u-boot.git/drivers/tpm, branch v2018.03 Unnamed repository; edit this file 'description' to name the repository. treewide: Fix gdsys mail addresses 2018-03-09T14:23:10+00:00 Mario Six six@gdsys.cc 2018-03-06T07:04:58+00:00 d38826a3dceaa804a559f178f95ce689fd31bdff The @gdsys.cc addresses are supposed to be used for mailing lists. Switch all occurrences of @gdsys.de mail addresses to their @gdsys.cc equivalent. Also, Dirk's address was wrong in one place; fix that as well. Signed-off-by: Mario Six <six@gdsys.cc> 
The @gdsys.cc addresses are supposed to be used for mailing lists.
Switch all occurrences of @gdsys.de mail addresses to their @gdsys.cc
equivalent.

Also, Dirk's address was wrong in one place; fix that as well.

Signed-off-by: Mario Six <six@gdsys.cc>
Atmel TPM: Fix potential buffer overruns 2018-03-05T15:05:36+00:00 Jeremy Boone jeremy.boone@nccgroup.trust 2018-02-12T22:56:37+00:00 b3f40703408e57cad492802b777448a068b1f671 Ensure that the Atmel TPM driver performs sufficient validation of the length returned in the TPM response header. This patch prevents memory corruption if the header contains a length value that is larger than the destination buffer. Signed-off-by: Jeremy Boone <jeremy.boone@nccgroup.trust> 
Ensure that the Atmel TPM driver performs sufficient
validation of the length returned in the TPM response header.
This patch prevents memory corruption if the header contains a
length value that is larger than the destination buffer.

Signed-off-by: Jeremy Boone <jeremy.boone@nccgroup.trust>
Infineon TPM: Fix potential buffer overruns 2018-03-05T15:05:36+00:00 Jeremy Boone jeremy.boone@nccgroup.trust 2018-02-12T22:56:36+00:00 afe0e6bddf295d4514ab56cd76d5ec13a9c30b22 Ensure that the Infineon I2C and SPI TPM driver performs adequate validation of the length extracted from the TPM response header. This patch prevents integer underflow when the length was too small, which could lead to memory corruption. Signed-off-by: Jeremy Boone <jeremy.boone@nccgroup.trust> 
Ensure that the Infineon I2C and SPI TPM driver performs adequate
validation of the length extracted from the TPM response header.
This patch prevents integer underflow when the length was too small,
which could lead to memory corruption.

Signed-off-by: Jeremy Boone <jeremy.boone@nccgroup.trust>
STMicro TPM: Fix potential buffer overruns 2018-03-05T15:05:36+00:00 Jeremy Boone jeremy.boone@nccgroup.trust 2018-02-12T22:56:35+00:00 12e0ab327d1a6711ee40ac9ade2e189d1092e962 This patch prevents integer underflow when the length was too small, which could lead to memory corruption. Signed-off-by: Jeremy Boone <jeremy.boone@nccgroup.trust> 
This patch prevents integer underflow when the length was too small,
which could lead to memory corruption.

Signed-off-by: Jeremy Boone <jeremy.boone@nccgroup.trust>
tpm: st33zp24: fix STMicroelectronics copyright 2017-11-06T14:51:01+00:00 Patrice Chotard patrice.chotard@st.com 2017-10-23T07:54:01+00:00 05cd11948ea1246ae69a48c655a07478f271e4b3 Uniformize STMicroelectronics copyrights header Signed-off-by: Patrice Chotard <patrice.chotard@st.com> 
Uniformize STMicroelectronics copyrights header

Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
treewide: replace with error() with pr_err() 2017-10-04T15:59:44+00:00 Masahiro Yamada yamada.masahiro@socionext.com 2017-09-16T05:10:41+00:00 9b643e312d528f291966c1f30b0d90bf3b1d43dc U-Boot widely uses error() as a bit noisier variant of printf(). This macro causes name conflict with the following line in include/linux/compiler-gcc.h: # define __compiletime_error(message) __attribute__((error(message))) This prevents us from using __compiletime_error(), and makes it difficult to fully sync BUILD_BUG macros with Linux. (Notice Linux's BUILD_BUG_ON_MSG is implemented by using compiletime_assert().) Let's convert error() into now treewide-available pr_err(). Done with the help of Coccinelle, excluing tools/ directory. The semantic patch I used is as follows: // <smpl> @@@@ -error +pr_err (...) // </smpl> Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> Reviewed-by: Simon Glass <sjg@chromium.org> [trini: Re-run Coccinelle] Signed-off-by: Tom Rini <trini@konsulko.com> 
U-Boot widely uses error() as a bit noisier variant of printf().

This macro causes name conflict with the following line in
include/linux/compiler-gcc.h:

  # define __compiletime_error(message) __attribute__((error(message)))

This prevents us from using __compiletime_error(), and makes it
difficult to fully sync BUILD_BUG macros with Linux.  (Notice
Linux's BUILD_BUG_ON_MSG is implemented by using compiletime_assert().)

Let's convert error() into now treewide-available pr_err().

Done with the help of Coccinelle, excluing tools/ directory.

The semantic patch I used is as follows:

// <smpl>
@@@@
-error
+pr_err
 (...)
// </smpl>

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Re-run Coccinelle]
Signed-off-by: Tom Rini <trini@konsulko.com>
dm: Rename dev_addr..() functions 2017-06-01T13:03:01+00:00 Simon Glass sjg@chromium.org 2017-05-17T23:18:05+00:00 a821c4af79e4f5ce9b629b20473863397bbe9b10 These support the flat device tree. We want to use the dev_read_..() prefix for functions that support both flat tree and live tree. So rename the existing functions to avoid confusion. In the end we will have: 1. dev_read_addr...() - works on devices, supports flat/live tree 2. devfdt_get_addr...() - current functions, flat tree only 3. of_get_address() etc. - new functions, live tree only All drivers will be written to use 1. That function will in turn call either 2 or 3 depending on whether the flat or live tree is in use. Note this involves changing some dead code - the imx_lpi2c.c file. Signed-off-by: Simon Glass <sjg@chromium.org> 
These support the flat device tree. We want to use the dev_read_..()
prefix for functions that support both flat tree and live tree. So rename
the existing functions to avoid confusion.

In the end we will have:

   1. dev_read_addr...()    - works on devices, supports flat/live tree
   2. devfdt_get_addr...()  - current functions, flat tree only
   3. of_get_address() etc. - new functions, live tree only

All drivers will be written to use 1. That function will in turn call
either 2 or 3 depending on whether the flat or live tree is in use.

Note this involves changing some dead code - the imx_lpi2c.c file.

Signed-off-by: Simon Glass <sjg@chromium.org>
lib: tpm: Add command to list resources 2017-03-26T19:22:58+00:00 mario.six@gdsys.cc mario.six@gdsys.cc 2017-03-20T09:28:30+00:00 3d1df0e363ff13b7aed17f9bb576d045f26c3f74 It is sometimes convenient to know how many and/or which resources are currently loaded into a TPG, e.g. to test is a flush operation succeeded. Hence, we add a command that lists the resources of a given type currently loaded into the TPM. Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Simon Glass <sjg@chromium.org> 
It is sometimes convenient to know how many and/or which resources are
currently loaded into a TPG, e.g. to test is a flush operation succeeded.

Hence, we add a command that lists the resources of a given type currently
loaded into the TPM.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Simon Glass <sjg@chromium.org>
tpm: Add function to load keys via their parent's SHA1 hash 2017-03-26T19:22:58+00:00 mario.six@gdsys.cc mario.six@gdsys.cc 2017-03-20T09:28:28+00:00 0f4b2ba1762d74c0b5520d99a58796d6ca78abf0 If we want to load a key into a TPM, we need to know the designated parent key's handle, so that the TPM is able to insert the key at the correct place in the key hierarchy. However, if we want to load a key whose designated parent key we also previously loaded ourselves, we first need to memorize this parent key's handle (since the handles for the key are chosen at random when they are inserted into the TPM). If we are, however, unable to do so, for example if the parent key is loaded into the TPM during production, and its child key during the actual boot, we must find a different mechanism to identify the parent key. To solve this problem, we add a function that allows U-Boot to load a key into the TPM using their designated parent key's SHA1 hash, and the corresponding auth data. Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Simon Glass <sjg@chromium.org> 
If we want to load a key into a TPM, we need to know the designated parent
key's handle, so that the TPM is able to insert the key at the correct place in
the key hierarchy.

However, if we want to load a key whose designated parent key we also
previously loaded ourselves, we first need to memorize this parent key's handle
(since the handles for the key are chosen at random when they are inserted into
the TPM). If we are, however, unable to do so, for example if the parent key is
loaded into the TPM during production, and its child key during the actual
boot, we must find a different mechanism to identify the parent key.

To solve this problem, we add a function that allows U-Boot to load a key into
the TPM using their designated parent key's SHA1 hash, and the corresponding
auth data.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Simon Glass <sjg@chromium.org>
lib: tpm: Add command to flush resources 2017-02-01T08:02:57+00:00 Mario Six mario.six@gdsys.cc 2017-01-11T15:00:50+00:00 7690be35deaeac1cb51a5f7896c2a46afabdfad3 This patch adds a function to the TPM library, which allows U-Boot to flush resources, e.g. keys, from the TPM. Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Stefan Roese <sr@denx.de> Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Stefan Roese <sr@denx.de> 
This patch adds a function to the TPM library, which allows U-Boot to
flush resources, e.g. keys, from the TPM.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Stefan Roese <sr@denx.de>