#define DB_GP_88F68XX_GPP_POL_LOW 0x0
#define DB_GP_88F68XX_GPP_POL_MID 0x0
+static int get_tpm(struct udevice **devp)
+{
+ int rc;
+
+ rc = uclass_first_device_err(UCLASS_TPM, devp);
+ if (rc) {
+ printf("Could not find TPM (ret=%d)\n", rc);
+ return CMD_RET_FAILURE;
+ }
+
+ return 0;
+}
+
/*
* Define the DDR layout / topology here in the board file. This will
* be used by the DDR3 init code in the SPL U-Boot version to configure
int last_stage_init(void)
{
+ struct udevice *tpm;
+ int ret;
+
#ifndef CONFIG_SPL_BUILD
ccdc_eth_init();
#endif
- if (tpm_init() || tpm_startup(TPM_ST_CLEAR) ||
- tpm_continue_self_test()) {
+ ret = get_tpm(&tpm);
+ if (ret || tpm_init(tpm) || tpm_startup(tpm, TPM_ST_CLEAR) ||
+ tpm_continue_self_test(tpm)) {
return 1;
}
mdelay(37);
- flush_keys();
- load_and_run_keyprog();
+ flush_keys(tpm);
+ load_and_run_keyprog(tpm);
return 0;
}
/**
* @brief get the size of a given (TPM) NV area
+ * @param tpm TPM device
* @param index NV index of the area to get size for
* @param size pointer to the size
* @return 0 on success, != 0 on error
*/
-static int get_tpm_nv_size(uint32_t index, uint32_t *size)
+static int get_tpm_nv_size(struct udevice *tpm, uint32_t index, uint32_t *size)
{
uint32_t err;
uint8_t info[72];
uint8_t *ptr;
uint16_t v16;
- err = tpm_get_capability(TPM_CAP_NV_INDEX, index,
- info, sizeof(info));
+ err = tpm_get_capability(tpm, TPM_CAP_NV_INDEX, index,
+ info, sizeof(info));
if (err) {
printf("tpm_get_capability(CAP_NV_INDEX, %08x) failed: %u\n",
index, err);
/**
* @brief search for a key by usage auth and pub key hash.
+ * @param tpm TPM device
* @param auth usage auth of the key to search for
* @param pubkey_digest (SHA1) hash of the pub key structure of the key
* @param[out] handle the handle of the key iff found
* @return 0 if key was found in TPM; != 0 if not.
*/
-static int find_key(const uint8_t auth[20], const uint8_t pubkey_digest[20],
- uint32_t *handle)
+static int find_key(struct udevice *tpm, const uint8_t auth[20],
+ const uint8_t pubkey_digest[20], uint32_t *handle)
{
uint16_t key_count;
uint32_t key_handles[10];
unsigned int i;
/* fetch list of already loaded keys in the TPM */
- err = tpm_get_capability(TPM_CAP_HANDLE, TPM_RT_KEY, buf, sizeof(buf));
+ err = tpm_get_capability(tpm, TPM_CAP_HANDLE, TPM_RT_KEY, buf,
+ sizeof(buf));
if (err)
return -1;
key_count = get_unaligned_be16(buf);
/* now search a(/ the) key which we can access with the given auth */
for (i = 0; i < key_count; ++i) {
buf_len = sizeof(buf);
- err = tpm_get_pub_key_oiap(key_handles[i], auth, buf, &buf_len);
+ err = tpm_get_pub_key_oiap(tpm, key_handles[i], auth, buf,
+ &buf_len);
if (err && err != TPM_AUTHFAIL)
return -1;
if (err)
/**
* @brief read CCDM common data from TPM NV
+ * @param tpm TPM device
* @return 0 if CCDM common data was found and read, !=0 if something failed.
*/
-static int read_common_data(void)
+static int read_common_data(struct udevice *tpm)
{
uint32_t size = 0;
uint32_t err;
uint8_t buf[256];
sha1_context ctx;
- if (get_tpm_nv_size(NV_COMMON_DATA_INDEX, &size) ||
+ if (get_tpm_nv_size(tpm, NV_COMMON_DATA_INDEX, &size) ||
size < NV_COMMON_DATA_MIN_SIZE)
return 1;
- err = tpm_nv_read_value(NV_COMMON_DATA_INDEX,
- buf, min(sizeof(buf), size));
+ err = tpm_nv_read_value(tpm, NV_COMMON_DATA_INDEX,
+ buf, min(sizeof(buf), size));
if (err) {
printf("tpm_nv_read_value() failed: %u\n", err);
return 1;
/**
* @brief get pointer of a hash register by specification and usage.
+ * @param tpm TPM device
* @param spec specification of a hash register
* @param mode access mode (read or write or read/write)
* @return pointer to hash register if found and valid; NULL else.
* The value of automatic registers (PCR register and fixed registers) is
* loaded or computed on read access.
*/
-static struct h_reg *access_hreg(uint8_t spec, enum access_mode mode)
+static struct h_reg *access_hreg(struct udevice *tpm, uint8_t spec,
+ enum access_mode mode)
{
struct h_reg *result;
if (mode & HREG_RD) {
if (!result->valid) {
if (IS_PCR_HREG(spec)) {
- hre_tpm_err = tpm_pcr_read(HREG_IDX(spec),
+ hre_tpm_err = tpm_pcr_read(tpm, HREG_IDX(spec),
result->digest, 20);
result->valid = (hre_tpm_err == TPM_SUCCESS);
} else if (IS_FIX_HREG(spec)) {
switch (HREG_IDX(spec)) {
case FIX_HREG_DEVICE_ID_HASH:
- read_common_data();
+ read_common_data(tpm);
break;
case FIX_HREG_VENDOR:
memcpy(result->digest, vendor, 20);
return _dst;
}
-static int hre_op_loadkey(struct h_reg *src_reg, struct h_reg *dst_reg,
- const void *key, size_t key_size)
+static int hre_op_loadkey(struct udevice *tpm, struct h_reg *src_reg,
+ struct h_reg *dst_reg, const void *key,
+ size_t key_size)
{
uint32_t parent_handle;
uint32_t key_handle;
if (!src_reg || !dst_reg || !src_reg->valid || !dst_reg->valid)
return -1;
- if (find_key(src_reg->digest, dst_reg->digest, &parent_handle))
+ if (find_key(tpm, src_reg->digest, dst_reg->digest, &parent_handle))
return -1;
- hre_tpm_err = tpm_load_key2_oiap(parent_handle, key, key_size,
- src_reg->digest, &key_handle);
+ hre_tpm_err = tpm_load_key2_oiap(tpm, parent_handle, key, key_size,
+ src_reg->digest, &key_handle);
if (hre_tpm_err) {
hre_err = HRE_E_TPM_FAILURE;
return -1;
/**
* @brief executes the next opcode on the hash register engine.
+ * @param tpm TPM device
* @param[in,out] ip pointer to the opcode (instruction pointer)
* @param[in,out] code_size (remaining) size of the code
* @return new instruction pointer on success, NULL on error.
*/
-static const uint8_t *hre_execute_op(const uint8_t **ip, size_t *code_size)
+static const uint8_t *hre_execute_op(struct udevice *tpm, const uint8_t **ip,
+ size_t *code_size)
{
bool dst_modified = false;
uint32_t ins;
if ((opcode & 0x80) && (data_size + 4) > *code_size)
return NULL;
- src_reg = access_hreg(src_spec, HREG_RD);
+ src_reg = access_hreg(tpm, src_spec, HREG_RD);
if (hre_err || hre_tpm_err)
return NULL;
- dst_reg = access_hreg(dst_spec, (opcode & 0x40) ? HREG_RDWR : HREG_WR);
+ dst_reg = access_hreg(tpm, dst_spec,
+ (opcode & 0x40) ? HREG_RDWR : HREG_WR);
if (hre_err || hre_tpm_err)
return NULL;
dst_modified = true;
break;
case HRE_LOADKEY:
- if (hre_op_loadkey(src_reg, dst_reg, data, data_size))
+ if (hre_op_loadkey(tpm, src_reg, dst_reg, data, data_size))
return NULL;
break;
default:
}
if (dst_reg && dst_modified && IS_PCR_HREG(dst_spec)) {
- hre_tpm_err = tpm_extend(HREG_IDX(dst_spec), dst_reg->digest,
- dst_reg->digest);
+ hre_tpm_err = tpm_extend(tpm, HREG_IDX(dst_spec),
+ dst_reg->digest, dst_reg->digest);
if (hre_tpm_err) {
hre_err = HRE_E_TPM_FAILURE;
return NULL;
/**
* @brief runs a program on the hash register engine.
+ * @param tpm TPM device
* @param code pointer to the (HRE) code.
* @param code_size size of the code (in bytes).
* @return 0 on success, != 0 on failure.
*/
-int hre_run_program(const uint8_t *code, size_t code_size)
+int hre_run_program(struct udevice *tpm, const uint8_t *code, size_t code_size)
{
size_t code_left;
const uint8_t *ip = code;
hre_tpm_err = 0;
hre_err = HRE_E_OK;
while (code_left > 0)
- if (!hre_execute_op(&ip, &code_left))
+ if (!hre_execute_op(tpm, &ip, &code_left))
return -1;
return hre_err;
};
int hre_verify_program(struct key_program *prg);
-int hre_run_program(const uint8_t *code, size_t code_size);
+int hre_run_program(struct udevice *tpm, const uint8_t *code, size_t code_size);
#endif /* __HRE_H */
#include "hre.h"
-int flush_keys(void)
+int flush_keys(struct udevice *tpm)
{
u16 key_count;
u8 buf[288];
uint i;
/* fetch list of already loaded keys in the TPM */
- err = tpm_get_capability(TPM_CAP_HANDLE, TPM_RT_KEY, buf, sizeof(buf));
+ err = tpm_get_capability(tpm, TPM_CAP_HANDLE, TPM_RT_KEY, buf,
+ sizeof(buf));
if (err)
return -1;
key_count = get_unaligned_be16(buf);
ptr = buf + 2;
for (i = 0; i < key_count; ++i, ptr += 4) {
- err = tpm_flush_specific(get_unaligned_be32(ptr), TPM_RT_KEY);
+ err = tpm_flush_specific(tpm, get_unaligned_be32(ptr),
+ TPM_RT_KEY);
if (err && err != TPM_KEY_OWNER_CONTROL)
return err;
}
return result;
}
-int load_and_run_keyprog(void)
+int load_and_run_keyprog(struct udevice *tpm)
{
char *cmd = NULL;
u8 *binprog = NULL;
if (!prog)
return 1;
- if (hre_run_program(prog->code, prog->code_size)) {
+ if (hre_run_program(tpm, prog->code, prog->code_size)) {
free(prog);
return 1;
}
#ifndef __KEYPROGRAM_H
#define __KEYPROGRAM_H
-int load_and_run_keyprog(void);
-int flush_keys(void);
+int load_and_run_keyprog(struct udevice *tpm);
+int flush_keys(struct udevice *tpm);
#endif /* __KEYPROGRAM_H */
#endif
#include <common.h>
+#include <dm.h>
#include <malloc.h>
#include <fs.h>
#include <i2c.h>
#define IS_VAR_HREG(spec) (((spec) & 0x38) == 0x10)
#define HREG_IDX(spec) ((spec) & (IS_PCR_HREG(spec) ? 0x1f : 0x7))
+static int get_tpm(struct udevice **devp)
+{
+ int rc;
+
+ rc = uclass_first_device_err(UCLASS_TPM, devp);
+ if (rc) {
+ printf("Could not find TPM (ret=%d)\n", rc);
+ return CMD_RET_FAILURE;
+ }
+
+ return 0;
+}
+
static const uint8_t vendor[] = "Guntermann & Drunck";
/**
* @param size pointer to the size
* @return 0 on success, != 0 on error
*/
-static int get_tpm_nv_size(uint32_t index, uint32_t *size)
+static int get_tpm_nv_size(struct udevice *tpm, uint32_t index, uint32_t *size)
{
uint32_t err;
uint8_t info[72];
uint8_t *ptr;
uint16_t v16;
- err = tpm_get_capability(TPM_CAP_NV_INDEX, index,
- info, sizeof(info));
+ err = tpm_get_capability(tpm, TPM_CAP_NV_INDEX, index,
+ info, sizeof(info));
if (err) {
printf("tpm_get_capability(CAP_NV_INDEX, %08x) failed: %u\n",
index, err);
* @param[out] handle the handle of the key iff found
* @return 0 if key was found in TPM; != 0 if not.
*/
-static int find_key(const uint8_t auth[20], const uint8_t pubkey_digest[20],
- uint32_t *handle)
+static int find_key(struct udevice *tpm, const uint8_t auth[20],
+ const uint8_t pubkey_digest[20], uint32_t *handle)
{
uint16_t key_count;
uint32_t key_handles[10];
unsigned int i;
/* fetch list of already loaded keys in the TPM */
- err = tpm_get_capability(TPM_CAP_HANDLE, TPM_RT_KEY, buf, sizeof(buf));
+ err = tpm_get_capability(tpm, TPM_CAP_HANDLE, TPM_RT_KEY, buf,
+ sizeof(buf));
if (err)
return -1;
key_count = get_unaligned_be16(buf);
/* now search a(/ the) key which we can access with the given auth */
for (i = 0; i < key_count; ++i) {
buf_len = sizeof(buf);
- err = tpm_get_pub_key_oiap(key_handles[i], auth, buf, &buf_len);
+ err = tpm_get_pub_key_oiap(tpm, key_handles[i], auth, buf,
+ &buf_len);
if (err && err != TPM_AUTHFAIL)
return -1;
if (err)
* @brief read CCDM common data from TPM NV
* @return 0 if CCDM common data was found and read, !=0 if something failed.
*/
-static int read_common_data(void)
+static int read_common_data(struct udevice *tpm)
{
uint32_t size;
uint32_t err;
uint8_t buf[256];
sha1_context ctx;
- if (get_tpm_nv_size(NV_COMMON_DATA_INDEX, &size) ||
+ if (get_tpm_nv_size(tpm, NV_COMMON_DATA_INDEX, &size) ||
size < NV_COMMON_DATA_MIN_SIZE)
return 1;
- err = tpm_nv_read_value(NV_COMMON_DATA_INDEX,
- buf, min(sizeof(buf), size));
+ err = tpm_nv_read_value(tpm, NV_COMMON_DATA_INDEX,
+ buf, min(sizeof(buf), size));
if (err) {
printf("tpm_nv_read_value() failed: %u\n", err);
return 1;
* The value of automatic registers (PCR register and fixed registers) is
* loaded or computed on read access.
*/
-static struct h_reg *access_hreg(uint8_t spec, enum access_mode mode)
+static struct h_reg *access_hreg(struct udevice *tpm, uint8_t spec,
+ enum access_mode mode)
{
struct h_reg *result;
if (mode & HREG_RD) {
if (!result->valid) {
if (IS_PCR_HREG(spec)) {
- hre_tpm_err = tpm_pcr_read(HREG_IDX(spec),
+ hre_tpm_err = tpm_pcr_read(tpm, HREG_IDX(spec),
result->digest, 20);
result->valid = (hre_tpm_err == TPM_SUCCESS);
} else if (IS_FIX_HREG(spec)) {
switch (HREG_IDX(spec)) {
case FIX_HREG_DEVICE_ID_HASH:
- read_common_data();
+ read_common_data(tpm);
break;
case FIX_HREG_SELF_HASH:
ccdm_compute_self_hash();
return _dst;
}
-static int hre_op_loadkey(struct h_reg *src_reg, struct h_reg *dst_reg,
- const void *key, size_t key_size)
+static int hre_op_loadkey(struct udevice *tpm, struct h_reg *src_reg,
+ struct h_reg *dst_reg, const void *key,
+ size_t key_size)
{
uint32_t parent_handle;
uint32_t key_handle;
if (!src_reg || !dst_reg || !src_reg->valid || !dst_reg->valid)
return -1;
- if (find_key(src_reg->digest, dst_reg->digest, &parent_handle))
+ if (find_key(tpm, src_reg->digest, dst_reg->digest, &parent_handle))
return -1;
- hre_tpm_err = tpm_load_key2_oiap(parent_handle, key, key_size,
- src_reg->digest, &key_handle);
+ hre_tpm_err = tpm_load_key2_oiap(tpm, parent_handle, key, key_size,
+ src_reg->digest, &key_handle);
if (hre_tpm_err) {
hre_err = HRE_E_TPM_FAILURE;
return -1;
* @param[in,out] code_size (remaining) size of the code
* @return new instruction pointer on success, NULL on error.
*/
-static const uint8_t *hre_execute_op(const uint8_t **ip, size_t *code_size)
+static const uint8_t *hre_execute_op(struct udevice *tpm, const uint8_t **ip,
+ size_t *code_size)
{
bool dst_modified = false;
uint32_t ins;
if ((opcode & 0x80) && (data_size + 4) > *code_size)
return NULL;
- src_reg = access_hreg(src_spec, HREG_RD);
+ src_reg = access_hreg(tpm, src_spec, HREG_RD);
if (hre_err || hre_tpm_err)
return NULL;
- dst_reg = access_hreg(dst_spec, (opcode & 0x40) ? HREG_RDWR : HREG_WR);
+ dst_reg = access_hreg(tpm, dst_spec,
+ (opcode & 0x40) ? HREG_RDWR : HREG_WR);
if (hre_err || hre_tpm_err)
return NULL;
dst_modified = true;
break;
case HRE_LOADKEY:
- if (hre_op_loadkey(src_reg, dst_reg, data, data_size))
+ if (hre_op_loadkey(tpm, src_reg, dst_reg, data, data_size))
return NULL;
break;
default:
}
if (dst_reg && dst_modified && IS_PCR_HREG(dst_spec)) {
- hre_tpm_err = tpm_extend(HREG_IDX(dst_spec), dst_reg->digest,
- dst_reg->digest);
+ hre_tpm_err = tpm_extend(tpm, HREG_IDX(dst_spec),
+ dst_reg->digest, dst_reg->digest);
if (hre_tpm_err) {
hre_err = HRE_E_TPM_FAILURE;
return NULL;
* @param code_size size of the code (in bytes).
* @return 0 on success, != 0 on failure.
*/
-static int hre_run_program(const uint8_t *code, size_t code_size)
+static int hre_run_program(struct udevice *tpm, const uint8_t *code,
+ size_t code_size)
{
size_t code_left;
const uint8_t *ip = code;
hre_tpm_err = 0;
hre_err = HRE_E_OK;
while (code_left > 0)
- if (!hre_execute_op(&ip, &code_left))
+ if (!hre_execute_op(tpm, &ip, &code_left))
return -1;
return hre_err;
0x81, 0x2e, 0x30, 0x00, /* opcode: LOAD PCR3, f3 */
};
-static int first_stage_actions(void)
+static int first_stage_actions(struct udevice *tpm)
{
int result = 0;
struct key_program *sd_prg = NULL;
puts("CCDM S1: start actions\n");
#ifndef CCDM_SECOND_STAGE
- if (tpm_continue_self_test())
+ if (tpm_continue_self_test(tpm))
goto failure;
#else
- tpm_continue_self_test();
+ tpm_continue_self_test(tpm);
#endif
mdelay(37);
- if (hre_run_program(prg_stage1_prepare, sizeof(prg_stage1_prepare)))
+ if (hre_run_program(tpm, prg_stage1_prepare,
+ sizeof(prg_stage1_prepare)))
goto failure;
sd_prg = load_sd_key_program();
if (sd_prg) {
- if (hre_run_program(sd_prg->code, sd_prg->code_size))
+ if (hre_run_program(tpm, sd_prg->code, sd_prg->code_size))
goto failure;
puts("SD code run successfully\n");
} else {
#ifdef CCDM_FIRST_STAGE
static int first_stage_init(void)
{
- int res = 0;
+ struct udevice *tpm;
+ int ret;
+
puts("CCDM S1\n");
- if (tpm_init() || tpm_startup(TPM_ST_CLEAR))
+ ret = get_tpm(&tpm);
+ if (ret || tpm_init(tpm) || tpm_startup(tpm, TPM_ST_CLEAR))
return 1;
- res = first_stage_actions();
+ ret = first_stage_actions(tpm);
#ifndef CCDM_SECOND_STAGE
- if (!res) {
+ if (!ret) {
if (bl2_entry)
(*bl2_entry)();
- res = 1;
+ ret = 1;
}
#endif
- return res;
+ return ret;
}
#endif
char *mac_path = NULL;
ulong image_addr;
loff_t image_size;
+ struct udevice *tpm;
uint32_t err;
+ int ret;
printf("CCDM S2\n");
- if (tpm_init())
+ ret = get_tpm(&tpm);
+ if (ret || tpm_init(tpm))
return 1;
- err = tpm_startup(TPM_ST_CLEAR);
+ err = tpm_startup(tpm, TPM_ST_CLEAR);
if (err != TPM_INVALID_POSTINIT)
did_first_stage_run = false;
#ifdef CCDM_AUTO_FIRST_STAGE
- if (!did_first_stage_run && first_stage_actions())
+ if (!did_first_stage_run && first_stage_actions(tpm))
goto failure;
#else
if (!did_first_stage_run)
goto failure;
#endif
- if (hre_run_program(prg_stage2_prepare, sizeof(prg_stage2_prepare)))
+ if (hre_run_program(tpm, prg_stage2_prepare,
+ sizeof(prg_stage2_prepare)))
goto failure;
/* run "prepboot" from env to get "mmcdev" set */
}
puts("CCDM image OK\n");
- hre_run_program(prg_stage2_success, sizeof(prg_stage2_success));
+ hre_run_program(tpm, prg_stage2_success, sizeof(prg_stage2_success));
goto end;
failure:
result = 1;
- hre_run_program(prg_stage_fail, sizeof(prg_stage_fail));
+ hre_run_program(tpm, prg_stage_fail, sizeof(prg_stage_fail));
end:
if (hmac_blob)
free(hmac_blob);
int do_tpm_init(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
{
+ struct udevice *dev;
+ int rc;
+
if (argc != 1)
return CMD_RET_USAGE;
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
- return report_return_code(tpm_init());
+ return report_return_code(tpm_init(dev));
}
int do_tpm(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
char * const argv[])
{
enum tpm_startup_type mode;
+ struct udevice *dev;
+ int rc;
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
if (argc != 2)
return CMD_RET_USAGE;
if (!strcasecmp("TPM_ST_CLEAR", argv[1])) {
return CMD_RET_FAILURE;
}
- return report_return_code(tpm_startup(mode));
+ return report_return_code(tpm_startup(dev, mode));
}
static int do_tpm_nv_define_space(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
{
u32 index, perm, size;
+ struct udevice *dev;
+ int rc;
+
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
if (argc != 4)
return CMD_RET_USAGE;
perm = simple_strtoul(argv[2], NULL, 0);
size = simple_strtoul(argv[3], NULL, 0);
- return report_return_code(tpm_nv_define_space(index, perm, size));
+ return report_return_code(tpm_nv_define_space(dev, index, perm, size));
}
static int do_tpm_nv_read_value(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
{
u32 index, count, rc;
+ struct udevice *dev;
void *data;
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
+
if (argc != 4)
return CMD_RET_USAGE;
index = simple_strtoul(argv[1], NULL, 0);
data = (void *)simple_strtoul(argv[2], NULL, 0);
count = simple_strtoul(argv[3], NULL, 0);
- rc = tpm_nv_read_value(index, data, count);
+ rc = tpm_nv_read_value(dev, index, data, count);
if (!rc) {
puts("area content:\n");
print_byte_string(data, count);
static int do_tpm_nv_write_value(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
{
+ struct udevice *dev;
u32 index, rc;
size_t count;
void *data;
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
+
if (argc != 3)
return CMD_RET_USAGE;
index = simple_strtoul(argv[1], NULL, 0);
return CMD_RET_FAILURE;
}
- rc = tpm_nv_write_value(index, data, count);
+ rc = tpm_nv_write_value(dev, index, data, count);
free(data);
return report_return_code(rc);
static int do_tpm_extend(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
{
- u32 index, rc;
u8 in_digest[20], out_digest[20];
+ struct udevice *dev;
+ u32 index, rc;
+
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
if (argc != 3)
return CMD_RET_USAGE;
return CMD_RET_FAILURE;
}
- rc = tpm_extend(index, in_digest, out_digest);
+ rc = tpm_extend(dev, index, in_digest, out_digest);
if (!rc) {
puts("PCR value after execution of the command:\n");
print_byte_string(out_digest, sizeof(out_digest));
char * const argv[])
{
u32 index, count, rc;
+ struct udevice *dev;
void *data;
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
+
if (argc != 4)
return CMD_RET_USAGE;
index = simple_strtoul(argv[1], NULL, 0);
data = (void *)simple_strtoul(argv[2], NULL, 0);
count = simple_strtoul(argv[3], NULL, 0);
- rc = tpm_pcr_read(index, data, count);
+ rc = tpm_pcr_read(dev, index, data, count);
if (!rc) {
puts("Named PCR content:\n");
print_byte_string(data, count);
static int do_tpm_tsc_physical_presence(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
{
+ struct udevice *dev;
u16 presence;
+ int rc;
+
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
if (argc != 2)
return CMD_RET_USAGE;
presence = (u16)simple_strtoul(argv[1], NULL, 0);
- return report_return_code(tpm_tsc_physical_presence(presence));
+ return report_return_code(tpm_tsc_physical_presence(dev, presence));
}
static int do_tpm_read_pubek(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
{
+ struct udevice *dev;
u32 count, rc;
void *data;
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
+
if (argc != 3)
return CMD_RET_USAGE;
data = (void *)simple_strtoul(argv[1], NULL, 0);
count = simple_strtoul(argv[2], NULL, 0);
- rc = tpm_read_pubek(data, count);
+ rc = tpm_read_pubek(dev, data, count);
if (!rc) {
puts("pubek value:\n");
print_byte_string(data, count);
static int do_tpm_physical_set_deactivated(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
{
+ struct udevice *dev;
u8 state;
+ int rc;
+
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
if (argc != 2)
return CMD_RET_USAGE;
state = (u8)simple_strtoul(argv[1], NULL, 0);
- return report_return_code(tpm_physical_set_deactivated(state));
+ return report_return_code(tpm_physical_set_deactivated(dev, state));
}
static int do_tpm_get_capability(cmd_tbl_t *cmdtp, int flag, int argc,
u32 cap_area, sub_cap, rc;
void *cap;
size_t count;
+ struct udevice *dev;
+
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
if (argc != 5)
return CMD_RET_USAGE;
cap = (void *)simple_strtoul(argv[3], NULL, 0);
count = simple_strtoul(argv[4], NULL, 0);
- rc = tpm_get_capability(cap_area, sub_cap, cap, count);
+ rc = tpm_get_capability(dev, cap_area, sub_cap, cap, count);
if (!rc) {
puts("capability information:\n");
print_byte_string(cap, count);
char * const argv[])
{
u32 index, perm, size;
+ struct udevice *dev;
+ int rc;
+
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
if (argc != 4)
return CMD_RET_USAGE;
index = simple_strtoul(argv[2], NULL, 0);
perm = simple_strtoul(argv[3], NULL, 0);
- return report_return_code(tpm_nv_define_space(index, perm, size));
+ return report_return_code(tpm_nv_define_space(dev, index, perm, size));
}
static int do_tpm_nv_read(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
{
u32 index, count, err;
+ struct udevice *dev;
void *data;
+ int rc;
+
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
if (argc < 3)
return CMD_RET_USAGE;
return CMD_RET_USAGE;
}
- err = tpm_nv_read_value(index, data, count);
+ err = tpm_nv_read_value(dev, index, data, count);
if (!err) {
if (type_string_write_vars(argv[1], data, argv + 3)) {
printf("Couldn't write to variables\n");
char * const argv[])
{
u32 index, count, err;
+ struct udevice *dev;
void *data;
+ int rc;
+
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
if (argc < 3)
return CMD_RET_USAGE;
return CMD_RET_USAGE;
}
- err = tpm_nv_write_value(index, data, count);
+ err = tpm_nv_write_value(dev, index, data, count);
free(data);
return report_return_code(err);
char * const argv[])
{
u32 auth_handle, err;
+ struct udevice *dev;
+ int rc;
+
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
- err = tpm_oiap(&auth_handle);
+ err = tpm_oiap(dev, &auth_handle);
return report_return_code(err);
}
u8 usage_auth[DIGEST_LENGTH];
u8 parent_hash[DIGEST_LENGTH];
void *key;
+ struct udevice *dev;
+
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
if (argc < 5)
return CMD_RET_USAGE;
u32 parent_handle, key_len, key_handle, err;
u8 usage_auth[DIGEST_LENGTH];
void *key;
+ struct udevice *dev;
+ int rc;
+
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
if (argc < 5)
return CMD_RET_USAGE;
return CMD_RET_FAILURE;
parse_byte_string(argv[4], usage_auth, NULL);
- err = tpm_load_key2_oiap(parent_handle, key, key_len, usage_auth,
+ err = tpm_load_key2_oiap(dev, parent_handle, key, key_len, usage_auth,
&key_handle);
if (!err)
printf("Key handle is 0x%x\n", key_handle);
u8 usage_auth[DIGEST_LENGTH];
u8 pub_key_buffer[TPM_PUBKEY_MAX_LENGTH];
size_t pub_key_len = sizeof(pub_key_buffer);
+ struct udevice *dev;
+ int rc;
+
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
if (argc < 3)
return CMD_RET_USAGE;
return CMD_RET_FAILURE;
parse_byte_string(argv[2], usage_auth, NULL);
- err = tpm_get_pub_key_oiap(key_handle, usage_auth, pub_key_buffer,
+ err = tpm_get_pub_key_oiap(dev, key_handle, usage_auth, pub_key_buffer,
&pub_key_len);
if (!err) {
printf("dump of received pub key structure:\n");
static int do_tpm_flush(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
{
+ struct udevice *dev;
int type = 0;
+ int rc;
+
+ rc = get_tpm(&dev);
+ if (rc)
+ return rc;
if (argc != 3)
return CMD_RET_USAGE;
uint i;
/* fetch list of already loaded resources in the TPM */
- err = tpm_get_capability(TPM_CAP_HANDLE, type, buf,
+ err = tpm_get_capability(dev, TPM_CAP_HANDLE, type, buf,
sizeof(buf));
if (err) {
printf("tpm_get_capability returned error %d.\n", err);
res_count = get_unaligned_be16(buf);
ptr = buf + 2;
for (i = 0; i < res_count; ++i, ptr += 4)
- tpm_flush_specific(get_unaligned_be32(ptr), type);
+ tpm_flush_specific(dev, get_unaligned_be32(ptr), type);
} else {
u32 handle = simple_strtoul(argv[2], NULL, 0);
printf("Illegal resource handle %s\n", argv[2]);
return -1;
}
- tpm_flush_specific(cpu_to_be32(handle), type);
+ tpm_flush_specific(dev, cpu_to_be32(handle), type);
}
return 0;
char * const argv[])
{
enum tpm2_startup_types mode;
+ struct udevice *dev;
+ int ret;
+ ret = get_tpm(&dev);
+ if (ret)
+ return ret;
if (argc != 2)
return CMD_RET_USAGE;
return CMD_RET_FAILURE;
}
- return report_return_code(tpm2_startup(mode));
+ return report_return_code(tpm2_startup(dev, mode));
}
static int do_tpm2_self_test(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
{
enum tpm2_yes_no full_test;
+ struct udevice *dev;
+ int ret;
+ ret = get_tpm(&dev);
+ if (ret)
+ return ret;
if (argc != 2)
return CMD_RET_USAGE;
return CMD_RET_FAILURE;
}
- return report_return_code(tpm2_self_test(full_test));
+ return report_return_code(tpm2_self_test(dev, full_test));
}
static int do_tpm2_clear(cmd_tbl_t *cmdtp, int flag, int argc,
u32 handle = 0;
const char *pw = (argc < 3) ? NULL : argv[2];
const ssize_t pw_sz = pw ? strlen(pw) : 0;
+ struct udevice *dev;
+ int ret;
+
+ ret = get_tpm(&dev);
+ if (ret)
+ return ret;
if (argc < 2 || argc > 3)
return CMD_RET_USAGE;
else
return CMD_RET_USAGE;
- return report_return_code(tpm2_clear(handle, pw, pw_sz));
+ return report_return_code(tpm2_clear(dev, handle, pw, pw_sz));
}
static int do_tpm2_pcr_extend(cmd_tbl_t *cmdtp, int flag, int argc,
if (argc != 3)
return CMD_RET_USAGE;
- ret = uclass_first_device_err(UCLASS_TPM, &dev);
+ ret = get_tpm(&dev);
if (ret)
return ret;
if (index >= priv->pcr_count)
return -EINVAL;
- rc = tpm2_pcr_extend(index, digest);
+ rc = tpm2_pcr_extend(dev, index, digest);
unmap_sysmem(digest);
if (argc != 3)
return CMD_RET_USAGE;
- ret = uclass_first_device_err(UCLASS_TPM, &dev);
+ ret = get_tpm(&dev);
if (ret)
return ret;
data = map_sysmem(simple_strtoul(argv[2], NULL, 0), 0);
- rc = tpm2_pcr_read(index, priv->pcr_select_min, data, &updates);
+ rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, data, &updates);
if (!rc) {
printf("PCR #%u content (%d known updates):\n", index, updates);
print_byte_string(data, TPM2_DIGEST_LEN);
u8 *data;
size_t count;
int i, j;
+ struct udevice *dev;
+ int ret;
+
+ ret = get_tpm(&dev);
+ if (ret)
+ return ret;
if (argc != 5)
return CMD_RET_USAGE;
data = map_sysmem(simple_strtoul(argv[3], NULL, 0), 0);
count = simple_strtoul(argv[4], NULL, 0);
- rc = tpm2_get_capability(capability, property, data, count);
+ rc = tpm2_get_capability(dev, capability, property, data, count);
if (rc)
goto unmap_data;
{
const char *pw = (argc < 2) ? NULL : argv[1];
const ssize_t pw_sz = pw ? strlen(pw) : 0;
+ struct udevice *dev;
+ int ret;
+
+ ret = get_tpm(&dev);
+ if (ret)
+ return ret;
if (argc > 2)
return CMD_RET_USAGE;
if (pw_sz > TPM2_DIGEST_LEN)
return -EINVAL;
- return report_return_code(tpm2_dam_reset(pw, pw_sz));
+ return report_return_code(tpm2_dam_reset(dev, pw, pw_sz));
}
static int do_tpm_dam_parameters(cmd_tbl_t *cmdtp, int flag, int argc,
unsigned long int max_tries;
unsigned long int recovery_time;
unsigned long int lockout_recovery;
+ struct udevice *dev;
+ int ret;
+
+ ret = get_tpm(&dev);
+ if (ret)
+ return ret;
if (argc < 4 || argc > 5)
return CMD_RET_USAGE;
log(LOGC_NONE, LOGL_INFO, "- recoveryTime: %lu\n", recovery_time);
log(LOGC_NONE, LOGL_INFO, "- lockoutRecovery: %lu\n", lockout_recovery);
- return report_return_code(tpm2_dam_parameters(pw, pw_sz, max_tries,
+ return report_return_code(tpm2_dam_parameters(dev, pw, pw_sz, max_tries,
recovery_time,
lockout_recovery));
}
const char *oldpw = (argc == 3) ? NULL : argv[3];
const ssize_t newpw_sz = strlen(newpw);
const ssize_t oldpw_sz = oldpw ? strlen(oldpw) : 0;
+ struct udevice *dev;
+ int ret;
+
+ ret = get_tpm(&dev);
+ if (ret)
+ return ret;
if (argc < 3 || argc > 4)
return CMD_RET_USAGE;
else
return CMD_RET_USAGE;
- return report_return_code(tpm2_change_auth(handle, newpw, newpw_sz,
+ return report_return_code(tpm2_change_auth(dev, handle, newpw, newpw_sz,
oldpw, oldpw_sz));
}
char *key = argv[2];
const char *pw = (argc < 4) ? NULL : argv[3];
const ssize_t pw_sz = pw ? strlen(pw) : 0;
+ struct udevice *dev;
+ int ret;
+
+ ret = get_tpm(&dev);
+ if (ret)
+ return ret;
if (strlen(key) != TPM2_DIGEST_LEN)
return -EINVAL;
if (argc < 3 || argc > 4)
return CMD_RET_USAGE;
- return report_return_code(tpm2_pcr_setauthpolicy(pw, pw_sz, index,
+ return report_return_code(tpm2_pcr_setauthpolicy(dev, pw, pw_sz, index,
key));
}
const ssize_t key_sz = strlen(key);
const char *pw = (argc < 4) ? NULL : argv[3];
const ssize_t pw_sz = pw ? strlen(pw) : 0;
+ struct udevice *dev;
+ int ret;
+
+ ret = get_tpm(&dev);
+ if (ret)
+ return ret;
if (strlen(key) != TPM2_DIGEST_LEN)
return -EINVAL;
if (argc < 3 || argc > 4)
return CMD_RET_USAGE;
- return report_return_code(tpm2_pcr_setauthvalue(pw, pw_sz, index,
+ return report_return_code(tpm2_pcr_setauthvalue(dev, pw, pw_sz, index,
key, key_sz));
}
#include <command.h>
#include <environment.h>
#include <tpm-v1.h>
+#include "tpm-user-utils.h"
/* Prints error and returns on failure */
#define TPM_CHECK(tpm_command) do { \
#define PHYS_PRESENCE 4
#define PRESENCE 8
-static uint32_t TlclStartupIfNeeded(void)
+static uint32_t TlclStartupIfNeeded(struct udevice *dev)
{
- uint32_t result = tpm_startup(TPM_ST_CLEAR);
+ uint32_t result = tpm_startup(dev, TPM_ST_CLEAR);
return result == TPM_INVALID_POSTINIT ? TPM_SUCCESS : result;
}
-static int test_timer(void)
+static int test_timer(struct udevice *dev)
{
printf("get_timer(0) = %lu\n", get_timer(0));
return 0;
}
-static uint32_t tpm_get_flags(uint8_t *disable, uint8_t *deactivated,
- uint8_t *nvlocked)
+static uint32_t tpm_get_flags(struct udevice *dev, uint8_t *disable,
+ uint8_t *deactivated, uint8_t *nvlocked)
{
struct tpm_permanent_flags pflags;
uint32_t result;
- result = tpm_get_permanent_flags(&pflags);
+ result = tpm_get_permanent_flags(dev, &pflags);
if (result)
return result;
if (disable)
return 0;
}
-static uint32_t tpm_nv_write_value_lock(uint32_t index)
+static uint32_t tpm_nv_write_value_lock(struct udevice *dev, uint32_t index)
{
debug("TPM: Write lock 0x%x\n", index);
- return tpm_nv_write_value(index, NULL, 0);
+ return tpm_nv_write_value(dev, index, NULL, 0);
}
-static int tpm_is_owned(void)
+static int tpm_is_owned(struct udevice *dev)
{
uint8_t response[TPM_PUBEK_SIZE];
uint32_t result;
- result = tpm_read_pubek(response, sizeof(response));
+ result = tpm_read_pubek(dev, response, sizeof(response));
return result != TPM_SUCCESS;
}
-static int test_early_extend(void)
+static int test_early_extend(struct udevice *dev)
{
uint8_t value_in[20];
uint8_t value_out[20];
printf("Testing earlyextend ...");
- tpm_init();
- TPM_CHECK(tpm_startup(TPM_ST_CLEAR));
- TPM_CHECK(tpm_continue_self_test());
- TPM_CHECK(tpm_extend(1, value_in, value_out));
+ tpm_init(dev);
+ TPM_CHECK(tpm_startup(dev, TPM_ST_CLEAR));
+ TPM_CHECK(tpm_continue_self_test(dev));
+ TPM_CHECK(tpm_extend(dev, 1, value_in, value_out));
printf("done\n");
return 0;
}
-static int test_early_nvram(void)
+static int test_early_nvram(struct udevice *dev)
{
uint32_t x;
printf("Testing earlynvram ...");
- tpm_init();
- TPM_CHECK(tpm_startup(TPM_ST_CLEAR));
- TPM_CHECK(tpm_continue_self_test());
- TPM_CHECK(tpm_tsc_physical_presence(PRESENCE));
- TPM_CHECK(tpm_nv_read_value(INDEX0, (uint8_t *)&x, sizeof(x)));
+ tpm_init(dev);
+ TPM_CHECK(tpm_startup(dev, TPM_ST_CLEAR));
+ TPM_CHECK(tpm_continue_self_test(dev));
+ TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
+ TPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)));
printf("done\n");
return 0;
}
-static int test_early_nvram2(void)
+static int test_early_nvram2(struct udevice *dev)
{
uint32_t x;
printf("Testing earlynvram2 ...");
- tpm_init();
- TPM_CHECK(tpm_startup(TPM_ST_CLEAR));
- TPM_CHECK(tpm_continue_self_test());
- TPM_CHECK(tpm_tsc_physical_presence(PRESENCE));
- TPM_CHECK(tpm_nv_write_value(INDEX0, (uint8_t *)&x, sizeof(x)));
+ tpm_init(dev);
+ TPM_CHECK(tpm_startup(dev, TPM_ST_CLEAR));
+ TPM_CHECK(tpm_continue_self_test(dev));
+ TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
+ TPM_CHECK(tpm_nv_write_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)));
printf("done\n");
return 0;
}
-static int test_enable(void)
+static int test_enable(struct udevice *dev)
{
uint8_t disable = 0, deactivated = 0;
printf("Testing enable ...\n");
- tpm_init();
- TPM_CHECK(TlclStartupIfNeeded());
- TPM_CHECK(tpm_self_test_full());
- TPM_CHECK(tpm_tsc_physical_presence(PRESENCE));
- TPM_CHECK(tpm_get_flags(&disable, &deactivated, NULL));
+ tpm_init(dev);
+ TPM_CHECK(TlclStartupIfNeeded(dev));
+ TPM_CHECK(tpm_self_test_full(dev));
+ TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
+ TPM_CHECK(tpm_get_flags(dev, &disable, &deactivated, NULL));
printf("\tdisable is %d, deactivated is %d\n", disable, deactivated);
- TPM_CHECK(tpm_physical_enable());
- TPM_CHECK(tpm_physical_set_deactivated(0));
- TPM_CHECK(tpm_get_flags(&disable, &deactivated, NULL));
+ TPM_CHECK(tpm_physical_enable(dev));
+ TPM_CHECK(tpm_physical_set_deactivated(dev, 0));
+ TPM_CHECK(tpm_get_flags(dev, &disable, &deactivated, NULL));
printf("\tdisable is %d, deactivated is %d\n", disable, deactivated);
if (disable == 1 || deactivated == 1)
printf("\tfailed to enable or activate\n");
reset_cpu(0); \
} while (0)
-static int test_fast_enable(void)
+static int test_fast_enable(struct udevice *dev)
{
uint8_t disable = 0, deactivated = 0;
int i;
printf("Testing fastenable ...\n");
- tpm_init();
- TPM_CHECK(TlclStartupIfNeeded());
- TPM_CHECK(tpm_self_test_full());
- TPM_CHECK(tpm_tsc_physical_presence(PRESENCE));
- TPM_CHECK(tpm_get_flags(&disable, &deactivated, NULL));
+ tpm_init(dev);
+ TPM_CHECK(TlclStartupIfNeeded(dev));
+ TPM_CHECK(tpm_self_test_full(dev));
+ TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
+ TPM_CHECK(tpm_get_flags(dev, &disable, &deactivated, NULL));
printf("\tdisable is %d, deactivated is %d\n", disable, deactivated);
for (i = 0; i < 2; i++) {
- TPM_CHECK(tpm_force_clear());
- TPM_CHECK(tpm_get_flags(&disable, &deactivated, NULL));
+ TPM_CHECK(tpm_force_clear(dev));
+ TPM_CHECK(tpm_get_flags(dev, &disable, &deactivated, NULL));
printf("\tdisable is %d, deactivated is %d\n", disable,
deactivated);
assert(disable == 1 && deactivated == 1);
- TPM_CHECK(tpm_physical_enable());
- TPM_CHECK(tpm_physical_set_deactivated(0));
- TPM_CHECK(tpm_get_flags(&disable, &deactivated, NULL));
+ TPM_CHECK(tpm_physical_enable(dev));
+ TPM_CHECK(tpm_physical_set_deactivated(dev, 0));
+ TPM_CHECK(tpm_get_flags(dev, &disable, &deactivated, NULL));
printf("\tdisable is %d, deactivated is %d\n", disable,
deactivated);
assert(disable == 0 && deactivated == 0);
return 0;
}
-static int test_global_lock(void)
+static int test_global_lock(struct udevice *dev)
{
uint32_t zero = 0;
uint32_t result;
uint32_t x;
printf("Testing globallock ...\n");
- tpm_init();
- TPM_CHECK(TlclStartupIfNeeded());
- TPM_CHECK(tpm_self_test_full());
- TPM_CHECK(tpm_tsc_physical_presence(PRESENCE));
- TPM_CHECK(tpm_nv_read_value(INDEX0, (uint8_t *)&x, sizeof(x)));
- TPM_CHECK(tpm_nv_write_value(INDEX0, (uint8_t *)&zero,
+ tpm_init(dev);
+ TPM_CHECK(TlclStartupIfNeeded(dev));
+ TPM_CHECK(tpm_self_test_full(dev));
+ TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
+ TPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)));
+ TPM_CHECK(tpm_nv_write_value(dev, INDEX0, (uint8_t *)&zero,
sizeof(uint32_t)));
- TPM_CHECK(tpm_nv_read_value(INDEX1, (uint8_t *)&x, sizeof(x)));
- TPM_CHECK(tpm_nv_write_value(INDEX1, (uint8_t *)&zero,
+ TPM_CHECK(tpm_nv_read_value(dev, INDEX1, (uint8_t *)&x, sizeof(x)));
+ TPM_CHECK(tpm_nv_write_value(dev, INDEX1, (uint8_t *)&zero,
sizeof(uint32_t)));
- TPM_CHECK(tpm_set_global_lock());
+ TPM_CHECK(tpm_set_global_lock(dev));
/* Verifies that write to index0 fails */
x = 1;
- result = tpm_nv_write_value(INDEX0, (uint8_t *)&x, sizeof(x));
+ result = tpm_nv_write_value(dev, INDEX0, (uint8_t *)&x, sizeof(x));
assert(result == TPM_AREA_LOCKED);
- TPM_CHECK(tpm_nv_read_value(INDEX0, (uint8_t *)&x, sizeof(x)));
+ TPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)));
assert(x == 0);
/* Verifies that write to index1 is still possible */
x = 2;
- TPM_CHECK(tpm_nv_write_value(INDEX1, (uint8_t *)&x, sizeof(x)));
- TPM_CHECK(tpm_nv_read_value(INDEX1, (uint8_t *)&x, sizeof(x)));
+ TPM_CHECK(tpm_nv_write_value(dev, INDEX1, (uint8_t *)&x, sizeof(x)));
+ TPM_CHECK(tpm_nv_read_value(dev, INDEX1, (uint8_t *)&x, sizeof(x)));
assert(x == 2);
/* Turns off PP */
- tpm_tsc_physical_presence(PHYS_PRESENCE);
+ tpm_tsc_physical_presence(dev, PHYS_PRESENCE);
/* Verifies that write to index1 fails */
x = 3;
- result = tpm_nv_write_value(INDEX1, (uint8_t *)&x, sizeof(x));
+ result = tpm_nv_write_value(dev, INDEX1, (uint8_t *)&x, sizeof(x));
assert(result == TPM_BAD_PRESENCE);
- TPM_CHECK(tpm_nv_read_value(INDEX1, (uint8_t *)&x, sizeof(x)));
+ TPM_CHECK(tpm_nv_read_value(dev, INDEX1, (uint8_t *)&x, sizeof(x)));
assert(x == 2);
printf("\tdone\n");
return 0;
}
-static int test_lock(void)
+static int test_lock(struct udevice *dev)
{
printf("Testing lock ...\n");
- tpm_init();
- tpm_startup(TPM_ST_CLEAR);
- tpm_self_test_full();
- tpm_tsc_physical_presence(PRESENCE);
- tpm_nv_write_value_lock(INDEX0);
+ tpm_init(dev);
+ tpm_startup(dev, TPM_ST_CLEAR);
+ tpm_self_test_full(dev);
+ tpm_tsc_physical_presence(dev, PRESENCE);
+ tpm_nv_write_value_lock(dev, INDEX0);
printf("\tLocked 0x%x\n", INDEX0);
printf("\tdone\n");
return 0;
}
-static void initialise_spaces(void)
+static void initialise_spaces(struct udevice *dev)
{
uint32_t zero = 0;
uint32_t perm = TPM_NV_PER_WRITE_STCLEAR | TPM_NV_PER_PPWRITE;
printf("\tInitialising spaces\n");
- tpm_nv_set_locked(); /* useful only the first time */
- tpm_nv_define_space(INDEX0, perm, 4);
- tpm_nv_write_value(INDEX0, (uint8_t *)&zero, 4);
- tpm_nv_define_space(INDEX1, perm, 4);
- tpm_nv_write_value(INDEX1, (uint8_t *)&zero, 4);
- tpm_nv_define_space(INDEX2, perm, 4);
- tpm_nv_write_value(INDEX2, (uint8_t *)&zero, 4);
- tpm_nv_define_space(INDEX3, perm, 4);
- tpm_nv_write_value(INDEX3, (uint8_t *)&zero, 4);
+ tpm_nv_set_locked(dev); /* useful only the first time */
+ tpm_nv_define_space(dev, INDEX0, perm, 4);
+ tpm_nv_write_value(dev, INDEX0, (uint8_t *)&zero, 4);
+ tpm_nv_define_space(dev, INDEX1, perm, 4);
+ tpm_nv_write_value(dev, INDEX1, (uint8_t *)&zero, 4);
+ tpm_nv_define_space(dev, INDEX2, perm, 4);
+ tpm_nv_write_value(dev, INDEX2, (uint8_t *)&zero, 4);
+ tpm_nv_define_space(dev, INDEX3, perm, 4);
+ tpm_nv_write_value(dev, INDEX3, (uint8_t *)&zero, 4);
perm = TPM_NV_PER_READ_STCLEAR | TPM_NV_PER_WRITE_STCLEAR |
TPM_NV_PER_PPWRITE;
- tpm_nv_define_space(INDEX_INITIALISED, perm, 1);
+ tpm_nv_define_space(dev, INDEX_INITIALISED, perm, 1);
}
-static int test_readonly(void)
+static int test_readonly(struct udevice *dev)
{
uint8_t c;
uint32_t index_0, index_1, index_2, index_3;
int read0, read1, read2, read3;
printf("Testing readonly ...\n");
- tpm_init();
- tpm_startup(TPM_ST_CLEAR);
- tpm_self_test_full();
- tpm_tsc_physical_presence(PRESENCE);
+ tpm_init(dev);
+ tpm_startup(dev, TPM_ST_CLEAR);
+ tpm_self_test_full(dev);
+ tpm_tsc_physical_presence(dev, PRESENCE);
/*
* Checks if initialisation has completed by trying to read-lock a
* space that's created at the end of initialisation
*/
- if (tpm_nv_read_value(INDEX_INITIALISED, &c, 0) == TPM_BADINDEX) {
+ if (tpm_nv_read_value(dev, INDEX_INITIALISED, &c, 0) == TPM_BADINDEX) {
/* The initialisation did not complete */
- initialise_spaces();
+ initialise_spaces(dev);
}
/* Checks if spaces are OK or messed up */
- read0 = tpm_nv_read_value(INDEX0, (uint8_t *)&index_0, sizeof(index_0));
- read1 = tpm_nv_read_value(INDEX1, (uint8_t *)&index_1, sizeof(index_1));
- read2 = tpm_nv_read_value(INDEX2, (uint8_t *)&index_2, sizeof(index_2));
- read3 = tpm_nv_read_value(INDEX3, (uint8_t *)&index_3, sizeof(index_3));
+ read0 = tpm_nv_read_value(dev, INDEX0, (uint8_t *)&index_0,
+ sizeof(index_0));
+ read1 = tpm_nv_read_value(dev, INDEX1, (uint8_t *)&index_1,
+ sizeof(index_1));
+ read2 = tpm_nv_read_value(dev, INDEX2, (uint8_t *)&index_2,
+ sizeof(index_2));
+ read3 = tpm_nv_read_value(dev, INDEX3, (uint8_t *)&index_3,
+ sizeof(index_3));
if (read0 || read1 || read2 || read3) {
printf("Invalid contents\n");
return 0;
* I really wish I could use the imperative.
*/
index_0 += 1;
- if (tpm_nv_write_value(INDEX0, (uint8_t *)&index_0, sizeof(index_0) !=
+ if (tpm_nv_write_value(dev, INDEX0, (uint8_t *)&index_0,
+ sizeof(index_0) !=
TPM_SUCCESS)) {
pr_err("\tcould not write index 0\n");
}
- tpm_nv_write_value_lock(INDEX0);
- if (tpm_nv_write_value(INDEX0, (uint8_t *)&index_0, sizeof(index_0)) ==
+ tpm_nv_write_value_lock(dev, INDEX0);
+ if (tpm_nv_write_value(dev, INDEX0, (uint8_t *)&index_0,
+ sizeof(index_0)) ==
TPM_SUCCESS)
pr_err("\tindex 0 is not locked\n");
return 0;
}
-static int test_redefine_unowned(void)
+static int test_redefine_unowned(struct udevice *dev)
{
uint32_t perm;
uint32_t result;
uint32_t x;
printf("Testing redefine_unowned ...");
- tpm_init();
- TPM_CHECK(TlclStartupIfNeeded());
- TPM_CHECK(tpm_self_test_full());
- TPM_CHECK(tpm_tsc_physical_presence(PRESENCE));
- assert(!tpm_is_owned());
+ tpm_init(dev);
+ TPM_CHECK(TlclStartupIfNeeded(dev));
+ TPM_CHECK(tpm_self_test_full(dev));
+ TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
+ assert(!tpm_is_owned(dev));
/* Ensures spaces exist. */
- TPM_CHECK(tpm_nv_read_value(INDEX0, (uint8_t *)&x, sizeof(x)));
- TPM_CHECK(tpm_nv_read_value(INDEX1, (uint8_t *)&x, sizeof(x)));
+ TPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)));
+ TPM_CHECK(tpm_nv_read_value(dev, INDEX1, (uint8_t *)&x, sizeof(x)));
/* Redefines spaces a couple of times. */
perm = TPM_NV_PER_PPWRITE | TPM_NV_PER_GLOBALLOCK;
- TPM_CHECK(tpm_nv_define_space(INDEX0, perm, 2 * sizeof(uint32_t)));
- TPM_CHECK(tpm_nv_define_space(INDEX0, perm, sizeof(uint32_t)));
+ TPM_CHECK(tpm_nv_define_space(dev, INDEX0, perm, 2 * sizeof(uint32_t)));
+ TPM_CHECK(tpm_nv_define_space(dev, INDEX0, perm, sizeof(uint32_t)));
perm = TPM_NV_PER_PPWRITE;
- TPM_CHECK(tpm_nv_define_space(INDEX1, perm, 2 * sizeof(uint32_t)));
- TPM_CHECK(tpm_nv_define_space(INDEX1, perm, sizeof(uint32_t)));
+ TPM_CHECK(tpm_nv_define_space(dev, INDEX1, perm, 2 * sizeof(uint32_t)));
+ TPM_CHECK(tpm_nv_define_space(dev, INDEX1, perm, sizeof(uint32_t)));
/* Sets the global lock */
- tpm_set_global_lock();
+ tpm_set_global_lock(dev);
/* Verifies that index0 cannot be redefined */
- result = tpm_nv_define_space(INDEX0, perm, sizeof(uint32_t));
+ result = tpm_nv_define_space(dev, INDEX0, perm, sizeof(uint32_t));
assert(result == TPM_AREA_LOCKED);
/* Checks that index1 can */
- TPM_CHECK(tpm_nv_define_space(INDEX1, perm, 2 * sizeof(uint32_t)));
- TPM_CHECK(tpm_nv_define_space(INDEX1, perm, sizeof(uint32_t)));
+ TPM_CHECK(tpm_nv_define_space(dev, INDEX1, perm, 2 * sizeof(uint32_t)));
+ TPM_CHECK(tpm_nv_define_space(dev, INDEX1, perm, sizeof(uint32_t)));
/* Turns off PP */
- tpm_tsc_physical_presence(PHYS_PRESENCE);
+ tpm_tsc_physical_presence(dev, PHYS_PRESENCE);
/* Verifies that neither index0 nor index1 can be redefined */
- result = tpm_nv_define_space(INDEX0, perm, sizeof(uint32_t));
+ result = tpm_nv_define_space(dev, INDEX0, perm, sizeof(uint32_t));
assert(result == TPM_BAD_PRESENCE);
- result = tpm_nv_define_space(INDEX1, perm, sizeof(uint32_t));
+ result = tpm_nv_define_space(dev, INDEX1, perm, sizeof(uint32_t));
assert(result == TPM_BAD_PRESENCE);
printf("done\n");
#define PERMPPGL (TPM_NV_PER_PPWRITE | TPM_NV_PER_GLOBALLOCK)
#define PERMPP TPM_NV_PER_PPWRITE
-static int test_space_perm(void)
+static int test_space_perm(struct udevice *dev)
{
uint32_t perm;
printf("Testing spaceperm ...");
- tpm_init();
- TPM_CHECK(TlclStartupIfNeeded());
- TPM_CHECK(tpm_continue_self_test());
- TPM_CHECK(tpm_tsc_physical_presence(PRESENCE));
- TPM_CHECK(tpm_get_permissions(INDEX0, &perm));
+ tpm_init(dev);
+ TPM_CHECK(TlclStartupIfNeeded(dev));
+ TPM_CHECK(tpm_continue_self_test(dev));
+ TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
+ TPM_CHECK(tpm_get_permissions(dev, INDEX0, &perm));
assert((perm & PERMPPGL) == PERMPPGL);
- TPM_CHECK(tpm_get_permissions(INDEX1, &perm));
+ TPM_CHECK(tpm_get_permissions(dev, INDEX1, &perm));
assert((perm & PERMPP) == PERMPP);
printf("done\n");
return 0;
}
-static int test_startup(void)
+static int test_startup(struct udevice *dev)
{
uint32_t result;
+
printf("Testing startup ...\n");
- tpm_init();
- result = tpm_startup(TPM_ST_CLEAR);
+ tpm_init(dev);
+ result = tpm_startup(dev, TPM_ST_CLEAR);
if (result != 0 && result != TPM_INVALID_POSTINIT)
printf("\ttpm startup failed with 0x%x\n", result);
- result = tpm_get_flags(NULL, NULL, NULL);
+ result = tpm_get_flags(dev, NULL, NULL, NULL);
if (result != 0)
printf("\ttpm getflags failed with 0x%x\n", result);
printf("\texecuting SelfTestFull\n");
- tpm_self_test_full();
- result = tpm_get_flags(NULL, NULL, NULL);
+ tpm_self_test_full(dev);
+ result = tpm_get_flags(dev, NULL, NULL, NULL);
if (result != 0)
printf("\ttpm getflags failed with 0x%x\n", result);
printf("\tdone\n");
} while (0)
-static int test_timing(void)
+static int test_timing(struct udevice *dev)
{
- uint32_t x;
uint8_t in[20], out[20];
+ uint32_t x;
printf("Testing timing ...");
- tpm_init();
- TTPM_CHECK(TlclStartupIfNeeded(), 50);
- TTPM_CHECK(tpm_continue_self_test(), 100);
- TTPM_CHECK(tpm_self_test_full(), 1000);
- TTPM_CHECK(tpm_tsc_physical_presence(PRESENCE), 100);
- TTPM_CHECK(tpm_nv_write_value(INDEX0, (uint8_t *)&x, sizeof(x)), 100);
- TTPM_CHECK(tpm_nv_read_value(INDEX0, (uint8_t *)&x, sizeof(x)), 100);
- TTPM_CHECK(tpm_extend(0, in, out), 200);
- TTPM_CHECK(tpm_set_global_lock(), 50);
- TTPM_CHECK(tpm_tsc_physical_presence(PHYS_PRESENCE), 100);
+ tpm_init(dev);
+ TTPM_CHECK(TlclStartupIfNeeded(dev), 50);
+ TTPM_CHECK(tpm_continue_self_test(dev), 100);
+ TTPM_CHECK(tpm_self_test_full(dev), 1000);
+ TTPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE), 100);
+ TTPM_CHECK(tpm_nv_write_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)),
+ 100);
+ TTPM_CHECK(tpm_nv_read_value(dev, INDEX0, (uint8_t *)&x, sizeof(x)),
+ 100);
+ TTPM_CHECK(tpm_extend(dev, 0, in, out), 200);
+ TTPM_CHECK(tpm_set_global_lock(dev), 50);
+ TTPM_CHECK(tpm_tsc_physical_presence(dev, PHYS_PRESENCE), 100);
printf("done\n");
return 0;
}
#define TPM_MAX_NV_WRITES_NOOWNER 64
-static int test_write_limit(void)
+static int test_write_limit(struct udevice *dev)
{
- printf("Testing writelimit ...\n");
- int i;
uint32_t result;
+ int i;
- tpm_init();
- TPM_CHECK(TlclStartupIfNeeded());
- TPM_CHECK(tpm_self_test_full());
- TPM_CHECK(tpm_tsc_physical_presence(PRESENCE));
- TPM_CHECK(tpm_force_clear());
- TPM_CHECK(tpm_physical_enable());
- TPM_CHECK(tpm_physical_set_deactivated(0));
+ printf("Testing writelimit ...\n");
+ tpm_init(dev);
+ TPM_CHECK(TlclStartupIfNeeded(dev));
+ TPM_CHECK(tpm_self_test_full(dev));
+ TPM_CHECK(tpm_tsc_physical_presence(dev, PRESENCE));
+ TPM_CHECK(tpm_force_clear(dev));
+ TPM_CHECK(tpm_physical_enable(dev));
+ TPM_CHECK(tpm_physical_set_deactivated(dev, 0));
for (i = 0; i < TPM_MAX_NV_WRITES_NOOWNER + 2; i++) {
printf("\twriting %d\n", i);
- result = tpm_nv_write_value(INDEX0, (uint8_t *)&i, sizeof(i));
+ result = tpm_nv_write_value(dev, INDEX0, (uint8_t *)&i,
+ sizeof(i));
switch (result) {
case TPM_SUCCESS:
break;
}
/* Reset write count */
- TPM_CHECK(tpm_force_clear());
- TPM_CHECK(tpm_physical_enable());
- TPM_CHECK(tpm_physical_set_deactivated(0));
+ TPM_CHECK(tpm_force_clear(dev));
+ TPM_CHECK(tpm_physical_enable(dev));
+ TPM_CHECK(tpm_physical_set_deactivated(dev, 0));
/* Try writing again. */
- TPM_CHECK(tpm_nv_write_value(INDEX0, (uint8_t *)&i, sizeof(i)));
+ TPM_CHECK(tpm_nv_write_value(dev, INDEX0, (uint8_t *)&i, sizeof(i)));
printf("\tdone\n");
return 0;
}
int do_test_##XFUNC(cmd_tbl_t *cmd_tbl, int flag, int argc, \
char * const argv[]) \
{ \
- return test_##XFUNC(); \
+ struct udevice *dev; \
+ int ret; \
+\
+ ret = get_tpm(&dev); \
+ if (ret) \
+ return ret; \
+ return test_##XFUNC(dev); \
}
#define VOIDENT(XNAME) \
int do_##cmd(cmd_tbl_t *cmdtp, int flag, \
int argc, char * const argv[]) \
{ \
+ struct udevice *dev; \
+ int rc; \
+ \
+ rc = get_tpm(&dev); \
+ if (rc) \
+ return rc; \
if (argc != 1) \
return CMD_RET_USAGE; \
- return report_return_code(cmd()); \
+ return report_return_code(cmd(dev)); \
}
/**
* After all commands have been completed the caller is supposed to
* call tpm_close().
*
+ * @dev - TPM device
* Returns 0 on success, -ve on failure.
*/
int tpm_open(struct udevice *dev);
*
* Releasing the locked locality. Returns 0 on success, -ve 1 on
* failure (in case lock removal did not succeed).
+ *
+ * @dev - TPM device
+ * Returns 0 on success, -ve on failure.
*/
int tpm_close(struct udevice *dev);
* Note that the outgoing data is inspected to determine command type
* (ordinal) and a timeout is used for that command type.
*
+ * @dev - TPM device
* @sendbuf - buffer of the data to send
* @send_size size of the data to send
* @recvbuf - memory to save the response to
/**
* Initialize TPM device. It must be called before any TPM commands.
*
+ * @dev - TPM device
* @return 0 on success, non-0 on error.
*/
-int tpm_init(void);
+int tpm_init(struct udevice *dev);
/**
* Retrieve the array containing all the v1 (resp. v2) commands.
/**
* Issue a TPM_Startup command.
*
+ * @param dev TPM device
* @param mode TPM startup mode
* @return return code of the operation
*/
-u32 tpm_startup(enum tpm_startup_type mode);
+u32 tpm_startup(struct udevice *dev, enum tpm_startup_type mode);
/**
* Issue a TPM_SelfTestFull command.
*
+ * @param dev TPM device
* @return return code of the operation
*/
-u32 tpm_self_test_full(void);
+u32 tpm_self_test_full(struct udevice *dev);
/**
* Issue a TPM_ContinueSelfTest command.
*
+ * @param dev TPM device
* @return return code of the operation
*/
-u32 tpm_continue_self_test(void);
+u32 tpm_continue_self_test(struct udevice *dev);
/**
* Issue a TPM_NV_DefineSpace command. The implementation is limited
* to specify TPM_NV_ATTRIBUTES and size of the area. The area index
* could be one of the special value listed in enum tpm_nv_index.
*
+ * @param dev TPM device
* @param index index of the area
* @param perm TPM_NV_ATTRIBUTES of the area
* @param size size of the area
* @return return code of the operation
*/
-u32 tpm_nv_define_space(u32 index, u32 perm, u32 size);
+u32 tpm_nv_define_space(struct udevice *dev, u32 index, u32 perm, u32 size);
/**
* Issue a TPM_NV_ReadValue command. This implementation is limited
* to read the area from offset 0. The area index could be one of
* the special value listed in enum tpm_nv_index.
*
+ * @param dev TPM device
* @param index index of the area
* @param data output buffer of the area contents
* @param count size of output buffer
* @return return code of the operation
*/
-u32 tpm_nv_read_value(u32 index, void *data, u32 count);
+u32 tpm_nv_read_value(struct udevice *dev, u32 index, void *data, u32 count);
/**
* Issue a TPM_NV_WriteValue command. This implementation is limited
* to write the area from offset 0. The area index could be one of
* the special value listed in enum tpm_nv_index.
*
+ * @param dev TPM device
* @param index index of the area
* @param data input buffer to be wrote to the area
* @param length length of data bytes of input buffer
* @return return code of the operation
*/
-u32 tpm_nv_write_value(u32 index, const void *data, u32 length);
+u32 tpm_nv_write_value(struct udevice *dev, u32 index, const void *data,
+ u32 length);
/**
* Issue a TPM_Extend command.
*
+ * @param dev TPM device
* @param index index of the PCR
* @param in_digest 160-bit value representing the event to be
* recorded
* command
* @return return code of the operation
*/
-u32 tpm_extend(u32 index, const void *in_digest, void *out_digest);
+u32 tpm_extend(struct udevice *dev, u32 index, const void *in_digest,
+ void *out_digest);
/**
* Issue a TPM_PCRRead command.
*
+ * @param dev TPM device
* @param index index of the PCR
* @param data output buffer for contents of the named PCR
* @param count size of output buffer
* @return return code of the operation
*/
-u32 tpm_pcr_read(u32 index, void *data, size_t count);
+u32 tpm_pcr_read(struct udevice *dev, u32 index, void *data, size_t count);
/**
* Issue a TSC_PhysicalPresence command. TPM physical presence flag
* is bit-wise OR'ed of flags listed in enum tpm_physical_presence.
*
+ * @param dev TPM device
* @param presence TPM physical presence flag
* @return return code of the operation
*/
-u32 tpm_tsc_physical_presence(u16 presence);
+u32 tpm_tsc_physical_presence(struct udevice *dev, u16 presence);
/**
* Issue a TPM_ReadPubek command.
*
+ * @param dev TPM device
* @param data output buffer for the public endorsement key
* @param count size of output buffer
* @return return code of the operation
*/
-u32 tpm_read_pubek(void *data, size_t count);
+u32 tpm_read_pubek(struct udevice *dev, void *data, size_t count);
/**
* Issue a TPM_ForceClear command.
*
+ * @param dev TPM device
* @return return code of the operation
*/
-u32 tpm_force_clear(void);
+u32 tpm_force_clear(struct udevice *dev);
/**
* Issue a TPM_PhysicalEnable command.
*
+ * @param dev TPM device
* @return return code of the operation
*/
-u32 tpm_physical_enable(void);
+u32 tpm_physical_enable(struct udevice *dev);
/**
* Issue a TPM_PhysicalDisable command.
*
+ * @param dev TPM device
* @return return code of the operation
*/
-u32 tpm_physical_disable(void);
+u32 tpm_physical_disable(struct udevice *dev);
/**
* Issue a TPM_PhysicalSetDeactivated command.
*
+ * @param dev TPM device
* @param state boolean state of the deactivated flag
* @return return code of the operation
*/
-u32 tpm_physical_set_deactivated(u8 state);
+u32 tpm_physical_set_deactivated(struct udevice *dev, u8 state);
/**
* Issue a TPM_GetCapability command. This implementation is limited
* to query sub_cap index that is 4-byte wide.
*
+ * @param dev TPM device
* @param cap_area partition of capabilities
* @param sub_cap further definition of capability, which is
* limited to be 4-byte wide
* @param count size of output buffer
* @return return code of the operation
*/
-u32 tpm_get_capability(u32 cap_area, u32 sub_cap, void *cap, size_t count);
+u32 tpm_get_capability(struct udevice *dev, u32 cap_area, u32 sub_cap,
+ void *cap, size_t count);
/**
* Issue a TPM_FlushSpecific command for a AUTH resource.
*
+ * @param dev TPM device
* @param auth_handle handle of the auth session
* @return return code of the operation
*/
-u32 tpm_terminate_auth_session(u32 auth_handle);
+u32 tpm_terminate_auth_session(struct udevice *dev, u32 auth_handle);
/**
* Issue a TPM_OIAP command to setup an object independent authorization
* If there was already an OIAP session active it is terminated and a new
* session is set up.
*
+ * @param dev TPM device
* @param auth_handle pointer to the (new) auth handle or NULL.
* @return return code of the operation
*/
-u32 tpm_oiap(u32 *auth_handle);
+u32 tpm_oiap(struct udevice *dev, u32 *auth_handle);
/**
* Ends an active OIAP session.
*
+ * @param dev TPM device
* @return return code of the operation
*/
-u32 tpm_end_oiap(void);
+u32 tpm_end_oiap(struct udevice *dev);
/**
* Issue a TPM_LoadKey2 (Auth1) command using an OIAP session for authenticating
* the usage of the parent key.
*
+ * @param dev TPM device
* @param parent_handle handle of the parent key.
* @param key pointer to the key structure (TPM_KEY or TPM_KEY12).
* @param key_length size of the key structure
* @param key_handle pointer to the key handle
* @return return code of the operation
*/
-u32 tpm_load_key2_oiap(u32 parent_handle, const void *key, size_t key_length,
- const void *parent_key_usage_auth, u32 *key_handle);
+u32 tpm_load_key2_oiap(struct udevice *dev, u32 parent_handle, const void *key,
+ size_t key_length, const void *parent_key_usage_auth,
+ u32 *key_handle);
/**
* Issue a TPM_GetPubKey (Auth1) command using an OIAP session for
* authenticating the usage of the key.
*
+ * @param dev TPM device
* @param key_handle handle of the key
* @param usage_auth usage auth for the key
* @param pubkey pointer to the pub key buffer; may be NULL if the pubkey
* of the stored TPM_PUBKEY structure (iff pubkey != NULL).
* @return return code of the operation
*/
-u32 tpm_get_pub_key_oiap(u32 key_handle, const void *usage_auth, void *pubkey,
+u32 tpm_get_pub_key_oiap(struct udevice *dev, u32 key_handle,
+ const void *usage_auth, void *pubkey,
size_t *pubkey_len);
/**
* Get the TPM permanent flags value
*
+ * @param dev TPM device
* @param pflags Place to put permanent flags
* @return return code of the operation
*/
-u32 tpm_get_permanent_flags(struct tpm_permanent_flags *pflags);
+u32 tpm_get_permanent_flags(struct udevice *dev,
+ struct tpm_permanent_flags *pflags);
/**
* Get the TPM permissions
*
+ * @param dev TPM device
* @param perm Returns permissions value
* @return return code of the operation
*/
-u32 tpm_get_permissions(u32 index, u32 *perm);
+u32 tpm_get_permissions(struct udevice *dev, u32 index, u32 *perm);
/**
* Flush a resource with a given handle and type from the TPM
*
+ * @param dev TPM device
* @param key_handle handle of the resource
* @param resource_type type of the resource
* @return return code of the operation
*/
-u32 tpm_flush_specific(u32 key_handle, u32 resource_type);
+u32 tpm_flush_specific(struct udevice *dev, u32 key_handle, u32 resource_type);
#ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1
/**
* Search for a key by usage AuthData and the hash of the parent's pub key.
*
+ * @param dev TPM device
* @param auth Usage auth of the key to search for
* @param pubkey_digest SHA1 hash of the pub key structure of the key
* @param[out] handle The handle of the key (Non-null iff found)
* @return 0 if key was found in TPM; != 0 if not.
*/
-u32 tpm_find_key_sha1(const u8 auth[20], const u8 pubkey_digest[20],
- u32 *handle);
+u32 tpm_find_key_sha1(struct udevice *dev, const u8 auth[20],
+ const u8 pubkey_digest[20], u32 *handle);
#endif /* CONFIG_TPM_LOAD_KEY_BY_SHA1 */
/**
* that the TPM may legally return fewer bytes than requested by retrying
* until @p count bytes have been received.
*
+ * @param dev TPM device
* @param data output buffer for the random bytes
* @param count size of output buffer
* @return return code of the operation
*/
-u32 tpm_get_random(void *data, u32 count);
+u32 tpm_get_random(struct udevice *dev, void *data, u32 count);
/**
* tpm_finalise_physical_presence() - Finalise physical presence
*
+ * @param dev TPM device
* @return return code of the operation (0 = success)
*/
-u32 tpm_finalise_physical_presence(void);
+u32 tpm_finalise_physical_presence(struct udevice *dev);
/**
* tpm_nv_set_locked() - lock the non-volatile space
*
+ * @param dev TPM device
* @return return code of the operation (0 = success)
*/
-u32 tpm_nv_set_locked(void);
+u32 tpm_nv_set_locked(struct udevice *dev);
/**
* tpm_set_global_lock() - set the global lock
*
+ * @param dev TPM device
* @return return code of the operation (0 = success)
*/
-u32 tpm_set_global_lock(void);
+u32 tpm_set_global_lock(struct udevice *dev);
/**
* tpm_resume() - start up the TPM from resume (after suspend)
*
+ * @param dev TPM device
* @return return code of the operation (0 = success)
*/
-u32 tpm_resume(void);
+u32 tpm_resume(struct udevice *dev);
#endif /* __TPM_V1_H */
/**
* Issue a TPM2_Startup command.
*
+ * @dev TPM device
* @mode TPM startup mode
*
* @return code of the operation
*/
-u32 tpm2_startup(enum tpm2_startup_types mode);
+u32 tpm2_startup(struct udevice *dev, enum tpm2_startup_types mode);
/**
* Issue a TPM2_SelfTest command.
*
+ * @dev TPM device
* @full_test Asking to perform all tests or only the untested ones
*
* @return code of the operation
*/
-u32 tpm2_self_test(enum tpm2_yes_no full_test);
+u32 tpm2_self_test(struct udevice *dev, enum tpm2_yes_no full_test);
/**
* Issue a TPM2_Clear command.
*
+ * @dev TPM device
* @handle Handle
* @pw Password
* @pw_sz Length of the password
*
* @return code of the operation
*/
-u32 tpm2_clear(u32 handle, const char *pw, const ssize_t pw_sz);
+u32 tpm2_clear(struct udevice *dev, u32 handle, const char *pw,
+ const ssize_t pw_sz);
/**
* Issue a TPM2_PCR_Extend command.
*
+ * @dev TPM device
* @index Index of the PCR
* @digest Value representing the event to be recorded
*
* @return code of the operation
*/
-u32 tpm2_pcr_extend(u32 index, const uint8_t *digest);
+u32 tpm2_pcr_extend(struct udevice *dev, u32 index, const uint8_t *digest);
/**
* Issue a TPM2_PCR_Read command.
*
+ * @dev TPM device
* @idx Index of the PCR
* @idx_min_sz Minimum size in bytes of the pcrSelect array
* @data Output buffer for contents of the named PCR
*
* @return code of the operation
*/
-u32 tpm2_pcr_read(u32 idx, unsigned int idx_min_sz, void *data,
- unsigned int *updates);
+u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
+ void *data, unsigned int *updates);
/**
* Issue a TPM2_GetCapability command. This implementation is limited
* to query property index that is 4-byte wide.
*
+ * @dev TPM device
* @capability Partition of capabilities
* @property Further definition of capability, limited to be 4 bytes wide
* @buf Output buffer for capability information
*
* @return code of the operation
*/
-u32 tpm2_get_capability(u32 capability, u32 property, void *buf,
- size_t prop_count);
+u32 tpm2_get_capability(struct udevice *dev, u32 capability, u32 property,
+ void *buf, size_t prop_count);
/**
* Issue a TPM2_DictionaryAttackLockReset command.
*
+ * @dev TPM device
* @pw Password
* @pw_sz Length of the password
*
* @return code of the operation
*/
-u32 tpm2_dam_reset(const char *pw, const ssize_t pw_sz);
+u32 tpm2_dam_reset(struct udevice *dev, const char *pw, const ssize_t pw_sz);
/**
* Issue a TPM2_DictionaryAttackParameters command.
*
+ * @dev TPM device
* @pw Password
* @pw_sz Length of the password
* @max_tries Count of authorizations before lockout
*
* @return code of the operation
*/
-u32 tpm2_dam_parameters(const char *pw, const ssize_t pw_sz,
- unsigned int max_tries, unsigned int recovery_time,
+u32 tpm2_dam_parameters(struct udevice *dev, const char *pw,
+ const ssize_t pw_sz, unsigned int max_tries,
+ unsigned int recovery_time,
unsigned int lockout_recovery);
/**
* Issue a TPM2_HierarchyChangeAuth command.
*
+ * @dev TPM device
* @handle Handle
* @newpw New password
* @newpw_sz Length of the new password
*
* @return code of the operation
*/
-int tpm2_change_auth(u32 handle, const char *newpw, const ssize_t newpw_sz,
- const char *oldpw, const ssize_t oldpw_sz);
+int tpm2_change_auth(struct udevice *dev, u32 handle, const char *newpw,
+ const ssize_t newpw_sz, const char *oldpw,
+ const ssize_t oldpw_sz);
/**
* Issue a TPM_PCR_SetAuthPolicy command.
*
+ * @dev TPM device
* @pw Platform password
* @pw_sz Length of the password
* @index Index of the PCR
*
* @return code of the operation
*/
-u32 tpm2_pcr_setauthpolicy(const char *pw, const ssize_t pw_sz, u32 index,
- const char *key);
+u32 tpm2_pcr_setauthpolicy(struct udevice *dev, const char *pw,
+ const ssize_t pw_sz, u32 index, const char *key);
/**
* Issue a TPM_PCR_SetAuthValue command.
*
+ * @dev TPM device
* @pw Platform password
* @pw_sz Length of the password
* @index Index of the PCR
*
* @return code of the operation
*/
-u32 tpm2_pcr_setauthvalue(const char *pw, const ssize_t pw_sz, u32 index,
- const char *key, const ssize_t key_sz);
+u32 tpm2_pcr_setauthvalue(struct udevice *dev, const char *pw,
+ const ssize_t pw_sz, u32 index, const char *key,
+ const ssize_t key_sz);
#endif /* __TPM_V2_H */
return get_unaligned_be32(response + return_code_offset);
}
-u32 tpm_sendrecv_command(const void *command, void *response, size_t *size_ptr)
+u32 tpm_sendrecv_command(struct udevice *dev, const void *command,
+ void *response, size_t *size_ptr)
{
- struct udevice *dev;
int err, ret;
u8 response_buffer[COMMAND_BUFFER_SIZE];
size_t response_length;
response_length = sizeof(response_buffer);
}
- ret = uclass_first_device_err(UCLASS_TPM, &dev);
- if (ret)
- return ret;
err = tpm_xfer(dev, command, tpm_command_size(command),
response, &response_length);
return ret;
}
-int tpm_init(void)
+int tpm_init(struct udevice *dev)
{
- struct udevice *dev;
- int err;
-
- err = uclass_first_device_err(UCLASS_TPM, &dev);
- if (err)
- return err;
-
return tpm_open(dev);
}
* is a bidirectional
* @return return code of the TPM response
*/
-u32 tpm_sendrecv_command(const void *command, void *response, size_t *size_ptr);
+u32 tpm_sendrecv_command(struct udevice *dev, const void *command,
+ void *response, size_t *size_ptr);
#endif /* __TPM_UTILS_H */
#endif /* CONFIG_TPM_AUTH_SESSIONS */
-u32 tpm_startup(enum tpm_startup_type mode)
+u32 tpm_startup(struct udevice *dev, enum tpm_startup_type mode)
{
const u8 command[12] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x0,
mode_offset, mode))
return TPM_LIB_ERROR;
- return tpm_sendrecv_command(buf, NULL, NULL);
+ return tpm_sendrecv_command(dev, buf, NULL, NULL);
}
-u32 tpm_resume(void)
+u32 tpm_resume(struct udevice *dev)
{
- return tpm_startup(TPM_ST_STATE);
+ return tpm_startup(dev, TPM_ST_STATE);
}
-u32 tpm_self_test_full(void)
+u32 tpm_self_test_full(struct udevice *dev)
{
const u8 command[10] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x50,
};
- return tpm_sendrecv_command(command, NULL, NULL);
+ return tpm_sendrecv_command(dev, command, NULL, NULL);
}
-u32 tpm_continue_self_test(void)
+u32 tpm_continue_self_test(struct udevice *dev)
{
const u8 command[10] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x53,
};
- return tpm_sendrecv_command(command, NULL, NULL);
+ return tpm_sendrecv_command(dev, command, NULL, NULL);
}
-u32 tpm_clear_and_reenable(void)
+u32 tpm_clear_and_reenable(struct udevice *dev)
{
u32 ret;
log_info("TPM: Clear and re-enable\n");
- ret = tpm_force_clear();
+ ret = tpm_force_clear(dev);
if (ret != TPM_SUCCESS) {
log_err("Can't initiate a force clear\n");
return ret;
}
#if IS_ENABLED(CONFIG_TPM_V1)
- ret = tpm_physical_enable();
+ ret = tpm_physical_enable(dev);
if (ret != TPM_SUCCESS) {
log_err("TPM: Can't set enabled state\n");
return ret;
}
- ret = tpm_physical_set_deactivated(0);
+ ret = tpm_physical_set_deactivated(dev, 0);
if (ret != TPM_SUCCESS) {
log_err("TPM: Can't set deactivated state\n");
return ret;
return TPM_SUCCESS;
}
-u32 tpm_nv_define_space(u32 index, u32 perm, u32 size)
+u32 tpm_nv_define_space(struct udevice *dev, u32 index, u32 perm, u32 size)
{
const u8 command[101] = {
0x0, 0xc1, /* TPM_TAG */
size_offset, size))
return TPM_LIB_ERROR;
- return tpm_sendrecv_command(buf, NULL, NULL);
+ return tpm_sendrecv_command(dev, buf, NULL, NULL);
}
-u32 tpm_nv_set_locked(void)
+u32 tpm_nv_set_locked(struct udevice *dev)
{
- return tpm_nv_define_space(TPM_NV_INDEX_LOCK, 0, 0);
+ return tpm_nv_define_space(dev, TPM_NV_INDEX_LOCK, 0, 0);
}
-u32 tpm_nv_read_value(u32 index, void *data, u32 count)
+u32 tpm_nv_read_value(struct udevice *dev, u32 index, void *data, u32 count)
{
const u8 command[22] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0xcf,
index_offset, index,
length_offset, count))
return TPM_LIB_ERROR;
- err = tpm_sendrecv_command(buf, response, &response_length);
+ err = tpm_sendrecv_command(dev, buf, response, &response_length);
if (err)
return err;
if (unpack_byte_string(response, response_length, "d",
return 0;
}
-u32 tpm_nv_write_value(u32 index, const void *data, u32 length)
+u32 tpm_nv_write_value(struct udevice *dev, u32 index, const void *data,
+ u32 length)
{
const u8 command[256] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd,
length_offset, length,
data_offset, data, length))
return TPM_LIB_ERROR;
- err = tpm_sendrecv_command(buf, response, &response_length);
+ err = tpm_sendrecv_command(dev, buf, response, &response_length);
if (err)
return err;
return 0;
}
-uint32_t tpm_set_global_lock(void)
+uint32_t tpm_set_global_lock(struct udevice *dev)
{
u32 x;
- return tpm_nv_write_value(TPM_NV_INDEX_0, (uint8_t *)&x, 0);
+ return tpm_nv_write_value(dev, TPM_NV_INDEX_0, (uint8_t *)&x, 0);
}
-u32 tpm_extend(u32 index, const void *in_digest, void *out_digest)
+u32 tpm_extend(struct udevice *dev, u32 index, const void *in_digest,
+ void *out_digest)
{
const u8 command[34] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x14,
in_digest_offset, in_digest,
PCR_DIGEST_LENGTH))
return TPM_LIB_ERROR;
- err = tpm_sendrecv_command(buf, response, &response_length);
+ err = tpm_sendrecv_command(dev, buf, response, &response_length);
if (err)
return err;
return 0;
}
-u32 tpm_pcr_read(u32 index, void *data, size_t count)
+u32 tpm_pcr_read(struct udevice *dev, u32 index, void *data, size_t count)
{
const u8 command[14] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x15,
0, command, sizeof(command),
index_offset, index))
return TPM_LIB_ERROR;
- err = tpm_sendrecv_command(buf, response, &response_length);
+ err = tpm_sendrecv_command(dev, buf, response, &response_length);
if (err)
return err;
if (unpack_byte_string(response, response_length, "s",
return 0;
}
-u32 tpm_tsc_physical_presence(u16 presence)
+u32 tpm_tsc_physical_presence(struct udevice *dev, u16 presence)
{
const u8 command[12] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x40, 0x0, 0x0, 0xa, 0x0, 0x0,
presence_offset, presence))
return TPM_LIB_ERROR;
- return tpm_sendrecv_command(buf, NULL, NULL);
+ return tpm_sendrecv_command(dev, buf, NULL, NULL);
}
-u32 tpm_finalise_physical_presence(void)
+u32 tpm_finalise_physical_presence(struct udevice *dev)
{
const u8 command[12] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x40, 0x0, 0x0, 0xa, 0x2, 0xa0,
};
- return tpm_sendrecv_command(command, NULL, NULL);
+ return tpm_sendrecv_command(dev, command, NULL, NULL);
}
-u32 tpm_read_pubek(void *data, size_t count)
+u32 tpm_read_pubek(struct udevice *dev, void *data, size_t count)
{
const u8 command[30] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x7c,
u32 data_size;
u32 err;
- err = tpm_sendrecv_command(command, response, &response_length);
+ err = tpm_sendrecv_command(dev, command, response, &response_length);
if (err)
return err;
if (unpack_byte_string(response, response_length, "d",
return 0;
}
-u32 tpm_force_clear(void)
+u32 tpm_force_clear(struct udevice *dev)
{
const u8 command[10] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5d,
};
- return tpm_sendrecv_command(command, NULL, NULL);
+ return tpm_sendrecv_command(dev, command, NULL, NULL);
}
-u32 tpm_physical_enable(void)
+u32 tpm_physical_enable(struct udevice *dev)
{
const u8 command[10] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6f,
};
- return tpm_sendrecv_command(command, NULL, NULL);
+ return tpm_sendrecv_command(dev, command, NULL, NULL);
}
-u32 tpm_physical_disable(void)
+u32 tpm_physical_disable(struct udevice *dev)
{
const u8 command[10] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x70,
};
- return tpm_sendrecv_command(command, NULL, NULL);
+ return tpm_sendrecv_command(dev, command, NULL, NULL);
}
-u32 tpm_physical_set_deactivated(u8 state)
+u32 tpm_physical_set_deactivated(struct udevice *dev, u8 state)
{
const u8 command[11] = {
0x0, 0xc1, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x72,
state_offset, state))
return TPM_LIB_ERROR;
- return tpm_sendrecv_command(buf, NULL, NULL);
+ return tpm_sendrecv_command(dev, buf, NULL, NULL);
}
-u32 tpm_get_capability(u32 cap_area, u32 sub_cap, void *cap, size_t count)
+u32 tpm_get_capability(struct udevice *dev, u32 cap_area, u32 sub_cap,
+ void *cap, size_t count)
{
const u8 command[22] = {
0x0, 0xc1, /* TPM_TAG */
cap_area_offset, cap_area,
sub_cap_offset, sub_cap))
return TPM_LIB_ERROR;
- err = tpm_sendrecv_command(buf, response, &response_length);
+ err = tpm_sendrecv_command(dev, buf, response, &response_length);
if (err)
return err;
if (unpack_byte_string(response, response_length, "d",
return 0;
}
-u32 tpm_get_permanent_flags(struct tpm_permanent_flags *pflags)
+u32 tpm_get_permanent_flags(struct udevice *dev,
+ struct tpm_permanent_flags *pflags)
{
const u8 command[22] = {
0x0, 0xc1, /* TPM_TAG */
u32 err;
u32 data_size;
- err = tpm_sendrecv_command(command, response, &response_length);
+ err = tpm_sendrecv_command(dev, command, response, &response_length);
if (err)
return err;
if (unpack_byte_string(response, response_length, "d",
return 0;
}
-u32 tpm_get_permissions(u32 index, u32 *perm)
+u32 tpm_get_permissions(struct udevice *dev, u32 index, u32 *perm)
{
const u8 command[22] = {
0x0, 0xc1, /* TPM_TAG */
if (pack_byte_string(buf, sizeof(buf), "d", 0, command, sizeof(command),
index_offset, index))
return TPM_LIB_ERROR;
- err = tpm_sendrecv_command(buf, response, &response_length);
+ err = tpm_sendrecv_command(dev, buf, response, &response_length);
if (err)
return err;
if (unpack_byte_string(response, response_length, "d",
}
#ifdef CONFIG_TPM_FLUSH_RESOURCES
-u32 tpm_flush_specific(u32 key_handle, u32 resource_type)
+u32 tpm_flush_specific(struct udevice *dev, u32 key_handle, u32 resource_type)
{
const u8 command[18] = {
0x00, 0xc1, /* TPM_TAG */
resource_type_offset, resource_type))
return TPM_LIB_ERROR;
- err = tpm_sendrecv_command(buf, response, &response_length);
+ err = tpm_sendrecv_command(dev, buf, response, &response_length);
if (err)
return err;
return 0;
return TPM_SUCCESS;
}
-u32 tpm_terminate_auth_session(u32 auth_handle)
+u32 tpm_terminate_auth_session(struct udevice *dev, u32 auth_handle)
{
const u8 command[18] = {
0x00, 0xc1, /* TPM_TAG */
if (oiap_session.valid && oiap_session.handle == auth_handle)
oiap_session.valid = 0;
- return tpm_sendrecv_command(request, NULL, NULL);
+ return tpm_sendrecv_command(dev, request, NULL, NULL);
}
-u32 tpm_end_oiap(void)
+u32 tpm_end_oiap(struct udevice *dev)
{
u32 err = TPM_SUCCESS;
if (oiap_session.valid)
- err = tpm_terminate_auth_session(oiap_session.handle);
+ err = tpm_terminate_auth_session(dev, oiap_session.handle);
return err;
}
-u32 tpm_oiap(u32 *auth_handle)
+u32 tpm_oiap(struct udevice *dev, u32 *auth_handle)
{
const u8 command[10] = {
0x00, 0xc1, /* TPM_TAG */
u32 err;
if (oiap_session.valid)
- tpm_terminate_auth_session(oiap_session.handle);
+ tpm_terminate_auth_session(dev, oiap_session.handle);
- err = tpm_sendrecv_command(command, response, &response_length);
+ err = tpm_sendrecv_command(dev, command, response, &response_length);
if (err)
return err;
if (unpack_byte_string(response, response_length, "ds",
return 0;
}
-u32 tpm_load_key2_oiap(u32 parent_handle, const void *key, size_t key_length,
- const void *parent_key_usage_auth, u32 *key_handle)
+u32 tpm_load_key2_oiap(struct udevice *dev, u32 parent_handle, const void *key,
+ size_t key_length, const void *parent_key_usage_auth,
+ u32 *key_handle)
{
const u8 command[14] = {
0x00, 0xc2, /* TPM_TAG */
u32 err;
if (!oiap_session.valid) {
- err = tpm_oiap(NULL);
+ err = tpm_oiap(dev, NULL);
if (err)
return err;
}
parent_key_usage_auth);
if (err)
return err;
- err = tpm_sendrecv_command(request, response, &response_length);
+ err = tpm_sendrecv_command(dev, request, response, &response_length);
if (err) {
if (err == TPM_AUTHFAIL)
oiap_session.valid = 0;
return 0;
}
-u32 tpm_get_pub_key_oiap(u32 key_handle, const void *usage_auth, void *pubkey,
+u32 tpm_get_pub_key_oiap(struct udevice *dev, u32 key_handle,
+ const void *usage_auth, void *pubkey,
size_t *pubkey_len)
{
const u8 command[14] = {
u32 err;
if (!oiap_session.valid) {
- err = tpm_oiap(NULL);
+ err = tpm_oiap(dev, NULL);
if (err)
return err;
}
request + sizeof(command), usage_auth);
if (err)
return err;
- err = tpm_sendrecv_command(request, response, &response_length);
+ err = tpm_sendrecv_command(dev, request, response, &response_length);
if (err) {
if (err == TPM_AUTHFAIL)
oiap_session.valid = 0;
}
#ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1
-u32 tpm_find_key_sha1(const u8 auth[20], const u8 pubkey_digest[20],
- u32 *handle)
+u32 tpm_find_key_sha1(struct udevice *dev, const u8 auth[20],
+ const u8 pubkey_digest[20], u32 *handle)
{
u16 key_count;
u32 key_handles[10];
unsigned int i;
/* fetch list of already loaded keys in the TPM */
- err = tpm_get_capability(TPM_CAP_HANDLE, TPM_RT_KEY, buf, sizeof(buf));
+ err = tpm_get_capability(dev, TPM_CAP_HANDLE, TPM_RT_KEY, buf,
+ sizeof(buf));
if (err)
return -1;
key_count = get_unaligned_be16(buf);
#endif /* CONFIG_TPM_AUTH_SESSIONS */
-u32 tpm_get_random(void *data, u32 count)
+u32 tpm_get_random(struct udevice *dev, void *data, u32 count)
{
const u8 command[14] = {
0x0, 0xc1, /* TPM_TAG */
0, command, sizeof(command),
length_offset, this_bytes))
return TPM_LIB_ERROR;
- err = tpm_sendrecv_command(buf, response, &response_length);
+ err = tpm_sendrecv_command(dev, buf, response,
+ &response_length);
if (err)
return err;
if (unpack_byte_string(response, response_length, "d",
#include <tpm-v2.h>
#include "tpm-utils.h"
-u32 tpm2_startup(enum tpm2_startup_types mode)
+u32 tpm2_startup(struct udevice *dev, enum tpm2_startup_types mode)
{
const u8 command_v2[12] = {
tpm_u16(TPM2_ST_NO_SESSIONS),
* Note TPM2_Startup command will return RC_SUCCESS the first time,
* but will return RC_INITIALIZE otherwise.
*/
- ret = tpm_sendrecv_command(command_v2, NULL, NULL);
+ ret = tpm_sendrecv_command(dev, command_v2, NULL, NULL);
if (ret && ret != TPM2_RC_INITIALIZE)
return ret;
return 0;
}
-u32 tpm2_self_test(enum tpm2_yes_no full_test)
+u32 tpm2_self_test(struct udevice *dev, enum tpm2_yes_no full_test)
{
const u8 command_v2[12] = {
tpm_u16(TPM2_ST_NO_SESSIONS),
full_test,
};
- return tpm_sendrecv_command(command_v2, NULL, NULL);
+ return tpm_sendrecv_command(dev, command_v2, NULL, NULL);
}
-u32 tpm2_clear(u32 handle, const char *pw, const ssize_t pw_sz)
+u32 tpm2_clear(struct udevice *dev, u32 handle, const char *pw,
+ const ssize_t pw_sz)
{
u8 command_v2[COMMAND_BUFFER_SIZE] = {
tpm_u16(TPM2_ST_SESSIONS), /* TAG */
if (ret)
return TPM_LIB_ERROR;
- return tpm_sendrecv_command(command_v2, NULL, NULL);
+ return tpm_sendrecv_command(dev, command_v2, NULL, NULL);
}
-u32 tpm2_pcr_extend(u32 index, const uint8_t *digest)
+u32 tpm2_pcr_extend(struct udevice *dev, u32 index, const uint8_t *digest)
{
u8 command_v2[COMMAND_BUFFER_SIZE] = {
tpm_u16(TPM2_ST_SESSIONS), /* TAG */
if (ret)
return TPM_LIB_ERROR;
- return tpm_sendrecv_command(command_v2, NULL, NULL);
+ return tpm_sendrecv_command(dev, command_v2, NULL, NULL);
}
-u32 tpm2_pcr_read(u32 idx, unsigned int idx_min_sz, void *data,
- unsigned int *updates)
+u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz,
+ void *data, unsigned int *updates)
{
u8 idx_array_sz = max(idx_min_sz, DIV_ROUND_UP(idx, 8));
u8 command_v2[COMMAND_BUFFER_SIZE] = {
17 + pcr_sel_idx, pcr_sel_bit))
return TPM_LIB_ERROR;
- ret = tpm_sendrecv_command(command_v2, response, &response_len);
+ ret = tpm_sendrecv_command(dev, command_v2, response, &response_len);
if (ret)
return ret;
return 0;
}
-u32 tpm2_get_capability(u32 capability, u32 property, void *buf,
- size_t prop_count)
+u32 tpm2_get_capability(struct udevice *dev, u32 capability, u32 property,
+ void *buf, size_t prop_count)
{
u8 command_v2[COMMAND_BUFFER_SIZE] = {
tpm_u16(TPM2_ST_NO_SESSIONS), /* TAG */
unsigned int properties_off;
int ret;
- ret = tpm_sendrecv_command(command_v2, response, &response_len);
+ ret = tpm_sendrecv_command(dev, command_v2, response, &response_len);
if (ret)
return ret;
return 0;
}
-u32 tpm2_dam_reset(const char *pw, const ssize_t pw_sz)
+u32 tpm2_dam_reset(struct udevice *dev, const char *pw, const ssize_t pw_sz)
{
u8 command_v2[COMMAND_BUFFER_SIZE] = {
tpm_u16(TPM2_ST_SESSIONS), /* TAG */
if (ret)
return TPM_LIB_ERROR;
- return tpm_sendrecv_command(command_v2, NULL, NULL);
+ return tpm_sendrecv_command(dev, command_v2, NULL, NULL);
}
-u32 tpm2_dam_parameters(const char *pw, const ssize_t pw_sz,
- unsigned int max_tries, unsigned int recovery_time,
+u32 tpm2_dam_parameters(struct udevice *dev, const char *pw,
+ const ssize_t pw_sz, unsigned int max_tries,
+ unsigned int recovery_time,
unsigned int lockout_recovery)
{
u8 command_v2[COMMAND_BUFFER_SIZE] = {
if (ret)
return TPM_LIB_ERROR;
- return tpm_sendrecv_command(command_v2, NULL, NULL);
+ return tpm_sendrecv_command(dev, command_v2, NULL, NULL);
}
-int tpm2_change_auth(u32 handle, const char *newpw, const ssize_t newpw_sz,
- const char *oldpw, const ssize_t oldpw_sz)
+int tpm2_change_auth(struct udevice *dev, u32 handle, const char *newpw,
+ const ssize_t newpw_sz, const char *oldpw,
+ const ssize_t oldpw_sz)
{
unsigned int offset = 27;
u8 command_v2[COMMAND_BUFFER_SIZE] = {
if (ret)
return TPM_LIB_ERROR;
- return tpm_sendrecv_command(command_v2, NULL, NULL);
+ return tpm_sendrecv_command(dev, command_v2, NULL, NULL);
}
-u32 tpm2_pcr_setauthpolicy(const char *pw, const ssize_t pw_sz, u32 index,
- const char *key)
+u32 tpm2_pcr_setauthpolicy(struct udevice *dev, const char *pw,
+ const ssize_t pw_sz, u32 index, const char *key)
{
u8 command_v2[COMMAND_BUFFER_SIZE] = {
tpm_u16(TPM2_ST_SESSIONS), /* TAG */
if (ret)
return TPM_LIB_ERROR;
- return tpm_sendrecv_command(command_v2, NULL, NULL);
+ return tpm_sendrecv_command(dev, command_v2, NULL, NULL);
}
-u32 tpm2_pcr_setauthvalue(const char *pw, const ssize_t pw_sz, u32 index,
- const char *key, const ssize_t key_sz)
+u32 tpm2_pcr_setauthvalue(struct udevice *dev, const char *pw,
+ const ssize_t pw_sz, u32 index, const char *key,
+ const ssize_t key_sz)
{
u8 command_v2[COMMAND_BUFFER_SIZE] = {
tpm_u16(TPM2_ST_SESSIONS), /* TAG */
if (ret)
return TPM_LIB_ERROR;
- return tpm_sendrecv_command(command_v2, NULL, NULL);
+ return tpm_sendrecv_command(dev, command_v2, NULL, NULL);
}