From patchwork Wed Jun 7 09:18:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilias Apalodimas X-Patchwork-Id: 690180 Delivered-To: patch@linaro.org Received: by 2002:a5d:4d8a:0:0:0:0:0 with SMTP id b10csp210546wru; Wed, 7 Jun 2023 02:18:44 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5X5lv11IcKIv4tikPfWc7S1uruUKYE0f1gko5jUAnqAD9Slxuk/xBi0loFbt+Jrdfk5sKn X-Received: by 2002:aca:1717:0:b0:398:2a35:f328 with SMTP id j23-20020aca1717000000b003982a35f328mr4867709oii.8.1686129523833; Wed, 07 Jun 2023 02:18:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686129523; cv=none; d=google.com; s=arc-20160816; b=y8mEtScZ5Rsg22YIs6X2TKQrrPD+DSL0MteM9Sw0SxNoHeDtBlyb7Wv0B0Il+oGrLn WOfThVzNc/Ni+1QrRcIlKz26Uk2KVpm6GSi71r3/NxwGLzJ8xzsyRleqivtj9ofoEasz 9dxCerxZ2hIt1RUEn4zn7ymawUUMNkO680gWt0/wlWInR1lNEAajIdy37e/6Ch3NhecU 6eKCwI5R4d9DvfZI6oA4i+pXDtJs/QGpOWhCs02txgQXTPljnSTmt+otRGmgj7hmkEFb Lq99imq3weRx26KpdEpEeKcuMUPasYliEfTjfvoLSYYiVHpNV/xUq0SAPF09H+rphypo tLoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=+jVq2OddlVjRaPr/FhntmVPqCfr2d9gdwu0LcnqXwp0=; b=Axk3duusCP4ei4pHvHyTy8C194aV/MNxkzPa7ImSicQTmlkKBIXUtS5dJx02Jv0BpP IgNGPfOMHlIy8lZeZH1MG6K1TKhPr5vVnCU8cL/BgpHP+beadGQRpDGyo8unfUxOAsAR jgGpkLAFbksmipbAI2yCzaEJFXolnAcYMlG6uERgpSjplhHc9+5L+X5rp42hlQKwWOZS DLQnvFb0c3Pv6ykDFXFHtun9reCn6U6e773RNLeyGAFF7aOsN67U2KqBVqJbmGeajyuS lOJFGB1qO4fGdUSp6p+vMCeSI8lW36nUShLx+NrP0XsyBG/7veyK12TqaMEyKslXoDWg SCVQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Fbb6z2ce; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id iz7-20020a170902ef8700b001a6565a16c4si8466678plb.493.2023.06.07.02.18.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Jun 2023 02:18:43 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Fbb6z2ce; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 3C64E86041; Wed, 7 Jun 2023 11:18:26 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="Fbb6z2ce"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id CE87D8601B; Wed, 7 Jun 2023 11:18:22 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-wm1-x335.google.com (mail-wm1-x335.google.com [IPv6:2a00:1450:4864:20::335]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 57B8B85FE5 for ; Wed, 7 Jun 2023 11:18:20 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org Received: by mail-wm1-x335.google.com with SMTP id 5b1f17b1804b1-3f7368126a6so31151545e9.0 for ; Wed, 07 Jun 2023 02:18:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1686129500; x=1688721500; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+jVq2OddlVjRaPr/FhntmVPqCfr2d9gdwu0LcnqXwp0=; b=Fbb6z2ceKr4WJLKKx6v8CYuDVoTVLXrvCCOggiJ8bK3i/FbT75NkIpLlotDEB6RdwF As6LgvFLZNjFXfDrKQHJsXXg+r12mrxClwIzi+akxC3yNVPc4JBkcIg06D23kCHeN1ue rGmXjSZuxGh62iG5S9GTyL65bKp1W/FItgt8bNTt+Jml1aS6kjHlkEqomS+qpLGCFgZ7 5rcJG5caiqfPzWG9TuBwSwKdhkrTHzDAcF5Ews5c5U9QDW6PsHMzfe6aDgO2humwlZ49 8Xm/eNUCcd2wFvX8yCaqXL2H0CWXs2zx6mJwnyx3XZt1cLvI1g3gWsYvpxWWtTooTT93 yS3Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686129500; x=1688721500; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+jVq2OddlVjRaPr/FhntmVPqCfr2d9gdwu0LcnqXwp0=; b=jTBBCeMKtecu/OSvyWmSIuNQ0RQ4VfPIc6jNc1zUGVT5EjmxJDwYW0QfznQoeYl7pC d2h9WqqZJbXzlX3aoi4xoTk00Vg+1SJFyqxo1nubgxH2HpTuFRuoyME4zYQe3OpfuZik DRGfMre4ZO68EnriYeomX4WXhnFYbWUnGoNwZEe0G3Mpmy4WopXbYzoQHu+zXzo2Bui2 QCXeBuUDuI2eMz/lwOKZRIFhCkk3dI9tHAuc02sCiuEmzOTQM+hil24jY6Sizrp+zHAF Z91nradXDiuIC20IHf4LWVU9HSq3Ca1EoQj/z6n7aryS06ySfhQU9Uvq5z4ylJQ6bnGw V6UA== X-Gm-Message-State: AC+VfDwTK+ATpyiUYogrzWfGcDspfdsR/V1g40kZ6Ye6Rapm/uwN/v1D r+3RQf+rwVmSWecGp71lyXvoE9eqBWE38w4djxzk5A== X-Received: by 2002:a05:600c:22c3:b0:3f4:27ff:7d48 with SMTP id 3-20020a05600c22c300b003f427ff7d48mr4156077wmg.19.1686129499921; Wed, 07 Jun 2023 02:18:19 -0700 (PDT) Received: from localhost.localdomain (ppp089210114029.access.hol.gr. [89.210.114.29]) by smtp.gmail.com with ESMTPSA id o10-20020a1c750a000000b003f50d6ee334sm454569wmc.47.2023.06.07.02.18.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Jun 2023 02:18:19 -0700 (PDT) From: Ilias Apalodimas To: u-boot@lists.denx.de Cc: Ilias Apalodimas , Simon Glass Subject: [PATCH 1/3 v2] tpm: Add 'tpm autostart' shell command Date: Wed, 7 Jun 2023 12:18:10 +0300 Message-Id: <20230607091812.1916435-2-ilias.apalodimas@linaro.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230607091812.1916435-1-ilias.apalodimas@linaro.org> References: <20230607091812.1916435-1-ilias.apalodimas@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean For a TPM device to be operational we need to initialize it and perform its startup sequence. The 'tpm init' command currently calls tpm_init() which ends up calling the ->open() per-device callback and performs the initial hardware configuration as well as requesting locality 0 for the caller. There no code that currently calls tpm_init() without following up with a tpm_startup() and tpm_self_test_full() or tpm_continue_self_test(). So let's add a 'tpm autostart' command and call tpm_auto_start() which leaves the device in an operational state. It's worth noting that calling tpm_init() only, doesn't allow a someone to use the TPM since the startup sequence is mandatory. We always repeat the pattern of calling - tpm_init() - tpm_startup() - tpm_self_test_full() or tpm_continue_self_test() Signed-off-by: Ilias Apalodimas Reviewed-by: Simon Glass --- - Changes since v1: None cmd/tpm-common.c | 16 ++++++++++++++++ cmd/tpm-user-utils.h | 1 + cmd/tpm-v1.c | 6 +++++- cmd/tpm-v2.c | 6 ++++++ 4 files changed, 28 insertions(+), 1 deletion(-) -- 2.39.2 diff --git a/cmd/tpm-common.c b/cmd/tpm-common.c index d0c63cadf413..a7dc23d85d5d 100644 --- a/cmd/tpm-common.c +++ b/cmd/tpm-common.c @@ -11,6 +11,7 @@ #include #include #include +#include #include "tpm-user-utils.h" static struct udevice *tpm_dev; @@ -367,6 +368,21 @@ int do_tpm_init(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) return report_return_code(tpm_init(dev)); } +int do_tpm_autostart(struct cmd_tbl *cmdtp, int flag, int argc, + char *const argv[]) +{ + struct udevice *dev; + int rc; + + if (argc != 1) + return CMD_RET_USAGE; + rc = get_tpm(&dev); + if (rc) + return rc; + + return report_return_code(tpm_auto_start(dev)); +} + int do_tpm(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) { struct cmd_tbl *tpm_commands, *cmd; diff --git a/cmd/tpm-user-utils.h b/cmd/tpm-user-utils.h index de4a934aab6c..dfa11353e122 100644 --- a/cmd/tpm-user-utils.h +++ b/cmd/tpm-user-utils.h @@ -20,6 +20,7 @@ int get_tpm(struct udevice **devp); int do_tpm_device(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]); int do_tpm_init(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]); +int do_tpm_autostart(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]); int do_tpm_info(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]); int do_tpm_report_state(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]); diff --git a/cmd/tpm-v1.c b/cmd/tpm-v1.c index 0efb079b0a9b..3b95c950cc96 100644 --- a/cmd/tpm-v1.c +++ b/cmd/tpm-v1.c @@ -655,6 +655,7 @@ TPM_COMMAND_NO_ARG(tpm_physical_disable) static struct cmd_tbl tpm1_commands[] = { U_BOOT_CMD_MKENT(device, 0, 1, do_tpm_device, "", ""), U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), + U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_autostart, "", ""), U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), U_BOOT_CMD_MKENT(startup, 0, 1, do_tpm_startup, "", ""), @@ -733,9 +734,12 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, " device [num device]\n" " - Show all devices or set the specified device\n" " info - Show information about the TPM\n" +" autostart\n" +" - Initalize the tpm, perform a Startup(clear) and run a full selftest\n" +" sequence\n" " init\n" " - Put TPM into a state where it waits for 'startup' command.\n" -" startup mode\n" +" startup mode\n" " - Issue TPM_Starup command. is one of TPM_ST_CLEAR,\n" " TPM_ST_STATE, and TPM_ST_DEACTIVATED.\n" "Admin Testing Commands:\n" diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c index d93b83ada934..7e479b9dfe36 100644 --- a/cmd/tpm-v2.c +++ b/cmd/tpm-v2.c @@ -370,6 +370,7 @@ static struct cmd_tbl tpm2_commands[] = { U_BOOT_CMD_MKENT(dam_reset, 0, 1, do_tpm_dam_reset, "", ""), U_BOOT_CMD_MKENT(dam_parameters, 0, 1, do_tpm_dam_parameters, "", ""), U_BOOT_CMD_MKENT(change_auth, 0, 1, do_tpm_change_auth, "", ""), + U_BOOT_CMD_MKENT(autostart, 0, 1, do_tpm_autostart, "", ""), U_BOOT_CMD_MKENT(pcr_setauthpolicy, 0, 1, do_tpm_pcr_setauthpolicy, "", ""), U_BOOT_CMD_MKENT(pcr_setauthvalue, 0, 1, @@ -392,8 +393,13 @@ U_BOOT_CMD(tpm2, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command", " Show information about the TPM.\n" "state\n" " Show internal state from the TPM (if available)\n" +"autostart\n" +" Initalize the tpm, perform a Startup(clear) and run a full selftest\n" +" sequence\n" "init\n" " Initialize the software stack. Always the first command to issue.\n" +" 'tpm startup' is the only acceptable command after a 'tpm init' has been\n" +" issued\n" "startup \n" " Issue a TPM2_Startup command.\n" " is one of:\n"