Age | Commit message (Collapse) | Author |
|
TPM command library implements a subset of TPM commands defined in TCG
Main Specification 1.2 that are useful for implementing secure boot.
More TPM commands could be added out of necessity.
You may exercise these commands through the 'tpm' command. However, the
raw TPM commands are too primitive for writing secure boot in command
interpreter scripts; so the 'tpm' command also provides helper functions
to make scripting easier.
For example, to define a counter in TPM non-volatile storage and
initialize it to zero:
$ tpm init
$ tpm startup TPM_ST_CLEAR
$ tpm nv_define d 0x1001 0x1
$ tpm nv_write d 0x1001 0
And then increment the counter by one:
$ tpm nv_read d 0x1001 i
$ setexpr.l i $i + 1
$ tpm nv_write d 0x1001 $i
Signed-off-by: Che-Liang Chiou <clchiou@chromium.org>
|
|
Add a simple command to stress-test a TPM (Trusted Platform Module).
Signed-off-by: Luigi Semenzato <semenzato@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
The command gets an arbitrary number of arguments (up to 30), which
are interpreted as byte values and are feed into the TPM device after
proper initialization. Then the return value and data of the TPM
driver is examined.
TPM commands are described in the TCG specification.
For instance, the following sequence is the 'TPM Startup' command, it
is processed by the TPM and a response is generated:
boot > tpm 0x0 0xc1 0x0 0x0 0x0 0xc 0x0 0x0 0x0 0x99 0x0 0x1
Found TPM SLB9635 TT 1.2 by Infineon
Got TPM response:
00 c4 00 00 00 0a 00 00 00 00
If the command is corrupted (fed one byte short), an error is reported:
boot > tpm 0x0 0xc1 0x0 0x0 0x0 0xc 0x0 0x0 0x0 0x99 0x0
generic_lpc_tpm.c:311 unexpected TPM status 0xff000888
generic_lpc_tpm.c:516 failed sending data to TPM
tpm command failed
boot >
Change-Id: I3f3c5bfec8b852e208c4e99ba37b0f2b875140b0
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
CC: Wolfgang Denk <wd@denx.de>
|