NONE, LOGL_INFO, "- recoveryTime: %lu\n", recovery_time); + log(LOGC_NONE, LOGL_INFO, "- lockoutRecovery: %lu\n", lockout_recovery); + + return report_return_code(tpm2_dam_parameters(pw, pw_sz, max_tries, + recovery_time, + lockout_recovery)); +} + static cmd_tbl_t tpm2_commands[] = { U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), @@ -190,6 +243,8 @@ static cmd_tbl_t tpm2_commands[] = { U_BOOT_CMD_MKENT(pcr_extend, 0, 1, do_tpm2_pcr_extend, "", ""), U_BOOT_CMD_MKENT(pcr_read, 0, 1, do_tpm_pcr_read, "", ""), U_BOOT_CMD_MKENT(get_capability, 0, 1, do_tpm_get_capability, "", ""), + U_BOOT_CMD_MKENT(dam_reset, 0, 1, do_tpm_dam_reset, "", ""), + U_BOOT_CMD_MKENT(dam_parameters, 0, 1, do_tpm_dam_parameters, "", ""), }; cmd_tbl_t *get_tpm_commands(unsigned int *size) @@ -236,4 +291,16 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command", " : property\n" " : address to store entries of 4 bytes\n" " : number of entries to retrieve\n" +" dam_reset_counter []\n" +" - If the TPM is not in a LOCKOUT state, reset the internal error\n" +" counter (TPMv2 only)\n" +" dam_set_parameters []\n" +" - If the TPM is not in a LOCKOUT state, set the dictionary attack\n" +" parameters:\n" +" * maxTries: maximum number of failures before lockout.\n" +" 0 means always locking.\n" +" * recoveryTime: time before decrementation of the error counter,\n" +" 0 means no lockout.\n" +" * lockoutRecovery: time of a lockout (before the next try)\n" +" 0 means a reboot is needed.\n" ); diff --git a/include/tpm-v2.h b/include/tpm-v2.h index 618026ce2a..4e182cf827 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -191,4 +191,29 @@ u32 tpm2_pcr_read(u32 idx, unsigned int idx_min_sz, void *data, u32 tpm2_get_capability(u32 capability, u32 property, void *buf, size_t prop_count); +/** + * Issue a TPM2_DictionaryAttackLockReset command. + * + * @pw Password + * @pw_sz Length of the password + * + * @return code of the operation + */ +u32 tpm2_dam_reset(const char *pw, const ssize_t pw_sz); + +/** + * Issue a TPM2_DictionaryAttackParameters command. + * + * @pw Password + * @pw_sz Length of the password + * @max_tries Count of authorizations before lockout + * @recovery_time Time before decrementation of the failure count + * @lockout_recovery Time to wait after a lockout + * + * @return code of the operation + */ +u32 tpm2_dam_parameters(const char *pw, const ssize_t pw_sz, + unsigned int max_tries, unsigned int recovery_time, + unsigned int lockout_recovery); + #endif /* __TPM_V2_H */ diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index 330844ee31..5f1090eccb 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -190,3 +190,86 @@ u32 tpm2_get_capability(u32 capability, u32 property, void *buf, return 0; } + +u32 tpm2_dam_reset(const char *pw, const ssize_t pw_sz) +{ + u8 command_v2[COMMAND_BUFFER_SIZE] = { + tpm_u16(TPM2_ST_SESSIONS), /* TAG */ + tpm_u32(27 + pw_sz), /* Length */ + tpm_u32(TPM2_CC_DAM_RESET), /* Command code */ + + /* HANDLE */ + tpm_u32(TPM2_RH_LOCKOUT), /* TPM resource handle */ + + /* AUTH_SESSION */ + tpm_u32(9 + pw_sz), /* Authorization size */ + tpm_u32(TPM2_RS_PW), /* Session handle */ + tpm_u16(0), /* Size of */ + /* (if any) */ + 0, /* Attributes: Cont/Excl/Rst */ + tpm_u16(pw_sz), /* Size of */ + /* STRING(pw) (if any) */ + }; + unsigned int offset = 27; + int ret; + + /* + * Fill the command structure starting from the first buffer: + * - the password (if any) + */ + ret = pack_byte_string(command_v2, sizeof(command_v2), "s", + offset, pw, pw_sz); + offset += pw_sz; + if (ret) + return TPM_LIB_ERROR; + + return tpm_sendrecv_command(command_v2, NULL, NULL); +} + +u32 tpm2_dam_parameters(const char *pw, const ssize_t pw_sz, + unsigned int max_tries, unsigned int recovery_time, + unsigned int lockout_recovery) +{ + u8 command_v2[COMMAND_BUFFER_SIZE] = { + tpm_u16(TPM2_ST_SESSIONS), /* TAG */ + tpm_u32(27 + pw_sz + 12), /* Length */ + tpm_u32(TPM2_CC_DAM_PARAMETERS), /* Command code */ + + /* HANDLE */ + tpm_u32(TPM2_RH_LOCKOUT), /* TPM resource handle */ + + /* AUTH_SESSION */ + tpm_u32(9 + pw_sz), /* Authorization size */ + tpm_u32(TPM2_RS_PW), /* Session handle */ + tpm_u16(0), /* Size of */ + /* (if any) */ + 0, /* Attributes: Cont/Excl/Rst */ + tpm_u16(pw_sz), /* Size of */ + /* STRING(pw) (if any) */ + + /* LOCKOUT PARAMETERS */ + /* tpm_u32(max_tries) Max tries (0, always lock) */ + /* tpm_u32(recovery_time) Recovery time (0, no lock) */ + /* tpm_u32(lockout_recovery) Lockout recovery */ + }; + unsigned int offset = 27; + int ret; + + /* + * Fill the command structure starting from the first buffer: + * - the password (if any) + * - max tries + * - recovery time + * - lockout recovery + */ + ret = pack_byte_string(command_v2, sizeof(command_v2), "sddd", + offset, pw, pw_sz, + offset + pw_sz, max_tries, + offset + pw_sz + 4, recovery_time, + offset + pw_sz + 8, lockout_recovery); + offset += pw_sz + 12; + if (ret) + return TPM_LIB_ERROR; + + return tpm_sendrecv_command(command_v2, NULL, NULL); +} From patchwork Tue May 15 09:57:19 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913548 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYNm3TtNz9s08 for ; Tue, 15 May 2018 20:15:36 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 254C4C21ECE; Tue, 15 May 2018 10:08:11 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id B1499C21FCA; Tue, 15 May 2018 09:57:59 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id E333CC21F4D; Tue, 15 May 2018 09:57:46 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 96D8EC21DDC for ; Tue, 15 May 2018 09:57:37 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 5E1D8208BB; Tue, 15 May 2018 11:57:36 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 1DD1120737; Tue, 15 May 2018 11:57:36 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:19 +0200 Message-Id: <20180515095728.16572-24-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 23/32] tpm: add TPM2_HierarchyChangeAuth command support X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add support for the TPM2_HierarchyChangeAuth command. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- cmd/tpm-v2.c | 59 ++++++++++++++++++++++++++++++++++++++++++++------------ include/tpm-v2.h | 14 ++++++++++++++ lib/tpm-v2.c | 44 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 105 insertions(+), 12 deletions(-) diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c index 5e3ebc7984..b52409846b 100644 --- a/cmd/tpm-v2.c +++ b/cmd/tpm-v2.c @@ -234,6 +234,36 @@ static int do_tpm_dam_parameters(cmd_tbl_t *cmdtp, int flag, int argc, lockout_recovery)); } +static int do_tpm_change_auth(cmd_tbl_t *cmdtp, int flag, int argc, + char *const argv[]) +{ + u32 handle; + const char *newpw = argv[2]; + const char *oldpw = (argc == 3) ? NULL : argv[3]; + const ssize_t newpw_sz = strlen(newpw); + const ssize_t oldpw_sz = oldpw ? strlen(oldpw) : 0; + + if (argc < 3 || argc > 4) + return CMD_RET_USAGE; + + if (newpw_sz > TPM2_DIGEST_LEN || oldpw_sz > TPM2_DIGEST_LEN) + return -EINVAL; + + if (!strcasecmp("TPM2_RH_LOCKOUT", argv[1])) + handle = TPM2_RH_LOCKOUT; + else if (!strcasecmp("TPM2_RH_ENDORSEMENT", argv[1])) + handle = TPM2_RH_ENDORSEMENT; + else if (!strcasecmp("TPM2_RH_OWNER", argv[1])) + handle = TPM2_RH_OWNER; + else if (!strcasecmp("TPM2_RH_PLATFORM", argv[1])) + handle = TPM2_RH_PLATFORM; + else + return CMD_RET_USAGE; + + return report_return_code(tpm2_change_auth(handle, newpw, newpw_sz, + oldpw, oldpw_sz)); +} + static cmd_tbl_t tpm2_commands[] = { U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), @@ -245,6 +275,7 @@ static cmd_tbl_t tpm2_commands[] = { U_BOOT_CMD_MKENT(get_capability, 0, 1, do_tpm_get_capability, "", ""), U_BOOT_CMD_MKENT(dam_reset, 0, 1, do_tpm_dam_reset, "", ""), U_BOOT_CMD_MKENT(dam_parameters, 0, 1, do_tpm_dam_parameters, "", ""), + U_BOOT_CMD_MKENT(change_auth, 0, 1, do_tpm_change_auth, "", ""), }; cmd_tbl_t *get_tpm_commands(unsigned int *size) @@ -291,16 +322,20 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command", " : property\n" " : address to store entries of 4 bytes\n" " : number of entries to retrieve\n" -" dam_reset_counter []\n" -" - If the TPM is not in a LOCKOUT state, reset the internal error\n" -" counter (TPMv2 only)\n" -" dam_set_parameters []\n" -" - If the TPM is not in a LOCKOUT state, set the dictionary attack\n" -" parameters:\n" -" * maxTries: maximum number of failures before lockout.\n" -" 0 means always locking.\n" -" * recoveryTime: time before decrementation of the error counter,\n" -" 0 means no lockout.\n" -" * lockoutRecovery: time of a lockout (before the next try)\n" -" 0 means a reboot is needed.\n" +"dam_reset []\n" +" If the TPM is not in a LOCKOUT state, reset the internal error counter.\n" +" : optional password\n" +"dam_parameters []\n" +" If the TPM is not in a LOCKOUT state, set the DAM parameters\n" +" : maximum number of failures before lockout,\n" +" 0 means always locking\n" +" : time before decrement of the error counter,\n" +" 0 means no lockout\n" +" : time of a lockout (before the next try),\n" +" 0 means a reboot is needed\n" +" : optional password of the LOCKOUT hierarchy\n" +"change_auth []\n" +" : the hierarchy\n" +" : new password for \n" +" : optional previous password of \n" ); diff --git a/include/tpm-v2.h b/include/tpm-v2.h index 4e182cf827..19f0ecd80b 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -216,4 +216,18 @@ u32 tpm2_dam_parameters(const char *pw, const ssize_t pw_sz, unsigned int max_tries, unsigned int recovery_time, unsigned int lockout_recovery); +/** + * Issue a TPM2_HierarchyChangeAuth command. + * + * @handle Handle + * @newpw New password + * @newpw_sz Length of the new password + * @oldpw Old password + * @oldpw_sz Length of the old password + * + * @return code of the operation + */ +int tpm2_change_auth(u32 handle, const char *newpw, const ssize_t newpw_sz, + const char *oldpw, const ssize_t oldpw_sz); + #endif /* __TPM_V2_H */ diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index 5f1090eccb..219f0ee941 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -273,3 +273,47 @@ u32 tpm2_dam_parameters(const char *pw, const ssize_t pw_sz, return tpm_sendrecv_command(command_v2, NULL, NULL); } + +int tpm2_change_auth(u32 handle, const char *newpw, const ssize_t newpw_sz, + const char *oldpw, const ssize_t oldpw_sz) +{ + unsigned int offset = 27; + u8 command_v2[COMMAND_BUFFER_SIZE] = { + tpm_u16(TPM2_ST_SESSIONS), /* TAG */ + tpm_u32(offset + oldpw_sz + 2 + newpw_sz), /* Length */ + tpm_u32(TPM2_CC_HIERCHANGEAUTH), /* Command code */ + + /* HANDLE */ + tpm_u32(handle), /* TPM resource handle */ + + /* AUTH_SESSION */ + tpm_u32(9 + oldpw_sz), /* Authorization size */ + tpm_u32(TPM2_RS_PW), /* Session handle */ + tpm_u16(0), /* Size of */ + /* (if any) */ + 0, /* Attributes: Cont/Excl/Rst */ + tpm_u16(oldpw_sz) /* Size of */ + /* STRING(oldpw) (if any) */ + + /* TPM2B_AUTH (TPM2B_DIGEST) */ + /* tpm_u16(newpw_sz) Digest size, new pw length */ + /* STRING(newpw) Digest buffer, new pw */ + }; + int ret; + + /* + * Fill the command structure starting from the first buffer: + * - the old password (if any) + * - size of the new password + * - new password + */ + ret = pack_byte_string(command_v2, sizeof(command_v2), "sws", + offset, oldpw, oldpw_sz, + offset + oldpw_sz, newpw_sz, + offset + oldpw_sz + 2, newpw, newpw_sz); + offset += oldpw_sz + 2 + newpw_sz; + if (ret) + return TPM_LIB_ERROR; + + return tpm_sendrecv_command(command_v2, NULL, NULL); +} From patchwork Tue May 15 09:57:20 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913553 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYRf3HSqz9s08 for ; Tue, 15 May 2018 20:18:06 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 1E988C21EB4; Tue, 15 May 2018 10:08:33 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 6FCE1C21FCB; Tue, 15 May 2018 09:58:00 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 80FD8C21F8E; Tue, 15 May 2018 09:57:47 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id CFF2AC21EA1 for ; Tue, 15 May 2018 09:57:37 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 97F68208BC; Tue, 15 May 2018 11:57:36 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 4ABED20720; Tue, 15 May 2018 11:57:36 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:20 +0200 Message-Id: <20180515095728.16572-25-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 24/32] tpm: add PCR authentication commands support X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add support for the TPM2_PCR_SetAuthPolicy and TPM2_PCR_SetAuthValue commands. Change the command file and the help accordingly. Note: These commands could not be tested because the TPMs available do not support them, however they could be useful for someone else. The user is warned by the command help. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- cmd/tpm-v2.c | 48 ++++++++++++++++++++++++++ include/tpm-v2.h | 29 ++++++++++++++++ lib/tpm-v2.c | 100 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 177 insertions(+) diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c index b52409846b..6d7d6cabbd 100644 --- a/cmd/tpm-v2.c +++ b/cmd/tpm-v2.c @@ -264,6 +264,43 @@ static int do_tpm_change_auth(cmd_tbl_t *cmdtp, int flag, int argc, oldpw, oldpw_sz)); } +static int do_tpm_pcr_setauthpolicy(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) +{ + u32 index = simple_strtoul(argv[1], NULL, 0); + char *key = argv[2]; + const char *pw = (argc < 4) ? NULL : argv[3]; + const ssize_t pw_sz = pw ? strlen(pw) : 0; + + if (strlen(key) != TPM2_DIGEST_LEN) + return -EINVAL; + + if (argc < 3 || argc > 4) + return CMD_RET_USAGE; + + return report_return_code(tpm2_pcr_setauthpolicy(pw, pw_sz, index, + key)); +} + +static int do_tpm_pcr_setauthvalue(cmd_tbl_t *cmdtp, int flag, + int argc, char * const argv[]) +{ + u32 index = simple_strtoul(argv[1], NULL, 0); + char *key = argv[2]; + const ssize_t key_sz = strlen(key); + const char *pw = (argc < 4) ? NULL : argv[3]; + const ssize_t pw_sz = pw ? strlen(pw) : 0; + + if (strlen(key) != TPM2_DIGEST_LEN) + return -EINVAL; + + if (argc < 3 || argc > 4) + return CMD_RET_USAGE; + + return report_return_code(tpm2_pcr_setauthvalue(pw, pw_sz, index, + key, key_sz)); +} + static cmd_tbl_t tpm2_commands[] = { U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), @@ -276,6 +313,10 @@ static cmd_tbl_t tpm2_commands[] = { U_BOOT_CMD_MKENT(dam_reset, 0, 1, do_tpm_dam_reset, "", ""), U_BOOT_CMD_MKENT(dam_parameters, 0, 1, do_tpm_dam_parameters, "", ""), U_BOOT_CMD_MKENT(change_auth, 0, 1, do_tpm_change_auth, "", ""), + U_BOOT_CMD_MKENT(pcr_setauthpolicy, 0, 1, + do_tpm_pcr_setauthpolicy, "", ""), + U_BOOT_CMD_MKENT(pcr_setauthvalue, 0, 1, + do_tpm_pcr_setauthvalue, "", ""), }; cmd_tbl_t *get_tpm_commands(unsigned int *size) @@ -338,4 +379,11 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command", " : the hierarchy\n" " : new password for \n" " : optional previous password of \n" +"pcr_setauthpolicy|pcr_setauthvalue []\n" +" Change the to access PCR #.\n" +" hierarchy and may be empty.\n" +" /!\\WARNING: untested function, use at your own risks !\n" +" : index of the PCR\n" +" : secret to protect the access of PCR #\n" +" : optional password of the PLATFORM hierarchy\n" ); diff --git a/include/tpm-v2.h b/include/tpm-v2.h index 19f0ecd80b..b7820b405d 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -80,11 +80,13 @@ enum tpm2_command_codes { TPM2_CC_CLEAR = 0x0126, TPM2_CC_CLEARCONTROL = 0x0127, TPM2_CC_HIERCHANGEAUTH = 0x0129, + TPM2_CC_PCR_SETAUTHPOL = 0x012C, TPM2_CC_DAM_RESET = 0x0139, TPM2_CC_DAM_PARAMETERS = 0x013A, TPM2_CC_GET_CAPABILITY = 0x017A, TPM2_CC_PCR_READ = 0x017E, TPM2_CC_PCR_EXTEND = 0x0182, + TPM2_CC_PCR_SETAUTHVAL = 0x0183, }; /** @@ -230,4 +232,31 @@ u32 tpm2_dam_parameters(const char *pw, const ssize_t pw_sz, int tpm2_change_auth(u32 handle, const char *newpw, const ssize_t newpw_sz, const char *oldpw, const ssize_t oldpw_sz); +/** + * Issue a TPM_PCR_SetAuthPolicy command. + * + * @pw Platform password + * @pw_sz Length of the password + * @index Index of the PCR + * @digest New key to access the PCR + * + * @return code of the operation + */ +u32 tpm2_pcr_setauthpolicy(const char *pw, const ssize_t pw_sz, u32 index, + const char *key); + +/** + * Issue a TPM_PCR_SetAuthValue command. + * + * @pw Platform password + * @pw_sz Length of the password + * @index Index of the PCR + * @digest New key to access the PCR + * @key_sz Length of the new key + * + * @return code of the operation + */ +u32 tpm2_pcr_setauthvalue(const char *pw, const ssize_t pw_sz, u32 index, + const char *key, const ssize_t key_sz); + #endif /* __TPM_V2_H */ diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index 219f0ee941..2c2f4529b4 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -317,3 +317,103 @@ int tpm2_change_auth(u32 handle, const char *newpw, const ssize_t newpw_sz, return tpm_sendrecv_command(command_v2, NULL, NULL); } + +u32 tpm2_pcr_setauthpolicy(const char *pw, const ssize_t pw_sz, u32 index, + const char *key) +{ + u8 command_v2[COMMAND_BUFFER_SIZE] = { + tpm_u16(TPM2_ST_SESSIONS), /* TAG */ + tpm_u32(35 + pw_sz + TPM2_DIGEST_LEN), /* Length */ + tpm_u32(TPM2_CC_PCR_SETAUTHPOL), /* Command code */ + + /* HANDLE */ + tpm_u32(TPM2_RH_PLATFORM), /* TPM resource handle */ + + /* AUTH_SESSION */ + tpm_u32(9 + pw_sz), /* Authorization size */ + tpm_u32(TPM2_RS_PW), /* session handle */ + tpm_u16(0), /* Size of */ + /* (if any) */ + 0, /* Attributes: Cont/Excl/Rst */ + tpm_u16(pw_sz) /* Size of */ + /* STRING(pw) (if any) */ + + /* TPM2B_AUTH (TPM2B_DIGEST) */ + /* tpm_u16(TPM2_DIGEST_LEN) Digest size length */ + /* STRING(key) Digest buffer (PCR key) */ + + /* TPMI_ALG_HASH */ + /* tpm_u16(TPM2_ALG_SHA256) Algorithm of the hash */ + + /* TPMI_DH_PCR */ + /* tpm_u32(index), PCR Index */ + }; + unsigned int offset = 27; + int ret; + + /* + * Fill the command structure starting from the first buffer: + * - the password (if any) + * - the PCR key length + * - the PCR key + * - the hash algorithm + * - the PCR index + */ + ret = pack_byte_string(command_v2, sizeof(command_v2), "swswd", + offset, pw, pw_sz, + offset + pw_sz, TPM2_DIGEST_LEN, + offset + pw_sz + 2, key, TPM2_DIGEST_LEN, + offset + pw_sz + 2 + TPM2_DIGEST_LEN, + TPM2_ALG_SHA256, + offset + pw_sz + 4 + TPM2_DIGEST_LEN, index); + offset += pw_sz + 2 + TPM2_DIGEST_LEN + 2 + 4; + if (ret) + return TPM_LIB_ERROR; + + return tpm_sendrecv_command(command_v2, NULL, NULL); +} + +u32 tpm2_pcr_setauthvalue(const char *pw, const ssize_t pw_sz, u32 index, + const char *key, const ssize_t key_sz) +{ + u8 command_v2[COMMAND_BUFFER_SIZE] = { + tpm_u16(TPM2_ST_SESSIONS), /* TAG */ + tpm_u32(33 + pw_sz + TPM2_DIGEST_LEN), /* Length */ + tpm_u32(TPM2_CC_PCR_SETAUTHVAL), /* Command code */ + + /* HANDLE */ + tpm_u32(index), /* Handle (PCR Index) */ + + /* AUTH_SESSION */ + tpm_u32(9 + pw_sz), /* Authorization size */ + tpm_u32(TPM2_RS_PW), /* session handle */ + tpm_u16(0), /* Size of */ + /* (if any) */ + 0, /* Attributes: Cont/Excl/Rst */ + tpm_u16(pw_sz), /* Size of */ + /* STRING(pw) (if any) */ + + /* TPM2B_DIGEST */ + /* tpm_u16(key_sz) Key length */ + /* STRING(key) Key */ + }; + unsigned int offset = 27; + int ret; + + /* + * Fill the command structure starting from the first buffer: + * - the password (if any) + * - the number of digests, 1 in our case + * - the algorithm, sha256 in our case + * - the digest (64 bytes) + */ + ret = pack_byte_string(command_v2, sizeof(command_v2), "sws", + offset, pw, pw_sz, + offset + pw_sz, key_sz, + offset + pw_sz + 2, key, key_sz); + offset += pw_sz + 2 + key_sz; + if (ret) + return TPM_LIB_ERROR; + + return tpm_sendrecv_command(command_v2, NULL, NULL); +} From patchwork Tue May 15 09:57:21 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913560 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYVQ1gdHz9s1R for ; Tue, 15 May 2018 20:20:30 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id E9437C21ECF; Tue, 15 May 2018 10:11:41 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 76C0BC22027; Tue, 15 May 2018 09:58:07 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 3AC01C21FB9; Tue, 15 May 2018 09:57:47 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 110A9C21D56 for ; Tue, 15 May 2018 09:57:38 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id CAECB208BF; Tue, 15 May 2018 11:57:36 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 7F45F20737; Tue, 15 May 2018 11:57:36 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:21 +0200 Message-Id: <20180515095728.16572-26-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 25/32] tpm: add support for TPMv2.x SPI modules X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add the tpm2_tis_spi driver that should support any TPMv2 compliant (SPI) module. Signed-off-by: Miquel Raynal Reviewed-by: Tom Rini Reviewed-by: Simon Glass --- drivers/tpm/Kconfig | 10 + drivers/tpm/Makefile | 2 + drivers/tpm/tpm2_tis_spi.c | 664 +++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 676 insertions(+) create mode 100644 drivers/tpm/tpm2_tis_spi.c diff --git a/drivers/tpm/Kconfig b/drivers/tpm/Kconfig index 01967ffd35..6661dcc1e3 100644 --- a/drivers/tpm/Kconfig +++ b/drivers/tpm/Kconfig @@ -141,6 +141,16 @@ config TPM_V2 if TPM_V2 && !TPM_V1 +config TPM2_TIS_SPI + bool "Enable support for TPMv2.x SPI chips" + depends on TPM_V2 && DM_SPI + select TPM_DRIVER_SELECTED + help + This driver supports TPMv2.x devices connected on the SPI bus. + The usual TPM operations and the 'tpm' command can be used to talk + to the device using the standard TPM Interface Specification (TIS) + protocol. + endif # TPM_V2 endmenu diff --git a/drivers/tpm/Makefile b/drivers/tpm/Makefile index c42a93f267..2c88b64659 100644 --- a/drivers/tpm/Makefile +++ b/drivers/tpm/Makefile @@ -11,3 +11,5 @@ obj-$(CONFIG_TPM_TIS_LPC) += tpm_tis_lpc.o obj-$(CONFIG_TPM_TIS_SANDBOX) += tpm_tis_sandbox.o obj-$(CONFIG_TPM_ST33ZP24_I2C) += tpm_tis_st33zp24_i2c.o obj-$(CONFIG_TPM_ST33ZP24_SPI) += tpm_tis_st33zp24_spi.o + +obj-$(CONFIG_TPM2_TIS_SPI) += tpm2_tis_spi.o diff --git a/drivers/tpm/tpm2_tis_spi.c b/drivers/tpm/tpm2_tis_spi.c new file mode 100644 index 0000000000..6a4d5284c9 --- /dev/null +++ b/drivers/tpm/tpm2_tis_spi.c @@ -0,0 +1,664 @@ +/* + * Author: + * Miquel Raynal + * + * Description: + * SPI-level driver for TCG/TIS TPM (trusted platform module). + * Specifications at www.trustedcomputinggroup.org + * + * This device driver implements the TPM interface as defined in + * the TCG SPI protocol stack version 2.0. + * + * It is based on the U-Boot driver tpm_tis_infineon_i2c.c. + * + * SPDX-License-Identifier: GPL-2.0 + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "tpm_tis.h" +#include "tpm_internal.h" + +DECLARE_GLOBAL_DATA_PTR; + +#define TPM_ACCESS(l) (0x0000 | ((l) << 12)) +#define TPM_INT_ENABLE(l) (0x0008 | ((l) << 12)) +#define TPM_STS(l) (0x0018 | ((l) << 12)) +#define TPM_DATA_FIFO(l) (0x0024 | ((l) << 12)) +#define TPM_DID_VID(l) (0x0F00 | ((l) << 12)) +#define TPM_RID(l) (0x0F04 | ((l) << 12)) + +#define MAX_SPI_FRAMESIZE 64 + +/* Number of wait states to wait for */ +#define TPM_WAIT_STATES 100 + +/** + * struct tpm_tis_chip_data - Non-discoverable TPM information + * + * @pcr_count: Number of PCR per bank + * @pcr_select_min: Size in octets of the pcrSelect array + */ +struct tpm_tis_chip_data { + unsigned int pcr_count; + unsigned int pcr_select_min; + unsigned int time_before_first_cmd_ms; +}; + +/** + * tpm_tis_spi_read() - Read from TPM register + * + * @addr: register address to read from + * @buffer: provided by caller + * @len: number of bytes to read + * + * Read len bytes from TPM register and put them into + * buffer (little-endian format, i.e. first byte is put into buffer[0]). + * + * NOTE: TPM is big-endian for multi-byte values. Multi-byte + * values have to be swapped. + * + * @return -EIO on error, 0 on success. + */ +static int tpm_tis_spi_xfer(struct udevice *dev, u32 addr, const u8 *out, + u8 *in, u16 len) +{ + struct spi_slave *slave = dev_get_parent_priv(dev); + int transfer_len, ret; + u8 tx_buf[MAX_SPI_FRAMESIZE]; + u8 rx_buf[MAX_SPI_FRAMESIZE]; + + if (in && out) { + log(LOGC_NONE, LOGL_ERR, "%s: can't do full duplex\n", + __func__); + return -EINVAL; + } + + ret = spi_claim_bus(slave); + if (ret < 0) { + log(LOGC_NONE, LOGL_ERR, "%s: could not claim bus\n", __func__); + return ret; + } + + while (len) { + /* Request */ + transfer_len = min_t(u16, len, MAX_SPI_FRAMESIZE); + tx_buf[0] = (in ? BIT(7) : 0) | (transfer_len - 1); + tx_buf[1] = 0xD4; + tx_buf[2] = addr >> 8; + tx_buf[3] = addr; + + ret = spi_xfer(slave, 4 * 8, tx_buf, rx_buf, SPI_XFER_BEGIN); + if (ret < 0) { + log(LOGC_NONE, LOGL_ERR, + "%s: spi request transfer failed (err: %d)\n", + __func__, ret); + goto release_bus; + } + + /* Wait state */ + if (!(rx_buf[3] & 0x1)) { + int i; + + for (i = 0; i < TPM_WAIT_STATES; i++) { + ret = spi_xfer(slave, 1 * 8, NULL, rx_buf, 0); + if (ret) { + log(LOGC_NONE, LOGL_ERR, + "%s: wait state failed: %d\n", + __func__, ret); + goto release_bus; + } + + if (rx_buf[0] & 0x1) + break; + } + + if (i == TPM_WAIT_STATES) { + log(LOGC_NONE, LOGL_ERR, + "%s: timeout on wait state\n", __func__); + ret = -ETIMEDOUT; + goto release_bus; + } + } + + /* Read/Write */ + if (out) { + memcpy(tx_buf, out, transfer_len); + out += transfer_len; + } + + ret = spi_xfer(slave, transfer_len * 8, + out ? tx_buf : NULL, + in ? rx_buf : NULL, + SPI_XFER_END); + if (ret) { + log(LOGC_NONE, LOGL_ERR, + "%s: spi read transfer failed (err: %d)\n", + __func__, ret); + goto release_bus; + } + + if (in) { + memcpy(in, rx_buf, transfer_len); + in += transfer_len; + } + + len -= transfer_len; + } + +release_bus: + /* If an error occurred, release the chip by deasserting the CS */ + if (ret < 0) + spi_xfer(slave, 0, NULL, NULL, SPI_XFER_END); + + spi_release_bus(slave); + + return ret; +} + +static int tpm_tis_spi_read(struct udevice *dev, u16 addr, u8 *in, u16 len) +{ + return tpm_tis_spi_xfer(dev, addr, NULL, in, len); +} + +static int tpm_tis_spi_read32(struct udevice *dev, u32 addr, u32 *result) +{ + __le32 result_le; + int ret; + + ret = tpm_tis_spi_read(dev, addr, (u8 *)&result_le, sizeof(u32)); + if (!ret) + *result = le32_to_cpu(result_le); + + return ret; +} + +static int tpm_tis_spi_write(struct udevice *dev, u16 addr, const u8 *out, + u16 len) +{ + return tpm_tis_spi_xfer(dev, addr, out, NULL, len); +} + +static int tpm_tis_spi_check_locality(struct udevice *dev, int loc) +{ + const u8 mask = TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID; + struct tpm_chip *chip = dev_get_priv(dev); + u8 buf; + int ret; + + ret = tpm_tis_spi_read(dev, TPM_ACCESS(loc), &buf, 1); + if (ret) + return ret; + + if ((buf & mask) == mask) { + chip->locality = loc; + return 0; + } + + return -ENOENT; +} + +static void tpm_tis_spi_release_locality(struct udevice *dev, int loc, + bool force) +{ + const u8 mask = TPM_ACCESS_REQUEST_PENDING | TPM_ACCESS_VALID; + u8 buf; + + if (tpm_tis_spi_read(dev, TPM_ACCESS(loc), &buf, 1) < 0) + return; + + if (force || (buf & mask) == mask) { + buf = TPM_ACCESS_ACTIVE_LOCALITY; + tpm_tis_spi_write(dev, TPM_ACCESS(loc), &buf, 1); + } +} + +static int tpm_tis_spi_request_locality(struct udevice *dev, int loc) +{ + struct tpm_chip *chip = dev_get_priv(dev); + unsigned long start, stop; + u8 buf = TPM_ACCESS_REQUEST_USE; + int ret; + + ret = tpm_tis_spi_check_locality(dev, loc); + if (!ret) + return 0; + + if (ret != -ENOENT) { + log(LOGC_NONE, LOGL_ERR, "%s: Failed to get locality: %d\n", + __func__, ret); + return ret; + } + + ret = tpm_tis_spi_write(dev, TPM_ACCESS(loc), &buf, 1); + if (ret) { + log(LOGC_NONE, LOGL_ERR, "%s: Failed to write to TPM: %d\n", + __func__, ret); + return ret; + } + + start = get_timer(0); + stop = chip->timeout_a; + do { + ret = tpm_tis_spi_check_locality(dev, loc); + if (!ret) + return 0; + + if (ret != -ENOENT) { + log(LOGC_NONE, LOGL_ERR, + "%s: Failed to get locality: %d\n", __func__, ret); + return ret; + } + + mdelay(TPM_TIMEOUT_MS); + } while (get_timer(start) < stop); + + log(LOGC_NONE, LOGL_ERR, "%s: Timeout getting locality: %d\n", __func__, + ret); + + return ret; +} + +static u8 tpm_tis_spi_status(struct udevice *dev, u8 *status) +{ + struct tpm_chip *chip = dev_get_priv(dev); + + return tpm_tis_spi_read(dev, TPM_STS(chip->locality), status, 1); +} + +static int tpm_tis_spi_wait_for_stat(struct udevice *dev, u8 mask, + unsigned long timeout, u8 *status) +{ + unsigned long start = get_timer(0); + unsigned long stop = timeout; + int ret; + + do { + mdelay(TPM_TIMEOUT_MS); + ret = tpm_tis_spi_status(dev, status); + if (ret) + return ret; + + if ((*status & mask) == mask) + return 0; + } while (get_timer(start) < stop); + + return -ETIMEDOUT; +} + +static int tpm_tis_spi_get_burstcount(struct udevice *dev) +{ + struct tpm_chip *chip = dev_get_priv(dev); + unsigned long start, stop; + u32 burstcount, ret; + + /* wait for burstcount */ + start = get_timer(0); + stop = chip->timeout_d; + do { + ret = tpm_tis_spi_read32(dev, TPM_STS(chip->locality), + &burstcount); + if (ret) + return -EBUSY; + + burstcount = (burstcount >> 8) & 0xFFFF; + if (burstcount) + return burstcount; + + mdelay(TPM_TIMEOUT_MS); + } while (get_timer(start) < stop); + + return -EBUSY; +} + +static int tpm_tis_spi_cancel(struct udevice *dev) +{ + struct tpm_chip *chip = dev_get_priv(dev); + u8 data = TPM_STS_COMMAND_READY; + + return tpm_tis_spi_write(dev, TPM_STS(chip->locality), &data, 1); +} + +static int tpm_tis_spi_recv_data(struct udevice *dev, u8 *buf, size_t count) +{ + struct tpm_chip *chip = dev_get_priv(dev); + int size = 0, burstcnt, len, ret; + u8 status; + + while (size < count && + tpm_tis_spi_wait_for_stat(dev, + TPM_STS_DATA_AVAIL | TPM_STS_VALID, + chip->timeout_c, &status) == 0) { + burstcnt = tpm_tis_spi_get_burstcount(dev); + if (burstcnt < 0) + return burstcnt; + + len = min_t(int, burstcnt, count - size); + ret = tpm_tis_spi_read(dev, TPM_DATA_FIFO(chip->locality), + buf + size, len); + if (ret < 0) + return ret; + + size += len; + } + + return size; +} + +static int tpm_tis_spi_recv(struct udevice *dev, u8 *buf, size_t count) +{ + struct tpm_chip *chip = dev_get_priv(dev); + int size, expected; + + if (!chip) + return -ENODEV; + + if (count < TPM_HEADER_SIZE) { + size = -EIO; + goto out; + } + + size = tpm_tis_spi_recv_data(dev, buf, TPM_HEADER_SIZE); + if (size < TPM_HEADER_SIZE) { + log(LOGC_NONE, LOGL_ERR, "TPM error, unable to read header\n"); + goto out; + } + + expected = get_unaligned_be32(buf + 2); + if (expected > count) { + size = -EIO; + goto out; + } + + size += tpm_tis_spi_recv_data(dev, &buf[TPM_HEADER_SIZE], + expected - TPM_HEADER_SIZE); + if (size < expected) { + log(LOGC_NONE, LOGL_ERR, + "TPM error, unable to read remaining bytes of result\n"); + size = -EIO; + goto out; + } + +out: + tpm_tis_spi_cancel(dev); + tpm_tis_spi_release_locality(dev, chip->locality, false); + + return size; +} + +static int tpm_tis_spi_send(struct udevice *dev, const u8 *buf, size_t len) +{ + struct tpm_chip *chip = dev_get_priv(dev); + u32 i, size; + u8 status; + int burstcnt, ret; + u8 data; + + if (!chip) + return -ENODEV; + + if (len > TPM_DEV_BUFSIZE) + return -E2BIG; /* Command is too long for our tpm, sorry */ + + ret = tpm_tis_spi_request_locality(dev, 0); + if (ret < 0) + return -EBUSY; + + /* + * Check if the TPM is ready. If not, if not, cancel the pending command + * and poll on the status to be finally ready. + */ + ret = tpm_tis_spi_status(dev, &status); + if (ret) + return ret; + + if (!(status & TPM_STS_COMMAND_READY)) { + /* Force the transition, usually this will be done at startup */ + ret = tpm_tis_spi_cancel(dev); + if (ret) { + log(LOGC_NONE, LOGL_ERR, + "%s: Could not cancel previous operation\n", + __func__); + goto out_err; + } + + ret = tpm_tis_spi_wait_for_stat(dev, TPM_STS_COMMAND_READY, + chip->timeout_b, &status); + if (ret < 0 || !(status & TPM_STS_COMMAND_READY)) { + log(LOGC_NONE, LOGL_ERR, + "status %d after wait for stat returned %d\n", + status, ret); + goto out_err; + } + } + + for (i = 0; i < len - 1;) { + burstcnt = tpm_tis_spi_get_burstcount(dev); + if (burstcnt < 0) + return burstcnt; + + size = min_t(int, len - i - 1, burstcnt); + ret = tpm_tis_spi_write(dev, TPM_DATA_FIFO(chip->locality), + buf + i, size); + if (ret < 0) + goto out_err; + + i += size; + } + + ret = tpm_tis_spi_status(dev, &status); + if (ret) + goto out_err; + + if ((status & TPM_STS_DATA_EXPECT) == 0) { + ret = -EIO; + goto out_err; + } + + ret = tpm_tis_spi_write(dev, TPM_DATA_FIFO(chip->locality), + buf + len - 1, 1); + if (ret) + goto out_err; + + ret = tpm_tis_spi_status(dev, &status); + if (ret) + goto out_err; + + if ((status & TPM_STS_DATA_EXPECT) != 0) { + ret = -EIO; + goto out_err; + } + + data = TPM_STS_GO; + ret = tpm_tis_spi_write(dev, TPM_STS(chip->locality), &data, 1); + if (ret) + goto out_err; + + return len; + +out_err: + tpm_tis_spi_cancel(dev); + tpm_tis_spi_release_locality(dev, chip->locality, false); + + return ret; +} + +static int tpm_tis_spi_cleanup(struct udevice *dev) +{ + struct tpm_chip *chip = dev_get_priv(dev); + + tpm_tis_spi_cancel(dev); + /* + * The TPM needs some time to clean up here, + * so we sleep rather than keeping the bus busy + */ + mdelay(2); + tpm_tis_spi_release_locality(dev, chip->locality, false); + + return 0; +} + +static int tpm_tis_spi_open(struct udevice *dev) +{ + struct tpm_chip *chip = dev_get_priv(dev); + + if (chip->is_open) + return -EBUSY; + + chip->is_open = 1; + + return 0; +} + +static int tpm_tis_spi_close(struct udevice *dev) +{ + struct tpm_chip *chip = dev_get_priv(dev); + + if (chip->is_open) { + tpm_tis_spi_release_locality(dev, chip->locality, true); + chip->is_open = 0; + } + + return 0; +} + +static int tpm_tis_get_desc(struct udevice *dev, char *buf, int size) +{ + struct tpm_chip *chip = dev_get_priv(dev); + + if (size < 80) + return -ENOSPC; + + return snprintf(buf, size, + "%s v2.0: VendorID 0x%04x, DeviceID 0x%04x, RevisionID 0x%02x [%s]", + dev->name, chip->vend_dev & 0xFFFF, + chip->vend_dev >> 16, chip->rid, + (chip->is_open ? "open" : "closed")); +} + +static int tpm_tis_wait_init(struct udevice *dev, int loc) +{ + struct tpm_chip *chip = dev_get_priv(dev); + unsigned long start, stop; + u8 status; + int ret; + + start = get_timer(0); + stop = chip->timeout_b; + do { + mdelay(TPM_TIMEOUT_MS); + + ret = tpm_tis_spi_read(dev, TPM_ACCESS(loc), &status, 1); + if (ret) + break; + + if (status & TPM_ACCESS_VALID) + return 0; + } while (get_timer(start) < stop); + + return -EIO; +} + +static int tpm_tis_spi_probe(struct udevice *dev) +{ + struct tpm_tis_chip_data *drv_data = (void *)dev_get_driver_data(dev); + struct tpm_chip_priv *priv = dev_get_uclass_priv(dev); + struct tpm_chip *chip = dev_get_priv(dev); + int ret; + + /* Ensure a minimum amount of time elapsed since reset of the TPM */ + mdelay(drv_data->time_before_first_cmd_ms); + + chip->locality = 0; + chip->timeout_a = TIS_SHORT_TIMEOUT_MS; + chip->timeout_b = TIS_LONG_TIMEOUT_MS; + chip->timeout_c = TIS_SHORT_TIMEOUT_MS; + chip->timeout_d = TIS_SHORT_TIMEOUT_MS; + priv->pcr_count = drv_data->pcr_count; + priv->pcr_select_min = drv_data->pcr_select_min; + + ret = tpm_tis_wait_init(dev, chip->locality); + if (ret) { + log(LOGC_DM, LOGL_ERR, "%s: no device found\n", __func__); + return ret; + } + + ret = tpm_tis_spi_request_locality(dev, chip->locality); + if (ret) { + log(LOGC_NONE, LOGL_ERR, "%s: could not request locality %d\n", + __func__, chip->locality); + return ret; + } + + ret = tpm_tis_spi_read32(dev, TPM_DID_VID(chip->locality), + &chip->vend_dev); + if (ret) { + log(LOGC_NONE, LOGL_ERR, + "%s: could not retrieve VendorID/DeviceID\n", __func__); + return ret; + } + + ret = tpm_tis_spi_read(dev, TPM_RID(chip->locality), &chip->rid, 1); + if (ret) { + log(LOGC_NONE, LOGL_ERR, "%s: could not retrieve RevisionID\n", + __func__); + return ret; + } + + log(LOGC_NONE, LOGL_ERR, + "SPI TPMv2.0 found (vid:%04x, did:%04x, rid:%02x)\n", + chip->vend_dev & 0xFFFF, chip->vend_dev >> 16, chip->rid); + + return 0; +} + +static int tpm_tis_spi_remove(struct udevice *dev) +{ + struct tpm_chip *chip = dev_get_priv(dev); + + tpm_tis_spi_release_locality(dev, chip->locality, true); + + return 0; +} + +static const struct tpm_ops tpm_tis_spi_ops = { + .open = tpm_tis_spi_open, + .close = tpm_tis_spi_close, + .get_desc = tpm_tis_get_desc, + .send = tpm_tis_spi_send, + .recv = tpm_tis_spi_recv, + .cleanup = tpm_tis_spi_cleanup, +}; + +static const struct tpm_tis_chip_data tpm_tis_std_chip_data = { + .pcr_count = 24, + .pcr_select_min = 3, + .time_before_first_cmd_ms = 30, +}; + +static const struct udevice_id tpm_tis_spi_ids[] = { + { + .compatible = "tis,tpm2-spi", + .data = (ulong)&tpm_tis_std_chip_data, + }, + { } +}; + +U_BOOT_DRIVER(tpm_tis_spi) = { + .name = "tpm_tis_spi", + .id = UCLASS_TPM, + .of_match = tpm_tis_spi_ids, + .ops = &tpm_tis_spi_ops, + .probe = tpm_tis_spi_probe, + .remove = tpm_tis_spi_remove, + .priv_auto_alloc_size = sizeof(struct tpm_chip), +}; From patchwork Tue May 15 09:57:22 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913550 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYQ46MjWz9s08 for ; Tue, 15 May 2018 20:16:44 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 8D961C21EBD; Tue, 15 May 2018 10:11:21 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 6513DC22041; Tue, 15 May 2018 09:58:06 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id A2CBFC21F8C; Tue, 15 May 2018 09:57:47 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 27724C21E74 for ; Tue, 15 May 2018 09:57:38 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id EFC9B208C1; Tue, 15 May 2018 11:57:36 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id B4B2D20720; Tue, 15 May 2018 11:57:36 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:22 +0200 Message-Id: <20180515095728.16572-27-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 26/32] tpm: add the possibility to reset the chip with a gpio X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" On some designs, the reset line could not be connected to the SoC reset line, in this case, request the GPIO and ensure the chip gets reset. Signed-off-by: Miquel Raynal Reviewed-by: Tom Rini Reviewed-by: Simon Glass --- drivers/tpm/tpm2_tis_spi.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/drivers/tpm/tpm2_tis_spi.c b/drivers/tpm/tpm2_tis_spi.c index 6a4d5284c9..1c7f8f3673 100644 --- a/drivers/tpm/tpm2_tis_spi.c +++ b/drivers/tpm/tpm2_tis_spi.c @@ -24,6 +24,9 @@ #include #include #include +#ifdef CONFIG_DM_GPIO +#include +#endif #include "tpm_tis.h" #include "tpm_internal.h" @@ -574,6 +577,20 @@ static int tpm_tis_spi_probe(struct udevice *dev) struct tpm_chip_priv *priv = dev_get_uclass_priv(dev); struct tpm_chip *chip = dev_get_priv(dev); int ret; +#ifdef CONFIG_DM_GPIO + struct gpio_desc reset_gpio; + + ret = gpio_request_by_name(dev, "gpio-reset", 0, + &reset_gpio, GPIOD_IS_OUT); + if (ret) { + log(LOGC_NONE, LOGL_NOTICE, "%s: missing reset GPIO\n", + __func__); + } else { + dm_gpio_set_value(&reset_gpio, 0); + mdelay(1); + dm_gpio_set_value(&reset_gpio, 1); + } +#endif /* Ensure a minimum amount of time elapsed since reset of the TPM */ mdelay(drv_data->time_before_first_cmd_ms); From patchwork Tue May 15 09:57:23 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913559 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYVM4F0jz9s08 for ; Tue, 15 May 2018 20:20:27 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 4AF1FC21F0B; Tue, 15 May 2018 10:12:21 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 5F2E8C21F13; Tue, 15 May 2018 09:58:08 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 59852C21FA5; Tue, 15 May 2018 09:57:47 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 61FDDC21EA8 for ; Tue, 15 May 2018 09:57:38 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 2BDB520794; Tue, 15 May 2018 11:57:37 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id E4D0D20737; Tue, 15 May 2018 11:57:36 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:23 +0200 Message-Id: <20180515095728.16572-28-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 27/32] doc: device-tree-bindings: add TIS TPMv2.0 SPI module info X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add TIS TPMv2.0 SPI module bindings. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- doc/device-tree-bindings/tpm2/tis-tpm2-spi.txt | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 doc/device-tree-bindings/tpm2/tis-tpm2-spi.txt diff --git a/doc/device-tree-bindings/tpm2/tis-tpm2-spi.txt b/doc/device-tree-bindings/tpm2/tis-tpm2-spi.txt new file mode 100644 index 0000000000..b48a15112d --- /dev/null +++ b/doc/device-tree-bindings/tpm2/tis-tpm2-spi.txt @@ -0,0 +1,18 @@ +ST33TPHF20 SPI TPMv2.0 bindings +------------------------------- + +Required properties: +- compatible : Should be "tis,tpm2-spi" +- reg : SPI Chip select + +Optional properties: +- gpio-reset : Reset GPIO (if not connected to the SoC reset line) +- spi-max-frequency : See spi-bus.txt + +Example: + + tpm@1 { + compatible = "tis,tpm2-spi"; + reg = <1>; + spi-max-frequency = <10000000>; + }; From patchwork Tue May 15 09:57:24 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913558 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYTb2BJmz9s08 for ; Tue, 15 May 2018 20:19:47 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id F3354C21E88; Tue, 15 May 2018 10:10:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 84479C22028; Tue, 15 May 2018 09:58:04 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 2D2A8C21F50; Tue, 15 May 2018 09:57:47 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 96F8DC21C51 for ; Tue, 15 May 2018 09:57:38 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 6144B208B2; Tue, 15 May 2018 11:57:37 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 1D5CF20720; Tue, 15 May 2018 11:57:37 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:24 +0200 Message-Id: <20180515095728.16572-29-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 28/32] test/py: add TPMv2.x test suite X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add tests for the TPMv2.x commands. These commands may run both on a physical TPM and with the sandbox driver. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- test/py/tests/test_tpm2.py | 234 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 234 insertions(+) create mode 100644 test/py/tests/test_tpm2.py diff --git a/test/py/tests/test_tpm2.py b/test/py/tests/test_tpm2.py new file mode 100644 index 0000000000..2e0ef42fd4 --- /dev/null +++ b/test/py/tests/test_tpm2.py @@ -0,0 +1,234 @@ +# Copyright (c) 2018, Bootlin +# Author: Miquel Raynal +# +# SPDX-License-Identifier: GPL-2.0+ + +import os.path +import pytest +import u_boot_utils +import re +import time + +""" +Test the TPMv2.x related commands. You must have a working hardware setup in +order to do these tests. + +Notes: +* These tests will prove the password mechanism. The TPM chip must be cleared of +any password. +* Commands like pcr_setauthpolicy and pcr_resetauthpolicy are not implemented +here because they would fail the tests in most cases (TPMs do not implement them +and return an error). +""" + +updates = 0 + +def force_init(u_boot_console, force=False): + """When a test fails, U-Boot is reset. Because TPM stack must be initialized + after each reboot, we must ensure these lines are always executed before + trying any command or they will fail with no reason. Executing 'tpm init' + twice will spawn an error used to detect that the TPM was not reset and no + initialization code should be run. + """ + output = u_boot_console.run_command('tpm init') + if force or not 'Error' in output: + u_boot_console.run_command('echo --- start of init ---') + u_boot_console.run_command('tpm startup TPM2_SU_CLEAR') + u_boot_console.run_command('tpm self_test full') + u_boot_console.run_command('tpm clear TPM2_RH_LOCKOUT') + output = u_boot_console.run_command('echo $?') + if not output.endswith('0'): + u_boot_console.run_command('tpm clear TPM2_RH_PLATFORM') + u_boot_console.run_command('echo --- end of init ---') + +@pytest.mark.buildconfigspec('cmd_tpm_v2') +def test_tpm2_init(u_boot_console): + """Init the software stack to use TPMv2 commands.""" + + u_boot_console.run_command('tpm init') + output = u_boot_console.run_command('echo $?') + assert output.endswith('0') + +@pytest.mark.buildconfigspec('cmd_tpm_v2') +def test_tpm2_startup(u_boot_console): + """Execute a TPM2_Startup command. + + Initiate the TPM internal state machine. + """ + + u_boot_console.run_command('tpm startup TPM2_SU_CLEAR') + output = u_boot_console.run_command('echo $?') + assert output.endswith('0') + +@pytest.mark.buildconfigspec('cmd_tpm_v2') +def test_tpm2_self_test_full(u_boot_console): + """Execute a TPM2_SelfTest (full) command. + + Ask the TPM to perform all self tests to also enable full capabilities. + """ + + u_boot_console.run_command('tpm self_test full') + output = u_boot_console.run_command('echo $?') + assert output.endswith('0') + +@pytest.mark.buildconfigspec('cmd_tpm_v2') +def test_tpm2_continue_self_test(u_boot_console): + """Execute a TPM2_SelfTest (continued) command. + + Ask the TPM to finish its self tests (alternative to the full test) in order + to enter a fully operational state. + """ + + u_boot_console.run_command('tpm self_test continue') + output = u_boot_console.run_command('echo $?') + assert output.endswith('0') + +@pytest.mark.buildconfigspec('cmd_tpm_v2') +def test_tpm2_clear(u_boot_console): + """Execute a TPM2_Clear command. + + Ask the TPM to reset entirely its internal state (including internal + configuration, passwords, counters and DAM parameters). This is half of the + TAKE_OWNERSHIP command from TPMv1. + + Use the LOCKOUT hierarchy for this. The LOCKOUT/PLATFORM hierarchies must + not have a password set, otherwise this test will fail. ENDORSEMENT and + PLATFORM hierarchies are also available. + """ + + u_boot_console.run_command('tpm clear TPM2_RH_LOCKOUT') + output = u_boot_console.run_command('echo $?') + assert output.endswith('0') + + u_boot_console.run_command('tpm clear TPM2_RH_PLATFORM') + output = u_boot_console.run_command('echo $?') + assert output.endswith('0') + +@pytest.mark.buildconfigspec('cmd_tpm_v2') +def test_tpm2_change_auth(u_boot_console): + """Execute a TPM2_HierarchyChangeAuth command. + + Ask the TPM to change the owner, ie. set a new password: 'unicorn' + + Use the LOCKOUT hierarchy for this. ENDORSEMENT and PLATFORM hierarchies are + also available. + """ + + force_init(u_boot_console) + + u_boot_console.run_command('tpm change_auth TPM2_RH_LOCKOUT unicorn') + output = u_boot_console.run_command('echo $?') + assert output.endswith('0') + + u_boot_console.run_command('tpm clear TPM2_RH_LOCKOUT unicorn') + output = u_boot_console.run_command('echo $?') + u_boot_console.run_command('tpm clear TPM2_RH_PLATFORM') + assert output.endswith('0') + +@pytest.mark.buildconfigspec('cmd_tpm_v2') +def test_tpm2_get_capability(u_boot_console): + """Execute a TPM_GetCapability command. + + Display one capability. In our test case, let's display the default DAM + lockout counter that should be 0 since the CLEAR: + - TPM_CAP_TPM_PROPERTIES = 0x6 + - TPM_PT_LOCKOUT_COUNTER (1st parameter) = PTR_VAR + 14 + + There is no expected default values because it would depend on the chip + used. We can still save them in order to check they have changed later. + """ + + force_init(u_boot_console) + ram = u_boot_utils.find_ram_base(u_boot_console) + + read_cap = u_boot_console.run_command('tpm get_capability 0x6 0x20e 0x200 1') #0x%x 1' % ram) + output = u_boot_console.run_command('echo $?') + assert output.endswith('0') + assert 'Property 0x0000020e: 0x00000000' in read_cap + +@pytest.mark.buildconfigspec('cmd_tpm_v2') +def test_tpm2_dam_parameters(u_boot_console): + """Execute a TPM2_DictionaryAttackParameters command. + + Change Dictionary Attack Mitigation (DAM) parameters. Ask the TPM to change: + - Max number of failed authentication before lockout: 3 + - Time before the failure counter is automatically decremented: 10 sec + - Time after a lockout failure before it can be attempted again: 0 sec + + For an unknown reason, the DAM parameters must be changed before changing + the authentication, otherwise the lockout will be engaged after the first + failed authentication attempt. + """ + + force_init(u_boot_console) + ram = u_boot_utils.find_ram_base(u_boot_console) + + # Set the DAM parameters to known values + u_boot_console.run_command('tpm dam_parameters 3 10 0') + output = u_boot_console.run_command('echo $?') + assert output.endswith('0') + + # Check the values have been saved + read_cap = u_boot_console.run_command('tpm get_capability 0x6 0x20f 0x%x 3' % ram) + output = u_boot_console.run_command('echo $?') + assert output.endswith('0') + assert 'Property 0x0000020f: 0x00000003' in read_cap + assert 'Property 0x00000210: 0x0000000a' in read_cap + assert 'Property 0x00000211: 0x00000000' in read_cap + +@pytest.mark.buildconfigspec('cmd_tpm_v2') +def test_tpm2_pcr_read(u_boot_console): + """Execute a TPM2_PCR_Read command. + + Perform a PCR read of the 0th PCR. Must be zero. + """ + + force_init(u_boot_console) + ram = u_boot_utils.find_ram_base(u_boot_console) + 1024 + + read_pcr = u_boot_console.run_command('tpm pcr_read 0 0x%x' % ram) + output = u_boot_console.run_command('echo $?') + assert output.endswith('0') + + # Save the number of PCR updates + str = re.findall(r'\d+ known updates', read_pcr)[0] + global updates + updates = int(re.findall(r'\d+', str)[0]) + + # Check the output value + assert 'PCR #0 content' in read_pcr + assert '00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00' in read_pcr + +@pytest.mark.buildconfigspec('cmd_tpm_v2') +def test_tpm2_pcr_extend(u_boot_console): + """Execute a TPM2_PCR_Extend command. + + Perform a PCR extension with a known hash in memory (zeroed since the board + must have been rebooted). + + No authentication mechanism is used here, not protecting against packet + replay, yet. + """ + + force_init(u_boot_console) + ram = u_boot_utils.find_ram_base(u_boot_console) + 1024 + + u_boot_console.run_command('tpm pcr_extend 0 0x%x' % ram) + output = u_boot_console.run_command('echo $?') + assert output.endswith('0') + + read_pcr = u_boot_console.run_command('tpm pcr_read 0 0x%x' % ram) + output = u_boot_console.run_command('echo $?') + assert output.endswith('0') + assert 'f5 a5 fd 42 d1 6a 20 30 27 98 ef 6e d3 09 97 9b' in read_pcr + assert '43 00 3d 23 20 d9 f0 e8 ea 98 31 a9 27 59 fb 4b' in read_pcr + + str = re.findall(r'\d+ known updates', read_pcr)[0] + new_updates = int(re.findall(r'\d+', str)[0]) + assert (updates + 1) == new_updates + +@pytest.mark.buildconfigspec('cmd_tpm_v2') +def test_tpm2_cleanup(u_boot_console): + """Ensure the TPM is cleared from password or test related configuration.""" + + force_init(u_boot_console, True) From patchwork Tue May 15 09:57:25 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913545 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYN23FbPz9s1R for ; Tue, 15 May 2018 20:14:58 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 2CEA1C21E56; Tue, 15 May 2018 10:09:58 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id AD5DEC22014; Tue, 15 May 2018 09:58:03 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 46CAEC21FA5; Tue, 15 May 2018 09:57:48 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id D713AC21EC8 for ; Tue, 15 May 2018 09:57:38 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 9EE79208BB; Tue, 15 May 2018 11:57:37 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 4DAFF20737; Tue, 15 May 2018 11:57:37 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:25 +0200 Message-Id: <20180515095728.16572-30-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 29/32] tpm: add a Sandbox TPMv2.x driver X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This driver can emulate all the basic functionalities of a TPMv2.x chip and should behave like them during regular testing. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- drivers/tpm/Kconfig | 11 +- drivers/tpm/Makefile | 1 + drivers/tpm/tpm2_tis_sandbox.c | 626 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 637 insertions(+), 1 deletion(-) create mode 100644 drivers/tpm/tpm2_tis_sandbox.c diff --git a/drivers/tpm/Kconfig b/drivers/tpm/Kconfig index 6661dcc1e3..b7bae5db30 100644 --- a/drivers/tpm/Kconfig +++ b/drivers/tpm/Kconfig @@ -26,7 +26,7 @@ config TPM_TIS_SANDBOX depends on TPM_V1 && SANDBOX select TPM_DRIVER_SELECTED help - This driver emulates a TPM, providing access to base functions + This driver emulates a TPMv1.x, providing access to base functions such as reading and writing TPM private data. This is enough to support Chrome OS verified boot. Extend functionality is not implemented. @@ -141,6 +141,15 @@ config TPM_V2 if TPM_V2 && !TPM_V1 +config TPM2_TIS_SANDBOX + bool "Enable sandbox TPMv2.x driver" + depends on TPM_V2 && SANDBOX + select TPM_DRIVER_SELECTED + help + This driver emulates a TPMv2.x, providing access to base functions + such as basic configuration, PCR extension and PCR read. Extended + functionalities are not implemented. + config TPM2_TIS_SPI bool "Enable support for TPMv2.x SPI chips" depends on TPM_V2 && DM_SPI diff --git a/drivers/tpm/Makefile b/drivers/tpm/Makefile index 2c88b64659..98dfbfa488 100644 --- a/drivers/tpm/Makefile +++ b/drivers/tpm/Makefile @@ -12,4 +12,5 @@ obj-$(CONFIG_TPM_TIS_SANDBOX) += tpm_tis_sandbox.o obj-$(CONFIG_TPM_ST33ZP24_I2C) += tpm_tis_st33zp24_i2c.o obj-$(CONFIG_TPM_ST33ZP24_SPI) += tpm_tis_st33zp24_spi.o +obj-$(CONFIG_TPM2_TIS_SANDBOX) += tpm2_tis_sandbox.o obj-$(CONFIG_TPM2_TIS_SPI) += tpm2_tis_spi.o diff --git a/drivers/tpm/tpm2_tis_sandbox.c b/drivers/tpm/tpm2_tis_sandbox.c new file mode 100644 index 0000000000..3fca082fb6 --- /dev/null +++ b/drivers/tpm/tpm2_tis_sandbox.c @@ -0,0 +1,626 @@ +/* + * Copyright (c) 2018, Bootlin + * Author: Miquel Raynal + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include +#include +#include +#include +#include + +/* Hierarchies */ +enum tpm2_hierarchy { + TPM2_HIERARCHY_LOCKOUT = 0, + TPM2_HIERARCHY_ENDORSEMENT, + TPM2_HIERARCHY_PLATFORM, + TPM2_HIERARCHY_NB, +}; + +/* Subset of supported capabilities */ +enum tpm2_capability { + TPM_CAP_TPM_PROPERTIES = 0x6, +}; + +/* Subset of supported properties */ +#define TPM2_PROPERTIES_OFFSET 0x0000020E + +enum tpm2_cap_tpm_property { + TPM2_FAIL_COUNTER = 0, + TPM2_PROP_MAX_TRIES, + TPM2_RECOVERY_TIME, + TPM2_LOCKOUT_RECOVERY, + TPM2_PROPERTY_NB, +}; + +#define SANDBOX_TPM_PCR_NB 1 + +static const u8 sandbox_extended_once_pcr[] = { + 0xf5, 0xa5, 0xfd, 0x42, 0xd1, 0x6a, 0x20, 0x30, + 0x27, 0x98, 0xef, 0x6e, 0xd3, 0x09, 0x97, 0x9b, + 0x43, 0x00, 0x3d, 0x23, 0x20, 0xd9, 0xf0, 0xe8, + 0xea, 0x98, 0x31, 0xa9, 0x27, 0x59, 0xfb, 0x4b, +}; + +struct sandbox_tpm2 { + /* TPM internal states */ + bool init_done; + bool startup_done; + bool tests_done; + /* TPM password per hierarchy */ + char pw[TPM2_HIERARCHY_NB][TPM2_DIGEST_LEN + 1]; + int pw_sz[TPM2_HIERARCHY_NB]; + /* TPM properties */ + u32 properties[TPM2_PROPERTY_NB]; + /* TPM PCRs */ + u8 pcr[SANDBOX_TPM_PCR_NB][TPM2_DIGEST_LEN]; + /* TPM PCR extensions */ + u32 pcr_extensions[SANDBOX_TPM_PCR_NB]; +}; + +/* + * Check the tag validity depending on the command (authentication required or + * not). If authentication is required, check it is valid. Update the auth + * pointer to point to the next chunk of data to process if needed. + */ +static int sandbox_tpm2_check_session(struct udevice *dev, u32 command, u16 tag, + const u8 **auth, + enum tpm2_hierarchy *hierarchy) +{ + struct sandbox_tpm2 *tpm = dev_get_priv(dev); + u32 handle, auth_sz, session_handle; + u16 nonce_sz, pw_sz; + const char *pw; + + switch (command) { + case TPM2_CC_STARTUP: + case TPM2_CC_SELF_TEST: + case TPM2_CC_GET_CAPABILITY: + case TPM2_CC_PCR_READ: + if (tag != TPM2_ST_NO_SESSIONS) { + printf("No session required for command 0x%x\n", + command); + return TPM2_RC_BAD_TAG; + } + + return 0; + + case TPM2_CC_CLEAR: + case TPM2_CC_HIERCHANGEAUTH: + case TPM2_CC_DAM_RESET: + case TPM2_CC_DAM_PARAMETERS: + case TPM2_CC_PCR_EXTEND: + if (tag != TPM2_ST_SESSIONS) { + printf("Session required for command 0x%x\n", command); + return TPM2_RC_AUTH_CONTEXT; + } + + handle = get_unaligned_be32(*auth); + *auth += sizeof(handle); + + /* + * PCR_Extend had a different protection mechanism and does not + * use the same standards as other commands. + */ + if (command == TPM2_CC_PCR_EXTEND) + break; + + switch (handle) { + case TPM2_RH_LOCKOUT: + *hierarchy = TPM2_HIERARCHY_LOCKOUT; + break; + case TPM2_RH_ENDORSEMENT: + if (command == TPM2_CC_CLEAR) { + printf("Endorsement hierarchy unsupported\n"); + return TPM2_RC_AUTH_MISSING; + } + *hierarchy = TPM2_HIERARCHY_ENDORSEMENT; + break; + case TPM2_RH_PLATFORM: + *hierarchy = TPM2_HIERARCHY_PLATFORM; + break; + default: + printf("Wrong handle 0x%x\n", handle); + return TPM2_RC_VALUE; + } + + break; + + default: + printf("Command code not recognized: 0x%x\n", command); + return TPM2_RC_COMMAND_CODE; + } + + auth_sz = get_unaligned_be32(*auth); + *auth += sizeof(auth_sz); + + session_handle = get_unaligned_be32(*auth); + *auth += sizeof(session_handle); + if (session_handle != TPM2_RS_PW) { + printf("Wrong session handle 0x%x\n", session_handle); + return TPM2_RC_VALUE; + } + + nonce_sz = get_unaligned_be16(*auth); + *auth += sizeof(nonce_sz); + if (nonce_sz) { + printf("Nonces not supported in Sandbox, aborting\n"); + return TPM2_RC_HANDLE; + } + + /* Ignore attributes */ + *auth += sizeof(u8); + + pw_sz = get_unaligned_be16(*auth); + *auth += sizeof(pw_sz); + if (auth_sz != (9 + nonce_sz + pw_sz)) { + printf("Authentication size (%d) do not match %d\n", + auth_sz, 9 + nonce_sz + pw_sz); + return TPM2_RC_SIZE; + } + + /* No passwork is acceptable */ + if (!pw_sz && !tpm->pw_sz[*hierarchy]) + return TPM2_RC_SUCCESS; + + /* Password is too long */ + if (pw_sz > TPM2_DIGEST_LEN) { + printf("Password should not be more than %dB\n", + TPM2_DIGEST_LEN); + return TPM2_RC_AUTHSIZE; + } + + pw = (const char *)*auth; + *auth += pw_sz; + + /* Password is wrong */ + if (pw_sz != tpm->pw_sz[*hierarchy] || + strncmp(pw, tpm->pw[*hierarchy], tpm->pw_sz[*hierarchy])) { + printf("Authentication failed: wrong password.\n"); + return TPM2_RC_BAD_AUTH; + } + + return TPM2_RC_SUCCESS; +} + +static int sandbox_tpm2_check_readyness(struct udevice *dev, int command) +{ + struct sandbox_tpm2 *tpm = dev_get_priv(dev); + + switch (command) { + case TPM2_CC_STARTUP: + if (!tpm->init_done || tpm->startup_done) + return TPM2_RC_INITIALIZE; + + break; + case TPM2_CC_GET_CAPABILITY: + if (!tpm->init_done || !tpm->startup_done) + return TPM2_RC_INITIALIZE; + + break; + case TPM2_CC_SELF_TEST: + if (!tpm->startup_done) + return TPM2_RC_INITIALIZE; + + break; + default: + if (!tpm->tests_done) + return TPM2_RC_NEEDS_TEST; + + break; + } + + return 0; +} + +static int sandbox_tpm2_fill_buf(u8 **recv, size_t *recv_len, u16 tag, u32 rc) +{ + *recv_len = sizeof(tag) + sizeof(u32) + sizeof(rc); + + /* Write tag */ + put_unaligned_be16(tag, *recv); + *recv += sizeof(tag); + + /* Write length */ + put_unaligned_be32(*recv_len, *recv); + *recv += sizeof(u32); + + /* Write return code */ + put_unaligned_be32(rc, *recv); + *recv += sizeof(rc); + + /* Add trailing \0 */ + *recv = '\0'; + + return 0; +} + +static int sandbox_tpm2_extend(struct udevice *dev, int pcr_index, + const u8 *extension) +{ + struct sandbox_tpm2 *tpm = dev_get_priv(dev); + int i; + + /* Only simulate the first extensions from all '0' with only '0' */ + for (i = 0; i < TPM2_DIGEST_LEN; i++) + if (tpm->pcr[pcr_index][i] || extension[i]) + return TPM2_RC_FAILURE; + + memcpy(tpm->pcr[pcr_index], sandbox_extended_once_pcr, + TPM2_DIGEST_LEN); + tpm->pcr_extensions[pcr_index]++; + + return 0; +}; + +static int sandbox_tpm2_xfer(struct udevice *dev, const u8 *sendbuf, + size_t send_size, u8 *recvbuf, + size_t *recv_len) +{ + struct sandbox_tpm2 *tpm = dev_get_priv(dev); + enum tpm2_hierarchy hierarchy = 0; + const u8 *sent = sendbuf; + u8 *recv = recvbuf; + u32 length, command, rc = 0; + u16 tag, mode, new_pw_sz; + u8 yes_no; + int i, j; + + /* TPM2_GetProperty */ + u32 capability, property, property_count; + + /* TPM2_PCR_Read/Extend variables */ + int pcr_index; + u64 pcr_map = 0; + u32 selections, pcr_nb; + u16 alg; + u8 pcr_array_sz; + + tag = get_unaligned_be16(sent); + sent += sizeof(tag); + + length = get_unaligned_be32(sent); + sent += sizeof(length); + if (length != send_size) { + printf("TPM2: Unmatching length, received: %ld, expected: %d\n", + send_size, length); + rc = TPM2_RC_SIZE; + sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + return 0; + } + + command = get_unaligned_be32(sent); + sent += sizeof(command); + rc = sandbox_tpm2_check_readyness(dev, command); + if (rc) { + sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + return 0; + } + + rc = sandbox_tpm2_check_session(dev, command, tag, &sent, &hierarchy); + if (rc) { + sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + return 0; + } + + switch (command) { + case TPM2_CC_STARTUP: + mode = get_unaligned_be16(sent); + sent += sizeof(mode); + switch (mode) { + case TPM2_SU_CLEAR: + case TPM2_SU_STATE: + break; + default: + rc = TPM2_RC_VALUE; + } + + tpm->startup_done = true; + + sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + break; + + case TPM2_CC_SELF_TEST: + yes_no = *sent; + sent += sizeof(yes_no); + switch (yes_no) { + case TPMI_YES: + case TPMI_NO: + break; + default: + rc = TPM2_RC_VALUE; + } + + tpm->tests_done = true; + + sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + break; + + case TPM2_CC_CLEAR: + /* Reset this hierarchy password */ + tpm->pw_sz[hierarchy] = 0; + + /* Reset all password if thisis the PLATFORM hierarchy */ + if (hierarchy == TPM2_HIERARCHY_PLATFORM) + for (i = 0; i < TPM2_HIERARCHY_NB; i++) + tpm->pw_sz[i] = 0; + + /* Reset the properties */ + for (i = 0; i < TPM2_PROPERTY_NB; i++) + tpm->properties[i] = 0; + + /* Reset the PCRs and their number of extensions */ + for (i = 0; i < SANDBOX_TPM_PCR_NB; i++) { + tpm->pcr_extensions[i] = 0; + for (j = 0; j < TPM2_DIGEST_LEN; j++) + tpm->pcr[i][j] = 0; + } + + sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + break; + + case TPM2_CC_HIERCHANGEAUTH: + new_pw_sz = get_unaligned_be16(sent); + sent += sizeof(new_pw_sz); + if (new_pw_sz > TPM2_DIGEST_LEN) { + rc = TPM2_RC_SIZE; + } else if (new_pw_sz) { + tpm->pw_sz[hierarchy] = new_pw_sz; + memcpy(tpm->pw[hierarchy], sent, new_pw_sz); + sent += new_pw_sz; + } + + sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + break; + + case TPM2_CC_GET_CAPABILITY: + capability = get_unaligned_be32(sent); + sent += sizeof(capability); + if (capability != TPM_CAP_TPM_PROPERTIES) { + printf("Sandbox TPM only support TPM_CAPABILITIES\n"); + return TPM2_RC_HANDLE; + } + + property = get_unaligned_be32(sent); + sent += sizeof(property); + property -= TPM2_PROPERTIES_OFFSET; + + property_count = get_unaligned_be32(sent); + sent += sizeof(property_count); + if (!property_count || + property + property_count > TPM2_PROPERTY_NB) { + rc = TPM2_RC_HANDLE; + return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + } + + /* Write tag */ + put_unaligned_be16(tag, recv); + recv += sizeof(tag); + + /* Ignore length for now */ + recv += sizeof(u32); + + /* Write return code */ + put_unaligned_be32(rc, recv); + recv += sizeof(rc); + + /* Tell there is more data to read */ + *recv = TPMI_YES; + recv += sizeof(yes_no); + + /* Repeat the capability */ + put_unaligned_be32(capability, recv); + recv += sizeof(capability); + + /* Give the number of properties that follow */ + put_unaligned_be32(property_count, recv); + recv += sizeof(property_count); + + /* Fill with the properties */ + for (i = 0; i < property_count; i++) { + put_unaligned_be32(TPM2_PROPERTIES_OFFSET + property + + i, recv); + recv += sizeof(property); + put_unaligned_be32(tpm->properties[property + i], + recv); + recv += sizeof(property); + } + + /* Add trailing \0 */ + *recv = '\0'; + + /* Write response length */ + *recv_len = recv - recvbuf; + put_unaligned_be32(*recv_len, recvbuf + sizeof(tag)); + + break; + + case TPM2_CC_DAM_PARAMETERS: + tpm->properties[TPM2_PROP_MAX_TRIES] = get_unaligned_be32(sent); + sent += sizeof(*tpm->properties); + tpm->properties[TPM2_RECOVERY_TIME] = get_unaligned_be32(sent); + sent += sizeof(*tpm->properties); + tpm->properties[TPM2_LOCKOUT_RECOVERY] = get_unaligned_be32(sent); + sent += sizeof(*tpm->properties); + + sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + break; + + case TPM2_CC_PCR_READ: + selections = get_unaligned_be32(sent); + sent += sizeof(selections); + if (selections != 1) { + printf("Sandbox cannot handle more than one PCR\n"); + rc = TPM2_RC_VALUE; + return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + } + + alg = get_unaligned_be16(sent); + sent += sizeof(alg); + if (alg != TPM2_ALG_SHA256) { + printf("Sandbox TPM only handle SHA256 algorithm\n"); + rc = TPM2_RC_VALUE; + return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + } + + pcr_array_sz = *sent; + sent += sizeof(pcr_array_sz); + if (!pcr_array_sz || pcr_array_sz > 8) { + printf("Sandbox TPM cannot handle so much PCRs\n"); + rc = TPM2_RC_VALUE; + return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + } + + for (i = 0; i < pcr_array_sz; i++) + pcr_map += (u64)sent[i] << (i * 8); + + if (pcr_map >> SANDBOX_TPM_PCR_NB) { + printf("Sandbox TPM handles up to %d PCR(s)\n", + SANDBOX_TPM_PCR_NB); + rc = TPM2_RC_VALUE; + return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + } + + if (pcr_map >> SANDBOX_TPM_PCR_NB) { + printf("Wrong PCR map.\n"); + rc = TPM2_RC_VALUE; + return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + } + + for (i = 0; i < SANDBOX_TPM_PCR_NB; i++) + if (pcr_map & BIT(i)) + pcr_index = i; + + /* Write tag */ + put_unaligned_be16(tag, recv); + recv += sizeof(tag); + + /* Ignore length for now */ + recv += sizeof(u32); + + /* Write return code */ + put_unaligned_be32(rc, recv); + recv += sizeof(rc); + + /* Number of extensions */ + put_unaligned_be32(tpm->pcr_extensions[pcr_index], recv); + recv += sizeof(u32); + + /* Copy the PCR */ + memcpy(recv, tpm->pcr[pcr_index], TPM2_DIGEST_LEN); + recv += TPM2_DIGEST_LEN; + + /* Add trailing \0 */ + *recv = '\0'; + + /* Write response length */ + *recv_len = recv - recvbuf; + put_unaligned_be32(*recv_len, recvbuf + sizeof(tag)); + + break; + + case TPM2_CC_PCR_EXTEND: + /* Get the PCR index */ + pcr_index = get_unaligned_be32(sendbuf + sizeof(tag) + + sizeof(length) + + sizeof(command)); + if (pcr_index > SANDBOX_TPM_PCR_NB) { + printf("Sandbox TPM handles up to %d PCR(s)\n", + SANDBOX_TPM_PCR_NB); + rc = TPM2_RC_VALUE; + } + + /* Check the number of hashes */ + pcr_nb = get_unaligned_be32(sent); + sent += sizeof(pcr_nb); + if (pcr_nb != 1) { + printf("Sandbox cannot handle more than one PCR\n"); + rc = TPM2_RC_VALUE; + return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + } + + /* Check the hash algorithm */ + alg = get_unaligned_be16(sent); + sent += sizeof(alg); + if (alg != TPM2_ALG_SHA256) { + printf("Sandbox TPM only handle SHA256 algorithm\n"); + rc = TPM2_RC_VALUE; + return sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + } + + /* Extend the PCR */ + rc = sandbox_tpm2_extend(dev, pcr_index, sent); + + sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + break; + + default: + printf("TPM2 command %02x unknown in Sandbox\n", command); + rc = TPM2_RC_COMMAND_CODE; + sandbox_tpm2_fill_buf(&recv, recv_len, tag, rc); + } + + return 0; +} + +static int sandbox_tpm2_get_desc(struct udevice *dev, char *buf, int size) +{ + if (size < 15) + return -ENOSPC; + + return snprintf(buf, size, "Sandbox TPM2.x"); +} + +static int sandbox_tpm2_open(struct udevice *dev) +{ + struct sandbox_tpm2 *tpm = dev_get_priv(dev); + + if (tpm->init_done) + return -EIO; + + tpm->init_done = true; + + return 0; +} + +static int sandbox_tpm2_probe(struct udevice *dev) +{ + struct sandbox_tpm2 *tpm = dev_get_priv(dev); + struct tpm_chip_priv *priv = dev_get_uclass_priv(dev); + + memset(tpm, 0, sizeof(*tpm)); + + priv->pcr_count = 32; + priv->pcr_select_min = 2; + + return 0; +} + +static int sandbox_tpm2_close(struct udevice *dev) +{ + return 0; +} + +static const struct tpm_ops sandbox_tpm2_ops = { + .open = sandbox_tpm2_open, + .close = sandbox_tpm2_close, + .get_desc = sandbox_tpm2_get_desc, + .xfer = sandbox_tpm2_xfer, +}; + +static const struct udevice_id sandbox_tpm2_ids[] = { + { .compatible = "sandbox,tpm2" }, + { } +}; + +U_BOOT_DRIVER(sandbox_tpm2) = { + .name = "sandbox_tpm2", + .id = UCLASS_TPM, + .of_match = sandbox_tpm2_ids, + .ops = &sandbox_tpm2_ops, + .probe = sandbox_tpm2_probe, + .priv_auto_alloc_size = sizeof(struct sandbox_tpm2), +}; From patchwork Tue May 15 09:57:26 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913556 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYSJ0F1Lz9s08 for ; Tue, 15 May 2018 20:18:39 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id B72C9C21E02; Tue, 15 May 2018 10:12:38 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 31D15C22019; Tue, 15 May 2018 09:58:09 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id A87BDC21F63; Tue, 15 May 2018 09:57:48 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id EF11BC21ECE for ; Tue, 15 May 2018 09:57:38 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id B958F20794; Tue, 15 May 2018 11:57:37 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id 7FBA120720; Tue, 15 May 2018 11:57:37 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:26 +0200 Message-Id: <20180515095728.16572-31-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 30/32] doc: device-tree-bindings: add Sandbox TPMv2.0 module info X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Add Sandbox TPMv2.0 module bindings. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- doc/device-tree-bindings/tpm2/sandbox.txt | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 doc/device-tree-bindings/tpm2/sandbox.txt diff --git a/doc/device-tree-bindings/tpm2/sandbox.txt b/doc/device-tree-bindings/tpm2/sandbox.txt new file mode 100644 index 0000000000..3d0f727cc4 --- /dev/null +++ b/doc/device-tree-bindings/tpm2/sandbox.txt @@ -0,0 +1,11 @@ +Sandbox TPMv2.0 bindings +------------------------ + +Required properties: +- compatible : Should be "sandbox,tpm2" + +Example: + + tpm { + compatible = "sandbox,tpm2"; + }; From patchwork Tue May 15 09:57:27 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913554 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYRw3G7wz9s08 for ; Tue, 15 May 2018 20:18:20 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 0C822C21EF2; Tue, 15 May 2018 10:08:58 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 594CFC21FD9; Tue, 15 May 2018 09:58:01 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id E5836C21F8C; Tue, 15 May 2018 09:57:48 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 274EAC21E07 for ; Tue, 15 May 2018 09:57:39 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id E4D02208BC; Tue, 15 May 2018 11:57:37 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id AC63820737; Tue, 15 May 2018 11:57:37 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:27 +0200 Message-Id: <20180515095728.16572-32-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 31/32] sandbox: dts: add Sandbox TPMv2.x node X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This node declares the presence of the Sandbox TPMv2.x emulated chip, available for testing. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- arch/sandbox/dts/sandbox.dts | 4 ++++ arch/sandbox/dts/sandbox64.dts | 4 ++++ arch/sandbox/dts/test.dts | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/arch/sandbox/dts/sandbox.dts b/arch/sandbox/dts/sandbox.dts index 1fb8225fbb..09194684c6 100644 --- a/arch/sandbox/dts/sandbox.dts +++ b/arch/sandbox/dts/sandbox.dts @@ -238,6 +238,10 @@ compatible = "google,sandbox-tpm"; }; + tpm2 { + compatible = "sandbox,tpm2"; + }; + triangle { compatible = "demo-shape"; colour = "cyan"; diff --git a/arch/sandbox/dts/sandbox64.dts b/arch/sandbox/dts/sandbox64.dts index d6efc011de..6c6bcd4fce 100644 --- a/arch/sandbox/dts/sandbox64.dts +++ b/arch/sandbox/dts/sandbox64.dts @@ -238,6 +238,10 @@ compatible = "google,sandbox-tpm"; }; + tpm2 { + compatible = "sandbox,tpm2"; + }; + triangle { compatible = "demo-shape"; colour = "cyan"; diff --git a/arch/sandbox/dts/test.dts b/arch/sandbox/dts/test.dts index b0f0ca8f19..4a66dbdca3 100644 --- a/arch/sandbox/dts/test.dts +++ b/arch/sandbox/dts/test.dts @@ -394,6 +394,10 @@ clock-frequency = <1000000>; }; + tpm2 { + compatible = "sandbox,tpm2"; + }; + uart0: serial { compatible = "sandbox,serial"; u-boot,dm-pre-reloc; From patchwork Tue May 15 09:57:28 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Miquel Raynal X-Patchwork-Id: 913542 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 40lYK00jGvz9s1R for ; Tue, 15 May 2018 20:12:20 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 9BB5AC21ECC; Tue, 15 May 2018 10:11:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 87605C21E2B; Tue, 15 May 2018 09:58:05 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 432DCC21FB6; Tue, 15 May 2018 09:57:48 +0000 (UTC) Received: from mail.bootlin.com (mail.bootlin.com [62.4.15.54]) by lists.denx.de (Postfix) with ESMTP id 5A092C21EB9 for ; Tue, 15 May 2018 09:57:39 +0000 (UTC) Received: by mail.bootlin.com (Postfix, from userid 110) id 216FE20750; Tue, 15 May 2018 11:57:38 +0200 (CEST) Received: from localhost.localdomain (LStLambert-657-1-97-87.w90-63.abo.wanadoo.fr [90.63.216.87]) by mail.bootlin.com (Postfix) with ESMTPSA id DA0A220720; Tue, 15 May 2018 11:57:37 +0200 (CEST) From: Miquel Raynal To: Tom Rini , Simon Glass Date: Tue, 15 May 2018 11:57:28 +0200 Message-Id: <20180515095728.16572-33-miquel.raynal@bootlin.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20180515095728.16572-1-miquel.raynal@bootlin.com> References: <20180515095728.16572-1-miquel.raynal@bootlin.com> Cc: u-boot@lists.denx.de, Bastian Fraune Subject: [U-Boot] [PATCH v4 32/32] configs: add TPMv2.x support in Sandbox X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Enable the Sandbox TPMv2 driver in all possible configurations. Signed-off-by: Miquel Raynal Reviewed-by: Simon Glass Reviewed-by: Tom Rini --- configs/sandbox64_defconfig | 1 + configs/sandbox_defconfig | 1 + configs/sandbox_flattree_defconfig | 1 + configs/sandbox_noblk_defconfig | 1 + configs/sandbox_spl_defconfig | 1 + 5 files changed, 5 insertions(+) diff --git a/configs/sandbox64_defconfig b/configs/sandbox64_defconfig index 8f96c16d42..2123e38c57 100644 --- a/configs/sandbox64_defconfig +++ b/configs/sandbox64_defconfig @@ -175,6 +175,7 @@ CONFIG_TIMER=y CONFIG_TIMER_EARLY=y CONFIG_SANDBOX_TIMER=y CONFIG_TPM_TIS_SANDBOX=y +CONFIG_TPM2_TIS_SANDBOX=y CONFIG_USB=y CONFIG_DM_USB=y CONFIG_USB_EMUL=y diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig index 063828333d..0cc315148c 100644 --- a/configs/sandbox_defconfig +++ b/configs/sandbox_defconfig @@ -175,6 +175,7 @@ CONFIG_TIMER=y CONFIG_TIMER_EARLY=y CONFIG_SANDBOX_TIMER=y CONFIG_TPM_TIS_SANDBOX=y +CONFIG_TPM2_TIS_SANDBOX=y CONFIG_USB=y CONFIG_DM_USB=y CONFIG_USB_EMUL=y diff --git a/configs/sandbox_flattree_defconfig b/configs/sandbox_flattree_defconfig index d5f23796b8..29b8a1fb48 100644 --- a/configs/sandbox_flattree_defconfig +++ b/configs/sandbox_flattree_defconfig @@ -155,6 +155,7 @@ CONFIG_TIMER=y CONFIG_TIMER_EARLY=y CONFIG_SANDBOX_TIMER=y CONFIG_TPM_TIS_SANDBOX=y +CONFIG_TPM2_TIS_SANDBOX=y CONFIG_USB=y CONFIG_DM_USB=y CONFIG_USB_EMUL=y diff --git a/configs/sandbox_noblk_defconfig b/configs/sandbox_noblk_defconfig index b01a9fdf7e..7bad141007 100644 --- a/configs/sandbox_noblk_defconfig +++ b/configs/sandbox_noblk_defconfig @@ -155,6 +155,7 @@ CONFIG_TIMER=y CONFIG_TIMER_EARLY=y CONFIG_SANDBOX_TIMER=y CONFIG_TPM_TIS_SANDBOX=y +CONFIG_TPM2_TIS_SANDBOX=y CONFIG_USB=y CONFIG_DM_USB=y CONFIG_USB_EMUL=y diff --git a/configs/sandbox_spl_defconfig b/configs/sandbox_spl_defconfig index 802dc30f26..647e67f533 100644 --- a/configs/sandbox_spl_defconfig +++ b/configs/sandbox_spl_defconfig @@ -173,6 +173,7 @@ CONFIG_TIMER=y CONFIG_TIMER_EARLY=y CONFIG_SANDBOX_TIMER=y CONFIG_TPM_TIS_SANDBOX=y +CONFIG_TPM2_TIS_SANDBOX=y CONFIG_USB=y CONFIG_DM_USB=y CONFIG_USB_EMUL=y