summaryrefslogtreecommitdiff
path: root/drivers/tpm
Commit message (Collapse)AuthorAgeFilesLines
* tpm: add #ifndef to fix redeclaration build errorsJohannes Holland2020-07-081-0/+2
| | | | | | | | tpm_tis_spi.c directly includes tpm_tis.h and tpm-v2.h which both define the same enums (see e.g. TPM_ACCESS_VALID). Add an #ifndef to prevent redeclaration errors. Signed-off-by: Johannes Holland <johannes.holland@infineon.com>
* tpm2: tis_spi: add linux compatible fallback stringBruno Thomsen2020-07-081-1/+1
| | | | | | | | | | | | | | | | | | | This solves a compatibility issue with Linux device trees that contain TPMv2.x hardware. So it's easier to import DTS from upstream kernel when migrating board init from C code to DTS. The issue is that fallback binding is different between Linux and u-Boot. Linux: "tcg,tpm_tis-spi" U-Boot: "tis,tpm2-spi" As there are currently no in-tree users of the U-Boot binding, it makes sense to use Linux fallback binding. Signed-off-by: Bruno Thomsen <bruno.thomsen@gmail.com> Reviewed-by: Tom Rini <trini@konsulko.com>
* common: Drop linux/bitops.h from common headerWIP/2020-05-18-reduce-size-of-common.hSimon Glass2020-05-182-0/+2
| | | | | | Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
* common: Drop linux/delay.h from common headerSimon Glass2020-05-188-0/+8
| | | | | | Move this uncommon header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
* common: Drop log.h from common headerSimon Glass2020-05-187-0/+7
| | | | | | Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
* tpm: Don't cleanup unless an error happensSimon Glass2020-04-161-3/+10
| | | | | | | | | At present the cleanup() method is called on every transfer. It should only be called on failing transfers. Fix this and tidy up the error handling a little. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
* tpm: cr50: Use the correct GPIO bindingSimon Glass2020-04-161-1/+1
| | | | | | | This device should use ready-gpios rather than ready-gpio. Fix it. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
* tpm: cr50: Add a comment for cr50_privSimon Glass2020-04-161-0/+9
| | | | | | | Add a comment for the private structure Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
* tpm: cr50: Release locality on exitSimon Glass2020-04-161-2/+11
| | | | | | | | | At present the cr50 driver claims the locality and does not release it for Linux. This causes problems. Fix this by tracking what is claimed, and adding a 'remove' method. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
* Merge tag 'dm-pull-6feb20' of https://gitlab.denx.de/u-boot/custodians/u-boot-dmTom Rini2020-02-114-0/+292
|\ | | | | | | | | | | | | sandbox conversion to SDL2 TPM TEE driver Various minor sandbox video enhancements New driver model core utility functions
| * tpm2: ftpm: A driver for firmware TPM running inside TEEThirupathaiah Annapureddy2020-02-054-0/+292
| | | | | | | | | | | | | | | | | | | | | | | | Add a driver for a firmware TPM running inside TEE. Documentation of the firmware TPM: https://www.microsoft.com/en-us/research/publication/ftpm-software-implementation-tpm-chip/ Implementation of the firmware TPM: https://github.com/Microsoft/ms-tpm-20-ref/tree/master/Samples/ARM32-FirmwareTPM Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com>
* | tpm: Add a driver for H1/Cr50Simon Glass2020-02-073-0/+670
|/ | | | | | | | | | | | | H1 is a Google security chip present in recent Chromebooks, Pixel phones and other devices. Cr50 is the name of the software that runs on H1 in Chromebooks. This chip is used to handle TPM-like functionality and also has quite a few additional features. Add a driver for this. Signed-off-by: Simon Glass <sjg@chromium.org>
* dm: gpio: Allow control of GPIO uclass in SPLSimon Glass2019-12-151-1/+1
| | | | | | | | | | | | | | | | | | | | At present if CONFIG_SPL_GPIO_SUPPORT is enabled then the GPIO uclass is included in SPL/TPL without any control for boards. Some boards may want to disable this to reduce code size where GPIOs are not needed in SPL or TPL. Add a new Kconfig option to permit this. Default it to 'y' so that existing boards work correctly. Change existing uses of CONFIG_DM_GPIO to CONFIG_IS_ENABLED(DM_GPIO) to preserve the current behaviour. Also update the 74x164 GPIO driver since it cannot build with SPL. This allows us to remove the hacks in config_uncmd_spl.h and Makefile.uncmd_spl (eventually those files should be removed). Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
* common: Drop linux/crc8.hSimon Glass2019-12-022-2/+2
| | | | | | | | We have an existing U-Boot header for the one function that this defines. Use that instead of the linux/ one. Move over the nice comment. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
* tpm2: Don't assume active low reset valueKayla Theil2019-10-151-2/+2
| | | | | | | | The reset function sets the pin to 0 then 1 but if the pin is marked ACTIVE_LOW in the DT it gets inverted and leaves the TPM in reset. Let the gpio driver take care of the reset polarity. Signed-off-by: Kayla Theil <kayla.theil@mixed-mode.de>
* tpm: wait for valid statusRoman Kapl2019-07-111-2/+10
| | | | | | | | The TPM specification says that the EXPECT_DATA bit is not valid until the VALID bit is set. Wait for that bit to be set. Fixes problems with Ifineon SPI TPM. Signed-off-by: Roman Kapl <rka@sysgo.com>
* tpm: Export the open/close functionsSimon Glass2018-11-291-20/+27
| | | | | | | | | | | At present these functions are not accessible outside the TPM library, but in some cases we need to call them. Export them in the header file and add a define for the SHA1 digest size. Also adjust tpm_open() to call tpm_close() first so that the TPM is in a known state before opening (e.g. by a previous phase of U-Boot). Signed-off-by: Simon Glass <sjg@chromium.org>
* sandbox: tpm: Allow debugging of data packagesSimon Glass2018-11-201-0/+6
| | | | | | | This is not normally useful, so change the code to avoid writing out every data package. This can be enabled with #define DEBUG. Signed-off-by: Simon Glass <sjg@chromium.org>
* tpm: Use livetree and allow childrenSimon Glass2018-10-092-1/+4
| | | | | | | | Adjust the TPM drivers to use livetree (only one does not). Also, sometimes TPMs can have child devices if they provide a service to the system (such as storing secure data), so permit that. Signed-off-by: Simon Glass <sjg@chromium.org>
* cros: Update cros_ec code to use struct udeviceSimon Glass2018-10-091-3/+3
| | | | | | | | At present we pass around a private pointer to specify the cros_ec device. With driver model it makes more sense to pass the device. Update the code to do this. Signed-off-by: Simon Glass <sjg@chromium.org>
* tpm: Add support for SPL and TPLSimon Glass2018-10-091-1/+1
| | | | | | | At present the tpm can only be used in U-Boot proper. Updated it to work in SPL and TPL also. Signed-off-by: Simon Glass <sjg@chromium.org>
* sandbox: tpm: Enhance to support the latest Chromium OSSimon Glass2018-10-091-15/+82
| | | | | | | | | This driver was originally written against Chromium OS circa 2012. A few new features have been added. Enhance the TPM driver to match. This mostly includes a few new messages and properly modelling whether a particular 'space' is present or not. Signed-off-by: Simon Glass <sjg@chromium.org>
* sandbox: tpm: Tidy up enums and return valuesSimon Glass2018-10-091-10/+10
| | | | | | | | Use an enum for command values instead of open-coding them. This removes the need for comments. Also make sure the driver returns proper error numbers instead of -1. Signed-off-by: Simon Glass <sjg@chromium.org>
* tpm: sandbox: fix wrong assignment with a simplificationMiquel Raynal2018-08-131-26/+26
| | | | | | | | | | | | | | | | | | | | | | | | | The recv variable in sandbox_tpm2_fill_buf() is a pointer on a pointer of a char array. It means accessing *recv is the char array pointer itself while **recv is the first character of that array. There is no need for such indirection here, so simplify the code. Simplifying things will make the last assignment right: "*recv = NULL" is now correct. The issue has been found by the following Coverity Scan report: CID 183371: Incorrect expression (UNUSED_VALUE) Assigning value "4UL" to "*recv" here, but that stored value is overwritten before it can be used. 232 *recv += sizeof(rc); 233 234 /* Add trailing \0 */ 235 *recv = NULL; While at simplifying things, use '\0' instead of NULL when adding an empty char at the end of the buffer. Reported-by: Tom Rini <trini@konsulko.com> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org>
* tpm: sandbox: fix wrong check on pcr_mapMiquel Raynal2018-08-131-3/+3
| | | | | | | | | | | | | | | | | | | | | | The second check on pcr_map in sandbox_tpm2_xfer() is wrong. It should check for pcr_map not being empty. Instead, it is a pure copy/paste of the first check which is redundant. This has been found thanks to a Coverity Scan report: CID 183370: Memory - illegal accesses (UNINIT) Using uninitialized value "pcr_index". put_unaligned_be32(tpm->pcr_extensions[pcr_index], recv); This is because pcr_index is initialized only if the user input is correct, ie. at least one valid bit is set in pcr_map. Fix the second check and also initialize pcr_index to 0 (which is harmless in case of error) to make Coverity Scan happy. Reported-by: Tom Rini <trini@konsulko.com> Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org>
* tpm: make TPM_V2 be compiled by defaultMiquel Raynal2018-07-281-0/+1
| | | | | | | | TPM_V1 was already compiled by default. Now that both can be compiled at the same time, compiled them both by default. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org>
* tpm: allow TPM v1 and v2 to be compiled at the same timeMiquel Raynal2018-07-284-9/+10
| | | | | | | | | | | | | | | | | | | | | | | While there is probably no reason to do so in a real life situation, it will allow to compile test both stacks with the same sandbox defconfig. As we cannot define two 'tpm' commands at the same time, the command for TPM v1 is still called 'tpm' and the one for TPM v2 'tpm2'. While this is the exact command name that must be written into eg. test files, any user already using the TPM v2 stack can continue to do so by just writing 'tpm' because as long as TPM v1 support is not compiled, U-Boot prompt will search for the closest command named after 'tpm'. The command set can also be changed at runtime (not supported yet, but ready to be), but as one can compile only either one stack or the other, there is still one spot in the code where conditionals are used: to retrieve the v1 or v2 command set. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> [trini: In sandbox_tpm2_fill_buf() use NULL not \0 to ensure NULL terminated string due to LLVM warning] Signed-off-by: Tom Rini <trini@konsulko.com>
* tpm: remove stale symbol in KconfigMiquel Raynal2018-07-281-3/+0
| | | | | | | | | The TPM_DRIVER_SELECTED symbol was used in one of the initial series about TPMv2 but its use has been dropped, making these selects useless, remove them. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org>
* tpm: compile Sandbox driver by defaultMiquel Raynal2018-07-281-0/+2
| | | | | | | | When Sandbox and the TPM stack are both selected, compile Sandbox TPM driver by default. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org>
* tpm: add a Sandbox TPMv2.x driverMiquel Raynal2018-05-253-1/+636
| | | | | | | | | This driver can emulate all the basic functionalities of a TPMv2.x chip and should behave like them during regular testing. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
* tpm2: tis_spi: add the possibility to reset the chip with a gpioMiquel Raynal2018-05-251-0/+16
| | | | | | | | On some designs, the reset line could not be connected to the SoC reset line, in this case, request the GPIO and ensure the chip gets reset. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org>
* tpm: add support for TPMv2.x SPI modulesMiquel Raynal2018-05-253-0/+675
| | | | | | | | | Add the tpm2_tis_spi driver that should support any TPMv2 compliant (SPI) module. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Tom Rini <trini@konsulko.com> Reviewed-by: Simon Glass <sjg@chromium.org>
* tpm: prepare support for TPMv2.x commandsMiquel Raynal2018-05-251-0/+2
| | | | | | | | | | | | Choice between v1 and v2 compliant functions is done with the configuration. Create the various files that will receive TPMv2-only code on the same scheme as for the TPMv1 code. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
* tpm: disociate TPMv1.x specific and generic codeMiquel Raynal2018-05-258-8/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are no changes in this commit but a new organization of the code as follow. * cmd/ directory: > move existing code from cmd/tpm.c in cmd/tpm-common.c > move specific code in cmd/tpm-v1.c > create a specific header file with generic definitions for commands only called cmd/tpm-user-utils.h * lib/ directory: > move existing code from lib/tpm.c in lib/tpm-common.c > move specific code in lib/tpm-v1.c > create a specific header file with generic definitions for the library itself called lib/tpm-utils.h * include/ directory: > move existing code from include/tpm.h in include/tpm-common.h > move specific code in include/tpm-v1.h Code designated as 'common' is compiled if TPM are used. Code designated as 'specific' is compiled only if the right specification has been selected. All files include tpm-common.h. Files in cmd/ include tpm-user-utils.h. Files in lib/ include tpm-utils.h. Depending on the specification, files may include either (not both) tpm-v1.h or tpm-v2.h. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Tom Rini <trini@konsulko.com> [trini: Fix a few more cases of tpm.h -> tpm-v1.h, some Kconfig logic] Signed-off-by: Tom Rini <trini@konsulko.com>
* tpm: prepare introduction of TPMv2.x support in KconfigMiquel Raynal2018-05-251-11/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | Because both major revisions are not compatible at all, let's make them mutually exclusive in Kconfig. This way we will be sure, when using a command or a library function that it is supported by the right revision. Current drivers are currently prefixed by "tpm_", we will prefix TPMv2.x files by "tpm2_" to make the distinction without moving everything. The Kconfig menu about TPM drivers is now divided into two sections, one for each specification. Compliant drivers with one specification will only show up if this specification _only_ has been selected, otherwise a comment is displayed. Once a driver is selected by the user, it selects automatically a boolean value, that is needed in order to activate the TPM commands. Selecting the TPM commands will automatically select the right command/library files. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com> [trini: Rework deps as TPM_V1 and TPM_V2 depend on TPM, drop TPM_DRIVER_SELECTED] Signed-off-by: Tom Rini <trini@konsulko.com>
* tpm: add Revision ID field in the chip structureMiquel Raynal2018-05-251-0/+1
| | | | | | | | | | | | | | | TPM are shipped with a few read-only register from which we can retrieve for instance: - vendor ID - product ID - revision ID Product and vendor ID share the same register and are already referenced in the tpm_chip structure. Add the revision ID entry which is missing. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
* SPDX: Convert all of our single license tags to Linux Kernel styleTom Rini2018-05-0710-21/+10
| | | | | | | | | | | | | | | | | | | | When U-Boot started using SPDX tags we were among the early adopters and there weren't a lot of other examples to borrow from. So we picked the area of the file that usually had a full license text and replaced it with an appropriate SPDX-License-Identifier: entry. Since then, the Linux Kernel has adopted SPDX tags and they place it as the very first line in a file (except where shebangs are used, then it's second line) and with slightly different comment styles than us. In part due to community overlap, in part due to better tag visibility and in part for other minor reasons, switch over to that style. This commit changes all instances where we have a single declared license in the tag as both the before and after are identical in tag contents. There's also a few places where I found we did not have a tag and have introduced one. Signed-off-by: Tom Rini <trini@konsulko.com>
* Remove unnecessary instances of DECLARE_GLOBAL_DATA_PTRTom Rini2018-04-271-2/+0
| | | | | | | | We have a large number of places where while we historically referenced gd in the code we no longer do, as well as cases where the code added that line "just in case" during development and never dropped it. Signed-off-by: Tom Rini <trini@konsulko.com>
* treewide: Fix gdsys mail addressesMario Six2018-03-091-1/+1
| | | | | | | | | | The @gdsys.cc addresses are supposed to be used for mailing lists. Switch all occurrences of @gdsys.de mail addresses to their @gdsys.cc equivalent. Also, Dirk's address was wrong in one place; fix that as well. Signed-off-by: Mario Six <six@gdsys.cc>
* Atmel TPM: Fix potential buffer overrunsJeremy Boone2018-03-051-2/+12
| | | | | | | | | Ensure that the Atmel TPM driver performs sufficient validation of the length returned in the TPM response header. This patch prevents memory corruption if the header contains a length value that is larger than the destination buffer. Signed-off-by: Jeremy Boone <jeremy.boone@nccgroup.trust>
* Infineon TPM: Fix potential buffer overrunsJeremy Boone2018-03-051-2/+3
| | | | | | | | | Ensure that the Infineon I2C and SPI TPM driver performs adequate validation of the length extracted from the TPM response header. This patch prevents integer underflow when the length was too small, which could lead to memory corruption. Signed-off-by: Jeremy Boone <jeremy.boone@nccgroup.trust>
* STMicro TPM: Fix potential buffer overrunsJeremy Boone2018-03-052-4/+6
| | | | | | | This patch prevents integer underflow when the length was too small, which could lead to memory corruption. Signed-off-by: Jeremy Boone <jeremy.boone@nccgroup.trust>
* tpm: st33zp24: fix STMicroelectronics copyrightPatrice Chotard2017-11-062-2/+4
| | | | | | Uniformize STMicroelectronics copyrights header Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
* treewide: replace with error() with pr_err()Masahiro Yamada2017-10-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | U-Boot widely uses error() as a bit noisier variant of printf(). This macro causes name conflict with the following line in include/linux/compiler-gcc.h: # define __compiletime_error(message) __attribute__((error(message))) This prevents us from using __compiletime_error(), and makes it difficult to fully sync BUILD_BUG macros with Linux. (Notice Linux's BUILD_BUG_ON_MSG is implemented by using compiletime_assert().) Let's convert error() into now treewide-available pr_err(). Done with the help of Coccinelle, excluing tools/ directory. The semantic patch I used is as follows: // <smpl> @@@@ -error +pr_err (...) // </smpl> Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> Reviewed-by: Simon Glass <sjg@chromium.org> [trini: Re-run Coccinelle] Signed-off-by: Tom Rini <trini@konsulko.com>
* dm: Rename dev_addr..() functionsSimon Glass2017-06-011-1/+1
| | | | | | | | | | | | | | | | | | | These support the flat device tree. We want to use the dev_read_..() prefix for functions that support both flat tree and live tree. So rename the existing functions to avoid confusion. In the end we will have: 1. dev_read_addr...() - works on devices, supports flat/live tree 2. devfdt_get_addr...() - current functions, flat tree only 3. of_get_address() etc. - new functions, live tree only All drivers will be written to use 1. That function will in turn call either 2 or 3 depending on whether the flat or live tree is in use. Note this involves changing some dead code - the imx_lpi2c.c file. Signed-off-by: Simon Glass <sjg@chromium.org>
* lib: tpm: Add command to list resourcesmario.six@gdsys.cc2017-03-261-0/+7
| | | | | | | | | | | It is sometimes convenient to know how many and/or which resources are currently loaded into a TPG, e.g. to test is a flush operation succeeded. Hence, we add a command that lists the resources of a given type currently loaded into the TPM. Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Simon Glass <sjg@chromium.org>
* tpm: Add function to load keys via their parent's SHA1 hashmario.six@gdsys.cc2017-03-261-0/+8
| | | | | | | | | | | | | | | | | | | | If we want to load a key into a TPM, we need to know the designated parent key's handle, so that the TPM is able to insert the key at the correct place in the key hierarchy. However, if we want to load a key whose designated parent key we also previously loaded ourselves, we first need to memorize this parent key's handle (since the handles for the key are chosen at random when they are inserted into the TPM). If we are, however, unable to do so, for example if the parent key is loaded into the TPM during production, and its child key during the actual boot, we must find a different mechanism to identify the parent key. To solve this problem, we add a function that allows U-Boot to load a key into the TPM using their designated parent key's SHA1 hash, and the corresponding auth data. Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Simon Glass <sjg@chromium.org>
* lib: tpm: Add command to flush resourcesMario Six2017-02-011-0/+6
| | | | | | | | | | This patch adds a function to the TPM library, which allows U-Boot to flush resources, e.g. keys, from the TPM. Signed-off-by: Mario Six <mario.six@gdsys.cc> Reviewed-by: Stefan Roese <sr@denx.de> Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Stefan Roese <sr@denx.de>
* tpm: tpm_tis_lpc: Add support for AT97SC3204George McCollister2016-12-021-9/+28
| | | | | | | | | The Atmel AT97SC3204 is also TIS compliant. Modify the tpm_tis_lpc driver to check for the vid/did used by the Atmel AT97SC3204 and report an appropriate description. Signed-off-by: George McCollister <george.mccollister@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
* tpm: Tidy up use of size_tSimon Glass2016-10-111-2/+2
| | | | | | | | We should consistently use %z with size_t, and avoid passing a uint32_t as a size_t value. Fix these issues to avoid warnings on 64-bit machines. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>