u-boot.git/include/tpm_api.h, branch master Unnamed repository; edit this file 'description' to name the repository. tpm: add a function that performs selftest + startup 2023-02-28T07:44:19+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2023-01-25T10:18:36+00:00 a595be3a4af116a9559a3868f81dcad55d01b8dd As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
As described in [0] if a command requires use of an untested algorithm
or functional module, the TPM performs the test and then completes the
command actions.

Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of
the TPM in that case) and even if we would, it would complicate our TPM
code for no apparent reason,  add a wrapper function that performs both
the selftest and the startup sequence of the TPM.

It's worth noting that this is implemented on TPMv2.0.  The code for
1.2 would look similar,  but I don't have a device available to test.

[0]
https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf
§12.3 Self-test modes

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
tpm: Require a digest source when extending the PCR 2022-09-03T13:53:58+00:00 Simon Glass sjg@chromium.org 2022-08-31T03:05:32+00:00 a557d258c6be49ec1253947a227189de149971df This feature is used for measured boot, so we can add a log entry to the TCPA with some information about where the digest comes from. It is not currently supported in the TPM drivers, but add it to the API so that code which expects it can signal its request. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
This feature is used for measured boot, so we can add a log entry to the
TCPA with some information about where the digest comes from. It is not
currently supported in the TPM drivers, but add it to the API so that
code which expects it can signal its request.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
tpm: Export the TPM-version functions 2022-08-02T20:50:02+00:00 Simon Glass sjg@chromium.org 2022-07-22T16:02:02+00:00 5e5937822a50224631963402ff3c033d2524a55f These functions should really be available outside the TPM code, so that other callers can find out which version the TPM is. Rename them to have a tpm_ prefix() and add them to the header file. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
These functions should really be available outside the TPM code, so that
other callers can find out which version the TPM is. Rename them to have
a tpm_ prefix() and add them to the header file.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
doc: replace @return by Return: 2022-01-19T17:11:34+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2022-01-19T17:05:50+00:00 185f812c419f1b4f0d10d9787d59cf9f11a2a600 Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
Sphinx expects Return: and not @return to indicate a return value.

find . -name '*.c' -exec \
sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \;

find . -name '*.h' -exec \
sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \;

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
tpm: Add an API that can support v1.2 and v2 2021-03-02T20:53:37+00:00 Simon Glass sjg@chromium.org 2021-02-06T21:23:35+00:00 bfe8fa262c788b817a8de66f78b3b2d9c22fa0d1 There are two different TPM standards. U-Boot supports both but each has its own set of functions. We really need a single TPM API that can call one or the other. This is not always possible as there are some differences between the two standards, but it is mostly possible. Add an API to handle this. So far it is not plumbed into the build and only supports TPMv1. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
There are two different TPM standards. U-Boot supports both but each has
its own set of functions. We really need a single TPM API that can call
one or the other. This is not always possible as there are some
differences between the two standards, but it is mostly possible.

Add an API to handle this. So far it is not plumbed into the build and
only supports TPMv1.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>