u-boot.git/include/tpm.h, branch master Unnamed repository; edit this file 'description' to name the repository. tpm: disociate TPMv1.x specific and generic code 2018-05-26T00:12:55+00:00 Miquel Raynal miquel.raynal@bootlin.com 2018-05-15T09:57:06+00:00 d677bfe2f7914367d1caa6146b34e86d0df1c75d There are no changes in this commit but a new organization of the code as follow. * cmd/ directory: > move existing code from cmd/tpm.c in cmd/tpm-common.c > move specific code in cmd/tpm-v1.c > create a specific header file with generic definitions for commands only called cmd/tpm-user-utils.h * lib/ directory: > move existing code from lib/tpm.c in lib/tpm-common.c > move specific code in lib/tpm-v1.c > create a specific header file with generic definitions for the library itself called lib/tpm-utils.h * include/ directory: > move existing code from include/tpm.h in include/tpm-common.h > move specific code in include/tpm-v1.h Code designated as 'common' is compiled if TPM are used. Code designated as 'specific' is compiled only if the right specification has been selected. All files include tpm-common.h. Files in cmd/ include tpm-user-utils.h. Files in lib/ include tpm-utils.h. Depending on the specification, files may include either (not both) tpm-v1.h or tpm-v2.h. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Tom Rini <trini@konsulko.com> [trini: Fix a few more cases of tpm.h -> tpm-v1.h, some Kconfig logic] Signed-off-by: Tom Rini <trini@konsulko.com> 
There are no changes in this commit but a new organization of the code
as follow.

* cmd/ directory:
        > move existing code from cmd/tpm.c in cmd/tpm-common.c
	> move specific code in cmd/tpm-v1.c
	> create a specific header file with generic definitions for
	  commands only called cmd/tpm-user-utils.h

* lib/ directory:
        > move existing code from lib/tpm.c in lib/tpm-common.c
	> move specific code in lib/tpm-v1.c
	> create a specific header file with generic definitions for
	  the library itself called lib/tpm-utils.h

* include/ directory:
        > move existing code from include/tpm.h in include/tpm-common.h
	> move specific code in include/tpm-v1.h

Code designated as 'common' is compiled if TPM are used. Code designated
as 'specific' is compiled only if the right specification has been
selected.

All files include tpm-common.h.
Files in cmd/ include tpm-user-utils.h.
Files in lib/ include tpm-utils.h.
Depending on the specification, files may include either (not both)
tpm-v1.h or tpm-v2.h.

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
[trini: Fix a few more cases of tpm.h -> tpm-v1.h, some Kconfig logic]
Signed-off-by: Tom Rini <trini@konsulko.com>
tpm: fix spelling 2018-05-25T12:12:40+00:00 Miquel Raynal miquel.raynal@bootlin.com 2018-05-15T09:57:02+00:00 52da18a378d92ed2bce5a33b9655d8cd4ba50a1f Fix following checkpatch.pl issues in TPM-related code: CHECK: '<x>' may be misspelled - perhaps '<y>'? Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
Fix following checkpatch.pl issues in TPM-related code:

    CHECK: '<x>' may be misspelled - perhaps '<y>'?

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
tpm: use the BIT() macro where applicable 2018-05-25T12:12:40+00:00 Miquel Raynal miquel.raynal@bootlin.com 2018-05-15T09:57:01+00:00 fded837fd996880fd051e0ee0dbeee344cd084d2 Fix following checkpatch.pl issue in TPM-related code: CHECK: Prefer using the BIT macro Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
Fix following checkpatch.pl issue in TPM-related code:

    CHECK: Prefer using the BIT macro

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
tpm: substitute deprecated uint<x>_t types with their u<x> equivalent 2018-05-25T12:12:40+00:00 Miquel Raynal miquel.raynal@bootlin.com 2018-05-15T09:56:59+00:00 b9804e5bf36351b77cf354a81304657a895c9f0f Fix following checkpatch.pl issues in TPM-related code: CHECK: Prefer kernel type 'u8' over 'uint8_t' CHECK: Prefer kernel type 'u16' over 'uint16_t' CHECK: Prefer kernel type 'u32' over 'uint32_t' Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
Fix following checkpatch.pl issues in TPM-related code:

    CHECK: Prefer kernel type 'u8' over 'uint8_t'
    CHECK: Prefer kernel type 'u16' over 'uint16_t'
    CHECK: Prefer kernel type 'u32' over 'uint32_t'

Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07T13:34:12+00:00 Tom Rini trini@konsulko.com 2018-05-06T21:58:06+00:00 83d290c56fab2d38cd1ab4c4cc7099559c1d5046 When U-Boot started using SPDX tags we were among the early adopters and there weren't a lot of other examples to borrow from. So we picked the area of the file that usually had a full license text and replaced it with an appropriate SPDX-License-Identifier: entry. Since then, the Linux Kernel has adopted SPDX tags and they place it as the very first line in a file (except where shebangs are used, then it's second line) and with slightly different comment styles than us. In part due to community overlap, in part due to better tag visibility and in part for other minor reasons, switch over to that style. This commit changes all instances where we have a single declared license in the tag as both the before and after are identical in tag contents. There's also a few places where I found we did not have a tag and have introduced one. Signed-off-by: Tom Rini <trini@konsulko.com> 
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from.  So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry.  Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.

In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.

This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents.  There's also a few places where I found we did not have a tag
and have introduced one.

Signed-off-by: Tom Rini <trini@konsulko.com>
tpm: add more useful NV storage permission flags 2017-11-17T14:15:52+00:00 André Draszik adraszik@tycoint.com 2017-10-03T15:55:53+00:00 1259f778c9b419f02e2c155996b2d15ff262901e TPM_NV_PER_PPREAD: physical presence needed for reading TPM_NV_PER_WRITEDEFINE: persistent write lock by writing size 0 TPM_NV_PER_WRITEALL: write in one go Signed-off-by: André Draszik <adraszik@tycoint.com> Acked-by: Simon Glass <sjg@chromium.org> 
TPM_NV_PER_PPREAD: physical presence needed for reading
TPM_NV_PER_WRITEDEFINE: persistent write lock by writing size 0
TPM_NV_PER_WRITEALL: write in one go

Signed-off-by: André Draszik <adraszik@tycoint.com>
Acked-by: Simon Glass <sjg@chromium.org>
tpm: add tpm_get_random() 2017-11-17T14:15:40+00:00 André Draszik adraszik@tycoint.com 2017-10-03T15:55:52+00:00 3c6050277b54f536e7effbe850dcc970a27387ab Add a function to obtain random data from the TPM. Signed-off-by: André Draszik <adraszik@tycoint.com> Added commit message, add cast to min() Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org> 
Add a function to obtain random data from the TPM.

Signed-off-by: André Draszik <adraszik@tycoint.com>
Added commit message, add cast to min()
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
tpm: Add function to load keys via their parent's SHA1 hash 2017-03-26T19:22:58+00:00 mario.six@gdsys.cc mario.six@gdsys.cc 2017-03-20T09:28:28+00:00 0f4b2ba1762d74c0b5520d99a58796d6ca78abf0 If we want to load a key into a TPM, we need to know the designated parent key's handle, so that the TPM is able to insert the key at the correct place in the key hierarchy. However, if we want to load a key whose designated parent key we also previously loaded ourselves, we first need to memorize this parent key's handle (since the handles for the key are chosen at random when they are inserted into the TPM). If we are, however, unable to do so, for example if the parent key is loaded into the TPM during production, and its child key during the actual boot, we must find a different mechanism to identify the parent key. To solve this problem, we add a function that allows U-Boot to load a key into the TPM using their designated parent key's SHA1 hash, and the corresponding auth data. Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Simon Glass <sjg@chromium.org> 
If we want to load a key into a TPM, we need to know the designated parent
key's handle, so that the TPM is able to insert the key at the correct place in
the key hierarchy.

However, if we want to load a key whose designated parent key we also
previously loaded ourselves, we first need to memorize this parent key's handle
(since the handles for the key are chosen at random when they are inserted into
the TPM). If we are, however, unable to do so, for example if the parent key is
loaded into the TPM during production, and its child key during the actual
boot, we must find a different mechanism to identify the parent key.

To solve this problem, we add a function that allows U-Boot to load a key into
the TPM using their designated parent key's SHA1 hash, and the corresponding
auth data.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Simon Glass <sjg@chromium.org>
lib: tpm: Add command to flush resources 2017-02-01T08:02:57+00:00 Mario Six mario.six@gdsys.cc 2017-01-11T15:00:50+00:00 7690be35deaeac1cb51a5f7896c2a46afabdfad3 This patch adds a function to the TPM library, which allows U-Boot to flush resources, e.g. keys, from the TPM. Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Stefan Roese <sr@denx.de> Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Stefan Roese <sr@denx.de> 
This patch adds a function to the TPM library, which allows U-Boot to
flush resources, e.g. keys, from the TPM.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Stefan Roese <sr@denx.de>
dm: tpm: Remove every compilation switch for TPM driver model 2015-10-23T15:42:28+00:00 Christophe Ricard christophe.ricard@gmail.com 2015-10-06T20:54:43+00:00 c2b0f600a1707450ef985e28363893987f36fd8a As every TPM drivers support UCLASS_TPM, we can only rely on DM_TPM functions. This simplify a bit the code. Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Tom Rini <trini@konsulko.com> Acked-by: Simon Glass <sjg@chromium.org> 
As every TPM drivers support UCLASS_TPM, we can only rely on DM_TPM
functions.

This simplify a bit the code.

Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Acked-by: Simon Glass <sjg@chromium.org>