From patchwork Wed Jun 7 09:18:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilias Apalodimas X-Patchwork-Id: 690180 Delivered-To: patch@linaro.org Received: by 2002:a5d:4d8a:0:0:0:0:0 with SMTP id b10csp210546wru; Wed, 7 Jun 2023 02:18:44 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5X5lv11IcKIv4tikPfWc7S1uruUKYE0f1gko5jUAnqAD9Slxuk/xBi0loFbt+Jrdfk5sKn X-Received: by 2002:aca:1717:0:b0:398:2a35:f328 with SMTP id j23-20020aca1717000000b003982a35f328mr4867709oii.8.1686129523833; Wed, 07 Jun 2023 02:18:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686129523; cv=none; d=google.com; s=arc-20160816; b=y8mEtScZ5Rsg22YIs6X2TKQrrPD+DSL0MteM9Sw0SxNoHeDtBlyb7Wv0B0Il+oGrLn WOfThVzNc/Ni+1QrRcIlKz26Uk2KVpm6GSi71r3/NxwGLzJ8xzsyRleqivtj9ofoEasz 9dxCerxZ2hIt1RUEn4zn7ymawUUMNkO680gWt0/wlWInR1lNEAajIdy37e/6Ch3NhecU 6eKCwI5R4d9DvfZI6oA4i+pXDtJs/QGpOWhCs02txgQXTPljnSTmt+otRGmgj7hmkEFb Lq99imq3weRx26KpdEpEeKcuMUPasYliEfTjfvoLSYYiVHpNV/xUq0SAPF09H+rphypo tLoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=+jVq2OddlVjRaPr/FhntmVPqCfr2d9gdwu0LcnqXwp0=; b=Axk3duusCP4ei4pHvHyTy8C194aV/MNxkzPa7ImSicQTmlkKBIXUtS5dJx02Jv0BpP IgNGPfOMHlIy8lZeZH1MG6K1TKhPr5vVnCU8cL/BgpHP+beadGQRpDGyo8unfUxOAsAR jgGpkLAFbksmipbAI2yCzaEJFXolnAcYMlG6uERgpSjplhHc9+5L+X5rp42hlQKwWOZS DLQnvFb0c3Pv6ykDFXFHtun9reCn6U6e773RNLeyGAFF7aOsN67U2KqBVqJbmGeajyuS lOJFGB1qO4fGdUSp6p+vMCeSI8lW36nUShLx+NrP0XsyBG/7veyK12TqaMEyKslXoDWg SCVQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Fbb6z2ce; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id iz7-20020a170902ef8700b001a6565a16c4si8466678plb.493.2023.06.07.02.18.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Jun 2023 02:18:43 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Fbb6z2ce; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 3C64E86041; Wed, 7 Jun 2023 11:18:26 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="Fbb6z2ce"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id CE87D8601B; Wed, 7 Jun 2023 11:18:22 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-wm1-x335.google.com (mail-wm1-x335.google.com [IPv6:2a00:1450:4864:20::335]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 57B8B85FE5 for ; Wed, 7 Jun 2023 11:18:20 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org Received: by mail-wm1-x335.google.com with SMTP id 5b1f17b1804b1-3f7368126a6so31151545e9.0 for ; Wed, 07 Jun 2023 02:18:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1686129500; x=1688721500; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+jVq2OddlVjRaPr/FhntmVPqCfr2d9gdwu0LcnqXwp0=; b=Fbb6z2ceKr4WJLKKx6v8CYuDVoTVLXrvCCOggiJ8bK3i/FbT75NkIpLlotDEB6RdwF As6LgvFLZNjFXfDrKQHJsXXg+r12mrxClwIzi+akxC3yNVPc4JBkcIg06D23kCHeN1ue rGmXjSZuxGh62iG5S9GTyL65bKp1W/FItgt8bNTt+Jml1aS6kjHlkEqomS+qpLGCFgZ7 5rcJG5caiqfPzWG9TuBwSwKdhkrTHzDAcF5Ews5c5U9QDW6PsHMzfe6aDgO2humwlZ49 8Xm/eNUCcd2wFvX8yCaqXL2H0CWXs2zx6mJwnyx3XZt1cLvI1g3gWsYvpxWWtTooTT93 yS3Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686129500; x=1688721500; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+jVq2OddlVjRaPr/FhntmVPqCfr2d9gdwu0LcnqXwp0=; b=jTBBCeMKtecu/OSvyWmSIuNQ0RQ4VfPIc6jNc1zUGVT5EjmxJDwYW0QfznQoeYl7pC d2h9WqqZJbXzlX3aoi4xoTk00Vg+1SJFyqxo1nubgxH2HpTuFRuoyME4zYQe3OpfuZik DRGfMre4ZO68EnriYeomX4WXhnFYbWUnGoNwZEe0G3Mpmy4WopXbYzoQHu+zXzo2Bui2 QCXeBuUDuI2eMz/lwOKZRIFhCkk3dI9tHAuc02sCiuEmzOTQM+hil24jY6Sizrp+zHAF Z91nradXDiuIC20IHf4LWVU9HSq3Ca1EoQj/z6n7aryS06ySfhQU9Uvq5z4ylJQ6bnGw V6UA== X-Gm-Message-State: AC+VfDwTK+ATpyiUYogrzWfGcDspfdsR/V1g40kZ6Ye6Rapm/uwN/v1D r+3RQf+rwVmSWecGp71lyXvoE9eqBWE38w4djxzk5A== X-Received: by 2002:a05:600c:22c3:b0:3f4:27ff:7d48 with SMTP id 3-20020a05600c22c300b003f427ff7d48mr4156077wmg.19.1686129499921; Wed, 07 Jun 2023 02:18:19 -0700 (PDT) Received: from localhost.localdomain (ppp089210114029.access.hol.gr. [89.210.114.29]) by smtp.gmail.com with ESMTPSA id o10-20020a1c750a000000b003f50d6ee334sm454569wmc.47.2023.06.07.02.18.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Jun 2023 02:18:19 -0700 (PDT) From: Ilias Apalodimas To: u-boot@lists.denx.de Cc: Ilias Apalodimas , Simon Glass Subject: [PATCH 1/3 v2] tpm: Add 'tpm autostart' shell command Date: Wed, 7 Jun 2023 12:18:10 +0300 Message-Id: <20230607091812.1916435-2-ilias.apalodimas@linaro.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230607091812.1916435-1-ilias.apalodimas@linaro.org> References: <20230607091812.1916435-1-ilias.apalodimas@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean For a TPM device to be operational we need to initialize it and perform its startup sequence. The 'tpm init' command currently calls tpm_init() which ends up calling the ->open() per-device callback and performs the initial hardware configuration as well as requesting locality 0 for the caller. There no code that currently calls tpm_init() without following up with a tpm_startup() and tpm_self_test_full() or tpm_continue_self_test(). So let's add a 'tpm autostart' command and call tpm_auto_start() which leaves the device in an operational state. It's worth noting that calling tpm_init() only, doesn't allow a someone to use the TPM since the startup sequence is mandatory. We always repeat the pattern of calling - tpm_init() - tpm_startup() - tpm_self_test_full() or tpm_continue_self_test() Signed-off-by: Ilias Apalodimas Reviewed-by: Simon Glass --- - Changes since v1: None cmd/tpm-common.c | 16 ++++++++++++++++ cmd/tpm-user-utils.h | 1 + cmd/tpm-v1.c | 6 +++++- cmd/tpm-v2.c | 6 ++++++ 4 files changed, 28 insertions(+), 1 deletion(-) -- 2.39.2 diff --git a/cmd/tpm-common.c b/cmd/tpm-common.c index d0c63cadf413..a7dc23d85d5d 100644 --- a/cmd/tpm-common.c +++ b/cmd/tpm-common.c @@ -11,6 +11,7 @@ #include #include #include +#include #include "tpm-user-utils.h" static struct udevice *tpm_dev; @@ -367,6 +368,21 @@ int do_tpm_init(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) return report_return_code(tpm_init(dev)); } +int do_tpm_autostart(struct cmd_tbl *cmdtp, int flag, int argc, + char *const argv[]) +{ + struct udevice *dev; + int rc; + + if (argc != 1) + return CMD_RET_USAGE; + rc = get_tpm(&dev); + if (rc) + return rc; + + return report_return_code(tpm_auto_start(dev)); +} + int do_tpm(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) { struct cmd_tbl *tpm_commands, *cmd; diff --git a/cmd/tpm-user-utils.h b/cmd/tpm-user-utils.h index de4a934aab6c..dfa11353e122 100644 --- a/cmd/tpm-user-utils.h +++ b/cmd/tpm-user-utils.h @@ -20,6 +20,7 @@ int get_tpm(struct udevice **devp); int do_tpm_device(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]); int do_tpm_init(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]); +int do_tpm_autostart(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]); int do_tpm_info(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]); int do_tpm_report_state(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]); diff --git a/cmd/tpm-v1.c b/cmd/tpm-v1.c index 0efb079b0a9b..3b95c950cc96 100644 --- a/cmd/tpm-v1.c +++ b/cmd/tpm-v1.c @@ -655,6 +655,7 @@ TPM_COMMAND_NO_ARG(tpm_physical_disable) static struct cmd_tbl tpm1_commands[] = { U_BOOT_CMD_MKENT(device, 0, 1, do_tpm_device, "", ""), U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""), + U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_autostart, "", ""), U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""), U_BOOT_CMD_MKENT(startup, 0, 1, do_tpm_startup, "", ""), @@ -733,9 +734,12 @@ U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, " device [num device]\n" " - Show all devices or set the specified device\n" " info - Show information about the TPM\n" +" autostart\n" +" - Initalize the tpm, perform a Startup(clear) and run a full selftest\n" +" sequence\n" " init\n" " - Put TPM into a state where it waits for 'startup' command.\n" -" startup mode\n" +" startup mode\n" " - Issue TPM_Starup command. is one of TPM_ST_CLEAR,\n" " TPM_ST_STATE, and TPM_ST_DEACTIVATED.\n" "Admin Testing Commands:\n" diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c index d93b83ada934..7e479b9dfe36 100644 --- a/cmd/tpm-v2.c +++ b/cmd/tpm-v2.c @@ -370,6 +370,7 @@ static struct cmd_tbl tpm2_commands[] = { U_BOOT_CMD_MKENT(dam_reset, 0, 1, do_tpm_dam_reset, "", ""), U_BOOT_CMD_MKENT(dam_parameters, 0, 1, do_tpm_dam_parameters, "", ""), U_BOOT_CMD_MKENT(change_auth, 0, 1, do_tpm_change_auth, "", ""), + U_BOOT_CMD_MKENT(autostart, 0, 1, do_tpm_autostart, "", ""), U_BOOT_CMD_MKENT(pcr_setauthpolicy, 0, 1, do_tpm_pcr_setauthpolicy, "", ""), U_BOOT_CMD_MKENT(pcr_setauthvalue, 0, 1, @@ -392,8 +393,13 @@ U_BOOT_CMD(tpm2, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command", " Show information about the TPM.\n" "state\n" " Show internal state from the TPM (if available)\n" +"autostart\n" +" Initalize the tpm, perform a Startup(clear) and run a full selftest\n" +" sequence\n" "init\n" " Initialize the software stack. Always the first command to issue.\n" +" 'tpm startup' is the only acceptable command after a 'tpm init' has been\n" +" issued\n" "startup \n" " Issue a TPM2_Startup command.\n" " is one of:\n" From patchwork Wed Jun 7 09:18:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilias Apalodimas X-Patchwork-Id: 690181 Delivered-To: patch@linaro.org Received: by 2002:a5d:4d8a:0:0:0:0:0 with SMTP id b10csp210643wru; Wed, 7 Jun 2023 02:18:57 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ411IqikWJq3atHVuOerF5TQyYu+G94QECElQMEWX1Z6ju2/A81LgQ+fOTovCJ4Wx8hn3R5 X-Received: by 2002:a05:6808:c4:b0:398:50f1:ad17 with SMTP id t4-20020a05680800c400b0039850f1ad17mr4743593oic.4.1686129537370; Wed, 07 Jun 2023 02:18:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686129537; cv=none; d=google.com; s=arc-20160816; b=m1MXC9xoM6tKNjfYFxqVDgXoC9omkmUYji2Vqb6D8Mqn8WYHiOi8DEnS7NrVGNDcjX UTBKlYl847bI/9uSujK/9iDLkq+gvMbIUYyHNkJyveDlAPt5RJneo19UxORCoFNh4iV6 KB+h07t3HE8lUzxjSWbjizHeaijNZAGVfZ4Yu45YS7hYIDbbrN0tsYaiUGs0UZi8Bcla kv4lXwYtF12ACslTmgpyxqbGRp7cZnesfpDbTkOCr2g/qGQ7bz5eLQgeCs3ubO46VlQ0 4JeRvoYQldwXCSiRgSN2jAoRrAvnQYHWMWDgoX48muEzfyctWaaBDJWvetmQC078wPyE +iuw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=HGAcG+APmSoi8S8Sca75wTj0oiVNRl7K4lV82fxoy48=; b=EgRYXBhjZa7R/DTfyOJRUSoPyG+gIBlErdCnMYMipbb0uNX/Al+U7t/n5cL2w6RuP0 bCBV6ykOzXhWCwh+S0vrvDKFrGiC9Ug1oU7utIsh2twne/b14iwhFp6KE1kyk9swTX26 3Ca4AbKfE1VwvgZ5SONjoNxAkN5hhfIhP/ixFGZQOdaZwXGAAuEN6oLoWmLpPNVN83YC uL3YnYq8fJlmTkPnImYyLXLR7ZrqsU0o6jvrZGNx0Wu1vPWgM9Yu7IrccR5cK6DgsyEZ 7XIIibLenRqzIBrjb50AdC3NyL/ZYXUAtv8jVZ/FAERB9UDw/zW/e4SsHwrPovJLAS2l lcFw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=WUSBr8Mp; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id s5-20020a170902ea0500b001b02e044c87si8664071plg.320.2023.06.07.02.18.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Jun 2023 02:18:57 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=WUSBr8Mp; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 72AA086071; Wed, 7 Jun 2023 11:18:29 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="WUSBr8Mp"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 74CB88603A; Wed, 7 Jun 2023 11:18:24 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-wm1-x32f.google.com (mail-wm1-x32f.google.com [IPv6:2a00:1450:4864:20::32f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 73FB486005 for ; Wed, 7 Jun 2023 11:18:21 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org Received: by mail-wm1-x32f.google.com with SMTP id 5b1f17b1804b1-3f7378a75c0so29380525e9.3 for ; Wed, 07 Jun 2023 02:18:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1686129501; x=1688721501; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=HGAcG+APmSoi8S8Sca75wTj0oiVNRl7K4lV82fxoy48=; b=WUSBr8MpYANeCe/mC0D5UIlUoCsOpEnTltMjM5BQUj8Mjn37WxYSzpjmOshgrFG/NN KmKp+huKMz0vB6aTsIPfls5tGdDXRU+M2oPq2YlZnsnnRqUPlM+93mqrgj/NBePcuNr0 8/Bo6w0UWWz/dMMRYPnZVK9bfDdljlyysh83hYY6ts3FKxvelG8Mm8LBovTIW1+01yRI eCmNWMyKCVGbRIj/PsbGQymY17UjwVEEZwy84Ww6E85cemhkiOhben8J+Fu7Qnez79xe 5G0EiEpDFogwTMhskOSys/DYfjFc1viMqpVmQqHWC2mqv55SS3XNiwwfROgi3BxSCdfz 5oyg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686129501; x=1688721501; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HGAcG+APmSoi8S8Sca75wTj0oiVNRl7K4lV82fxoy48=; b=RDnzLmc6HjQw56mOudFd1g3+sZyrDXguA6zuHFa7fCSg/6PjojWXzsKo8F1DZZeh7N N2TCg+cdTzh4BOWSwNpwnvXbTOtqnafd/xSYbijirsXOqVbO8GQI2vnCrtCU0kojlcDE yaJN8vKecxLDi6VXHDRap7yAWKS+2ENC3NVmjzdmArlcxxHFQ05Bb+O+5/DmKJdkIjo8 LW4U0HtkOPWmpKxHdQrd0k2MWmtTniBsPZPokEPhu1XhamUqT7V1Ki0VyD3SoKcDaPuI ddd07NwpUDdWncVEU672wS2l6LEFfzaerDtxiZvD/wmLg0jAsSXoFPJo2kl+4zavXx5s TiRA== X-Gm-Message-State: AC+VfDzhI2qqByiz2a8/zl+5Nuq+7/kzXxdWKAzF/TANQOl3b93R51kN GQnFj9WrKruggs6NUzOqSVCecHSeWPHcjqLvMY1Y0Q== X-Received: by 2002:a7b:c7d1:0:b0:3f6:683:628b with SMTP id z17-20020a7bc7d1000000b003f60683628bmr4177248wmk.3.1686129500928; Wed, 07 Jun 2023 02:18:20 -0700 (PDT) Received: from localhost.localdomain (ppp089210114029.access.hol.gr. [89.210.114.29]) by smtp.gmail.com with ESMTPSA id o10-20020a1c750a000000b003f50d6ee334sm454569wmc.47.2023.06.07.02.18.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Jun 2023 02:18:20 -0700 (PDT) From: Ilias Apalodimas To: u-boot@lists.denx.de Cc: Ilias Apalodimas , Simon Glass Subject: [PATCH 2/3 v2] test/py: replace 'tpm2 init, startup, selftest' sequences Date: Wed, 7 Jun 2023 12:18:11 +0300 Message-Id: <20230607091812.1916435-3-ilias.apalodimas@linaro.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230607091812.1916435-1-ilias.apalodimas@linaro.org> References: <20230607091812.1916435-1-ilias.apalodimas@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Instead of copy pasting the commands needed to start a TPM consisting of: - tpm init - tpm startup TPM2_SU_CLEAR - tpm2 self_test full use the newly added 'autostart' which does the same thing and simplify our python scripts Signed-off-by: Ilias Apalodimas Reviewed-by: Simon Glass --- Changes since v1: None test/py/tests/test_tpm2.py | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) -- 2.39.2 diff --git a/test/py/tests/test_tpm2.py b/test/py/tests/test_tpm2.py index d2ad6f9e73c0..1ade66a7eda4 100644 --- a/test/py/tests/test_tpm2.py +++ b/test/py/tests/test_tpm2.py @@ -41,11 +41,9 @@ def force_init(u_boot_console, force=False): skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False) if skip_test: pytest.skip('skip TPM device test') - output = u_boot_console.run_command('tpm2 init') + output = u_boot_console.run_command('tpm2 autostart') if force or not 'Error' in output: u_boot_console.run_command('echo --- start of init ---') - u_boot_console.run_command('tpm2 startup TPM2_SU_CLEAR') - u_boot_console.run_command('tpm2 self_test full') u_boot_console.run_command('tpm2 clear TPM2_RH_LOCKOUT') output = u_boot_console.run_command('echo $?') if not output.endswith('0'): @@ -83,20 +81,13 @@ def tpm2_sandbox_init(u_boot_console): This allows all tests to run in parallel, since no test depends on another. """ u_boot_console.restart_uboot() - u_boot_console.run_command('tpm2 init') + u_boot_console.run_command('tpm2 autostart') output = u_boot_console.run_command('echo $?') assert output.endswith('0') skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False) if skip_test: pytest.skip('skip TPM device test') - u_boot_console.run_command('tpm2 startup TPM2_SU_CLEAR') - output = u_boot_console.run_command('echo $?') - assert output.endswith('0') - - u_boot_console.run_command('tpm2 self_test full') - output = u_boot_console.run_command('echo $?') - assert output.endswith('0') @pytest.mark.buildconfigspec('cmd_tpm_v2') def test_tpm2_sandbox_self_test_full(u_boot_console): From patchwork Wed Jun 7 09:18:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilias Apalodimas X-Patchwork-Id: 690182 Delivered-To: patch@linaro.org Received: by 2002:a5d:4d8a:0:0:0:0:0 with SMTP id b10csp210788wru; Wed, 7 Jun 2023 02:19:13 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ54l68QZJNVlmdKJjQMlnRSjzwOKXJMh67WhbN8gLm3DF0lpRKNKrWUP+YsXucU0VuqP3V2 X-Received: by 2002:a05:6a20:748d:b0:109:38b4:a210 with SMTP id p13-20020a056a20748d00b0010938b4a210mr2924936pzd.29.1686129552655; Wed, 07 Jun 2023 02:19:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686129552; cv=none; d=google.com; s=arc-20160816; b=aTjBBwX2ryOgpxMj4m0Dew42dKiSNeadMROt0f3kDXs7ogor8KBqbgchx2r4i+HS5b r91pdVAOzHbiHHYuGHDoZHCNSGES48RiA4Wxvf9mHZ4RNgzZCVjqhi42CuQwbpxVCopi wNQVHcuEi3YeIRX92Xp5V+7nx6G8ljuxt+3vZv7Zqoo1DhTdsN3kZtRalrvSRiXtMrn8 +8SvRxgFye2YcDacfj4SpXv1N5zCZvD2T7MzRmHi61cSnQW/GzeZMrVgv29qbdsn2G30 QLl9CuHd4b3+MCXJQUafst5QCnsi5oAlKYww5w9ys6No9herOJjaTJbN2LcZ3aC+0TBt rAtA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=rUELE9BmGM3YtfwyXcxh/N24GWahH3YY8SVllWBW9EU=; b=UMGKnuOUzUvOgtZ1kwjHavNsaJWus8S343RgzmaL1J7K9KcXac+mlTiQQDrOqt7fWB GhggAj4bQts6vu4pslpPXP4VG5qxxJESRiEhT2wSPiETXMq95dF79xlCbbMvJBHNCdYB 4KfjHDP8J+Ydr8HYfkWT9fxhzdXpLQQiKSnVjMZFsw82sCuUiSzj3lA31atrcOiL1iHU KSrhAdqd/27FwSrSFzUhmZNHDe7WIrJLzrR2Htzd4CJwXfMyOD+ZzjViQfO94jGuqnuC NywcJZ9gEvu25V+XmRk3NpkQFbzpbnhDI9WIE3TmjVH7DLQw7PsPklI+s08XZFJqIvwq v7tw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=yDLrJUnd; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id w27-20020a63af1b000000b00543cac2783fsi3523040pge.485.2023.06.07.02.19.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Jun 2023 02:19:12 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=yDLrJUnd; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id A155086065; Wed, 7 Jun 2023 11:18:32 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="yDLrJUnd"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 2F4E286005; Wed, 7 Jun 2023 11:18:25 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com [IPv6:2a00:1450:4864:20::329]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 70D5C8471B for ; Wed, 7 Jun 2023 11:18:22 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org Received: by mail-wm1-x329.google.com with SMTP id 5b1f17b1804b1-3f6e1394060so59711885e9.3 for ; Wed, 07 Jun 2023 02:18:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1686129502; x=1688721502; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=rUELE9BmGM3YtfwyXcxh/N24GWahH3YY8SVllWBW9EU=; b=yDLrJUndT7iYhKjLhF4YW+wyZ8PS21Yl+Xog5XdAXtTnUjL5zVcSmZw58fqkssJeIQ S7A1zxP9h3sfwoC8GmTFfDs1dysC6OaydimMY/Oav9UauDVifMFQ/a9Wq0AB8HnBr9wu LUNXBw+jYMR0LdjItieJGku/7WBkOPRY93U1P4kf0z1IAcIB4jEVYisvBZhvevUWechm W08ddzb5o6bKruJ+rr5Vswf6qs62AseLMxWA+oDV/75y0U6N4e+IcO8GIH2iDGJ/VWXF kFgn7hCUwL4h7xetdogB6/I1YuR0fAxxqO0+guMH9fsSM3giB8hA8qe6+sGQOsOFXnj5 hLFA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686129502; x=1688721502; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rUELE9BmGM3YtfwyXcxh/N24GWahH3YY8SVllWBW9EU=; b=DZpEcXoxbUlMyFJ0RlQFdHP63pv9wk7ZyWdVig9a6WHdNe/sDAHaA1j7UgYx/iO+Rp A9v2fKYzgI5nVcT0D7oSK4KkmE1H3VnWYqO2A7x/5ZsTbJ8Qv9Ry51K2eeRPYbT2eBRG KluBZpg9Ry5zgEwLFvLfBAWR/B6pmvZtOqNqGE4nHbuBvtU8IxrdXJQPQx/jkPJjnwvC 8eUXdjcN7I5fmpR9pJv7XsVnI2oaNoWsg1fL/I6H+PKwN9vfrgdgG1JeD+dubrEryCa7 H1MZ1CYF2uycuMQW7KXstIhdQlKdJEuNqpoXVk+2QOMdo3slTmD7Q5fqFyDAfnnGfJYs +pxw== X-Gm-Message-State: AC+VfDzhP6Hb9CMD3thTg3Tso0iRGz5OfTqYxilu498bhK5o+ddFEuI6 xyHtbKk4bNEG2B4FlCkyh6T3bKTUvRoWfK8wX23+Zg== X-Received: by 2002:a05:600c:2216:b0:3f7:e497:a9f8 with SMTP id z22-20020a05600c221600b003f7e497a9f8mr4083191wml.38.1686129501938; Wed, 07 Jun 2023 02:18:21 -0700 (PDT) Received: from localhost.localdomain (ppp089210114029.access.hol.gr. [89.210.114.29]) by smtp.gmail.com with ESMTPSA id o10-20020a1c750a000000b003f50d6ee334sm454569wmc.47.2023.06.07.02.18.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Jun 2023 02:18:21 -0700 (PDT) From: Ilias Apalodimas To: u-boot@lists.denx.de Cc: Ilias Apalodimas , Simon Glass Subject: [PATCH 3/3 v2] test/py: Account PCR updates properly during testing Date: Wed, 7 Jun 2023 12:18:12 +0300 Message-Id: <20230607091812.1916435-4-ilias.apalodimas@linaro.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230607091812.1916435-1-ilias.apalodimas@linaro.org> References: <20230607091812.1916435-1-ilias.apalodimas@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Currently we only read the pcr updates once on test_tpm2_pcr_read(). It turns out that the tpm init sequence of force_init() which consists of: - tpm2 init - tpm2 startup TPM2_SU_CLEAR - tpm2 self_test full - tpm2 clear TPM2_RH_LOCKOUT also counts as an update. Running this in the console verifies the update bump => tpm2 init => tpm2 startup TPM2_SU_CLEAR => tpm2 self_test full => tpm pcr_read 10 $loadaddr PCR #10 content (28 known updates): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 => tpm2 clear TPM2_RH_LOCKOUT => tpm pcr_read 10 $loadaddr PCR #10 content (29 known updates): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 => With the recent changes of replacing 'tpm2 init' with 'tpm2 autostart' we end up always running the full init. The reason is 'tpm init' returns -EBUSY if the tpm is already open, while 'tpm autostart' handles ths gracefully and continues with the initialization. It's worth noting that this won't affect the device functionality at all since retriggering the startup sequence and selftests has no side effects. Instead of relying on the initial value, reread the 'known updates' just before updating the PCR to ensure we read the correct values before testing Signed-off-by: Ilias Apalodimas Reviewed-by: Simon Glass --- Changes since v1: - new patch to fix the python testing failures test/py/tests/test_tpm2.py | 6 ++++++ 1 file changed, 6 insertions(+) -- 2.39.2 diff --git a/test/py/tests/test_tpm2.py b/test/py/tests/test_tpm2.py index 1ade66a7eda4..fce689cd992d 100644 --- a/test/py/tests/test_tpm2.py +++ b/test/py/tests/test_tpm2.py @@ -272,6 +272,12 @@ def test_tpm2_pcr_extend(u_boot_console): force_init(u_boot_console) ram = u_boot_utils.find_ram_base(u_boot_console) + read_pcr = u_boot_console.run_command('tpm2 pcr_read 0 0x%x' % (ram + 0x20)) + output = u_boot_console.run_command('echo $?') + assert output.endswith('0') + str = re.findall(r'\d+ known updates', read_pcr)[0] + updates = int(re.findall(r'\d+', str)[0]) + u_boot_console.run_command('tpm2 pcr_extend 0 0x%x' % ram) output = u_boot_console.run_command('echo $?') assert output.endswith('0')