cmd/tpm-v2.c

   1 // SPDX-License-Identifier: GPL-2.0+
   2 /*
   3  * Copyright (c) 2018 Bootlin
   4  * Author: Miquel Raynal <miquel.raynal@bootlin.com>
   5  */
   6
   7 #include <common.h>
   8 #include <dm.h>
   9 #include <log.h>
  10 #include <tpm-common.h>
  11 #include <tpm-v2.h>
  12 #include "tpm-user-utils.h"
  13
  14 static int do_tpm2_startup(cmd_tbl_t *cmdtp, int flag, int argc,
  15                            char * const argv[])
  16 {
  17         enum tpm2_startup_types mode;
  18
  19         if (argc != 2)
  20                 return CMD_RET_USAGE;
  21
  22         if (!strcasecmp("TPM2_SU_CLEAR", argv[1])) {
  23                 mode = TPM2_SU_CLEAR;
  24         } else if (!strcasecmp("TPM2_SU_STATE", argv[1])) {
  25                 mode = TPM2_SU_STATE;
  26         } else {
  27                 printf("Couldn't recognize mode string: %s\n", argv[1]);
  28                 return CMD_RET_FAILURE;
  29         }
  30
  31         return report_return_code(tpm2_startup(mode));
  32 }
  33
  34 static int do_tpm2_self_test(cmd_tbl_t *cmdtp, int flag, int argc,
  35                              char * const argv[])
  36 {
  37         enum tpm2_yes_no full_test;
  38
  39         if (argc != 2)
  40                 return CMD_RET_USAGE;
  41
  42         if (!strcasecmp("full", argv[1])) {
  43                 full_test = TPMI_YES;
  44         } else if (!strcasecmp("continue", argv[1])) {
  45                 full_test = TPMI_NO;
  46         } else {
  47                 printf("Couldn't recognize test mode: %s\n", argv[1]);
  48                 return CMD_RET_FAILURE;
  49         }
  50
  51         return report_return_code(tpm2_self_test(full_test));
  52 }
  53
  54 static int do_tpm2_clear(cmd_tbl_t *cmdtp, int flag, int argc,
  55                          char * const argv[])
  56 {
  57         u32 handle = 0;
  58         const char *pw = (argc < 3) ? NULL : argv[2];
  59         const ssize_t pw_sz = pw ? strlen(pw) : 0;
  60
  61         if (argc < 2 || argc > 3)
  62                 return CMD_RET_USAGE;
  63
  64         if (pw_sz > TPM2_DIGEST_LEN)
  65                 return -EINVAL;
  66
  67         if (!strcasecmp("TPM2_RH_LOCKOUT", argv[1]))
  68                 handle = TPM2_RH_LOCKOUT;
  69         else if (!strcasecmp("TPM2_RH_PLATFORM", argv[1]))
  70                 handle = TPM2_RH_PLATFORM;
  71         else
  72                 return CMD_RET_USAGE;
  73
  74         return report_return_code(tpm2_clear(handle, pw, pw_sz));
  75 }
  76
  77 static cmd_tbl_t tpm2_commands[] = {
  78         U_BOOT_CMD_MKENT(info, 0, 1, do_tpm_info, "", ""),
  79         U_BOOT_CMD_MKENT(init, 0, 1, do_tpm_init, "", ""),
  80         U_BOOT_CMD_MKENT(startup, 0, 1, do_tpm2_startup, "", ""),
  81         U_BOOT_CMD_MKENT(self_test, 0, 1, do_tpm2_self_test, "", ""),
  82         U_BOOT_CMD_MKENT(clear, 0, 1, do_tpm2_clear, "", ""),
  83 };
  84
  85 cmd_tbl_t *get_tpm_commands(unsigned int *size)
  86 {
  87         *size = ARRAY_SIZE(tpm2_commands);
  88
  89         return tpm2_commands;
  90 }
  91
  92 U_BOOT_CMD(tpm, CONFIG_SYS_MAXARGS, 1, do_tpm, "Issue a TPMv2.x command",
  93 "<command> [<arguments>]\n"
  94 "\n"
  95 "info\n"
  96 "    Show information about the TPM.\n"
  97 "init\n"
  98 "    Initialize the software stack. Always the first command to issue.\n"
  99 "startup <mode>\n"
 100 "    Issue a TPM2_Startup command.\n"
 101 "    <mode> is one of:\n"
 102 "        * TPM2_SU_CLEAR (reset state)\n"
 103 "        * TPM2_SU_STATE (preserved state)\n"
 104 "self_test <type>\n"
 105 "    Test the TPM capabilities.\n"
 106 "    <type> is one of:\n"
 107 "        * full (perform all tests)\n"
 108 "        * continue (only check untested tests)\n"
 109 "clear <hierarchy>\n"
 110 "    Issue a TPM2_Clear command.\n"
 111 "    <hierarchy> is one of:\n"
 112 "        * TPM2_RH_LOCKOUT\n"
 113 "        * TPM2_RH_PLATFORM\n"
 114 );