From b6228b2e785df93fa4a1176d374976a9e2205924 Mon Sep 17 00:00:00 2001 From: Raymond Mao Date: Mon, 27 Jan 2025 06:58:48 -0800 Subject: tpm: add wrapper and helper APIs for PCR allocate Add PCR allocate wrapper APIs for using in tcg2 protocol. The wrapper proceeds a PCR allocate command, followed by a shutdown command. A system boot is required after two commands since TPM device needs a HW reset to activate the new algorithms config. Also, a helper function is included to determine the new bank mask for PCR allocation by combining the status of current active, supported and eventlog bank masks. A new kconfig is created. PCR allocate and system reboot only happens when the kconfig is selected, otherwise just exit with errors. Signed-off-by: Raymond Mao Reviewed-by: Ilias Apalodimas Signed-off-by: Ilias Apalodimas --- include/tpm-v2.h | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'include') diff --git a/include/tpm-v2.h b/include/tpm-v2.h index af3158f6e4f..ece422df0c7 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -703,6 +703,18 @@ u32 tpm2_report_state(struct udevice *dev, uint vendor_cmd, uint vendor_subcmd, u32 tpm2_enable_nvcommits(struct udevice *dev, uint vendor_cmd, uint vendor_subcmd); +/** + * tpm2_scan_masks - Scan the bitmask of algorithms based on the + * active/supported banks and the one from eventlog. + * + * @dev TPM device + * @log_active Active algorithm bitmask + * @mask Bitmask to set + * + * Return: zero on success, negative errno otherwise + */ +int tpm2_scan_masks(struct udevice *dev, u32 log_active, u32 *mask); + /** * tpm2_pcr_config_algo() - Allocate the active PCRs. Requires reboot * @@ -730,6 +742,15 @@ u32 tpm2_pcr_config_algo(struct udevice *dev, u32 algo_mask, u32 tpm2_send_pcr_allocate(struct udevice *dev, const char *pw, const ssize_t pw_sz, struct tpml_pcr_selection *pcr, u32 pcr_len); +/** + * tpm2_activate_banks() - Activate PCR banks + * + * @param dev TPM device + * @log_active Bitmask of eventlog algorithms + * + * Return: code of the operation + */ +int tpm2_activate_banks(struct udevice *dev, u32 log_active); /** * tpm2_auto_start() - start up the TPM and perform selftests. -- cgit v1.3.1