summaryrefslogtreecommitdiff
path: root/drivers/tpm
AgeCommit message (Collapse)Author
2018-07-28tpm: make TPM_V2 be compiled by defaultMiquel Raynal
TPM_V1 was already compiled by default. Now that both can be compiled at the same time, compiled them both by default. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2018-07-28tpm: allow TPM v1 and v2 to be compiled at the same timeMiquel Raynal
While there is probably no reason to do so in a real life situation, it will allow to compile test both stacks with the same sandbox defconfig. As we cannot define two 'tpm' commands at the same time, the command for TPM v1 is still called 'tpm' and the one for TPM v2 'tpm2'. While this is the exact command name that must be written into eg. test files, any user already using the TPM v2 stack can continue to do so by just writing 'tpm' because as long as TPM v1 support is not compiled, U-Boot prompt will search for the closest command named after 'tpm'. The command set can also be changed at runtime (not supported yet, but ready to be), but as one can compile only either one stack or the other, there is still one spot in the code where conditionals are used: to retrieve the v1 or v2 command set. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> [trini: In sandbox_tpm2_fill_buf() use NULL not \0 to ensure NULL terminated string due to LLVM warning] Signed-off-by: Tom Rini <trini@konsulko.com>
2018-07-28tpm: remove stale symbol in KconfigMiquel Raynal
The TPM_DRIVER_SELECTED symbol was used in one of the initial series about TPMv2 but its use has been dropped, making these selects useless, remove them. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2018-07-28tpm: compile Sandbox driver by defaultMiquel Raynal
When Sandbox and the TPM stack are both selected, compile Sandbox TPM driver by default. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2018-05-25tpm: add a Sandbox TPMv2.x driverMiquel Raynal
This driver can emulate all the basic functionalities of a TPMv2.x chip and should behave like them during regular testing. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
2018-05-25tpm2: tis_spi: add the possibility to reset the chip with a gpioMiquel Raynal
On some designs, the reset line could not be connected to the SoC reset line, in this case, request the GPIO and ensure the chip gets reset. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2018-05-25tpm: add support for TPMv2.x SPI modulesMiquel Raynal
Add the tpm2_tis_spi driver that should support any TPMv2 compliant (SPI) module. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2018-05-25tpm: prepare support for TPMv2.x commandsMiquel Raynal
Choice between v1 and v2 compliant functions is done with the configuration. Create the various files that will receive TPMv2-only code on the same scheme as for the TPMv1 code. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
2018-05-25tpm: disociate TPMv1.x specific and generic codeMiquel Raynal
There are no changes in this commit but a new organization of the code as follow. * cmd/ directory: > move existing code from cmd/tpm.c in cmd/tpm-common.c > move specific code in cmd/tpm-v1.c > create a specific header file with generic definitions for commands only called cmd/tpm-user-utils.h * lib/ directory: > move existing code from lib/tpm.c in lib/tpm-common.c > move specific code in lib/tpm-v1.c > create a specific header file with generic definitions for the library itself called lib/tpm-utils.h * include/ directory: > move existing code from include/tpm.h in include/tpm-common.h > move specific code in include/tpm-v1.h Code designated as 'common' is compiled if TPM are used. Code designated as 'specific' is compiled only if the right specification has been selected. All files include tpm-common.h. Files in cmd/ include tpm-user-utils.h. Files in lib/ include tpm-utils.h. Depending on the specification, files may include either (not both) tpm-v1.h or tpm-v2.h. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Tom Rini <trini@konsulko.com> [trini: Fix a few more cases of tpm.h -> tpm-v1.h, some Kconfig logic] Signed-off-by: Tom Rini <trini@konsulko.com>
2018-05-25tpm: prepare introduction of TPMv2.x support in KconfigMiquel Raynal
Because both major revisions are not compatible at all, let's make them mutually exclusive in Kconfig. This way we will be sure, when using a command or a library function that it is supported by the right revision. Current drivers are currently prefixed by "tpm_", we will prefix TPMv2.x files by "tpm2_" to make the distinction without moving everything. The Kconfig menu about TPM drivers is now divided into two sections, one for each specification. Compliant drivers with one specification will only show up if this specification _only_ has been selected, otherwise a comment is displayed. Once a driver is selected by the user, it selects automatically a boolean value, that is needed in order to activate the TPM commands. Selecting the TPM commands will automatically select the right command/library files. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com> [trini: Rework deps as TPM_V1 and TPM_V2 depend on TPM, drop TPM_DRIVER_SELECTED] Signed-off-by: Tom Rini <trini@konsulko.com>
2018-05-25tpm: add Revision ID field in the chip structureMiquel Raynal
TPM are shipped with a few read-only register from which we can retrieve for instance: - vendor ID - product ID - revision ID Product and vendor ID share the same register and are already referenced in the tpm_chip structure. Add the revision ID entry which is missing. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
2018-05-07SPDX: Convert all of our single license tags to Linux Kernel styleTom Rini
When U-Boot started using SPDX tags we were among the early adopters and there weren't a lot of other examples to borrow from. So we picked the area of the file that usually had a full license text and replaced it with an appropriate SPDX-License-Identifier: entry. Since then, the Linux Kernel has adopted SPDX tags and they place it as the very first line in a file (except where shebangs are used, then it's second line) and with slightly different comment styles than us. In part due to community overlap, in part due to better tag visibility and in part for other minor reasons, switch over to that style. This commit changes all instances where we have a single declared license in the tag as both the before and after are identical in tag contents. There's also a few places where I found we did not have a tag and have introduced one. Signed-off-by: Tom Rini <trini@konsulko.com>
2018-04-27Remove unnecessary instances of DECLARE_GLOBAL_DATA_PTRTom Rini
We have a large number of places where while we historically referenced gd in the code we no longer do, as well as cases where the code added that line "just in case" during development and never dropped it. Signed-off-by: Tom Rini <trini@konsulko.com>
2018-03-09treewide: Fix gdsys mail addressesMario Six
The @gdsys.cc addresses are supposed to be used for mailing lists. Switch all occurrences of @gdsys.de mail addresses to their @gdsys.cc equivalent. Also, Dirk's address was wrong in one place; fix that as well. Signed-off-by: Mario Six <six@gdsys.cc>
2018-03-05Atmel TPM: Fix potential buffer overrunsJeremy Boone
Ensure that the Atmel TPM driver performs sufficient validation of the length returned in the TPM response header. This patch prevents memory corruption if the header contains a length value that is larger than the destination buffer. Signed-off-by: Jeremy Boone <jeremy.boone@nccgroup.trust>
2018-03-05Infineon TPM: Fix potential buffer overrunsJeremy Boone
Ensure that the Infineon I2C and SPI TPM driver performs adequate validation of the length extracted from the TPM response header. This patch prevents integer underflow when the length was too small, which could lead to memory corruption. Signed-off-by: Jeremy Boone <jeremy.boone@nccgroup.trust>
2018-03-05STMicro TPM: Fix potential buffer overrunsJeremy Boone
This patch prevents integer underflow when the length was too small, which could lead to memory corruption. Signed-off-by: Jeremy Boone <jeremy.boone@nccgroup.trust>
2017-11-06tpm: st33zp24: fix STMicroelectronics copyrightPatrice Chotard
Uniformize STMicroelectronics copyrights header Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
2017-10-04treewide: replace with error() with pr_err()Masahiro Yamada
U-Boot widely uses error() as a bit noisier variant of printf(). This macro causes name conflict with the following line in include/linux/compiler-gcc.h: # define __compiletime_error(message) __attribute__((error(message))) This prevents us from using __compiletime_error(), and makes it difficult to fully sync BUILD_BUG macros with Linux. (Notice Linux's BUILD_BUG_ON_MSG is implemented by using compiletime_assert().) Let's convert error() into now treewide-available pr_err(). Done with the help of Coccinelle, excluing tools/ directory. The semantic patch I used is as follows: // <smpl> @@@@ -error +pr_err (...) // </smpl> Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> Reviewed-by: Simon Glass <sjg@chromium.org> [trini: Re-run Coccinelle] Signed-off-by: Tom Rini <trini@konsulko.com>
2017-06-01dm: Rename dev_addr..() functionsSimon Glass
These support the flat device tree. We want to use the dev_read_..() prefix for functions that support both flat tree and live tree. So rename the existing functions to avoid confusion. In the end we will have: 1. dev_read_addr...() - works on devices, supports flat/live tree 2. devfdt_get_addr...() - current functions, flat tree only 3. of_get_address() etc. - new functions, live tree only All drivers will be written to use 1. That function will in turn call either 2 or 3 depending on whether the flat or live tree is in use. Note this involves changing some dead code - the imx_lpi2c.c file. Signed-off-by: Simon Glass <sjg@chromium.org>
2017-03-26lib: tpm: Add command to list resourcesmario.six@gdsys.cc
It is sometimes convenient to know how many and/or which resources are currently loaded into a TPG, e.g. to test is a flush operation succeeded. Hence, we add a command that lists the resources of a given type currently loaded into the TPM. Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Simon Glass <sjg@chromium.org>
2017-03-26tpm: Add function to load keys via their parent's SHA1 hashmario.six@gdsys.cc
If we want to load a key into a TPM, we need to know the designated parent key's handle, so that the TPM is able to insert the key at the correct place in the key hierarchy. However, if we want to load a key whose designated parent key we also previously loaded ourselves, we first need to memorize this parent key's handle (since the handles for the key are chosen at random when they are inserted into the TPM). If we are, however, unable to do so, for example if the parent key is loaded into the TPM during production, and its child key during the actual boot, we must find a different mechanism to identify the parent key. To solve this problem, we add a function that allows U-Boot to load a key into the TPM using their designated parent key's SHA1 hash, and the corresponding auth data. Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Simon Glass <sjg@chromium.org>
2017-02-01lib: tpm: Add command to flush resourcesMario Six
This patch adds a function to the TPM library, which allows U-Boot to flush resources, e.g. keys, from the TPM. Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Stefan Roese <sr@denx.de> Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Stefan Roese <sr@denx.de>
2016-12-02tpm: tpm_tis_lpc: Add support for AT97SC3204George McCollister
The Atmel AT97SC3204 is also TIS compliant. Modify the tpm_tis_lpc driver to check for the vid/did used by the Atmel AT97SC3204 and report an appropriate description. Signed-off-by: George McCollister <george.mccollister@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2016-10-11tpm: Tidy up use of size_tSimon Glass
We should consistently use %z with size_t, and avoid passing a uint32_t as a size_t value. Fix these issues to avoid warnings on 64-bit machines. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2016-09-23treewide: replace #include <asm-generic/errno.h> with <linux/errno.h>Masahiro Yamada
Now, include/linux/errno.h is a wrapper of <asm-generic/errno.h>. Replace all include directives for <asm-generic/errno.h> with <linux/errno.h>. <asm-generic/...> is supposed to be included from <asm/...> when arch-headers fall back into generic implementation. Generally, they should not be directly included from .c files. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> [trini: Add drivers/usb/host/xhci-rockchip.c] Signed-off-by: Tom Rini <trini@konsulko.com>
2016-08-15tpm: atmel_twi: Make compatible with DM I2C bussesmario.six@gdsys.cc
Commit 302c5db ("dm: tpm: Add Driver Model support for tpm_atmel_twi driver") converted the Atmel TWI TPM driver itself to driver model, but kept the legacy-style i2c_write/i2c_read calls. Commit 3e7d940 ("dm: tpm: Every TPM drivers should depends on DM_TPM") then made DM_I2C a dependency of the driver, effectively forcing users to turn on CONFIG_DM_I2C_COMPAT to get it to work. This patch adds the necessary dm_i2c_write/dm_i2c_read calls to make the driver compatible with DM, but also keeps the legacy calls in ifdefs, so that the driver is now compatible with both DM and non-DM setups. Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Andreas Bießmann <andreas@biessmann.org>
2016-04-15drivers/tpm/tpm_tis_sandbox.c: Fix uninitialized variable useTom Rini
In rollback_space_kernel we were not initializing the reserved fields which should be for safety sake, and doing memset here means we don't need to set the version field specifically either. Reported-by: Coverity (CID: 143917) Cc: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
2016-04-11lib/crc8: Add crc start valueStefan Roese
To make the usage of this function more flexible, lets add the CRC start value as parameter to this function. This way it can be used by other functions requiring different start values than 0 as well. For non-zero CRC start values to work, I've reworked the function a bit. The new implementation is copied from the Linux version in drivers/i2c/i2c-core.c / i2c_smbus_pec(). Which supports non-zero CRC stating values. I've double-checked that the results for zero starting values are identical to the results from the original version of this function. Signed-off-by: Stefan Roese <sr@denx.de> Cc: Simon Glass <sjg@chromium.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2016-01-28tpm: st33zp24: Add tpm st33zp24 spi supportChristophe Ricard
Add support for TPM ST33ZP24 spi. The ST33ZP24 does have a spi interface. The transport protocol is proprietary. For spi we are relying only on DM_SPI. Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
2016-01-28tpm: st33zp24: Add tpm st33zp24 support with i2cChristophe Ricard
Add support for TPM ST33ZP24 family with i2c. For i2c we are relying only on DM_I2C. Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
2016-01-28tpm: Rename tpm_tis_infineon.h to tpm_tis.h and move infineon specific stuff ↵Christophe Ricard
in tpm_infineon.c I2C protocol is not standardize for TPM 1.2. TIS prococol is define by the Trusted Computing Group and potentially available on several TPMs. tpm_tis_infineon.h header is not generic enough. Rename tpm_tis_infineon.h to tpm_tis.h and move infineon specific defines/variables to tpm_tis_infineon.c Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
2016-01-28tpm: tpm_tis_lpc: fix typoChristophe Ricard
TPM_TIS_LPC is connected to the LPC bus, not I2C. Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
2015-10-23dm: tpm: Drop CONFIG_DM_TPMSimon Glass
Now that all TPM drivers use driver model, we can drop the special driver model CONFIG option. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Christophe Ricard<christophe-h.ricard@st.com>
2015-10-23dm: tpm: Every TPM drivers should depends on DM_TPMChristophe Ricard
Every TPM drivers should now depends on DM_TPM and not only TPM. Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Tom Rini <trini@konsulko.com> Acked-by: Simon Glass <sjg@chromium.org>
2015-10-23dm: tpm: Remove every compilation switch for TPM driver modelChristophe Ricard
As every TPM drivers support UCLASS_TPM, we can only rely on DM_TPM functions. This simplify a bit the code. Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Tom Rini <trini@konsulko.com> Acked-by: Simon Glass <sjg@chromium.org>
2015-10-23dm: tpm: Add Driver Model support for tpm_atmel_twi driverChristophe Ricard
tpm_atmel_twi can fit perfectly to the new UCLASS_TPM class. Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Tom Rini <trini@konsulko.com> Acked-by: Simon Glass <sjg@chromium.org>
2015-10-23dm: tpm: Move tpm_tis_i2c to tpm_i2c_infineonChristophe Ricard
As there is no TCG specification or recommendation for i2c TPM 1.2, move tpm_tis_i2c driver to tpm_i2c_infineon. Other tpm vendors like Atmel or STMicroelectronics may have a different transport protocol for i2c. Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Tom Rini <trini@konsulko.com> Acked-by: Simon Glass <sjg@chromium.org>
2015-08-31dm: tpm: Convert LPC driver to driver modelSimon Glass
Convert the tpm_tis_lpc driver to use driver model and update boards which use it. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Christophe Ricard<christophe-h.ricard@st.com> Reviewed-by: Heiko Schocher <hs@denx.de>
2015-08-31dm: tpm: Convert I2C driver to driver modelSimon Glass
Convert the tpm_tis_i2c driver to use driver model and update boards which use it. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Christophe Ricard<christophe-h.ricard@st.com> Reviewed-by: Heiko Schocher <hs@denx.de>
2015-08-31dm: tpm: sandbox: Convert TPM driver to driver modelSimon Glass
Convert the sandbox TPM driver to use driver model. Add it to the device tree so that it can be found on start-up. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Heiko Schocher <hs@denx.de>
2015-08-31dm: tpm: Add a uclass for Trusted Platform ModulesSimon Glass
Add a new uclass for TPMs which uses almost the same TIS (TPM Interface Specification) as is currently implemented. Since init() is handled by the normal driver model probe() method, we don't need to implement that. Also rename the transfer method to xfer() which is a less clumbsy name. Once all drivers and users are converted to driver model we can remove the old code. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Christophe Ricard<christophe-h.ricard@st.com> Reviewed-by: Heiko Schocher <hs@denx.de>
2015-08-31tpm: tpm_tis_i2c: Tidy up delaysSimon Glass
Use a _US suffix for microseconds and a _MS suffic for milliseconds. Move all timeouts and delays into one place. Use mdelay() instead of udelay() where appropriate. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Heiko Schocher <hs@denx.de>
2015-08-31tpm: tpm_tis_i2c: Use a consistent tpm_tis_i2c_ prefixSimon Glass
Use the same prefix on each function for consistency. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Heiko Schocher <hs@denx.de>
2015-08-31tpm: tpm_tis_i2c: Simplify init codeSimon Glass
Move all the init and uninit code into one place. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Christophe Ricard<christophe-h.ricard@st.com> Reviewed-by: Heiko Schocher <hs@denx.de>
2015-08-31tpm: tpm_tis_i2c: Move definitions into the header fileSimon Glass
Some definitions are in the C file and some are in the header file. Move everything into the header file for consistency and to reduce clutter. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Heiko Schocher <hs@denx.de>
2015-08-31tpm: tpm_tis_i2c: Merge struct tpm into tpm_chipSimon Glass
There are too many structures storing the same sort of information. Move the fields from struct tpm into struct tpm_chip and remove the former struct. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Heiko Schocher <hs@denx.de>
2015-08-31tpm: tpm_tis_i2c: Merge struct tpm_dev into tpm_chipSimon Glass
There are too many structures storing the same sort of information. Move the fields from struct tpm_dev into struct tpm_chip and remove the former struct. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Heiko Schocher <hs@denx.de>
2015-08-31tpm: tpm_tis_i2c: Drop struct tpm_vendor_specificSimon Glass
This function is misnamed since it only applies to a single driver. Merge its fields into its parent. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Heiko Schocher <hs@denx.de>
2015-08-31tpm: tpm_tis_i2c: Drop unnecessary methodsSimon Glass
The function methods in struct tpm_vendor_specific just call local functions. Change the code to use a direct call. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Heiko Schocher <hs@denx.de>