diff options
| author | Ilias Apalodimas <ilias.apalodimas@linaro.org> | 2023-01-25 13:18:36 +0300 |
|---|---|---|
| committer | Ilias Apalodimas <ilias.apalodimas@linaro.org> | 2023-02-28 10:44:19 +0300 |
| commit | a595be3a4af116a9559a3868f81dcad55d01b8dd (patch) | |
| tree | 514219591d90388d18495638c3de6800a2cd5438 /lib | |
| parent | 5b197eee334bdf75cc9e9148161299679a5251ea (diff) | |
| download | u-boot-a595be3a4af116a9559a3868f81dcad55d01b8dd.tar.xz | |
tpm: add a function that performs selftest + startup
As described in [0] if a command requires use of an untested algorithm
or functional module, the TPM performs the test and then completes the
command actions.
Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of
the TPM in that case) and even if we would, it would complicate our TPM
code for no apparent reason, add a wrapper function that performs both
the selftest and the startup sequence of the TPM.
It's worth noting that this is implemented on TPMv2.0. The code for
1.2 would look similar, but I don't have a device available to test.
[0]
https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf
ยง12.3 Self-test modes
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/tpm-v2.c | 25 | ||||
| -rw-r--r-- | lib/tpm_api.c | 8 |
2 files changed, 33 insertions, 0 deletions
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index 697b982e07..895b093bcb 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -44,6 +44,31 @@ u32 tpm2_self_test(struct udevice *dev, enum tpm2_yes_no full_test) return tpm_sendrecv_command(dev, command_v2, NULL, NULL); } +u32 tpm2_auto_start(struct udevice *dev) +{ + u32 rc; + + /* + * the tpm_init() will return -EBUSY if the init has already happened + * The selftest and startup code can run multiple times with no side + * effects + */ + rc = tpm_init(dev); + if (rc && rc != -EBUSY) + return rc; + rc = tpm2_self_test(dev, TPMI_YES); + + if (rc == TPM2_RC_INITIALIZE) { + rc = tpm2_startup(dev, TPM2_SU_CLEAR); + if (rc) + return rc; + + rc = tpm2_self_test(dev, TPMI_YES); + } + + return rc; +} + u32 tpm2_clear(struct udevice *dev, u32 handle, const char *pw, const ssize_t pw_sz) { diff --git a/lib/tpm_api.c b/lib/tpm_api.c index 7e8df8795e..5b2c11a277 100644 --- a/lib/tpm_api.c +++ b/lib/tpm_api.c @@ -35,6 +35,14 @@ u32 tpm_startup(struct udevice *dev, enum tpm_startup_type mode) } } +u32 tpm_auto_start(struct udevice *dev) +{ + if (tpm_is_v2(dev)) + return tpm2_auto_start(dev); + + return -ENOSYS; +} + u32 tpm_resume(struct udevice *dev) { if (tpm_is_v1(dev)) |