u-boot.git/include/tpm.h, branch v2018.01 Unnamed repository; edit this file 'description' to name the repository. tpm: add more useful NV storage permission flags 2017-11-17T14:15:52+00:00 André Draszik adraszik@tycoint.com 2017-10-03T15:55:53+00:00 1259f778c9b419f02e2c155996b2d15ff262901e TPM_NV_PER_PPREAD: physical presence needed for reading TPM_NV_PER_WRITEDEFINE: persistent write lock by writing size 0 TPM_NV_PER_WRITEALL: write in one go Signed-off-by: André Draszik <adraszik@tycoint.com> Acked-by: Simon Glass <sjg@chromium.org> 
TPM_NV_PER_PPREAD: physical presence needed for reading
TPM_NV_PER_WRITEDEFINE: persistent write lock by writing size 0
TPM_NV_PER_WRITEALL: write in one go

Signed-off-by: André Draszik <adraszik@tycoint.com>
Acked-by: Simon Glass <sjg@chromium.org>
tpm: add tpm_get_random() 2017-11-17T14:15:40+00:00 André Draszik adraszik@tycoint.com 2017-10-03T15:55:52+00:00 3c6050277b54f536e7effbe850dcc970a27387ab Add a function to obtain random data from the TPM. Signed-off-by: André Draszik <adraszik@tycoint.com> Added commit message, add cast to min() Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Simon Glass <sjg@chromium.org> 
Add a function to obtain random data from the TPM.

Signed-off-by: André Draszik <adraszik@tycoint.com>
Added commit message, add cast to min()
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
tpm: Add function to load keys via their parent's SHA1 hash 2017-03-26T19:22:58+00:00 mario.six@gdsys.cc mario.six@gdsys.cc 2017-03-20T09:28:28+00:00 0f4b2ba1762d74c0b5520d99a58796d6ca78abf0 If we want to load a key into a TPM, we need to know the designated parent key's handle, so that the TPM is able to insert the key at the correct place in the key hierarchy. However, if we want to load a key whose designated parent key we also previously loaded ourselves, we first need to memorize this parent key's handle (since the handles for the key are chosen at random when they are inserted into the TPM). If we are, however, unable to do so, for example if the parent key is loaded into the TPM during production, and its child key during the actual boot, we must find a different mechanism to identify the parent key. To solve this problem, we add a function that allows U-Boot to load a key into the TPM using their designated parent key's SHA1 hash, and the corresponding auth data. Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Simon Glass <sjg@chromium.org> 
If we want to load a key into a TPM, we need to know the designated parent
key's handle, so that the TPM is able to insert the key at the correct place in
the key hierarchy.

However, if we want to load a key whose designated parent key we also
previously loaded ourselves, we first need to memorize this parent key's handle
(since the handles for the key are chosen at random when they are inserted into
the TPM). If we are, however, unable to do so, for example if the parent key is
loaded into the TPM during production, and its child key during the actual
boot, we must find a different mechanism to identify the parent key.

To solve this problem, we add a function that allows U-Boot to load a key into
the TPM using their designated parent key's SHA1 hash, and the corresponding
auth data.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Simon Glass <sjg@chromium.org>
lib: tpm: Add command to flush resources 2017-02-01T08:02:57+00:00 Mario Six mario.six@gdsys.cc 2017-01-11T15:00:50+00:00 7690be35deaeac1cb51a5f7896c2a46afabdfad3 This patch adds a function to the TPM library, which allows U-Boot to flush resources, e.g. keys, from the TPM. Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Stefan Roese <sr@denx.de> Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Stefan Roese <sr@denx.de> 
This patch adds a function to the TPM library, which allows U-Boot to
flush resources, e.g. keys, from the TPM.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Stefan Roese <sr@denx.de>
dm: tpm: Remove every compilation switch for TPM driver model 2015-10-23T15:42:28+00:00 Christophe Ricard christophe.ricard@gmail.com 2015-10-06T20:54:43+00:00 c2b0f600a1707450ef985e28363893987f36fd8a As every TPM drivers support UCLASS_TPM, we can only rely on DM_TPM functions. This simplify a bit the code. Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com> Reviewed-by: Tom Rini <trini@konsulko.com> Acked-by: Simon Glass <sjg@chromium.org> 
As every TPM drivers support UCLASS_TPM, we can only rely on DM_TPM
functions.

This simplify a bit the code.

Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Acked-by: Simon Glass <sjg@chromium.org>
tpm: Add functions to access flags and permissions 2015-08-31T13:57:29+00:00 Simon Glass sjg@chromium.org 2015-08-23T00:31:41+00:00 2132f971ba2443bc31046cbbf18bbf5e7c017b50 Add a few new functions which will be used by the test command in a future patch. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Christophe Ricard<christophe-h.ricard@st.com> Reviewed-by: Heiko Schocher <hs@denx.de> 
Add a few new functions which will be used by the test command in a future
patch.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Christophe Ricard<christophe-h.ricard@st.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
dm: tpm: Convert the TPM command and library to driver model 2015-08-31T13:57:28+00:00 Simon Glass sjg@chromium.org 2015-08-23T00:31:32+00:00 c8a8c51039d83149a93fccb6e325bfdb8f63fa66 Add driver model support to the TPM command and the TPM library. Both support only a single TPM at present. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Christophe Ricard<christophe-h.ricard@st.com> Reviewed-by: Heiko Schocher <hs@denx.de> 
Add driver model support to the TPM command and the TPM library. Both
support only a single TPM at present.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Christophe Ricard<christophe-h.ricard@st.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
dm: tpm: Add a uclass for Trusted Platform Modules 2015-08-31T13:57:28+00:00 Simon Glass sjg@chromium.org 2015-08-23T00:31:31+00:00 f255d31f9063e50b56208fff439b63039cfd7ac6 Add a new uclass for TPMs which uses almost the same TIS (TPM Interface Specification) as is currently implemented. Since init() is handled by the normal driver model probe() method, we don't need to implement that. Also rename the transfer method to xfer() which is a less clumbsy name. Once all drivers and users are converted to driver model we can remove the old code. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Christophe Ricard<christophe-h.ricard@st.com> Reviewed-by: Heiko Schocher <hs@denx.de> 
Add a new uclass for TPMs which uses almost the same TIS (TPM Interface
Specification) as is currently implemented. Since init() is handled by the
normal driver model probe() method, we don't need to implement that. Also
rename the transfer method to xfer() which is a less clumbsy name.

Once all drivers and users are converted to driver model we can remove the
old code.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Christophe Ricard<christophe-h.ricard@st.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
Add GPL-2.0+ SPDX-License-Identifier to source files 2013-07-24T13:44:38+00:00 Wolfgang Denk wd@denx.de 2013-07-08T07:37:19+00:00 1a4596601fd395f3afb8f82f3f840c5e00bdd57a Signed-off-by: Wolfgang Denk <wd@denx.de> [trini: Fixup common/cmd_io.c] Signed-off-by: Tom Rini <trini@ti.com> 
Signed-off-by: Wolfgang Denk <wd@denx.de>
[trini: Fixup common/cmd_io.c]
Signed-off-by: Tom Rini <trini@ti.com>
tpm: add AUTH1 cmds for LoadKey2 and GetPubKey 2013-07-16T22:44:29+00:00 Reinhard Pfau pfau@gdsys.de 2013-06-26T13:55:13+00:00 be6c1529c1ce9718cc955f23fdaa5891d15b6551 Extend the tpm library with support for single authorized (AUTH1) commands as specified in the TCG Main Specification 1.2. (The internally used helper functions are implemented in a way that they could also be used for double authorized commands if someone needs it.) Provide enums with the return codes from the TCG Main specification. For now only a single OIAP session is supported. OIAP authorized version of the commands TPM_LoadKey2 and TPM_GetPubKey are provided. Both features are available using the 'tpm' command, too. Authorized commands are enabled with CONFIG_TPM_AUTH_SESSIONS. (Note that this also requires CONFIG_SHA1 to be enabled.) Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc> Signed-off-by: Dirk Eibach <dirk.eibach@gdsys.cc> Acked-by: Che-Liang Chiou <clchiou@chromium.org> Signed-off-by: Andy Fleming <afleming@freescale.com> 
Extend the tpm library with support for single authorized (AUTH1) commands
as specified in the TCG Main Specification 1.2. (The internally used helper
functions are implemented in a way that they could also be used for double
authorized commands if someone needs it.)

Provide enums with the return codes from the TCG Main specification.

For now only a single OIAP session is supported.

OIAP authorized version of the commands TPM_LoadKey2 and TPM_GetPubKey are
provided. Both features are available using the 'tpm' command, too.

Authorized commands are enabled with CONFIG_TPM_AUTH_SESSIONS. (Note that
this also requires CONFIG_SHA1 to be enabled.)

Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc>
Signed-off-by: Dirk Eibach <dirk.eibach@gdsys.cc>
Acked-by: Che-Liang Chiou <clchiou@chromium.org>
Signed-off-by: Andy Fleming <afleming@freescale.com>