From patchwork Thu Jun 1 06:20:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilias Apalodimas X-Patchwork-Id: 687689 Delivered-To: patch@linaro.org Received: by 2002:a5d:4d8a:0:0:0:0:0 with SMTP id b10csp173023wru; Wed, 31 May 2023 23:21:01 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5ELnm8nIWiwJmefcVx9xv3kt6NveScddOBtZk5kZoUlRbR+fw2Z1c3wpZr/Ipc32M28jgZ X-Received: by 2002:a17:902:ea01:b0:1ae:48b2:3c2b with SMTP id s1-20020a170902ea0100b001ae48b23c2bmr6691276plg.30.1685600460805; Wed, 31 May 2023 23:21:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685600460; cv=none; d=google.com; s=arc-20160816; b=cXawH/63lWTWpMIH7K7gczeYA/11EPja++OBtLB/96YUn7rrt72mFz/cJiA4k0EZLJ w+mFp3ktBKBvfgDTpGZYlwOrFe31KdwbmPv6DclUXw5q6ZhYJ/L+NcXnBUne72a7t4mq 29mWqcSFYltx53qCw1uQ4KsoFiQzHIM0yLRX70RSJEdYs3nE2r4boML8SWzTGQELzddd T1SKZw8IEETARZ/aWTQV1xnuQ/O4wPRzH+3+mebHumv+FJ0PZFot5Wef3iz6lMZHGwfy otAbu3hW24gT3cyCGqjgngqohKz44DZi7Zc62D+qOY1oNQJKzaACXqqIIhSRl8vWWlxO HlAQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:dkim-signature; bh=NUEL1kMWq7QJEiRIWfQPqJMTKqq/xDs7H0MiXXbjzMY=; b=QwMWR6GJvUwig0863lRaVlBYuyst33K0u80eu11muCYTz0z4sVgLj6/uAKHoMBzLnv KcmhLkkLzhNPBcb2RxdsFBEoa7Ow0WaAtdgTsE26OhhfBYhuqJpo+HMtnvQfaV2TLvck BRzPNIbtwfdVS7ndH5FlxJlsp3jOGFnoB6u+e7XqjfV04J9rgSKXGiaQHzqEC3QAU2N0 suDjXwF4ScBNnVrKz1SjB2xoylN2ZN6B7/HwavXZ0UGrpIenVSf++CXF686yrWB/uec7 tIduE1dkZ9XSwedmiR+bKLFFoBUVZRVWOLL6dN2f5fpxLodLzbGF0UajVMZytGrhENpH SoiA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dGkhkYk7; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id jj6-20020a170903048600b001affb590635si44530plb.23.2023.05.31.23.20.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 31 May 2023 23:21:00 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dGkhkYk7; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id E065986267; Thu, 1 Jun 2023 08:20:54 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="dGkhkYk7"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 78CCB862A1; Thu, 1 Jun 2023 08:20:52 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com [IPv6:2a00:1450:4864:20::435]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 24D4786178 for ; Thu, 1 Jun 2023 08:20:49 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org Received: by mail-wr1-x435.google.com with SMTP id ffacd0b85a97d-30ae141785bso442757f8f.3 for ; Wed, 31 May 2023 23:20:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1685600448; x=1688192448; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=NUEL1kMWq7QJEiRIWfQPqJMTKqq/xDs7H0MiXXbjzMY=; b=dGkhkYk7fBSUEh+JdJ56DVS9ijzwywANJ5yVVmjcLEozbMFQcC0j/MKHANYxUpU6qp JwicW6W/v3WFj/vS0LfYuUCmOcs42Kq3K/CATzFOcXPt+A7Xc/Gq+ZiPFJIci0yPUHEQ poZepMACb3QhXp8vFyp3eVyOVuThMYVsShWHKhhRMDmQhUqynMrwoQCj95F/qdIJkRQM 94MNLPx6a/GJ+FivezbaugXuxa0xpYkaWxVZJo8Hd/GgPVCB/8p0nbbUhlpA1ZoWAqOh DBL0lT7/3qpuxEIH6Qi8sxNap6YfTRukSLwjcOOVFoxaQ0XQLk/Z/55zEKH/FcnVXO03 lEDA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685600448; x=1688192448; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=NUEL1kMWq7QJEiRIWfQPqJMTKqq/xDs7H0MiXXbjzMY=; b=aa98eFd7aC3Hazfcqc4W+37x5HX9ipYNcIulGQM4lVNkTRC2TRgyEjrhSUi83I4mKc hppkQGuUf1+WNnZYx2q0Zh65jKl38BLeXPrR7grvfUdA7p5ZkuvVAXhr9smQlibMDLa+ +ewDGX6sLfjE9MkgvUhynBmKu4meh5BMduF0WpTZlaLEhvc+9tDU9ACdFZqryB5wHH3I ZgQ+8UtxjBRYQXIaSGCeBfoPazdBUopRavQxHd+NHVXyXgDEZpqsYflu5B/qh39fir50 QRpgIREvfXcyO4PY/P4q3Jzb9bg0K9hZKmkGvym44vYlKG7OvjNQIcNGpfReuS7Lgqrf jlbw== X-Gm-Message-State: AC+VfDwwH+LUW0VdW6/kXbeO6meKTP/vFI38hZgF3CMYKy8p1GAK2LyR MkZH52emxJZJ0QIuTR8LbDemZSLiK8d/wBIJU3E= X-Received: by 2002:adf:fe8f:0:b0:307:7f3e:2b3 with SMTP id l15-20020adffe8f000000b003077f3e02b3mr873044wrr.50.1685600448590; Wed, 31 May 2023 23:20:48 -0700 (PDT) Received: from localhost.localdomain (ppp089210114029.access.hol.gr. [89.210.114.29]) by smtp.gmail.com with ESMTPSA id q7-20020adff507000000b0030add836194sm9087676wro.65.2023.05.31.23.20.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 31 May 2023 23:20:48 -0700 (PDT) From: Ilias Apalodimas To: u-boot@lists.denx.de Cc: Ilias Apalodimas Subject: [PATCH 1/2] tpm: Add 'tpm autostart' shell command Date: Thu, 1 Jun 2023 09:20:40 +0300 Message-Id: <20230601062041.524010-1-ilias.apalodimas@linaro.org> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean For a TPM device to be operational we need to initialize it and perform its startup sequence. The 'tpm init' command currently calls tpm_init() which ends up calling the ->open() per-device callback and performs the initial hardware configuration as well as requesting locality 0 for the caller. There no code that currently calls tpm_init() without following up with a tpm_startup() and tpm_self_test_full() or tpm_continue_self_test(). So let's add a 'tpm init' command and call tpm_auto_start() which leaves the device in an operational state. It's worth noting that calling tpm_init() only, doesn't allow a someone to use the TPM since the startup sequence is mandatory. We always repeat the pattern of calling - tpm_init() - tpm_startup() - tpm_self_test_full() or tpm_continue_self_test() Signed-off-by: Ilias Apalodimas Reviewed-by: Simon Glass --- cmd/tpm-common.c | 16 ++++++++++++++++ cmd/tpm-user-utils.h | 1 + cmd/tpm-v1.c | 6 +++++- cmd/tpm-v2.c | 6 ++++++ 4 files changed, 28 insertions(+), 1 deletion(-) diff --git a/cmd/tpm-common.c b/cmd/tpm-common.c index d0c63cadf413..a7dc23d85d5d 100644 --- a/cmd/tpm-common.c +++ b/cmd/tpm-common.c @@ -11,6 +11,7 @@ #include #include #include +#include #include "tpm-user-utils.h" static struct udevice *tpm_dev; @@ -367,6 +368,21 @@ int do_tpm_init(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) return report_return_code(tpm_init(dev)); } +int do_tpm_autostart(struct cmd_tbl *cmdtp, int flag, int argc, + char *const argv[]) +{ + struct udevice *dev; + int rc; + + if (argc != 1) + return CMD_RET_USAGE; + rc = get_tpm(&dev); + if (rc) + return rc; + + return report_return_code(tpm_auto_start(dev)); +} + int do_tpm(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) { struct cmd_tbl *tpm_commands, *cmd; diff --git a/cmd/tpm-user-utils.h b/cmd/tpm-user-utils.h index de4a934aab6c..dfa11353e122 100644 --- a/cmd/tpm-user-utils.h +++ b/cmd/tpm-user-utils.h @@ -20,6 +20,7 @@ int get_tpm(struct udevice **devp); int do_tpm_device(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]); int do_tpm_init(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]); +int do_tpm_autostart(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]); int do_tpm_info(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]); int do_tpm_report_state(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]); diff --git a/cmd/tpm-v1.c b/cmd/tpm-v1.c index 0efb079b0a9b..3b95c950cc96 100644 --- a/cmd/tpm-v1.c +++ b/cmd/tpm-v1.c @@ -655,6 +655,7 @@ TPM_COMMAND_NO_ARG(tpm_physical_disable) static struct cmd_tbl tpm1_commands[] = { U_BOOT_CMD_MKENT(device, 0, 1, do_tpm_device, "", ""), U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), + U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_autostart, "", ""), U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), U_BOOT_CMD_MKENT(startup, 0, 1, do_tpm_startup, "", ""), @@ -733,9 +734,12 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, " device [num device]\n" " - Show all devices or set the specified device\n" " info - Show information about the TPM\n" +" autostart\n" +" - Initalize the tpm, perform a Startup(clear) and run a full selftest\n" +" sequence\n" " init\n" " - Put TPM into a state where it waits for 'startup' command.\n" -" startup mode\n" +" startup mode\n" " - Issue TPM_Starup command. is one of TPM_ST_CLEAR,\n" " TPM_ST_STATE, and TPM_ST_DEACTIVATED.\n" "Admin Testing Commands:\n" diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c index d93b83ada934..7e479b9dfe36 100644 --- a/cmd/tpm-v2.c +++ b/cmd/tpm-v2.c @@ -370,6 +370,7 @@ static struct cmd_tbl tpm2_commands[] = { U_BOOT_CMD_MKENT(dam_reset, 0, 1, do_tpm_dam_reset, "", ""), U_BOOT_CMD_MKENT(dam_parameters, 0, 1, do_tpm_dam_parameters, "", ""), U_BOOT_CMD_MKENT(change_auth, 0, 1, do_tpm_change_auth, "", ""), + U_BOOT_CMD_MKENT(autostart, 0, 1, do_tpm_autostart, "", ""), U_BOOT_CMD_MKENT(pcr_setauthpolicy, 0, 1, do_tpm_pcr_setauthpolicy, "", ""), U_BOOT_CMD_MKENT(pcr_setauthvalue, 0, 1, @@ -392,8 +393,13 @@ U_BOOT_CMD(tpm2, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command", " Show information about the TPM.\n" "state\n" " Show internal state from the TPM (if available)\n" +"autostart\n" +" Initalize the tpm, perform a Startup(clear) and run a full selftest\n" +" sequence\n" "init\n" " Initialize the software stack. Always the first command to issue.\n" +" 'tpm startup' is the only acceptable command after a 'tpm init' has been\n" +" issued\n" "startup \n" " Issue a TPM2_Startup command.\n" " is one of:\n"